Dobrý den,
prosím o kontrolu logu, docela běží pomalu internet (zabírá 200 MB paměti), děkuji...
Logfile of random's system information tool 1.06 (written by random/random)
Run by Tonny at 2010-01-18 20:08:41
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (7%) free of 238 GB
Total RAM: 2046 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:09:06, on 18.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\_net\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Documents and Settings\Tonny\Dokumenty\Downloaded\RSIT.exe
C:\Program Files\trend micro\Tonny.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: ZoneAlarm Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Tonny\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 11782 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\OGALogon.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-15 1218000]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-16 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Toolbar Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2009-10-14 578928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Tonny\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-06-18 94208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-16 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-16 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Toolbar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2009-10-14 578928]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-15 1218000]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-11-22 1037192]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2009-10-14 730480]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-01-09 2166784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-08-20 2363392]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-01-09 3037696]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe [2007-09-02 1465280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE]
C:\Program Files\Labtec\Mouse\V3.0\moffice.exe [2007-01-14 958464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
C:\Program Files\Free Download Manager\fdm.exe [2008-05-20 2474031]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-05-11 200069]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWRTOOLBOX]
C:\Program Files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe [2005-10-26 344064]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMONTRAY]
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe [2003-11-03 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXSUPMON]
C:\WINDOWS\system32\LXSUPMON.EXE [2002-01-28 885760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
C:\Program Files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe [2003-07-07 729088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
C:\WINDOWS\system32\PSDrvCheck.exe [2004-03-10 406016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2003-05-30 585728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2003-05-29 790528]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-08-15 1830128]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector]
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe [2005-07-28 94208]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-26 85160]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acrobat Assistant.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0CE\Distillr\AcroTray.exe [2001-10-11 82026]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\_video\Adobe\ACRORE~1\Reader\READER~1.EXE [2005-09-24 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
C:\PROGRA~1\IVTCOR~1\BLUESO~1\BLUESO~1.EXE [2005-06-06 1183744]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Last.fm Helper.lnk]
C:\PROGRA~1\Last.fm\LASTFM~1.EXE [2007-12-19 106496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tonny^Nabídka Start^Programy^Po spuštění^Last.fm Helper.lnk]
C:\PROGRA~1\Last.fm\LASTFM~1.EXE [2007-12-19 106496]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tonny^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2008-10-25 98696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\QIP Infium PafoPack\inf.exe"="C:\QIP Infium PafoPack\inf.exe:*:Enabled:QIP Infium"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======List of files/folders created in the last 1 months======
2010-01-17 16:03:42 ----D---- C:\WINDOWS\Prefetch
2010-01-13 14:02:20 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-12 06:11:10 ----D---- C:\1878d1784e0887690c
2010-01-11 19:11:11 ----D---- C:\MSDERelA
2010-01-11 18:24:41 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-01-11 18:23:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-01-11 18:22:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-01-11 18:21:18 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2010-01-11 18:20:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-01-11 18:18:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2010-01-11 18:17:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-01-11 18:16:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-01-11 18:15:21 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-01-11 18:14:01 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-01-11 18:12:57 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2010-01-11 18:11:42 ----A---- C:\WINDOWS\setuplog.txt
2010-01-11 18:09:46 ----N---- C:\WINDOWS\system32\ieencode.dll
2010-01-11 18:09:06 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-01-11 18:08:54 ----A---- C:\WINDOWS\000001_.tmp
2010-01-11 17:55:42 ----D---- C:\15dc9c805169d9204b4931052942
2010-01-11 17:26:23 ----SHD---- C:\RECYCLER
2010-01-10 22:17:52 ----A---- C:\ComboFix.txt
2010-01-10 21:47:56 ----A---- C:\WINDOWS\MBR.exe
2010-01-10 21:47:55 ----A---- C:\WINDOWS\PEV.exe
2010-01-10 21:46:13 ----A---- C:\WINDOWS\system32\CF2785.exe
2010-01-10 13:42:04 ----D---- C:\WINDOWS\ie8updates
2010-01-10 13:40:33 ----A---- C:\WINDOWS\imsins.BAK
2010-01-10 13:38:29 ----HDC---- C:\WINDOWS\ie8
2010-01-09 11:57:26 ----D---- C:\Program Files\Crawler
2010-01-09 11:57:21 ----D---- C:\Documents and Settings\Tonny\Data aplikací\Spyware Terminator
2010-01-09 11:57:18 ----D---- C:\Program Files\Spyware Terminator
2010-01-09 11:57:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-01-08 23:21:36 ----D---- C:\Documents and Settings\Tonny\Data aplikací\CheckPoint
2010-01-08 23:20:57 ----D---- C:\Program Files\CheckPoint
2010-01-08 23:20:53 ----A---- C:\WINDOWS\system32\vsregexp.dll
2010-01-08 23:20:51 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2010-01-08 23:20:51 ----A---- C:\WINDOWS\system32\zlcomm.dll
2010-01-08 23:20:46 ----A---- C:\WINDOWS\system32\vswmi.dll
2010-01-08 23:20:45 ----A---- C:\WINDOWS\system32\zpeng25.dll
2010-01-08 23:20:44 ----D---- C:\WINDOWS\system32\ZoneLabs
2010-01-08 23:20:44 ----A---- C:\WINDOWS\system32\vsxml.dll
2010-01-08 23:20:44 ----A---- C:\WINDOWS\system32\vspubapi.dll
2010-01-08 23:20:44 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2010-01-08 23:20:42 ----D---- C:\Program Files\Zone Labs
2010-01-08 23:20:07 ----A---- C:\WINDOWS\system32\vsutil.dll
2010-01-08 23:20:07 ----A---- C:\WINDOWS\system32\vsinit.dll
2010-01-08 23:20:07 ----A---- C:\WINDOWS\system32\vsdata.dll
2010-01-08 17:03:31 ----D---- C:\Program Files\trend micro
2010-01-08 17:03:30 ----D---- C:\rsit
2010-01-08 09:26:34 ----D---- C:\Documents and Settings\Tonny\Data aplikací\Malwarebytes
2010-01-08 09:26:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-01-08 09:26:25 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-01-08 08:20:58 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-05 16:19:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\LightScribe
2010-01-05 16:16:13 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2010-01-05 15:20:34 ----A---- C:\WINDOWS\Irremote.ini
2010-01-05 14:58:28 ----D---- C:\Program Files\Common Files\LightScribe
2010-01-05 14:44:06 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-01-05 14:44:05 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-01-05 14:43:54 ----D---- C:\WINDOWS\Logs
2010-01-05 14:43:50 ----D---- C:\Program Files\Winamp Detect
2010-01-03 13:25:31 ----D---- C:\Program Files\Herbert
2009-12-30 18:57:23 ----D---- C:\Program Files\Musicmatch
2009-12-30 18:55:20 ----D---- C:\WINDOWS\system32\Philips GoGear HDD
2009-12-30 18:55:18 ----D---- C:\Program Files\Philips
2009-12-27 20:48:58 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-12-27 20:48:47 ----D---- C:\Program Files\Lavasoft
2009-12-27 20:48:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2009-12-27 20:43:59 ----D---- C:\Program Files\Avira
2009-12-27 20:43:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2009-12-20 13:07:03 ----D---- C:\FreeRapid-0.83u1
======List of files/folders modified in the last 1 months======
2010-01-18 20:08:57 ----D---- C:\WINDOWS\Internet Logs
2010-01-18 20:08:47 ----D---- C:\Documents and Settings\Tonny\Data aplikací\Free Download Manager
2010-01-18 18:23:47 ----D---- C:\WINDOWS\system32
2010-01-18 18:23:47 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-18 18:19:49 ----D---- C:\WINDOWS\Temp
2010-01-18 18:18:36 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-18 18:16:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-17 22:01:48 ----SHD---- C:\WINDOWS\Installer
2010-01-17 21:56:11 ----D---- C:\Mandísek
2010-01-17 21:07:44 ----D---- C:\Iva
2010-01-17 16:03:42 ----D---- C:\WINDOWS
2010-01-17 16:01:31 ----D---- C:\WINDOWS\system32\config
2010-01-17 13:24:28 ----A---- C:\WINDOWS\TextSpy.ini
2010-01-17 11:48:59 ----D---- C:\MBetonu
2010-01-16 13:25:14 ----SHD---- C:\WINDOWS\CSC
2010-01-16 11:11:53 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-13 21:05:18 ----A---- C:\WINDOWS\WEBLINK.INI
2010-01-13 21:05:18 ----A---- C:\WINDOWS\acroread.ini
2010-01-13 17:34:34 ----D---- C:\Program Files\QIP
2010-01-13 14:16:25 ----D---- C:\Program Files\Sony Setup
2010-01-13 14:02:35 ----D---- C:\WINDOWS\inf
2010-01-13 14:02:23 ----DC---- C:\WINDOWS\system32\dllcache
2010-01-13 14:01:24 ----D---- C:\WINDOWS\$hf_mig$
2010-01-11 21:19:30 ----A---- C:\WINDOWS\Summary.txt
2010-01-11 21:19:28 ----A---- C:\WINDOWS\Summary_377.txt
2010-01-11 20:43:35 ----D---- C:\WINDOWS\Pretenders Loose Screw dir
2010-01-11 19:52:07 ----D---- C:\Program Files
2010-01-11 19:37:59 ----D---- C:\Program Files\Microsoft SQL Server
2010-01-11 19:21:25 ----A---- C:\WINDOWS\Summary_376.txt
2010-01-11 19:21:23 ----A---- C:\WINDOWS\Summary_375.txt
2010-01-11 19:18:13 ----A---- C:\WINDOWS\Summary_374.txt
2010-01-11 19:18:12 ----A---- C:\WINDOWS\Summary_373.txt
2010-01-11 19:17:20 ----A---- C:\WINDOWS\Summary_372.txt
2010-01-11 19:17:16 ----A---- C:\WINDOWS\Summary_371.txt
2010-01-11 19:16:36 ----A---- C:\WINDOWS\Summary_370.txt
2010-01-11 19:12:15 ----A---- C:\WINDOWS\Summary_369.txt
2010-01-11 18:50:46 ----A---- C:\WINDOWS\Summary_368.txt
2010-01-11 18:49:40 ----A---- C:\WINDOWS\Summary_367.txt
2010-01-11 18:43:38 ----A---- C:\WINDOWS\Summary_366.txt
2010-01-11 18:39:19 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-11 18:38:03 ----A---- C:\WINDOWS\Summary_365.txt
2010-01-11 18:35:03 ----D---- C:\WINDOWS\Debug
2010-01-11 18:18:04 ----D---- C:\WINDOWS\security
2010-01-11 18:14:10 ----D---- C:\Program Files\Messenger
2010-01-11 18:09:51 ----D---- C:\WINDOWS\Help
2010-01-11 18:09:41 ----D---- C:\Program Files\Movie Maker
2010-01-11 18:09:39 ----D---- C:\WINDOWS\system32\oobe
2010-01-11 18:08:51 ----D---- C:\WINDOWS\system32\drivers
2010-01-11 18:08:50 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-01-11 18:08:19 ----D---- C:\WINDOWS\EHome
2010-01-11 17:34:02 ----A---- C:\WINDOWS\Summary_364.txt
2010-01-11 17:31:44 ----A---- C:\WINDOWS\Summary_363.txt
2010-01-11 16:40:47 ----A---- C:\WINDOWS\Summary_362.txt
2010-01-10 22:23:55 ----A---- C:\WINDOWS\Summary_361.txt
2010-01-10 22:17:57 ----D---- C:\Qoobox
2010-01-10 22:16:26 ----D---- C:\WINDOWS\Tasks
2010-01-10 22:14:45 ----D---- C:\WINDOWS\erdnt
2010-01-10 22:01:06 ----A---- C:\WINDOWS\system.ini
2010-01-10 21:54:17 ----D---- C:\WINDOWS\AppPatch
2010-01-10 21:54:10 ----D---- C:\Program Files\Common Files
2010-01-10 16:47:09 ----A---- C:\WINDOWS\Summary_360.txt
2010-01-10 14:38:33 ----A---- C:\WINDOWS\Summary_359.txt
2010-01-10 14:34:28 ----A---- C:\WINDOWS\Summary_358.txt
2010-01-10 14:07:47 ----A---- C:\WINDOWS\Summary_357.txt
2010-01-10 14:04:45 ----A---- C:\WINDOWS\Summary_356.txt
2010-01-10 13:55:09 ----A---- C:\WINDOWS\Summary_355.txt
2010-01-10 13:48:48 ----A---- C:\WINDOWS\Summary_354.txt
2010-01-10 13:45:08 ----D---- C:\WINDOWS\system32\cs-cz
2010-01-10 13:45:06 ----D---- C:\WINDOWS\Media
2010-01-10 13:45:06 ----D---- C:\Program Files\Internet Explorer
2010-01-09 22:39:32 ----A---- C:\WINDOWS\Summary_353.txt
2010-01-09 19:51:57 ----A---- C:\WINDOWS\Summary_352.txt
2010-01-09 19:09:04 ----D---- C:\Program Files\Vstplugins
2010-01-09 18:00:58 ----A---- C:\WINDOWS\Summary_351.txt
2010-01-09 18:00:00 ----A---- C:\WINDOWS\Summary_350.txt
2010-01-09 17:50:40 ----A---- C:\WINDOWS\Summary_349.txt
2010-01-09 17:39:28 ----D---- C:\Tonda
2010-01-09 17:39:18 ----D---- C:\Programy
2010-01-09 17:16:36 ----A---- C:\WINDOWS\Summary_348.txt
2010-01-09 17:13:16 ----A---- C:\WINDOWS\Summary_347.txt
2010-01-09 11:56:18 ----A---- C:\WINDOWS\Summary_346.txt
2010-01-09 10:43:37 ----A---- C:\WINDOWS\Summary_345.txt
2010-01-09 09:44:20 ----A---- C:\WINDOWS\Summary_344.txt
2010-01-08 23:29:51 ----A---- C:\WINDOWS\Summary_343.txt
2010-01-08 23:17:43 ----A---- C:\WINDOWS\Summary_342.txt
2010-01-08 22:12:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-01-08 22:11:49 ----D---- C:\WINDOWS\Minidump
2010-01-08 22:07:28 ----D---- C:\Program Files\CCleaner
2010-01-08 17:06:27 ----A---- C:\WINDOWS\Summary_341.txt
2010-01-08 16:58:08 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$
2010-01-08 15:49:28 ----D---- C:\Program Files\Diablo II
2010-01-08 08:35:27 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-08 08:19:45 ----A---- C:\WINDOWS\Summary_340.txt
2010-01-08 08:12:14 ----A---- C:\WINDOWS\Summary_339.txt
2010-01-08 08:03:34 ----A---- C:\WINDOWS\Summary_338.txt
2010-01-07 23:52:34 ----A---- C:\WINDOWS\Summary_337.txt
2010-01-06 19:20:15 ----A---- C:\WINDOWS\Summary_336.txt
2010-01-06 18:52:18 ----RASH---- C:\boot.ini
2010-01-06 18:52:18 ----A---- C:\WINDOWS\win.ini
2010-01-06 13:45:18 ----A---- C:\WINDOWS\Summary_335.txt
2010-01-06 13:23:56 ----A---- C:\WINDOWS\Summary_334.txt
2010-01-05 17:14:29 ----D---- C:\Program Files\Winamp
2010-01-05 16:19:46 ----D---- C:\Documents and Settings\Tonny\Data aplikací\Nero
2010-01-05 16:16:40 ----D---- C:\WINDOWS\system32\mui
2010-01-05 15:36:51 ----D---- C:\Config.Msi
2010-01-05 15:36:07 ----D---- C:\Program Files\Common Files\Nero
2010-01-05 15:19:15 ----D---- C:\Program Files\Nero
2010-01-05 15:05:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2010-01-05 14:58:32 ----D---- C:\WINDOWS\WinSxS
2010-01-05 14:44:07 ----D---- C:\WINDOWS\system32\DirectX
2010-01-05 14:04:30 ----A---- C:\WINDOWS\Summary_333.txt
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-04 19:54:11 ----D---- C:\z-samsing
2010-01-04 15:50:16 ----D---- C:\Program Files\Easy CD-DA Extractor 11
2010-01-04 15:50:00 ----D---- C:\Program Files\DesetiPrsty
2010-01-04 15:49:42 ----D---- C:\Program Files\Azureus
2010-01-04 15:47:53 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-04 15:47:53 ----D---- C:\Program Files\IK Multimedia
2010-01-04 08:03:36 ----A---- C:\WINDOWS\Summary_332.txt
2010-01-04 07:56:11 ----A---- C:\WINDOWS\Summary_331.txt
2010-01-03 11:26:38 ----A---- C:\WINDOWS\Summary_330.txt
2010-01-03 00:25:52 ----A---- C:\WINDOWS\Summary_329.txt
2010-01-02 17:52:50 ----A---- C:\WINDOWS\Summary_328.txt
2010-01-01 23:23:57 ----A---- C:\WINDOWS\Summary_327.txt
2010-01-01 14:12:58 ----A---- C:\WINDOWS\Summary_326.txt
2010-01-01 13:30:08 ----A---- C:\WINDOWS\Summary_325.txt
2009-12-31 18:17:29 ----A---- C:\WINDOWS\Summary_324.txt
2009-12-31 00:03:58 ----A---- C:\WINDOWS\Summary_323.txt
2009-12-30 03:01:03 ----A---- C:\WINDOWS\Summary_322.txt
2009-12-29 17:28:49 ----A---- C:\WINDOWS\Summary_321.txt
2009-12-27 21:56:28 ----A---- C:\WINDOWS\Summary_320.txt
2009-12-27 21:49:21 ----A---- C:\WINDOWS\Summary_319.txt
2009-12-27 21:00:11 ----A---- C:\WINDOWS\Summary_318.txt
2009-12-27 20:58:28 ----A---- C:\WINDOWS\Summary_317.txt
2009-12-27 20:42:44 ----A---- C:\WINDOWS\Summary_316.txt
2009-12-27 20:41:50 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-12-27 20:40:52 ----A---- C:\WINDOWS\Summary_315.txt
2009-12-27 20:39:36 ----D---- C:\Program Files\ESET
2009-12-27 20:35:09 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2009-12-27 20:29:28 ----A---- C:\WINDOWS\Summary_314.txt
2009-12-27 09:42:32 ----A---- C:\WINDOWS\Summary_313.txt
2009-12-26 15:20:06 ----A---- C:\WINDOWS\Summary_312.txt
2009-12-25 21:29:02 ----A---- C:\WINDOWS\DUMP6ec7.tmp
2009-12-25 12:53:46 ----A---- C:\WINDOWS\Summary_311.txt
2009-12-23 23:32:03 ----A---- C:\WINDOWS\Summary_310.txt
2009-12-23 11:39:48 ----A---- C:\WINDOWS\Summary_309.txt
2009-12-22 07:49:22 ----A---- C:\WINDOWS\Summary_308.txt
2009-12-21 18:44:19 ----A---- C:\WINDOWS\Summary_307.txt
2009-12-20 12:33:57 ----A---- C:\WINDOWS\Summary_306.txt
2009-12-19 11:47:30 ----A---- C:\WINDOWS\Summary_305.txt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2003-02-27 49792]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 sf;SFI Service; C:\WINDOWS\system32\drivers\sf.sys [2003-05-09 33248]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-11-22 486280]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
R2 ASIXIo;ASIXIo; \??\C:\WINDOWS\system32\Drivers\asixio.sys []
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-12-29 56816]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys []
R2 Nsynas32;Nsynas32; C:\WINDOWS\system32\drivers\Nsynas32.sys [2001-04-09 17784]
R2 SIODRV;SIODRV; \??\C:\WINDOWS\system32\drivers\SIODRV.SYS []
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-06-02 171008]
R3 moufiltr;Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\moufiltr.sys [2007-01-14 62592]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-04-16 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 SMBios;Intel (R) System Management BIOS Service; C:\WINDOWS\System32\DRIVERS\SMBios.sys [2003-10-14 36484]
R3 smbusp;Intel(R) SMBus 2.0 Driver; C:\WINDOWS\system32\DRIVERS\smb.sys [2002-10-23 21963]
R3 US122;US122 Driver; C:\WINDOWS\System32\Drivers\US122.sys [2004-07-30 217472]
R3 Us122WdmService;US122 Wdm Audio; C:\WINDOWS\System32\Drivers\US122Wdm.sys [2004-07-30 86648]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-14 100224]
S3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2007-08-04 96704]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\WINDOWS\system32\drivers\BTNetFilter.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
S3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys []
S3 ggsemc;Sony Ericsson USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2006-03-01 8704]
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-06-02 578304]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 US122DL;US122 Firmware Downloader; C:\WINDOWS\System32\Drivers\US122DL.sys [2004-07-30 17277]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-09-10 32000]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 imonNT;Intel(R) Active Monitor; C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe [2003-11-03 106496]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2009-10-14 476528]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-16 152984]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2002-02-14 299008]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-08-20 73728]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-06-18 935208]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-01-09 488960]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-11-22 2384240]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2008-05-25 9154560]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2006-11-06 210432]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S4 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalý internet
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119386
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý internet
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý internet
Tak bohužel ComboFix nefunguje, hlásí mi toto: Some installation files are corupt Please download a fresh copy and retry installation
zkoušel jsem druhý link z oficiálních stránek a také nic. Z Instaluj.cz se podařilo spustit, ale aktualizace se serverů CF nefunguje a scan neproběhně...
zkoušel jsem druhý link z oficiálních stránek a také nic. Z Instaluj.cz se podařilo spustit, ale aktualizace se serverů CF nefunguje a scan neproběhně...
Re: Pomalý internet
Zřejmě s tím něco n stránkách udělali a operace proběhla v pořádku. Všimnul jsem si, že si CF zasedl na QIP, nevím proč. 
Zde je log z CF:
ComboFix 10-01-18.02 - Tonny 2010-01-19 14:44:59.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2046.1463 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tonny\Plocha\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Tonny\Dokumenty\BackupRegistry(20100111).reg
c:\documents and settings\Tonny\Dokumenty\BackupRegistry(20100117).reg
c:\program files\QIP
c:\program files\QIP\LI\current.cfg
c:\program files\QIP\LI\English\_cntry.lng
c:\program files\QIP\LI\English\_intrsts.lng
c:\program files\QIP\LI\English\_langs.lng
c:\program files\QIP\LI\English\_marital.lng
c:\program files\QIP\LI\English\_occup.lng
c:\program files\QIP\LI\English\_orgs.lng
c:\program files\QIP\LI\English\_past.lng
c:\program files\QIP\LI\English\_rndchat.lng
c:\program files\QIP\LI\English\desc.txt
c:\program files\QIP\LI\English\chars_r.ini
c:\program files\QIP\LI\English\chars_t.ini
c:\program files\QIP\LI\English\lang.ini
c:\program files\QIP\LI\langs.cfg
c:\program files\QIP\LI\Russian\_cntry.lng
c:\program files\QIP\LI\Russian\_intrsts.lng
c:\program files\QIP\LI\Russian\_langs.lng
c:\program files\QIP\LI\Russian\_marital.lng
c:\program files\QIP\LI\Russian\_occup.lng
c:\program files\QIP\LI\Russian\_orgs.lng
c:\program files\QIP\LI\Russian\_past.lng
c:\program files\QIP\LI\Russian\_rndchat.lng
c:\program files\QIP\LI\Russian\desc.txt
c:\program files\QIP\LI\Russian\chars_r.ini
c:\program files\QIP\LI\Russian\chars_t.ini
c:\program files\QIP\LI\Russian\lang.ini
c:\program files\QIP\Plugins\docking.dll
c:\program files\QIP\qip.exe
c:\program files\QIP\QIP.license
c:\program files\QIP\Skins\current.cfg
c:\program files\QIP\Skins\ICQ5\addopt.bmp
c:\program files\QIP\Skins\ICQ5\allicons.bmp
c:\program files\QIP\Skins\ICQ5\clbg.bmp
c:\program files\QIP\Skins\ICQ5\clevent.bmp
c:\program files\QIP\Skins\ICQ5\clstatus.bmp
c:\program files\QIP\Skins\ICQ5\Colors.ini
c:\program files\QIP\Skins\ICQ5\desc.txt
c:\program files\QIP\Skins\ICQ5\downbutton1.bmp
c:\program files\QIP\Skins\ICQ5\fadehlp.bmp
c:\program files\QIP\Skins\ICQ5\fadehlpt.bmp
c:\program files\QIP\Skins\ICQ5\fademsg.bmp
c:\program files\QIP\Skins\ICQ5\fademsgt.bmp
c:\program files\QIP\Skins\ICQ5\fadesrv.bmp
c:\program files\QIP\Skins\ICQ5\fadesrvt.bmp
c:\program files\QIP\Skins\ICQ5\msgbg.bmp
c:\program files\QIP\Skins\ICQ5\msgbge.bmp
c:\program files\QIP\Skins\ICQ5\noimage.jpg
c:\program files\QIP\Skins\ICQ5\qipbtn.bmp
c:\program files\QIP\Skins\ICQ5\signs.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\_define.ini
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\aa.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ab.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ac.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ad.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ae.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\af.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ag.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ah.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ai.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\aj.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ak.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\al.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\am.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\an.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ao.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ap.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\aq.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ar.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\as.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\at.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\au.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\av.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\aw.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ax.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ay.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\az.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ba.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bb.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bc.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bd.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\be.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bf.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bg.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bh.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bi.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bj.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bk.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bl.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bm.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bn.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bo.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bp.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bq.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\br.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bs.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bt.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bu.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bv.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bw.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\Copyright(eng).txt
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\Copyright.txt
c:\program files\QIP\Skins\ICQ5\Smilies\Static\_define.ini
c:\program files\QIP\Skins\ICQ5\Smilies\Static\aa.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ab.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ac.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ad.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ae.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\af.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ag.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ah.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ai.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\aj.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ak.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\al.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\am.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\an.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ao.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ap.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\aq.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ar.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\as.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\at.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\au.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\av.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\aw.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ax.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ay.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ba.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\bb.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\bc.bmp
c:\program files\QIP\Skins\ICQ5\splash.bmp
c:\program files\QIP\Skins\ICQ5\st_custom.bmp
c:\program files\QIP\Skins\ICQ5\statuses.bmp
c:\program files\QIP\Skins\ICQ5\title.bmp
c:\program files\QIP\Skins\ICQ5\tray.bmp
c:\program files\QIP\Skins\ICQ5\tray2k.bmp
c:\program files\QIP\Skins\ICQ5\upbutton1.bmp
c:\program files\QIP\Skins\ICQ5\upbutton2.bmp
c:\program files\QIP\Skins\ICQ5\upbutton3.bmp
c:\program files\QIP\Skins\ICQ5\userinfo.bmp
c:\program files\QIP\Skins\ICQ5\vis.bmp
c:\program files\QIP\Skins\skins.cfg
c:\program files\QIP\Sounds\sndAuth.wav
c:\program files\QIP\Sounds\sndGlobal.wav
c:\program files\QIP\Sounds\sndMsg.wav
c:\program files\QIP\Sounds\sndMsgSent.wav
c:\program files\QIP\Sounds\sndPlugin.wav
c:\program files\QIP\Sounds\sndRemSelf.wav
c:\program files\QIP\Sounds\sndSrvMsg.wav
c:\program files\QIP\Sounds\sndStartup.wav
c:\program files\QIP\Sounds\sndSystem.wav
c:\program files\QIP\unins000.dat
c:\program files\QIP\unins000.exe
c:\program files\QIP\unins001.dat
c:\program files\QIP\unins001.exe
c:\program files\QIP\Users\234697556\_birth.txt
c:\program files\QIP\Users\234697556\_botq.txt
c:\program files\QIP\Users\234697556\_events.txt
c:\program files\QIP\Users\234697556\_eye.txt
c:\program files\QIP\Users\234697556\_groups.txt
c:\program files\QIP\Users\234697556\_m_away.txt
c:\program files\QIP\Users\234697556\_m_depr.txt
c:\program files\QIP\Users\234697556\_m_dnd.txt
c:\program files\QIP\Users\234697556\_m_evil.txt
c:\program files\QIP\Users\234697556\_m_ffc.txt
c:\program files\QIP\Users\234697556\_m_home.txt
c:\program files\QIP\Users\234697556\_m_lunch.txt
c:\program files\QIP\Users\234697556\_m_na.txt
c:\program files\QIP\Users\234697556\_m_occup.txt
c:\program files\QIP\Users\234697556\_m_work.txt
c:\program files\QIP\Users\234697556\_premsg.txt
c:\program files\QIP\Users\234697556\_st_away.txt
c:\program files\QIP\Users\234697556\_st_cust.txt
c:\program files\QIP\Users\234697556\234697556.cl
c:\program files\QIP\Users\234697556\234697556.clg
c:\program files\QIP\Users\234697556\234697556.cli
c:\program files\QIP\Users\234697556\234697556.clv
c:\program files\QIP\Users\234697556\234697556.lcl
c:\program files\QIP\Users\234697556\234697556.nil
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_01.cl
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_01.clg
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_01.cli
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_01.clv
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_08.cl
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_08.clg
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_08.cli
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_08.clv
c:\program files\QIP\Users\234697556\Config.ini
c:\program files\QIP\Users\234697556\Devils\110658021.jpg
c:\program files\QIP\Users\234697556\Devils\191043187.jpg
c:\program files\QIP\Users\234697556\Devils\196032800.jpg
c:\program files\QIP\Users\234697556\Devils\200802418.jpg
c:\program files\QIP\Users\234697556\Devils\205489615.jpg
c:\program files\QIP\Users\234697556\Devils\206579199.jpg
c:\program files\QIP\Users\234697556\Devils\219326738.jpg
c:\program files\QIP\Users\234697556\Devils\252796106.jpg
c:\program files\QIP\Users\234697556\Devils\255070763.jpg
c:\program files\QIP\Users\234697556\Devils\268630382.jpg
c:\program files\QIP\Users\234697556\Devils\280617872.jpg
c:\program files\QIP\Users\234697556\Devils\316235341.jpg
c:\program files\QIP\Users\234697556\Devils\331313334.jpg
c:\program files\QIP\Users\234697556\History\_srvlog.txt
c:\program files\QIP\Users\234697556\History\194974905.txt
c:\program files\QIP\Users\234697556\History\216183197.txt
c:\program files\QIP\Users\234697556\History\293107991.txt
c:\program files\QIP\Users\234697556\History\463889608.txt
c:\program files\QIP\Users\481246509\_birth.txt
c:\program files\QIP\Users\481246509\_botq.txt
c:\program files\QIP\Users\481246509\_events.txt
c:\program files\QIP\Users\481246509\_eye.txt
c:\program files\QIP\Users\481246509\_groups.txt
c:\program files\QIP\Users\481246509\_m_away.txt
c:\program files\QIP\Users\481246509\_m_depr.txt
c:\program files\QIP\Users\481246509\_m_dnd.txt
c:\program files\QIP\Users\481246509\_m_evil.txt
c:\program files\QIP\Users\481246509\_m_ffc.txt
c:\program files\QIP\Users\481246509\_m_home.txt
c:\program files\QIP\Users\481246509\_m_lunch.txt
c:\program files\QIP\Users\481246509\_m_na.txt
c:\program files\QIP\Users\481246509\_m_occup.txt
c:\program files\QIP\Users\481246509\_m_work.txt
c:\program files\QIP\Users\481246509\_premsg.txt
c:\program files\QIP\Users\481246509\_st_away.txt
c:\program files\QIP\Users\481246509\_st_cust.txt
c:\program files\QIP\Users\481246509\481246509.cl
c:\program files\QIP\Users\481246509\481246509.clg
c:\program files\QIP\Users\481246509\481246509.cli
c:\program files\QIP\Users\481246509\481246509.clv
c:\program files\QIP\Users\481246509\481246509.lcl
c:\program files\QIP\Users\481246509\481246509.nil
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_11.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_11.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_11.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_11.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_12.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_12.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_12.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_12.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_01.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_01.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_01.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_01.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_02.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_02.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_02.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_02.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_03.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_03.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_03.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_03.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_04.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_04.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_04.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_04.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_05.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_05.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_05.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_05.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_06.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_06.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_06.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_06.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_07.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_07.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_07.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_07.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_08.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_08.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_08.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_08.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_09.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_09.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_09.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_09.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_10.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_10.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_10.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_10.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_11.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_11.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_11.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_11.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_12.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_12.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_12.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_12.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_01.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_01.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_01.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_01.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_02.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_02.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_02.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_02.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_03.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_03.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_03.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_03.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_04.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_04.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_04.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_04.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_05.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_05.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_05.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_05.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_06.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_06.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_06.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_06.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_08.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_08.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_08.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_08.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_09.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_09.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_09.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_09.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2010_01.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2010_01.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2010_01.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2010_01.clv
c:\program files\QIP\Users\481246509\Config.ini
c:\program files\QIP\Users\481246509\Devils\151061422.jpg
c:\program files\QIP\Users\481246509\Devils\153765861.jpg
c:\program files\QIP\Users\481246509\Devils\160703375.jpg
c:\program files\QIP\Users\481246509\Devils\165403959.jpg
c:\program files\QIP\Users\481246509\Devils\190377363.jpg
c:\program files\QIP\Users\481246509\Devils\192622134.jpg
c:\program files\QIP\Users\481246509\Devils\192732400.jpg
c:\program files\QIP\Users\481246509\Devils\193966314.jpg
c:\program files\QIP\Users\481246509\Devils\193978426.jpg
c:\program files\QIP\Users\481246509\Devils\194754008.jpg
c:\program files\QIP\Users\481246509\Devils\194998164.jpg
c:\program files\QIP\Users\481246509\Devils\195843890.jpg
c:\program files\QIP\Users\481246509\Devils\198054620.jpg
c:\program files\QIP\Users\481246509\Devils\198403802.jpg
c:\program files\QIP\Users\481246509\Devils\199023260.jpg
c:\program files\QIP\Users\481246509\Devils\199389815.jpg
c:\program files\QIP\Users\481246509\Devils\200802418.jpg
c:\program files\QIP\Users\481246509\Devils\204115857.jpg
c:\program files\QIP\Users\481246509\Devils\206040170.jpg
c:\program files\QIP\Users\481246509\Devils\206077426.jpg
c:\program files\QIP\Users\481246509\Devils\206337574.jpg
c:\program files\QIP\Users\481246509\Devils\206740674.jpg
c:\program files\QIP\Users\481246509\Devils\207448733.jpg
c:\program files\QIP\Users\481246509\Devils\210938823.jpg
c:\program files\QIP\Users\481246509\Devils\212845301.jpg
c:\program files\QIP\Users\481246509\Devils\213784642.jpg
c:\program files\QIP\Users\481246509\Devils\214598072.jpg
c:\program files\QIP\Users\481246509\Devils\215205040.jpg
c:\program files\QIP\Users\481246509\Devils\216812650.jpg
c:\program files\QIP\Users\481246509\Devils\216925142.jpg
c:\program files\QIP\Users\481246509\Devils\218389743.jpg
c:\program files\QIP\Users\481246509\Devils\219594063.jpg
c:\program files\QIP\Users\481246509\Devils\223111583.jpg
c:\program files\QIP\Users\481246509\Devils\223320186.jpg
c:\program files\QIP\Users\481246509\Devils\223381520.jpg
c:\program files\QIP\Users\481246509\Devils\228405356.jpg
c:\program files\QIP\Users\481246509\Devils\228847678.jpg
c:\program files\QIP\Users\481246509\Devils\229658930.jpg
c:\program files\QIP\Users\481246509\Devils\230215625.jpg
c:\program files\QIP\Users\481246509\Devils\230457027.jpg
c:\program files\QIP\Users\481246509\Devils\230559531.jpg
c:\program files\QIP\Users\481246509\Devils\230757887.jpg
c:\program files\QIP\Users\481246509\Devils\231319497.bmp
c:\program files\QIP\Users\481246509\Devils\232222776.jpg
c:\program files\QIP\Users\481246509\Devils\232294120.jpg
c:\program files\QIP\Users\481246509\Devils\233018385.jpg
c:\program files\QIP\Users\481246509\Devils\233750656.jpg
c:\program files\QIP\Users\481246509\Devils\235459755.jpg
c:\program files\QIP\Users\481246509\Devils\237013534.jpg
c:\program files\QIP\Users\481246509\Devils\237835409.gif
c:\program files\QIP\Users\481246509\Devils\238086126.jpg
c:\program files\QIP\Users\481246509\Devils\238200035.jpg
c:\program files\QIP\Users\481246509\Devils\240662462.jpg
c:\program files\QIP\Users\481246509\Devils\240701496.jpg
c:\program files\QIP\Users\481246509\Devils\240900789.jpg
c:\program files\QIP\Users\481246509\Devils\242833102.jpg
c:\program files\QIP\Users\481246509\Devils\243101565.jpg
c:\program files\QIP\Users\481246509\Devils\244937348.jpg
c:\program files\QIP\Users\481246509\Devils\245864000.jpg
c:\program files\QIP\Users\481246509\Devils\246069417.jpg
c:\program files\QIP\Users\481246509\Devils\246905753.jpg
c:\program files\QIP\Users\481246509\Devils\246967877.jpg
c:\program files\QIP\Users\481246509\Devils\247793406.jpg
c:\program files\QIP\Users\481246509\Devils\248623725.gif
c:\program files\QIP\Users\481246509\Devils\249145508.jpg
c:\program files\QIP\Users\481246509\Devils\249531893.jpg
c:\program files\QIP\Users\481246509\Devils\250574970.jpg
c:\program files\QIP\Users\481246509\Devils\250922129.jpg
c:\program files\QIP\Users\481246509\Devils\251004332.jpg
c:\program files\QIP\Users\481246509\Devils\251479909.jpg
c:\program files\QIP\Users\481246509\Devils\252796106.jpg
c:\program files\QIP\Users\481246509\Devils\253701917.jpg
c:\program files\QIP\Users\481246509\Devils\255067313.jpg
c:\program files\QIP\Users\481246509\Devils\256430554.jpg
c:\program files\QIP\Users\481246509\Devils\257136531.jpg
c:\program files\QIP\Users\481246509\Devils\259575511.jpg
c:\program files\QIP\Users\481246509\Devils\261469049.jpg
c:\program files\QIP\Users\481246509\Devils\261607318.jpg
c:\program files\QIP\Users\481246509\Devils\263822596.jpg
c:\program files\QIP\Users\481246509\Devils\268067955.jpg
c:\program files\QIP\Users\481246509\Devils\268586113.jpg
c:\program files\QIP\Users\481246509\Devils\269479995.jpg
c:\program files\QIP\Users\481246509\Devils\270703999.jpg
c:\program files\QIP\Users\481246509\Devils\271369645.jpg
c:\program files\QIP\Users\481246509\Devils\274739993.jpg
c:\program files\QIP\Users\481246509\Devils\275260326.jpg
c:\program files\QIP\Users\481246509\Devils\276106719.jpg
c:\program files\QIP\Users\481246509\Devils\277681025.jpg
c:\program files\QIP\Users\481246509\Devils\278081315.jpg
c:\program files\QIP\Users\481246509\Devils\286744863.jpg
c:\program files\QIP\Users\481246509\Devils\287302544.jpg
c:\program files\QIP\Users\481246509\Devils\287306704.jpg
c:\program files\QIP\Users\481246509\Devils\289003790.jpg
c:\program files\QIP\Users\481246509\Devils\290259305.jpg
c:\program files\QIP\Users\481246509\Devils\290771495.jpg
c:\program files\QIP\Users\481246509\Devils\292400465.jpg
c:\program files\QIP\Users\481246509\Devils\292845675.jpg
c:\program files\QIP\Users\481246509\Devils\293389063.gif
c:\program files\QIP\Users\481246509\Devils\294370282.jpg
c:\program files\QIP\Users\481246509\Devils\296344436.jpg
c:\program files\QIP\Users\481246509\Devils\296692336.jpg
c:\program files\QIP\Users\481246509\Devils\298550253.jpg
c:\program files\QIP\Users\481246509\Devils\299282780.jpg
c:\program files\QIP\Users\481246509\Devils\300183125.jpg
c:\program files\QIP\Users\481246509\Devils\300325658.jpg
c:\program files\QIP\Users\481246509\Devils\302291429.jpg
c:\program files\QIP\Users\481246509\Devils\302784270.jpg
c:\program files\QIP\Users\481246509\Devils\303600227.jpg
c:\program files\QIP\Users\481246509\Devils\303993258.jpg
c:\program files\QIP\Users\481246509\Devils\305094064.jpg
c:\program files\QIP\Users\481246509\Devils\307506004.jpg
c:\program files\QIP\Users\481246509\Devils\308995447.jpg
c:\program files\QIP\Users\481246509\Devils\310312734.jpg
c:\program files\QIP\Users\481246509\Devils\314462267.jpg
c:\program files\QIP\Users\481246509\Devils\315843623.jpg
c:\program files\QIP\Users\481246509\Devils\315903135.jpg
c:\program files\QIP\Users\481246509\Devils\315997718.jpg
c:\program files\QIP\Users\481246509\Devils\316499604.jpg
c:\program files\QIP\Users\481246509\Devils\317713165.jpg
c:\program files\QIP\Users\481246509\Devils\317988030.jpg
c:\program files\QIP\Users\481246509\Devils\320242757.jpg
c:\program files\QIP\Users\481246509\Devils\322665435.jpg
c:\program files\QIP\Users\481246509\Devils\323310458.jpg
c:\program files\QIP\Users\481246509\Devils\325018482.jpg
c:\program files\QIP\Users\481246509\Devils\325409168.jpg
c:\program files\QIP\Users\481246509\Devils\326195048.jpg
c:\program files\QIP\Users\481246509\Devils\326495554.jpg
c:\program files\QIP\Users\481246509\Devils\327768439.jpg
c:\program files\QIP\Users\481246509\Devils\328146958.jpg
c:\program files\QIP\Users\481246509\Devils\328542269.jpg
c:\program files\QIP\Users\481246509\Devils\330833578.jpg
c:\program files\QIP\Users\481246509\Devils\331048556.jpg
c:\program files\QIP\Users\481246509\Devils\331313334.jpg
c:\program files\QIP\Users\481246509\Devils\331397609.jpg
c:\program files\QIP\Users\481246509\Devils\331674796.jpg
c:\program files\QIP\Users\481246509\Devils\331985790.jpg
c:\program files\QIP\Users\481246509\Devils\332135355.jpg
c:\program files\QIP\Users\481246509\Devils\334392303.jpg
c:\program files\QIP\Users\481246509\Devils\336472541.jpg
c:\program files\QIP\Users\481246509\Devils\336599729.jpg
c:\program files\QIP\Users\481246509\Devils\338071625.jpg
c:\program files\QIP\Users\481246509\Devils\339202722.jpg
c:\program files\QIP\Users\481246509\Devils\340939710.jpg
c:\program files\QIP\Users\481246509\Devils\345043870.jpg
c:\program files\QIP\Users\481246509\Devils\347092532.jpg
c:\program files\QIP\Users\481246509\Devils\347761618.jpg
c:\program files\QIP\Users\481246509\Devils\348769000.jpg
c:\program files\QIP\Users\481246509\Devils\351259842.jpg
c:\program files\QIP\Users\481246509\Devils\354853527.jpg
c:\program files\QIP\Users\481246509\Devils\354980973.jpg
c:\program files\QIP\Users\481246509\Devils\355144953.jpg
c:\program files\QIP\Users\481246509\Devils\356203029.jpg
c:\program files\QIP\Users\481246509\Devils\357444242.jpg
c:\program files\QIP\Users\481246509\Devils\362562166.jpg
c:\program files\QIP\Users\481246509\Devils\369720608.gif
c:\program files\QIP\Users\481246509\Devils\387794975.jpg
c:\program files\QIP\Users\481246509\Devils\388273887.jpg
c:\program files\QIP\Users\481246509\Devils\394585511.jpg
c:\program files\QIP\Users\481246509\Devils\395271576.jpg
c:\program files\QIP\Users\481246509\Devils\396661573.jpg
c:\program files\QIP\Users\481246509\Devils\398472954.jpg
c:\program files\QIP\Users\481246509\Devils\398573878.jpg
c:\program files\QIP\Users\481246509\Devils\410363403.jpg
c:\program files\QIP\Users\481246509\Devils\426631184.jpg
c:\program files\QIP\Users\481246509\Devils\428468084.jpg
c:\program files\QIP\Users\481246509\Devils\447641413.jpg
c:\program files\QIP\Users\481246509\Devils\453664067.jpg
c:\program files\QIP\Users\481246509\Devils\458243878.jpg
c:\program files\QIP\Users\481246509\Devils\463271341.jpg
c:\program files\QIP\Users\481246509\Devils\475799529.jpg
c:\program files\QIP\Users\481246509\Devils\476129439.jpg
c:\program files\QIP\Users\481246509\Devils\478765440.jpg
c:\program files\QIP\Users\481246509\Devils\481246509.jpg
c:\program files\QIP\Users\481246509\Devils\493961474.jpg
c:\program files\QIP\Users\481246509\Devils\85777957.jpg
c:\program files\QIP\Users\481246509\History\_srvlog.txt
c:\program files\QIP\Users\481246509\History\1.txt
c:\program files\QIP\Users\481246509\History\100817325.txt
c:\program files\QIP\Users\481246509\History\141890393.txt
c:\program files\QIP\Users\481246509\History\151061422.txt
c:\program files\QIP\Users\481246509\History\153765861.txt
c:\program files\QIP\Users\481246509\History\155372451.txt
c:\program files\QIP\Users\481246509\History\160703375.txt
c:\program files\QIP\Users\481246509\History\165403959.txt
c:\program files\QIP\Users\481246509\History\190377363.txt
c:\program files\QIP\Users\481246509\History\192622134.txt
c:\program files\QIP\Users\481246509\History\192732400.txt
c:\program files\QIP\Users\481246509\History\193257592.txt
c:\program files\QIP\Users\481246509\History\193966314.txt
c:\program files\QIP\Users\481246509\History\193978426.txt
c:\program files\QIP\Users\481246509\History\194754008.txt
c:\program files\QIP\Users\481246509\History\194974905.txt
c:\program files\QIP\Users\481246509\History\194998164.txt
c:\program files\QIP\Users\481246509\History\195843890.txt
c:\program files\QIP\Users\481246509\History\196120586.txt
c:\program files\QIP\Users\481246509\History\198054620.txt
c:\program files\QIP\Users\481246509\History\198403802.txt
c:\program files\QIP\Users\481246509\History\198410536.txt
c:\program files\QIP\Users\481246509\History\199023260.txt
c:\program files\QIP\Users\481246509\History\199234132.txt
c:\program files\QIP\Users\481246509\History\199389815.txt
c:\program files\QIP\Users\481246509\History\200802418.txt
c:\program files\QIP\Users\481246509\History\204115857.txt
c:\program files\QIP\Users\481246509\History\205282605.txt
c:\program files\QIP\Users\481246509\History\206040170.txt
c:\program files\QIP\Users\481246509\History\206077426.txt
c:\program files\QIP\Users\481246509\History\206337574.txt
c:\program files\QIP\Users\481246509\History\206570561.txt
c:\program files\QIP\Users\481246509\History\206740674.txt
c:\program files\QIP\Users\481246509\History\207448733.txt
c:\program files\QIP\Users\481246509\History\210938823.txt
c:\program files\QIP\Users\481246509\History\212845301.txt
c:\program files\QIP\Users\481246509\History\213784642.txt
c:\program files\QIP\Users\481246509\History\214598072.txt
c:\program files\QIP\Users\481246509\History\215205040.txt
c:\program files\QIP\Users\481246509\History\216812650.txt
c:\program files\QIP\Users\481246509\History\216925142.txt
c:\program files\QIP\Users\481246509\History\218389743.txt
c:\program files\QIP\Users\481246509\History\219594063.txt
c:\program files\QIP\Users\481246509\History\221746953.txt
c:\program files\QIP\Users\481246509\History\222116626.txt
c:\program files\QIP\Users\481246509\History\223111583.txt
c:\program files\QIP\Users\481246509\History\223320186.txt
c:\program files\QIP\Users\481246509\History\223381520.txt
c:\program files\QIP\Users\481246509\History\225771440.txt
c:\program files\QIP\Users\481246509\History\228352065.txt
c:\program files\QIP\Users\481246509\History\228405356.txt
c:\program files\QIP\Users\481246509\History\228847678.txt
c:\program files\QIP\Users\481246509\History\229658930.txt
c:\program files\QIP\Users\481246509\History\230215625.txt
c:\program files\QIP\Users\481246509\History\230457027.txt
c:\program files\QIP\Users\481246509\History\230559531.txt
c:\program files\QIP\Users\481246509\History\230757887.txt
c:\program files\QIP\Users\481246509\History\231319497.txt
c:\program files\QIP\Users\481246509\History\232222776.txt
c:\program files\QIP\Users\481246509\History\232294120.txt
c:\program files\QIP\Users\481246509\History\232554056.txt
c:\program files\QIP\Users\481246509\History\233018385.txt
c:\program files\QIP\Users\481246509\History\233750656.txt
c:\program files\QIP\Users\481246509\History\234522975.txt
c:\program files\QIP\Users\481246509\History\234697556.txt
c:\program files\QIP\Users\481246509\History\235459755.txt
c:\program files\QIP\Users\481246509\History\237013534.txt
c:\program files\QIP\Users\481246509\History\237835409.txt
c:\program files\QIP\Users\481246509\History\238086126.txt
c:\program files\QIP\Users\481246509\History\238200035.txt
c:\program files\QIP\Users\481246509\History\240662462.txt
c:\program files\QIP\Users\481246509\History\240701496.txt
c:\program files\QIP\Users\481246509\History\240900789.txt
c:\program files\QIP\Users\481246509\History\242833102.txt
c:\program files\QIP\Users\481246509\History\243101565.txt
c:\program files\QIP\Users\481246509\History\244736435.txt
c:\program files\QIP\Users\481246509\History\244937348.txt
c:\program files\QIP\Users\481246509\History\245864000.txt
c:\program files\QIP\Users\481246509\History\246069417.txt
c:\program files\QIP\Users\481246509\History\246905753.txt
c:\program files\QIP\Users\481246509\History\246967877.txt
c:\program files\QIP\Users\481246509\History\247793406.txt
c:\program files\QIP\Users\481246509\History\248623725.txt
c:\program files\QIP\Users\481246509\History\249531893.txt
c:\program files\QIP\Users\481246509\History\250574970.txt
c:\program files\QIP\Users\481246509\History\250586611.txt
c:\program files\QIP\Users\481246509\History\250922129.txt
c:\program files\QIP\Users\481246509\History\251004332.txt
c:\program files\QIP\Users\481246509\History\251437418.txt
c:\program files\QIP\Users\481246509\History\251479909.txt
c:\program files\QIP\Users\481246509\History\252121115.txt
c:\program files\QIP\Users\481246509\History\252796106.txt
c:\program files\QIP\Users\481246509\History\253701917.txt
c:\program files\QIP\Users\481246509\History\253806720.txt
c:\program files\QIP\Users\481246509\History\255067313.txt
c:\program files\QIP\Users\481246509\History\256430554.txt
c:\program files\QIP\Users\481246509\History\257136531.txt
c:\program files\QIP\Users\481246509\History\257923085.txt
c:\program files\QIP\Users\481246509\History\259575511.txt
c:\program files\QIP\Users\481246509\History\260869987.txt
c:\program files\QIP\Users\481246509\History\261469049.txt
c:\program files\QIP\Users\481246509\History\261607318.txt
c:\program files\QIP\Users\481246509\History\263822596.txt
c:\program files\QIP\Users\481246509\History\267770036.txt
c:\program files\QIP\Users\481246509\History\268067955.txt
c:\program files\QIP\Users\481246509\History\268586113.txt
c:\program files\QIP\Users\481246509\History\269479995.txt
c:\program files\QIP\Users\481246509\History\270703999.txt
c:\program files\QIP\Users\481246509\History\271369645.txt
c:\program files\QIP\Users\481246509\History\273092624.txt
c:\program files\QIP\Users\481246509\History\274739993.txt
c:\program files\QIP\Users\481246509\History\275260326.txt
c:\program files\QIP\Users\481246509\History\276036518.txt
c:\program files\QIP\Users\481246509\History\276106719.txt
c:\program files\QIP\Users\481246509\History\277374629.txt
c:\program files\QIP\Users\481246509\History\277681025.txt
c:\program files\QIP\Users\481246509\History\278081315.txt
c:\program files\QIP\Users\481246509\History\278918008.txt
c:\program files\QIP\Users\481246509\History\286744863.txt
c:\program files\QIP\Users\481246509\History\287302544.txt
c:\program files\QIP\Users\481246509\History\287306704.txt
c:\program files\QIP\Users\481246509\History\288600199.txt
c:\program files\QIP\Users\481246509\History\289003790.txt
c:\program files\QIP\Users\481246509\History\290245894.txt
c:\program files\QIP\Users\481246509\History\290259305.txt
c:\program files\QIP\Users\481246509\History\290771495.txt
c:\program files\QIP\Users\481246509\History\292400465.txt
c:\program files\QIP\Users\481246509\History\292845675.txt
c:\program files\QIP\Users\481246509\History\293389063.txt
c:\program files\QIP\Users\481246509\History\294119232.txt
c:\program files\QIP\Users\481246509\History\294370282.txt
c:\program files\QIP\Users\481246509\History\296344436.txt
c:\program files\QIP\Users\481246509\History\296692336.txt
c:\program files\QIP\Users\481246509\History\298550253.txt
c:\program files\QIP\Users\481246509\History\299282780.txt
c:\program files\QIP\Users\481246509\History\300183125.txt
c:\program files\QIP\Users\481246509\History\300325658.txt
c:\program files\QIP\Users\481246509\History\301012169.txt
c:\program files\QIP\Users\481246509\History\302291429.txt
c:\program files\QIP\Users\481246509\History\302784270.txt
c:\program files\QIP\Users\481246509\History\303000102.txt
c:\program files\QIP\Users\481246509\History\303600227.txt
c:\program files\QIP\Users\481246509\History\303993258.txt
c:\program files\QIP\Users\481246509\History\305094064.txt
c:\program files\QIP\Users\481246509\History\307506004.txt
c:\program files\QIP\Users\481246509\History\307554778.txt
c:\program files\QIP\Users\481246509\History\308428806.txt
c:\program files\QIP\Users\481246509\History\308973757.txt
c:\program files\QIP\Users\481246509\History\308995447.txt
c:\program files\QIP\Users\481246509\History\310312734.txt
c:\program files\QIP\Users\481246509\History\311762574.txt
c:\program files\QIP\Users\481246509\History\312473585.txt
c:\program files\QIP\Users\481246509\History\313227758.txt
c:\program files\QIP\Users\481246509\History\313315769.txt
c:\program files\QIP\Users\481246509\History\314462267.txt
c:\program files\QIP\Users\481246509\History\315776853.txt
c:\program files\QIP\Users\481246509\History\315843623.txt
c:\program files\QIP\Users\481246509\History\315903135.txt
c:\program files\QIP\Users\481246509\History\315997718.txt
c:\program files\QIP\Users\481246509\History\316499604.txt
c:\program files\QIP\Users\481246509\History\317713165.txt
c:\program files\QIP\Users\481246509\History\317756292.txt
c:\program files\QIP\Users\481246509\History\317988030.txt
c:\program files\QIP\Users\481246509\History\318437153.txt
c:\program files\QIP\Users\481246509\History\319844504.txt
c:\program files\QIP\Users\481246509\History\320242757.txt
c:\program files\QIP\Users\481246509\History\321554506.txt
c:\program files\QIP\Users\481246509\History\322665435.txt
c:\program files\QIP\Users\481246509\History\323310458.txt
c:\program files\QIP\Users\481246509\History\323387296.txt
c:\program files\QIP\Users\481246509\History\324141823.txt
c:\program files\QIP\Users\481246509\History\325018482.txt
c:\program files\QIP\Users\481246509\History\325409168.txt
c:\program files\QIP\Users\481246509\History\326195048.txt
c:\program files\QIP\Users\481246509\History\326495554.txt
c:\program files\QIP\Users\481246509\History\327768439.txt
c:\program files\QIP\Users\481246509\History\328146958.txt
c:\program files\QIP\Users\481246509\History\328542269.txt
c:\program files\QIP\Users\481246509\History\330833578.txt
c:\program files\QIP\Users\481246509\History\331048556.txt
c:\program files\QIP\Users\481246509\History\331313334.txt
c:\program files\QIP\Users\481246509\History\331397609.txt
c:\program files\QIP\Users\481246509\History\331674796.txt
c:\program files\QIP\Users\481246509\History\331985790.txt
c:\program files\QIP\Users\481246509\History\332135355.txt
c:\program files\QIP\Users\481246509\History\334392303.txt
c:\program files\QIP\Users\481246509\History\334510984.txt
c:\program files\QIP\Users\481246509\History\336472541.txt
c:\program files\QIP\Users\481246509\History\336599729.txt
c:\program files\QIP\Users\481246509\History\337116994.txt
c:\program files\QIP\Users\481246509\History\338071625.txt
c:\program files\QIP\Users\481246509\History\339202722.txt
c:\program files\QIP\Users\481246509\History\339894679.txt
c:\program files\QIP\Users\481246509\History\340939710.txt
c:\program files\QIP\Users\481246509\History\340972480.txt
c:\program files\QIP\Users\481246509\History\341411050.txt
c:\program files\QIP\Users\481246509\History\344131187.txt
c:\program files\QIP\Users\481246509\History\345043870.txt
c:\program files\QIP\Users\481246509\History\347092532.txt
c:\program files\QIP\Users\481246509\History\347516315.txt
c:\program files\QIP\Users\481246509\History\347761618.txt
c:\program files\QIP\Users\481246509\History\348326280.txt
c:\program files\QIP\Users\481246509\History\348508662.txt
c:\program files\QIP\Users\481246509\History\348769000.txt
c:\program files\QIP\Users\481246509\History\349080109.txt
c:\program files\QIP\Users\481246509\History\350331288.txt
c:\program files\QIP\Users\481246509\History\351259842.txt
c:\program files\QIP\Users\481246509\History\354853527.txt
c:\program files\QIP\Users\481246509\History\354980973.txt
c:\program files\QIP\Users\481246509\History\355144953.txt
c:\program files\QIP\Users\481246509\History\356203029.txt
c:\program files\QIP\Users\481246509\History\357444242.txt
c:\program files\QIP\Users\481246509\History\358081094.txt
c:\program files\QIP\Users\481246509\History\360011340.txt
c:\program files\QIP\Users\481246509\History\360598034.txt
c:\program files\QIP\Users\481246509\History\361201962.txt
c:\program files\QIP\Users\481246509\History\362562166.txt
c:\program files\QIP\Users\481246509\History\364539287.txt
c:\program files\QIP\Users\481246509\History\369720608.txt
c:\program files\QIP\Users\481246509\History\370765208.txt
c:\program files\QIP\Users\481246509\History\370953600.txt
c:\program files\QIP\Users\481246509\History\372321957.txt
c:\program files\QIP\Users\481246509\History\376130534.txt
c:\program files\QIP\Users\481246509\History\378329928.txt
c:\program files\QIP\Users\481246509\History\381143130.txt
c:\program files\QIP\Users\481246509\History\381355692.txt
c:\program files\QIP\Users\481246509\History\382026223.txt
c:\program files\QIP\Users\481246509\History\382232911.txt
c:\program files\QIP\Users\481246509\History\383593049.txt
c:\program files\QIP\Users\481246509\History\387794975.txt
c:\program files\QIP\Users\481246509\History\388273887.txt
c:\program files\QIP\Users\481246509\History\393928146.txt
c:\program files\QIP\Users\481246509\History\394585511.txt
c:\program files\QIP\Users\481246509\History\395271576.txt
c:\program files\QIP\Users\481246509\History\395626417.txt
c:\program files\QIP\Users\481246509\History\396661573.txt
c:\program files\QIP\Users\481246509\History\398472954.txt
c:\program files\QIP\Users\481246509\History\398573878.txt
c:\program files\QIP\Users\481246509\History\399218805.txt
c:\program files\QIP\Users\481246509\History\399315859.txt
c:\program files\QIP\Users\481246509\History\400130456.txt
c:\program files\QIP\Users\481246509\History\401420311.txt
c:\program files\QIP\Users\481246509\History\402182268.txt
c:\program files\QIP\Users\481246509\History\408479315.txt
c:\program files\QIP\Users\481246509\History\409457332.txt
c:\program files\QIP\Users\481246509\History\410363403.txt
c:\program files\QIP\Users\481246509\History\410461846.txt
c:\program files\QIP\Users\481246509\History\411814347.txt
c:\program files\QIP\Users\481246509\History\413938952.txt
c:\program files\QIP\Users\481246509\History\416986526.txt
c:\program files\QIP\Users\481246509\History\425472747.txt
c:\program files\QIP\Users\481246509\History\426474058.txt
c:\program files\QIP\Users\481246509\History\426631184.txt
c:\program files\QIP\Users\481246509\History\427165501.txt
c:\program files\QIP\Users\481246509\History\428468084.txt
c:\program files\QIP\Users\481246509\History\432836017.txt
c:\program files\QIP\Users\481246509\History\433186408.txt
c:\program files\QIP\Users\481246509\History\435727922.txt
c:\program files\QIP\Users\481246509\History\438811723.txt
c:\program files\QIP\Users\481246509\History\441042062.txt
c:\program files\QIP\Users\481246509\History\447186217.txt
c:\program files\QIP\Users\481246509\History\447194231.txt
c:\program files\QIP\Users\481246509\History\447641413.txt
c:\program files\QIP\Users\481246509\History\450962797.txt
c:\program files\QIP\Users\481246509\History\451472652.txt
c:\program files\QIP\Users\481246509\History\453664067.txt
c:\program files\QIP\Users\481246509\History\455138523.txt
c:\program files\QIP\Users\481246509\History\457985977.txt
c:\program files\QIP\Users\481246509\History\458243878.txt
c:\program files\QIP\Users\481246509\History\460385407.txt
c:\program files\QIP\Users\481246509\History\461332109.txt
c:\program files\QIP\Users\481246509\History\463271341.txt
c:\program files\QIP\Users\481246509\History\465552910.txt
c:\program files\QIP\Users\481246509\History\475799529.txt
c:\program files\QIP\Users\481246509\History\476129439.txt
c:\program files\QIP\Users\481246509\History\478765440.txt
c:\program files\QIP\Users\481246509\History\479691669.txt
c:\program files\QIP\Users\481246509\History\484005136.txt
c:\program files\QIP\Users\481246509\History\485643027.txt
c:\program files\QIP\Users\481246509\History\486824366.txt
c:\program files\QIP\Users\481246509\History\493961474.txt
c:\program files\QIP\Users\481246509\History\494194895.txt
c:\program files\QIP\Users\481246509\History\494312533.txt
c:\program files\QIP\Users\481246509\History\495687211.txt
c:\program files\QIP\Users\481246509\History\496498476.txt
c:\program files\QIP\Users\481246509\History\497756534.txt
c:\program files\QIP\Users\481246509\History\499224821.txt
c:\program files\QIP\Users\481246509\History\558076046.txt
c:\program files\QIP\Users\481246509\History\85777957.txt
c:\program files\QIP\Users\481246509\History\altarielka.txt
c:\program files\QIP\Users\Accounts.cfg
c:\program files\QIP\Users\Config.ini
c:\program files\QIP\Users\Default.cfg
c:\windows\system32\drivers\etc\lmhosts
c:\windows\system32\Thumbs.db
Zde je log z CF:ComboFix 10-01-18.02 - Tonny 2010-01-19 14:44:59.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2046.1463 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tonny\Plocha\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Tonny\Dokumenty\BackupRegistry(20100111).reg
c:\documents and settings\Tonny\Dokumenty\BackupRegistry(20100117).reg
c:\program files\QIP
c:\program files\QIP\LI\current.cfg
c:\program files\QIP\LI\English\_cntry.lng
c:\program files\QIP\LI\English\_intrsts.lng
c:\program files\QIP\LI\English\_langs.lng
c:\program files\QIP\LI\English\_marital.lng
c:\program files\QIP\LI\English\_occup.lng
c:\program files\QIP\LI\English\_orgs.lng
c:\program files\QIP\LI\English\_past.lng
c:\program files\QIP\LI\English\_rndchat.lng
c:\program files\QIP\LI\English\desc.txt
c:\program files\QIP\LI\English\chars_r.ini
c:\program files\QIP\LI\English\chars_t.ini
c:\program files\QIP\LI\English\lang.ini
c:\program files\QIP\LI\langs.cfg
c:\program files\QIP\LI\Russian\_cntry.lng
c:\program files\QIP\LI\Russian\_intrsts.lng
c:\program files\QIP\LI\Russian\_langs.lng
c:\program files\QIP\LI\Russian\_marital.lng
c:\program files\QIP\LI\Russian\_occup.lng
c:\program files\QIP\LI\Russian\_orgs.lng
c:\program files\QIP\LI\Russian\_past.lng
c:\program files\QIP\LI\Russian\_rndchat.lng
c:\program files\QIP\LI\Russian\desc.txt
c:\program files\QIP\LI\Russian\chars_r.ini
c:\program files\QIP\LI\Russian\chars_t.ini
c:\program files\QIP\LI\Russian\lang.ini
c:\program files\QIP\Plugins\docking.dll
c:\program files\QIP\qip.exe
c:\program files\QIP\QIP.license
c:\program files\QIP\Skins\current.cfg
c:\program files\QIP\Skins\ICQ5\addopt.bmp
c:\program files\QIP\Skins\ICQ5\allicons.bmp
c:\program files\QIP\Skins\ICQ5\clbg.bmp
c:\program files\QIP\Skins\ICQ5\clevent.bmp
c:\program files\QIP\Skins\ICQ5\clstatus.bmp
c:\program files\QIP\Skins\ICQ5\Colors.ini
c:\program files\QIP\Skins\ICQ5\desc.txt
c:\program files\QIP\Skins\ICQ5\downbutton1.bmp
c:\program files\QIP\Skins\ICQ5\fadehlp.bmp
c:\program files\QIP\Skins\ICQ5\fadehlpt.bmp
c:\program files\QIP\Skins\ICQ5\fademsg.bmp
c:\program files\QIP\Skins\ICQ5\fademsgt.bmp
c:\program files\QIP\Skins\ICQ5\fadesrv.bmp
c:\program files\QIP\Skins\ICQ5\fadesrvt.bmp
c:\program files\QIP\Skins\ICQ5\msgbg.bmp
c:\program files\QIP\Skins\ICQ5\msgbge.bmp
c:\program files\QIP\Skins\ICQ5\noimage.jpg
c:\program files\QIP\Skins\ICQ5\qipbtn.bmp
c:\program files\QIP\Skins\ICQ5\signs.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\_define.ini
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\aa.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ab.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ac.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ad.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ae.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\af.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ag.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ah.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ai.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\aj.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ak.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\al.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\am.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\an.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ao.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ap.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\aq.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ar.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\as.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\at.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\au.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\av.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\aw.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ax.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ay.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\az.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\ba.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bb.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bc.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bd.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\be.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bf.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bg.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bh.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bi.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bj.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bk.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bl.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bm.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bn.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bo.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bp.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bq.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\br.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bs.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bt.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bu.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bv.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\bw.gif
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\Copyright(eng).txt
c:\program files\QIP\Skins\ICQ5\Smilies\Animated\Copyright.txt
c:\program files\QIP\Skins\ICQ5\Smilies\Static\_define.ini
c:\program files\QIP\Skins\ICQ5\Smilies\Static\aa.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ab.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ac.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ad.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ae.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\af.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ag.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ah.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ai.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\aj.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ak.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\al.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\am.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\an.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ao.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ap.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\aq.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ar.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\as.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\at.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\au.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\av.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\aw.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ax.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ay.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\ba.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\bb.bmp
c:\program files\QIP\Skins\ICQ5\Smilies\Static\bc.bmp
c:\program files\QIP\Skins\ICQ5\splash.bmp
c:\program files\QIP\Skins\ICQ5\st_custom.bmp
c:\program files\QIP\Skins\ICQ5\statuses.bmp
c:\program files\QIP\Skins\ICQ5\title.bmp
c:\program files\QIP\Skins\ICQ5\tray.bmp
c:\program files\QIP\Skins\ICQ5\tray2k.bmp
c:\program files\QIP\Skins\ICQ5\upbutton1.bmp
c:\program files\QIP\Skins\ICQ5\upbutton2.bmp
c:\program files\QIP\Skins\ICQ5\upbutton3.bmp
c:\program files\QIP\Skins\ICQ5\userinfo.bmp
c:\program files\QIP\Skins\ICQ5\vis.bmp
c:\program files\QIP\Skins\skins.cfg
c:\program files\QIP\Sounds\sndAuth.wav
c:\program files\QIP\Sounds\sndGlobal.wav
c:\program files\QIP\Sounds\sndMsg.wav
c:\program files\QIP\Sounds\sndMsgSent.wav
c:\program files\QIP\Sounds\sndPlugin.wav
c:\program files\QIP\Sounds\sndRemSelf.wav
c:\program files\QIP\Sounds\sndSrvMsg.wav
c:\program files\QIP\Sounds\sndStartup.wav
c:\program files\QIP\Sounds\sndSystem.wav
c:\program files\QIP\unins000.dat
c:\program files\QIP\unins000.exe
c:\program files\QIP\unins001.dat
c:\program files\QIP\unins001.exe
c:\program files\QIP\Users\234697556\_birth.txt
c:\program files\QIP\Users\234697556\_botq.txt
c:\program files\QIP\Users\234697556\_events.txt
c:\program files\QIP\Users\234697556\_eye.txt
c:\program files\QIP\Users\234697556\_groups.txt
c:\program files\QIP\Users\234697556\_m_away.txt
c:\program files\QIP\Users\234697556\_m_depr.txt
c:\program files\QIP\Users\234697556\_m_dnd.txt
c:\program files\QIP\Users\234697556\_m_evil.txt
c:\program files\QIP\Users\234697556\_m_ffc.txt
c:\program files\QIP\Users\234697556\_m_home.txt
c:\program files\QIP\Users\234697556\_m_lunch.txt
c:\program files\QIP\Users\234697556\_m_na.txt
c:\program files\QIP\Users\234697556\_m_occup.txt
c:\program files\QIP\Users\234697556\_m_work.txt
c:\program files\QIP\Users\234697556\_premsg.txt
c:\program files\QIP\Users\234697556\_st_away.txt
c:\program files\QIP\Users\234697556\_st_cust.txt
c:\program files\QIP\Users\234697556\234697556.cl
c:\program files\QIP\Users\234697556\234697556.clg
c:\program files\QIP\Users\234697556\234697556.cli
c:\program files\QIP\Users\234697556\234697556.clv
c:\program files\QIP\Users\234697556\234697556.lcl
c:\program files\QIP\Users\234697556\234697556.nil
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_01.cl
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_01.clg
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_01.cli
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_01.clv
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_08.cl
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_08.clg
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_08.cli
c:\program files\QIP\Users\234697556\BackupCL\234697556_2008_08.clv
c:\program files\QIP\Users\234697556\Config.ini
c:\program files\QIP\Users\234697556\Devils\110658021.jpg
c:\program files\QIP\Users\234697556\Devils\191043187.jpg
c:\program files\QIP\Users\234697556\Devils\196032800.jpg
c:\program files\QIP\Users\234697556\Devils\200802418.jpg
c:\program files\QIP\Users\234697556\Devils\205489615.jpg
c:\program files\QIP\Users\234697556\Devils\206579199.jpg
c:\program files\QIP\Users\234697556\Devils\219326738.jpg
c:\program files\QIP\Users\234697556\Devils\252796106.jpg
c:\program files\QIP\Users\234697556\Devils\255070763.jpg
c:\program files\QIP\Users\234697556\Devils\268630382.jpg
c:\program files\QIP\Users\234697556\Devils\280617872.jpg
c:\program files\QIP\Users\234697556\Devils\316235341.jpg
c:\program files\QIP\Users\234697556\Devils\331313334.jpg
c:\program files\QIP\Users\234697556\History\_srvlog.txt
c:\program files\QIP\Users\234697556\History\194974905.txt
c:\program files\QIP\Users\234697556\History\216183197.txt
c:\program files\QIP\Users\234697556\History\293107991.txt
c:\program files\QIP\Users\234697556\History\463889608.txt
c:\program files\QIP\Users\481246509\_birth.txt
c:\program files\QIP\Users\481246509\_botq.txt
c:\program files\QIP\Users\481246509\_events.txt
c:\program files\QIP\Users\481246509\_eye.txt
c:\program files\QIP\Users\481246509\_groups.txt
c:\program files\QIP\Users\481246509\_m_away.txt
c:\program files\QIP\Users\481246509\_m_depr.txt
c:\program files\QIP\Users\481246509\_m_dnd.txt
c:\program files\QIP\Users\481246509\_m_evil.txt
c:\program files\QIP\Users\481246509\_m_ffc.txt
c:\program files\QIP\Users\481246509\_m_home.txt
c:\program files\QIP\Users\481246509\_m_lunch.txt
c:\program files\QIP\Users\481246509\_m_na.txt
c:\program files\QIP\Users\481246509\_m_occup.txt
c:\program files\QIP\Users\481246509\_m_work.txt
c:\program files\QIP\Users\481246509\_premsg.txt
c:\program files\QIP\Users\481246509\_st_away.txt
c:\program files\QIP\Users\481246509\_st_cust.txt
c:\program files\QIP\Users\481246509\481246509.cl
c:\program files\QIP\Users\481246509\481246509.clg
c:\program files\QIP\Users\481246509\481246509.cli
c:\program files\QIP\Users\481246509\481246509.clv
c:\program files\QIP\Users\481246509\481246509.lcl
c:\program files\QIP\Users\481246509\481246509.nil
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_11.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_11.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_11.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_11.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_12.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_12.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_12.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2007_12.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_01.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_01.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_01.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_01.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_02.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_02.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_02.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_02.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_03.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_03.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_03.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_03.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_04.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_04.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_04.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_04.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_05.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_05.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_05.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_05.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_06.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_06.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_06.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_06.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_07.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_07.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_07.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_07.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_08.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_08.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_08.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_08.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_09.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_09.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_09.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_09.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_10.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_10.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_10.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_10.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_11.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_11.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_11.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_11.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_12.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_12.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_12.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2008_12.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_01.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_01.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_01.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_01.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_02.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_02.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_02.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_02.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_03.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_03.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_03.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_03.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_04.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_04.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_04.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_04.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_05.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_05.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_05.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_05.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_06.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_06.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_06.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_06.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_08.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_08.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_08.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_08.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_09.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_09.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_09.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2009_09.clv
c:\program files\QIP\Users\481246509\BackupCL\481246509_2010_01.cl
c:\program files\QIP\Users\481246509\BackupCL\481246509_2010_01.clg
c:\program files\QIP\Users\481246509\BackupCL\481246509_2010_01.cli
c:\program files\QIP\Users\481246509\BackupCL\481246509_2010_01.clv
c:\program files\QIP\Users\481246509\Config.ini
c:\program files\QIP\Users\481246509\Devils\151061422.jpg
c:\program files\QIP\Users\481246509\Devils\153765861.jpg
c:\program files\QIP\Users\481246509\Devils\160703375.jpg
c:\program files\QIP\Users\481246509\Devils\165403959.jpg
c:\program files\QIP\Users\481246509\Devils\190377363.jpg
c:\program files\QIP\Users\481246509\Devils\192622134.jpg
c:\program files\QIP\Users\481246509\Devils\192732400.jpg
c:\program files\QIP\Users\481246509\Devils\193966314.jpg
c:\program files\QIP\Users\481246509\Devils\193978426.jpg
c:\program files\QIP\Users\481246509\Devils\194754008.jpg
c:\program files\QIP\Users\481246509\Devils\194998164.jpg
c:\program files\QIP\Users\481246509\Devils\195843890.jpg
c:\program files\QIP\Users\481246509\Devils\198054620.jpg
c:\program files\QIP\Users\481246509\Devils\198403802.jpg
c:\program files\QIP\Users\481246509\Devils\199023260.jpg
c:\program files\QIP\Users\481246509\Devils\199389815.jpg
c:\program files\QIP\Users\481246509\Devils\200802418.jpg
c:\program files\QIP\Users\481246509\Devils\204115857.jpg
c:\program files\QIP\Users\481246509\Devils\206040170.jpg
c:\program files\QIP\Users\481246509\Devils\206077426.jpg
c:\program files\QIP\Users\481246509\Devils\206337574.jpg
c:\program files\QIP\Users\481246509\Devils\206740674.jpg
c:\program files\QIP\Users\481246509\Devils\207448733.jpg
c:\program files\QIP\Users\481246509\Devils\210938823.jpg
c:\program files\QIP\Users\481246509\Devils\212845301.jpg
c:\program files\QIP\Users\481246509\Devils\213784642.jpg
c:\program files\QIP\Users\481246509\Devils\214598072.jpg
c:\program files\QIP\Users\481246509\Devils\215205040.jpg
c:\program files\QIP\Users\481246509\Devils\216812650.jpg
c:\program files\QIP\Users\481246509\Devils\216925142.jpg
c:\program files\QIP\Users\481246509\Devils\218389743.jpg
c:\program files\QIP\Users\481246509\Devils\219594063.jpg
c:\program files\QIP\Users\481246509\Devils\223111583.jpg
c:\program files\QIP\Users\481246509\Devils\223320186.jpg
c:\program files\QIP\Users\481246509\Devils\223381520.jpg
c:\program files\QIP\Users\481246509\Devils\228405356.jpg
c:\program files\QIP\Users\481246509\Devils\228847678.jpg
c:\program files\QIP\Users\481246509\Devils\229658930.jpg
c:\program files\QIP\Users\481246509\Devils\230215625.jpg
c:\program files\QIP\Users\481246509\Devils\230457027.jpg
c:\program files\QIP\Users\481246509\Devils\230559531.jpg
c:\program files\QIP\Users\481246509\Devils\230757887.jpg
c:\program files\QIP\Users\481246509\Devils\231319497.bmp
c:\program files\QIP\Users\481246509\Devils\232222776.jpg
c:\program files\QIP\Users\481246509\Devils\232294120.jpg
c:\program files\QIP\Users\481246509\Devils\233018385.jpg
c:\program files\QIP\Users\481246509\Devils\233750656.jpg
c:\program files\QIP\Users\481246509\Devils\235459755.jpg
c:\program files\QIP\Users\481246509\Devils\237013534.jpg
c:\program files\QIP\Users\481246509\Devils\237835409.gif
c:\program files\QIP\Users\481246509\Devils\238086126.jpg
c:\program files\QIP\Users\481246509\Devils\238200035.jpg
c:\program files\QIP\Users\481246509\Devils\240662462.jpg
c:\program files\QIP\Users\481246509\Devils\240701496.jpg
c:\program files\QIP\Users\481246509\Devils\240900789.jpg
c:\program files\QIP\Users\481246509\Devils\242833102.jpg
c:\program files\QIP\Users\481246509\Devils\243101565.jpg
c:\program files\QIP\Users\481246509\Devils\244937348.jpg
c:\program files\QIP\Users\481246509\Devils\245864000.jpg
c:\program files\QIP\Users\481246509\Devils\246069417.jpg
c:\program files\QIP\Users\481246509\Devils\246905753.jpg
c:\program files\QIP\Users\481246509\Devils\246967877.jpg
c:\program files\QIP\Users\481246509\Devils\247793406.jpg
c:\program files\QIP\Users\481246509\Devils\248623725.gif
c:\program files\QIP\Users\481246509\Devils\249145508.jpg
c:\program files\QIP\Users\481246509\Devils\249531893.jpg
c:\program files\QIP\Users\481246509\Devils\250574970.jpg
c:\program files\QIP\Users\481246509\Devils\250922129.jpg
c:\program files\QIP\Users\481246509\Devils\251004332.jpg
c:\program files\QIP\Users\481246509\Devils\251479909.jpg
c:\program files\QIP\Users\481246509\Devils\252796106.jpg
c:\program files\QIP\Users\481246509\Devils\253701917.jpg
c:\program files\QIP\Users\481246509\Devils\255067313.jpg
c:\program files\QIP\Users\481246509\Devils\256430554.jpg
c:\program files\QIP\Users\481246509\Devils\257136531.jpg
c:\program files\QIP\Users\481246509\Devils\259575511.jpg
c:\program files\QIP\Users\481246509\Devils\261469049.jpg
c:\program files\QIP\Users\481246509\Devils\261607318.jpg
c:\program files\QIP\Users\481246509\Devils\263822596.jpg
c:\program files\QIP\Users\481246509\Devils\268067955.jpg
c:\program files\QIP\Users\481246509\Devils\268586113.jpg
c:\program files\QIP\Users\481246509\Devils\269479995.jpg
c:\program files\QIP\Users\481246509\Devils\270703999.jpg
c:\program files\QIP\Users\481246509\Devils\271369645.jpg
c:\program files\QIP\Users\481246509\Devils\274739993.jpg
c:\program files\QIP\Users\481246509\Devils\275260326.jpg
c:\program files\QIP\Users\481246509\Devils\276106719.jpg
c:\program files\QIP\Users\481246509\Devils\277681025.jpg
c:\program files\QIP\Users\481246509\Devils\278081315.jpg
c:\program files\QIP\Users\481246509\Devils\286744863.jpg
c:\program files\QIP\Users\481246509\Devils\287302544.jpg
c:\program files\QIP\Users\481246509\Devils\287306704.jpg
c:\program files\QIP\Users\481246509\Devils\289003790.jpg
c:\program files\QIP\Users\481246509\Devils\290259305.jpg
c:\program files\QIP\Users\481246509\Devils\290771495.jpg
c:\program files\QIP\Users\481246509\Devils\292400465.jpg
c:\program files\QIP\Users\481246509\Devils\292845675.jpg
c:\program files\QIP\Users\481246509\Devils\293389063.gif
c:\program files\QIP\Users\481246509\Devils\294370282.jpg
c:\program files\QIP\Users\481246509\Devils\296344436.jpg
c:\program files\QIP\Users\481246509\Devils\296692336.jpg
c:\program files\QIP\Users\481246509\Devils\298550253.jpg
c:\program files\QIP\Users\481246509\Devils\299282780.jpg
c:\program files\QIP\Users\481246509\Devils\300183125.jpg
c:\program files\QIP\Users\481246509\Devils\300325658.jpg
c:\program files\QIP\Users\481246509\Devils\302291429.jpg
c:\program files\QIP\Users\481246509\Devils\302784270.jpg
c:\program files\QIP\Users\481246509\Devils\303600227.jpg
c:\program files\QIP\Users\481246509\Devils\303993258.jpg
c:\program files\QIP\Users\481246509\Devils\305094064.jpg
c:\program files\QIP\Users\481246509\Devils\307506004.jpg
c:\program files\QIP\Users\481246509\Devils\308995447.jpg
c:\program files\QIP\Users\481246509\Devils\310312734.jpg
c:\program files\QIP\Users\481246509\Devils\314462267.jpg
c:\program files\QIP\Users\481246509\Devils\315843623.jpg
c:\program files\QIP\Users\481246509\Devils\315903135.jpg
c:\program files\QIP\Users\481246509\Devils\315997718.jpg
c:\program files\QIP\Users\481246509\Devils\316499604.jpg
c:\program files\QIP\Users\481246509\Devils\317713165.jpg
c:\program files\QIP\Users\481246509\Devils\317988030.jpg
c:\program files\QIP\Users\481246509\Devils\320242757.jpg
c:\program files\QIP\Users\481246509\Devils\322665435.jpg
c:\program files\QIP\Users\481246509\Devils\323310458.jpg
c:\program files\QIP\Users\481246509\Devils\325018482.jpg
c:\program files\QIP\Users\481246509\Devils\325409168.jpg
c:\program files\QIP\Users\481246509\Devils\326195048.jpg
c:\program files\QIP\Users\481246509\Devils\326495554.jpg
c:\program files\QIP\Users\481246509\Devils\327768439.jpg
c:\program files\QIP\Users\481246509\Devils\328146958.jpg
c:\program files\QIP\Users\481246509\Devils\328542269.jpg
c:\program files\QIP\Users\481246509\Devils\330833578.jpg
c:\program files\QIP\Users\481246509\Devils\331048556.jpg
c:\program files\QIP\Users\481246509\Devils\331313334.jpg
c:\program files\QIP\Users\481246509\Devils\331397609.jpg
c:\program files\QIP\Users\481246509\Devils\331674796.jpg
c:\program files\QIP\Users\481246509\Devils\331985790.jpg
c:\program files\QIP\Users\481246509\Devils\332135355.jpg
c:\program files\QIP\Users\481246509\Devils\334392303.jpg
c:\program files\QIP\Users\481246509\Devils\336472541.jpg
c:\program files\QIP\Users\481246509\Devils\336599729.jpg
c:\program files\QIP\Users\481246509\Devils\338071625.jpg
c:\program files\QIP\Users\481246509\Devils\339202722.jpg
c:\program files\QIP\Users\481246509\Devils\340939710.jpg
c:\program files\QIP\Users\481246509\Devils\345043870.jpg
c:\program files\QIP\Users\481246509\Devils\347092532.jpg
c:\program files\QIP\Users\481246509\Devils\347761618.jpg
c:\program files\QIP\Users\481246509\Devils\348769000.jpg
c:\program files\QIP\Users\481246509\Devils\351259842.jpg
c:\program files\QIP\Users\481246509\Devils\354853527.jpg
c:\program files\QIP\Users\481246509\Devils\354980973.jpg
c:\program files\QIP\Users\481246509\Devils\355144953.jpg
c:\program files\QIP\Users\481246509\Devils\356203029.jpg
c:\program files\QIP\Users\481246509\Devils\357444242.jpg
c:\program files\QIP\Users\481246509\Devils\362562166.jpg
c:\program files\QIP\Users\481246509\Devils\369720608.gif
c:\program files\QIP\Users\481246509\Devils\387794975.jpg
c:\program files\QIP\Users\481246509\Devils\388273887.jpg
c:\program files\QIP\Users\481246509\Devils\394585511.jpg
c:\program files\QIP\Users\481246509\Devils\395271576.jpg
c:\program files\QIP\Users\481246509\Devils\396661573.jpg
c:\program files\QIP\Users\481246509\Devils\398472954.jpg
c:\program files\QIP\Users\481246509\Devils\398573878.jpg
c:\program files\QIP\Users\481246509\Devils\410363403.jpg
c:\program files\QIP\Users\481246509\Devils\426631184.jpg
c:\program files\QIP\Users\481246509\Devils\428468084.jpg
c:\program files\QIP\Users\481246509\Devils\447641413.jpg
c:\program files\QIP\Users\481246509\Devils\453664067.jpg
c:\program files\QIP\Users\481246509\Devils\458243878.jpg
c:\program files\QIP\Users\481246509\Devils\463271341.jpg
c:\program files\QIP\Users\481246509\Devils\475799529.jpg
c:\program files\QIP\Users\481246509\Devils\476129439.jpg
c:\program files\QIP\Users\481246509\Devils\478765440.jpg
c:\program files\QIP\Users\481246509\Devils\481246509.jpg
c:\program files\QIP\Users\481246509\Devils\493961474.jpg
c:\program files\QIP\Users\481246509\Devils\85777957.jpg
c:\program files\QIP\Users\481246509\History\_srvlog.txt
c:\program files\QIP\Users\481246509\History\1.txt
c:\program files\QIP\Users\481246509\History\100817325.txt
c:\program files\QIP\Users\481246509\History\141890393.txt
c:\program files\QIP\Users\481246509\History\151061422.txt
c:\program files\QIP\Users\481246509\History\153765861.txt
c:\program files\QIP\Users\481246509\History\155372451.txt
c:\program files\QIP\Users\481246509\History\160703375.txt
c:\program files\QIP\Users\481246509\History\165403959.txt
c:\program files\QIP\Users\481246509\History\190377363.txt
c:\program files\QIP\Users\481246509\History\192622134.txt
c:\program files\QIP\Users\481246509\History\192732400.txt
c:\program files\QIP\Users\481246509\History\193257592.txt
c:\program files\QIP\Users\481246509\History\193966314.txt
c:\program files\QIP\Users\481246509\History\193978426.txt
c:\program files\QIP\Users\481246509\History\194754008.txt
c:\program files\QIP\Users\481246509\History\194974905.txt
c:\program files\QIP\Users\481246509\History\194998164.txt
c:\program files\QIP\Users\481246509\History\195843890.txt
c:\program files\QIP\Users\481246509\History\196120586.txt
c:\program files\QIP\Users\481246509\History\198054620.txt
c:\program files\QIP\Users\481246509\History\198403802.txt
c:\program files\QIP\Users\481246509\History\198410536.txt
c:\program files\QIP\Users\481246509\History\199023260.txt
c:\program files\QIP\Users\481246509\History\199234132.txt
c:\program files\QIP\Users\481246509\History\199389815.txt
c:\program files\QIP\Users\481246509\History\200802418.txt
c:\program files\QIP\Users\481246509\History\204115857.txt
c:\program files\QIP\Users\481246509\History\205282605.txt
c:\program files\QIP\Users\481246509\History\206040170.txt
c:\program files\QIP\Users\481246509\History\206077426.txt
c:\program files\QIP\Users\481246509\History\206337574.txt
c:\program files\QIP\Users\481246509\History\206570561.txt
c:\program files\QIP\Users\481246509\History\206740674.txt
c:\program files\QIP\Users\481246509\History\207448733.txt
c:\program files\QIP\Users\481246509\History\210938823.txt
c:\program files\QIP\Users\481246509\History\212845301.txt
c:\program files\QIP\Users\481246509\History\213784642.txt
c:\program files\QIP\Users\481246509\History\214598072.txt
c:\program files\QIP\Users\481246509\History\215205040.txt
c:\program files\QIP\Users\481246509\History\216812650.txt
c:\program files\QIP\Users\481246509\History\216925142.txt
c:\program files\QIP\Users\481246509\History\218389743.txt
c:\program files\QIP\Users\481246509\History\219594063.txt
c:\program files\QIP\Users\481246509\History\221746953.txt
c:\program files\QIP\Users\481246509\History\222116626.txt
c:\program files\QIP\Users\481246509\History\223111583.txt
c:\program files\QIP\Users\481246509\History\223320186.txt
c:\program files\QIP\Users\481246509\History\223381520.txt
c:\program files\QIP\Users\481246509\History\225771440.txt
c:\program files\QIP\Users\481246509\History\228352065.txt
c:\program files\QIP\Users\481246509\History\228405356.txt
c:\program files\QIP\Users\481246509\History\228847678.txt
c:\program files\QIP\Users\481246509\History\229658930.txt
c:\program files\QIP\Users\481246509\History\230215625.txt
c:\program files\QIP\Users\481246509\History\230457027.txt
c:\program files\QIP\Users\481246509\History\230559531.txt
c:\program files\QIP\Users\481246509\History\230757887.txt
c:\program files\QIP\Users\481246509\History\231319497.txt
c:\program files\QIP\Users\481246509\History\232222776.txt
c:\program files\QIP\Users\481246509\History\232294120.txt
c:\program files\QIP\Users\481246509\History\232554056.txt
c:\program files\QIP\Users\481246509\History\233018385.txt
c:\program files\QIP\Users\481246509\History\233750656.txt
c:\program files\QIP\Users\481246509\History\234522975.txt
c:\program files\QIP\Users\481246509\History\234697556.txt
c:\program files\QIP\Users\481246509\History\235459755.txt
c:\program files\QIP\Users\481246509\History\237013534.txt
c:\program files\QIP\Users\481246509\History\237835409.txt
c:\program files\QIP\Users\481246509\History\238086126.txt
c:\program files\QIP\Users\481246509\History\238200035.txt
c:\program files\QIP\Users\481246509\History\240662462.txt
c:\program files\QIP\Users\481246509\History\240701496.txt
c:\program files\QIP\Users\481246509\History\240900789.txt
c:\program files\QIP\Users\481246509\History\242833102.txt
c:\program files\QIP\Users\481246509\History\243101565.txt
c:\program files\QIP\Users\481246509\History\244736435.txt
c:\program files\QIP\Users\481246509\History\244937348.txt
c:\program files\QIP\Users\481246509\History\245864000.txt
c:\program files\QIP\Users\481246509\History\246069417.txt
c:\program files\QIP\Users\481246509\History\246905753.txt
c:\program files\QIP\Users\481246509\History\246967877.txt
c:\program files\QIP\Users\481246509\History\247793406.txt
c:\program files\QIP\Users\481246509\History\248623725.txt
c:\program files\QIP\Users\481246509\History\249531893.txt
c:\program files\QIP\Users\481246509\History\250574970.txt
c:\program files\QIP\Users\481246509\History\250586611.txt
c:\program files\QIP\Users\481246509\History\250922129.txt
c:\program files\QIP\Users\481246509\History\251004332.txt
c:\program files\QIP\Users\481246509\History\251437418.txt
c:\program files\QIP\Users\481246509\History\251479909.txt
c:\program files\QIP\Users\481246509\History\252121115.txt
c:\program files\QIP\Users\481246509\History\252796106.txt
c:\program files\QIP\Users\481246509\History\253701917.txt
c:\program files\QIP\Users\481246509\History\253806720.txt
c:\program files\QIP\Users\481246509\History\255067313.txt
c:\program files\QIP\Users\481246509\History\256430554.txt
c:\program files\QIP\Users\481246509\History\257136531.txt
c:\program files\QIP\Users\481246509\History\257923085.txt
c:\program files\QIP\Users\481246509\History\259575511.txt
c:\program files\QIP\Users\481246509\History\260869987.txt
c:\program files\QIP\Users\481246509\History\261469049.txt
c:\program files\QIP\Users\481246509\History\261607318.txt
c:\program files\QIP\Users\481246509\History\263822596.txt
c:\program files\QIP\Users\481246509\History\267770036.txt
c:\program files\QIP\Users\481246509\History\268067955.txt
c:\program files\QIP\Users\481246509\History\268586113.txt
c:\program files\QIP\Users\481246509\History\269479995.txt
c:\program files\QIP\Users\481246509\History\270703999.txt
c:\program files\QIP\Users\481246509\History\271369645.txt
c:\program files\QIP\Users\481246509\History\273092624.txt
c:\program files\QIP\Users\481246509\History\274739993.txt
c:\program files\QIP\Users\481246509\History\275260326.txt
c:\program files\QIP\Users\481246509\History\276036518.txt
c:\program files\QIP\Users\481246509\History\276106719.txt
c:\program files\QIP\Users\481246509\History\277374629.txt
c:\program files\QIP\Users\481246509\History\277681025.txt
c:\program files\QIP\Users\481246509\History\278081315.txt
c:\program files\QIP\Users\481246509\History\278918008.txt
c:\program files\QIP\Users\481246509\History\286744863.txt
c:\program files\QIP\Users\481246509\History\287302544.txt
c:\program files\QIP\Users\481246509\History\287306704.txt
c:\program files\QIP\Users\481246509\History\288600199.txt
c:\program files\QIP\Users\481246509\History\289003790.txt
c:\program files\QIP\Users\481246509\History\290245894.txt
c:\program files\QIP\Users\481246509\History\290259305.txt
c:\program files\QIP\Users\481246509\History\290771495.txt
c:\program files\QIP\Users\481246509\History\292400465.txt
c:\program files\QIP\Users\481246509\History\292845675.txt
c:\program files\QIP\Users\481246509\History\293389063.txt
c:\program files\QIP\Users\481246509\History\294119232.txt
c:\program files\QIP\Users\481246509\History\294370282.txt
c:\program files\QIP\Users\481246509\History\296344436.txt
c:\program files\QIP\Users\481246509\History\296692336.txt
c:\program files\QIP\Users\481246509\History\298550253.txt
c:\program files\QIP\Users\481246509\History\299282780.txt
c:\program files\QIP\Users\481246509\History\300183125.txt
c:\program files\QIP\Users\481246509\History\300325658.txt
c:\program files\QIP\Users\481246509\History\301012169.txt
c:\program files\QIP\Users\481246509\History\302291429.txt
c:\program files\QIP\Users\481246509\History\302784270.txt
c:\program files\QIP\Users\481246509\History\303000102.txt
c:\program files\QIP\Users\481246509\History\303600227.txt
c:\program files\QIP\Users\481246509\History\303993258.txt
c:\program files\QIP\Users\481246509\History\305094064.txt
c:\program files\QIP\Users\481246509\History\307506004.txt
c:\program files\QIP\Users\481246509\History\307554778.txt
c:\program files\QIP\Users\481246509\History\308428806.txt
c:\program files\QIP\Users\481246509\History\308973757.txt
c:\program files\QIP\Users\481246509\History\308995447.txt
c:\program files\QIP\Users\481246509\History\310312734.txt
c:\program files\QIP\Users\481246509\History\311762574.txt
c:\program files\QIP\Users\481246509\History\312473585.txt
c:\program files\QIP\Users\481246509\History\313227758.txt
c:\program files\QIP\Users\481246509\History\313315769.txt
c:\program files\QIP\Users\481246509\History\314462267.txt
c:\program files\QIP\Users\481246509\History\315776853.txt
c:\program files\QIP\Users\481246509\History\315843623.txt
c:\program files\QIP\Users\481246509\History\315903135.txt
c:\program files\QIP\Users\481246509\History\315997718.txt
c:\program files\QIP\Users\481246509\History\316499604.txt
c:\program files\QIP\Users\481246509\History\317713165.txt
c:\program files\QIP\Users\481246509\History\317756292.txt
c:\program files\QIP\Users\481246509\History\317988030.txt
c:\program files\QIP\Users\481246509\History\318437153.txt
c:\program files\QIP\Users\481246509\History\319844504.txt
c:\program files\QIP\Users\481246509\History\320242757.txt
c:\program files\QIP\Users\481246509\History\321554506.txt
c:\program files\QIP\Users\481246509\History\322665435.txt
c:\program files\QIP\Users\481246509\History\323310458.txt
c:\program files\QIP\Users\481246509\History\323387296.txt
c:\program files\QIP\Users\481246509\History\324141823.txt
c:\program files\QIP\Users\481246509\History\325018482.txt
c:\program files\QIP\Users\481246509\History\325409168.txt
c:\program files\QIP\Users\481246509\History\326195048.txt
c:\program files\QIP\Users\481246509\History\326495554.txt
c:\program files\QIP\Users\481246509\History\327768439.txt
c:\program files\QIP\Users\481246509\History\328146958.txt
c:\program files\QIP\Users\481246509\History\328542269.txt
c:\program files\QIP\Users\481246509\History\330833578.txt
c:\program files\QIP\Users\481246509\History\331048556.txt
c:\program files\QIP\Users\481246509\History\331313334.txt
c:\program files\QIP\Users\481246509\History\331397609.txt
c:\program files\QIP\Users\481246509\History\331674796.txt
c:\program files\QIP\Users\481246509\History\331985790.txt
c:\program files\QIP\Users\481246509\History\332135355.txt
c:\program files\QIP\Users\481246509\History\334392303.txt
c:\program files\QIP\Users\481246509\History\334510984.txt
c:\program files\QIP\Users\481246509\History\336472541.txt
c:\program files\QIP\Users\481246509\History\336599729.txt
c:\program files\QIP\Users\481246509\History\337116994.txt
c:\program files\QIP\Users\481246509\History\338071625.txt
c:\program files\QIP\Users\481246509\History\339202722.txt
c:\program files\QIP\Users\481246509\History\339894679.txt
c:\program files\QIP\Users\481246509\History\340939710.txt
c:\program files\QIP\Users\481246509\History\340972480.txt
c:\program files\QIP\Users\481246509\History\341411050.txt
c:\program files\QIP\Users\481246509\History\344131187.txt
c:\program files\QIP\Users\481246509\History\345043870.txt
c:\program files\QIP\Users\481246509\History\347092532.txt
c:\program files\QIP\Users\481246509\History\347516315.txt
c:\program files\QIP\Users\481246509\History\347761618.txt
c:\program files\QIP\Users\481246509\History\348326280.txt
c:\program files\QIP\Users\481246509\History\348508662.txt
c:\program files\QIP\Users\481246509\History\348769000.txt
c:\program files\QIP\Users\481246509\History\349080109.txt
c:\program files\QIP\Users\481246509\History\350331288.txt
c:\program files\QIP\Users\481246509\History\351259842.txt
c:\program files\QIP\Users\481246509\History\354853527.txt
c:\program files\QIP\Users\481246509\History\354980973.txt
c:\program files\QIP\Users\481246509\History\355144953.txt
c:\program files\QIP\Users\481246509\History\356203029.txt
c:\program files\QIP\Users\481246509\History\357444242.txt
c:\program files\QIP\Users\481246509\History\358081094.txt
c:\program files\QIP\Users\481246509\History\360011340.txt
c:\program files\QIP\Users\481246509\History\360598034.txt
c:\program files\QIP\Users\481246509\History\361201962.txt
c:\program files\QIP\Users\481246509\History\362562166.txt
c:\program files\QIP\Users\481246509\History\364539287.txt
c:\program files\QIP\Users\481246509\History\369720608.txt
c:\program files\QIP\Users\481246509\History\370765208.txt
c:\program files\QIP\Users\481246509\History\370953600.txt
c:\program files\QIP\Users\481246509\History\372321957.txt
c:\program files\QIP\Users\481246509\History\376130534.txt
c:\program files\QIP\Users\481246509\History\378329928.txt
c:\program files\QIP\Users\481246509\History\381143130.txt
c:\program files\QIP\Users\481246509\History\381355692.txt
c:\program files\QIP\Users\481246509\History\382026223.txt
c:\program files\QIP\Users\481246509\History\382232911.txt
c:\program files\QIP\Users\481246509\History\383593049.txt
c:\program files\QIP\Users\481246509\History\387794975.txt
c:\program files\QIP\Users\481246509\History\388273887.txt
c:\program files\QIP\Users\481246509\History\393928146.txt
c:\program files\QIP\Users\481246509\History\394585511.txt
c:\program files\QIP\Users\481246509\History\395271576.txt
c:\program files\QIP\Users\481246509\History\395626417.txt
c:\program files\QIP\Users\481246509\History\396661573.txt
c:\program files\QIP\Users\481246509\History\398472954.txt
c:\program files\QIP\Users\481246509\History\398573878.txt
c:\program files\QIP\Users\481246509\History\399218805.txt
c:\program files\QIP\Users\481246509\History\399315859.txt
c:\program files\QIP\Users\481246509\History\400130456.txt
c:\program files\QIP\Users\481246509\History\401420311.txt
c:\program files\QIP\Users\481246509\History\402182268.txt
c:\program files\QIP\Users\481246509\History\408479315.txt
c:\program files\QIP\Users\481246509\History\409457332.txt
c:\program files\QIP\Users\481246509\History\410363403.txt
c:\program files\QIP\Users\481246509\History\410461846.txt
c:\program files\QIP\Users\481246509\History\411814347.txt
c:\program files\QIP\Users\481246509\History\413938952.txt
c:\program files\QIP\Users\481246509\History\416986526.txt
c:\program files\QIP\Users\481246509\History\425472747.txt
c:\program files\QIP\Users\481246509\History\426474058.txt
c:\program files\QIP\Users\481246509\History\426631184.txt
c:\program files\QIP\Users\481246509\History\427165501.txt
c:\program files\QIP\Users\481246509\History\428468084.txt
c:\program files\QIP\Users\481246509\History\432836017.txt
c:\program files\QIP\Users\481246509\History\433186408.txt
c:\program files\QIP\Users\481246509\History\435727922.txt
c:\program files\QIP\Users\481246509\History\438811723.txt
c:\program files\QIP\Users\481246509\History\441042062.txt
c:\program files\QIP\Users\481246509\History\447186217.txt
c:\program files\QIP\Users\481246509\History\447194231.txt
c:\program files\QIP\Users\481246509\History\447641413.txt
c:\program files\QIP\Users\481246509\History\450962797.txt
c:\program files\QIP\Users\481246509\History\451472652.txt
c:\program files\QIP\Users\481246509\History\453664067.txt
c:\program files\QIP\Users\481246509\History\455138523.txt
c:\program files\QIP\Users\481246509\History\457985977.txt
c:\program files\QIP\Users\481246509\History\458243878.txt
c:\program files\QIP\Users\481246509\History\460385407.txt
c:\program files\QIP\Users\481246509\History\461332109.txt
c:\program files\QIP\Users\481246509\History\463271341.txt
c:\program files\QIP\Users\481246509\History\465552910.txt
c:\program files\QIP\Users\481246509\History\475799529.txt
c:\program files\QIP\Users\481246509\History\476129439.txt
c:\program files\QIP\Users\481246509\History\478765440.txt
c:\program files\QIP\Users\481246509\History\479691669.txt
c:\program files\QIP\Users\481246509\History\484005136.txt
c:\program files\QIP\Users\481246509\History\485643027.txt
c:\program files\QIP\Users\481246509\History\486824366.txt
c:\program files\QIP\Users\481246509\History\493961474.txt
c:\program files\QIP\Users\481246509\History\494194895.txt
c:\program files\QIP\Users\481246509\History\494312533.txt
c:\program files\QIP\Users\481246509\History\495687211.txt
c:\program files\QIP\Users\481246509\History\496498476.txt
c:\program files\QIP\Users\481246509\History\497756534.txt
c:\program files\QIP\Users\481246509\History\499224821.txt
c:\program files\QIP\Users\481246509\History\558076046.txt
c:\program files\QIP\Users\481246509\History\85777957.txt
c:\program files\QIP\Users\481246509\History\altarielka.txt
c:\program files\QIP\Users\Accounts.cfg
c:\program files\QIP\Users\Config.ini
c:\program files\QIP\Users\Default.cfg
c:\windows\system32\drivers\etc\lmhosts
c:\windows\system32\Thumbs.db
Re: Pomalý internet
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-19 do 2010-01-19 )))))))))))))))))))))))))))))))
.
2010-01-18 21:44 . 2010-01-18 21:44 390144 ----a-w- c:\windows\system32\CF10688.exe
2010-01-18 20:52 . 2010-01-18 20:52 390144 ----a-w- c:\windows\system32\CF558.exe
2010-01-12 05:11 . 2010-01-12 05:11 -------- d-----w- C:\1878d1784e0887690c
2010-01-11 18:11 . 2010-01-11 18:11 -------- d-----w- C:\MSDERelA
2010-01-11 17:30 . 2010-01-11 17:30 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-01-11 17:09 . 2008-04-14 07:00 80896 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2010-01-11 17:09 . 2008-04-14 07:51 81920 ------w- c:\windows\system32\ieencode.dll
2010-01-11 16:55 . 2010-01-11 16:55 -------- d-----w- C:\15dc9c805169d9204b4931052942
2010-01-10 20:46 . 2010-01-10 20:44 390144 ----a-w- c:\windows\system32\CF2785.exe
2010-01-10 12:53 . 2010-01-10 12:53 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-10 12:47 . 2010-01-10 12:47 -------- d-sh--w- c:\documents and settings\Tonny\PrivacIE
2010-01-10 12:46 . 2010-01-10 12:46 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-01-10 12:45 . 2010-01-10 12:45 -------- d-sh--w- c:\documents and settings\Tonny\IETldCache
2010-01-10 12:42 . 2010-01-10 12:56 -------- d-----w- c:\windows\ie8updates
2010-01-10 12:38 . 2010-01-10 12:40 -------- dc-h--w- c:\windows\ie8
2010-01-10 12:34 . 2009-10-29 07:43 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-10 12:34 . 2009-10-29 07:43 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-01-10 12:34 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-01-09 10:57 . 2010-01-09 10:57 -------- d-----w- c:\program files\Crawler
2010-01-09 10:57 . 2010-01-09 10:57 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-01-09 10:57 . 2010-01-09 16:11 -------- d-----w- c:\program files\Spyware Terminator
2010-01-08 16:03 . 2010-01-18 19:08 -------- d-----w- c:\program files\trend micro
2010-01-08 16:03 . 2010-01-08 16:03 -------- d-----w- C:\rsit
2010-01-08 08:26 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-08 08:26 . 2010-01-08 08:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-08 08:26 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-08 07:19 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-05 13:58 . 2010-01-05 13:58 -------- d-----w- c:\program files\Common Files\LightScribe
2010-01-05 13:52 . 2010-01-08 07:00 54 ----a-w- c:\windows\system32\rp_stats.dat
2010-01-05 13:52 . 2010-01-08 07:00 39 ----a-w- c:\windows\system32\rp_rules.dat
2010-01-05 13:44 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-01-05 13:44 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-01-05 13:43 . 2010-01-05 13:43 -------- d-----w- c:\windows\Logs
2010-01-05 13:43 . 2010-01-05 13:43 -------- d-----w- c:\program files\Winamp Detect
2010-01-03 12:25 . 2010-01-03 19:16 -------- d-----w- c:\program files\Herbert
2009-12-30 19:16 . 2009-12-30 19:16 -------- d-----w- c:\documents and settings\LocalService\Plocha
2009-12-30 17:57 . 2010-01-04 14:44 -------- d-----w- c:\program files\Musicmatch
2009-12-30 17:55 . 2010-01-03 14:30 -------- d-----w- c:\windows\system32\Philips GoGear HDD
2009-12-30 17:55 . 2010-01-04 14:41 -------- d-----w- c:\program files\Philips
2009-12-27 19:48 . 2010-01-08 07:35 -------- d-----w- c:\program files\Lavasoft
2009-12-27 19:44 . 2009-12-29 16:27 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-27 19:44 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-12-27 19:44 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-12-27 19:44 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-12-27 19:43 . 2009-12-27 19:43 -------- d-----w- c:\program files\Avira
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-19 14:14 . 2003-04-16 12:00 780596 ----a-w- c:\windows\system32\perfh005.dat
2010-01-19 14:14 . 2003-04-16 12:00 213984 ----a-w- c:\windows\system32\perfc005.dat
2010-01-19 14:09 . 2010-01-09 08:41 7584005 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-01-18 20:07 . 2007-06-19 17:23 -------- d-----w- c:\program files\Vstplugins
2010-01-13 18:18 . 2010-01-13 18:22 90112 ----a-w- c:\windows\Internet Logs\xDB5.tmp
2010-01-13 18:18 . 2010-01-13 18:22 1661952 ----a-w- c:\windows\Internet Logs\xDB6.tmp
2010-01-13 13:16 . 2007-01-12 14:44 -------- d-----w- c:\program files\Sony Setup
2010-01-12 00:15 . 2010-01-12 05:15 192512 ----a-w- c:\windows\Internet Logs\xDB3.tmp
2010-01-12 00:15 . 2010-01-12 05:15 1657856 ----a-w- c:\windows\Internet Logs\xDB4.tmp
2010-01-11 18:37 . 2007-04-02 17:50 -------- d-----w- c:\program files\Microsoft SQL Server
2010-01-09 21:40 . 2010-01-10 11:22 172032 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2010-01-09 21:40 . 2010-01-10 11:22 1636864 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2010-01-08 22:20 . 2010-01-08 22:20 -------- d-----w- c:\program files\CheckPoint
2010-01-08 22:20 . 2007-01-14 22:18 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-01-08 22:20 . 2010-01-08 22:20 -------- d-----w- c:\program files\Zone Labs
2010-01-08 21:07 . 2007-01-10 12:25 -------- d-----w- c:\program files\CCleaner
2010-01-08 14:49 . 2009-10-27 18:41 -------- d-----w- c:\program files\Diablo II
2010-01-05 16:14 . 2007-04-14 17:33 -------- d-----w- c:\program files\Winamp
2010-01-05 14:36 . 2008-09-17 16:21 -------- d-----w- c:\program files\Common Files\Nero
2010-01-05 14:19 . 2007-01-14 12:17 -------- d-----w- c:\program files\Nero
2010-01-04 14:50 . 2008-08-30 10:16 -------- d-----w- c:\program files\Easy CD-DA Extractor 11
2010-01-04 14:50 . 2007-11-07 17:41 -------- d-----w- c:\program files\DesetiPrsty
2010-01-04 14:49 . 2007-04-02 19:35 -------- d-----w- c:\program files\Azureus
2010-01-04 14:47 . 2007-12-16 18:19 -------- d-----w- c:\program files\IK Multimedia
2010-01-04 14:47 . 2007-01-09 00:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-27 19:41 . 2008-06-03 18:57 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-27 19:39 . 2008-06-06 16:10 -------- d-----w- c:\program files\ESET
2009-12-25 20:29 . 2007-04-02 17:25 90112 ----a-w- c:\windows\DUMP6ec7.tmp
2009-12-17 00:14 . 2009-12-17 00:13 -------- d-----w- c:\program files\iTunes
2009-12-17 00:13 . 2009-12-17 00:13 -------- d-----w- c:\program files\iPod
2009-12-17 00:13 . 2009-12-17 00:13 -------- d-----w- c:\program files\Bonjour
2009-12-17 00:12 . 2009-12-17 00:12 -------- d-----w- c:\program files\QuickTime
2009-12-17 00:12 . 2009-12-17 00:10 -------- d-----w- c:\program files\Common Files\Apple
2009-12-17 00:11 . 2009-12-17 00:11 -------- d-----w- c:\program files\Apple Software Update
2009-12-16 23:54 . 2009-11-19 15:26 -------- d-----w- c:\program files\Hero Editor
2009-12-15 23:03 . 2007-05-21 17:41 -------- d-----w- c:\program files\Last.fm
2009-12-14 16:13 . 2009-11-19 15:26 249856 ------w- c:\windows\Setup1.exe
2009-12-14 16:13 . 2007-12-16 20:25 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-11-28 12:25 . 2009-11-28 12:24 -------- d-----w- c:\program files\FileZilla FTP Client
2009-11-25 22:12 . 2009-11-25 22:12 -------- d-----w- c:\program files\MSXML 4.0
2009-11-22 14:42 . 2010-01-08 22:20 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2009-11-22 14:42 . 2010-01-08 22:20 69000 ----a-w- c:\windows\system32\zlcomm.dll
2009-11-22 14:42 . 2010-01-08 22:20 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2009-11-21 16:03 . 2003-04-16 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 07:43 . 2003-04-16 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-10-27 18:57 . 2009-10-27 18:47 35832 ----a-w- c:\windows\DIIUnin.dat
2009-10-27 18:56 . 2009-10-27 18:49 21840 ----atw- c:\windows\system32\SIntfNT.dll
2009-10-27 18:56 . 2009-10-27 18:49 17212 ----atw- c:\windows\system32\SIntf32.dll
2009-10-27 18:47 . 2009-10-27 18:47 94208 ----a-w- c:\windows\DIIUnin.exe
2009-10-27 18:47 . 2009-10-27 18:47 2829 ----a-w- c:\windows\DIIUnin.pif
2008-09-06 10:01 . 2008-09-06 10:01 126 ----a-w- c:\program files\arlsohfq.txt
2007-03-09 08:26 . 2007-03-09 08:27 4100096 ----a-w- c:\program files\npsibelius.dll
2008-06-30 10:16 . 2007-08-21 11:32 72 --sh--w- c:\windows\S8E6CA8FD.tmp
2007-03-09 07:12 . 2007-03-09 07:12 27648 --sha-w- c:\windows\system32\AVSredirect.dll
.
------- Sigcheck -------
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[7] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[7] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . DBDE980506B54AE928D151D12419B425 . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-07-26 . 46C3197AAC32EBA82453ACDD84114DC2 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . 5DE239E9CC9DB7430233EA7BE10EAD32 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . 676E6C3C8F3B4F8B64BE33FD20ADFCE2 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2004-08-17 . C72C15EE57E248C66E57C76CAB086CF2 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[7] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-17 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[7] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 2B33979FDE5D1B9293ADB025F323B0D9 . 984576 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . C23A84D7AB99678B2F1A52080280E4ED . 983040 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2006-07-05 . A0B58CBB3ADCD79F1414A8E62D2F719F . 983552 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . 72FB9AA607A21FD2485286C478FB9B01 . 982528 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll
[-] 2004-08-17 . 98DA079F61265BC26D4587E280B79F30 . 982016 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2004-08-17 14:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-08-17 14:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-09 3037696]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2009-10-14 730480]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-01-09 2166784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acrobat Assistant.lnk]
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Last.fm Helper.lnk]
backup=c:\windows\pss\Last.fm Helper.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Tonny^Nabídka Start^Programy^Po spuštění^Last.fm Helper.lnk]
backup=c:\windows\pss\Last.fm Helper.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Tonny^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
2007-09-02 14:43 1465280 ----a-w- c:\program files\SlySoft\AnyDVD\AnyDVD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2006-09-28 19:21 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE]
2007-01-14 14:07 958464 ----a-w- c:\program files\Labtec\Mouse\V3.0\moffice.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2008-05-20 15:27 2474031 ----a-w- c:\program files\Free Download Manager\fdm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
2005-05-11 01:46 200069 ----a-w- c:\program files\Syncrosoft\POS\H2O\cledx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWRTOOLBOX]
2005-10-26 00:29 344064 ----a-w- c:\program files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMONTRAY]
2003-11-03 14:44 32768 ------w- c:\program files\Intel\Intel(R) Active Monitor\imontray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-09-10 16:40 289576 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXSUPMON]
2002-01-28 12:48 885760 ----a-w- c:\windows\system32\LXSUPMON.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
2003-07-07 08:29 729088 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
2003-05-08 10:00 49152 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2004-03-10 22:26 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-09-06 14:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2003-05-30 08:42 585728 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2003-05-29 15:28 790528 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2008-09-16 11:16 1833296 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-08-15 15:37 1830128 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector]
2005-07-28 06:32 94208 ------w- c:\program files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-05-26 22:31 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AnyDVD"=c:\program files\SlySoft\AnyDVD\AnyDVD.exe
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Nero\Lib\NeroCheck.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\QIP Infium PafoPack\\inf.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-02-17 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-02-17 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-01-09 142592]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-12-27 108289]
R2 ASIXIo;ASIXIo;c:\windows\system32\drivers\asixio.sys [2007-04-16 3078]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2009-10-14 25208]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [2009-10-14 476528]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2007-12-16 33792]
R3 US122;US122 Driver;c:\windows\system32\drivers\US122.sys [2004-07-30 217472]
R3 Us122WdmService;US122 Wdm Audio;c:\windows\system32\drivers\US122Wdm.sys [2004-07-30 86648]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-02-17 7408]
S3 US122DL;US122 Firmware Downloader;c:\windows\system32\drivers\US122DL.sys [2004-07-30 17277]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-01-19 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Tonny\Data aplikací\Mozilla\Firefox\Profiles\q738j6ed.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: network.proxy.ftp - 192.168.10.8
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 192.168.10.8
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - 192.168.10.8
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 192.168.10.8
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 192.168.10.8
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 4
FF - component: c:\_net\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xwsg.dll
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\program files\CheckPoint\ZAForceField\TrustChecker\components\TrustCheckerMozillaPlugin.dll
FF - plugin: c:\_net\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\_video\Adobe\AcroRead 7\Reader\browser\nppdf32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\_net\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-QIP 2005 - c:\program files\QIP\unins001.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-19 15:10
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3E028637-126E-E622-091A-2A08ABDF253C}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iaaihplbjpniacjmod"=hex:6a,61,6d,69,63,6c,6d,6e,6b,70,63,6a,6f,67,6c,68,68,6c,
6c,68,00,01
"haognnpbpjdgaaoi"=hex:6a,61,6d,69,63,6c,6d,6e,6a,70,68,68,65,70,69,69,6a,68,
69,67,00,01
"hamghnjmbjemdeel"=hex:68,61,63,66,6f,69,67,65,64,6c,6c,68,69,6c,6a,70,00,00
"hamghnjmifmilabj"=hex:6b,62,67,69,61,6a,69,6a,62,6e,68,6c,70,6b,68,70,65,61,
6b,65,62,6b,64,66,62,70,65,65,6c,61,67,6d,6a,66,6e,66,6c,6b,62,6d,6e,62,64,\
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{62D1ACEB-304B-5F58-9CAB-BF16977A7300}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DB9A835C-18AD-9342-556A-F76AA869AF84}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"oacenclobnmggjpfmegpfchmfnpflh"=hex:63,61,62,6f,6d,69,00,7c
"oaoendmlfcjnmljhbljaolhpeplpnm"=hex:6a,61,63,6f,6a,69,6e,63,67,6a,67,68,6e,68,
70,6a,66,6a,65,68,00,16
"naeolfmnnpilikkhdhpagaegdbgo"=hex:69,61,6f,6e,6c,6d,66,68,68,6f,70,65,66,67,
66,69,70,67,00,00
"eagnnekgfb"=hex:64,61,62,64,6a,67,63,6b,00,3e
"cadela"=hex:6b,62,6d,6f,69,6c,62,64,6e,61,61,6f,63,6a,66,66,6d,6b,6f,62,66,61,
6a,63,65,6f,62,70,6d,63,67,6a,67,6c,6d,6c,61,6a,70,69,61,68,6b,70,63,64,6e,\
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F60F0158-26C7-9846-A857-DB315C9D305C}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iankcnoialjggifpgl"=hex:6a,61,6a,6c,62,64,65,67,65,62,61,6f,6d,69,6d,6c,6f,67,
6f,63,00,01
"hadkmkalggapjgnk"=hex:6a,61,6a,6c,64,6f,6c,65,66,68,66,63,6d,6e,6b,6d,62,63,
67,6c,00,01
"hajjkmdnbpndolmc"=hex:61,61,00,7e
"hajjkmdneiegelao"=hex:61,61,00,7e
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Zepter Software\RegLib*2c8af0a3\AnyDVD/1]
"1"=dword:45bb7163
"2"=dword:45bb778a
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(804)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > 'lsass.exe'(860)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > 'explorer.exe'(1216)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Intel\Intel(R) Active Monitor\imonnt.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-01-19 15:20:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-19 14:20
ComboFix2.txt 2010-01-10 21:17
ComboFix3.txt 2009-02-27 16:22
Před spuštěním: Volných bajtů: 19,512,799,232
Po spuštění: Volných bajtů: 19,448,594,432
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - F368C1911DF73D5367B480ADE325F560
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-19 do 2010-01-19 )))))))))))))))))))))))))))))))
.
2010-01-18 21:44 . 2010-01-18 21:44 390144 ----a-w- c:\windows\system32\CF10688.exe
2010-01-18 20:52 . 2010-01-18 20:52 390144 ----a-w- c:\windows\system32\CF558.exe
2010-01-12 05:11 . 2010-01-12 05:11 -------- d-----w- C:\1878d1784e0887690c
2010-01-11 18:11 . 2010-01-11 18:11 -------- d-----w- C:\MSDERelA
2010-01-11 17:30 . 2010-01-11 17:30 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-01-11 17:09 . 2008-04-14 07:00 80896 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2010-01-11 17:09 . 2008-04-14 07:51 81920 ------w- c:\windows\system32\ieencode.dll
2010-01-11 16:55 . 2010-01-11 16:55 -------- d-----w- C:\15dc9c805169d9204b4931052942
2010-01-10 20:46 . 2010-01-10 20:44 390144 ----a-w- c:\windows\system32\CF2785.exe
2010-01-10 12:53 . 2010-01-10 12:53 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-10 12:47 . 2010-01-10 12:47 -------- d-sh--w- c:\documents and settings\Tonny\PrivacIE
2010-01-10 12:46 . 2010-01-10 12:46 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-01-10 12:45 . 2010-01-10 12:45 -------- d-sh--w- c:\documents and settings\Tonny\IETldCache
2010-01-10 12:42 . 2010-01-10 12:56 -------- d-----w- c:\windows\ie8updates
2010-01-10 12:38 . 2010-01-10 12:40 -------- dc-h--w- c:\windows\ie8
2010-01-10 12:34 . 2009-10-29 07:43 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-10 12:34 . 2009-10-29 07:43 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-01-10 12:34 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-01-09 10:57 . 2010-01-09 10:57 -------- d-----w- c:\program files\Crawler
2010-01-09 10:57 . 2010-01-09 10:57 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-01-09 10:57 . 2010-01-09 16:11 -------- d-----w- c:\program files\Spyware Terminator
2010-01-08 16:03 . 2010-01-18 19:08 -------- d-----w- c:\program files\trend micro
2010-01-08 16:03 . 2010-01-08 16:03 -------- d-----w- C:\rsit
2010-01-08 08:26 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-08 08:26 . 2010-01-08 08:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-08 08:26 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-08 07:19 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-05 13:58 . 2010-01-05 13:58 -------- d-----w- c:\program files\Common Files\LightScribe
2010-01-05 13:52 . 2010-01-08 07:00 54 ----a-w- c:\windows\system32\rp_stats.dat
2010-01-05 13:52 . 2010-01-08 07:00 39 ----a-w- c:\windows\system32\rp_rules.dat
2010-01-05 13:44 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-01-05 13:44 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-01-05 13:43 . 2010-01-05 13:43 -------- d-----w- c:\windows\Logs
2010-01-05 13:43 . 2010-01-05 13:43 -------- d-----w- c:\program files\Winamp Detect
2010-01-03 12:25 . 2010-01-03 19:16 -------- d-----w- c:\program files\Herbert
2009-12-30 19:16 . 2009-12-30 19:16 -------- d-----w- c:\documents and settings\LocalService\Plocha
2009-12-30 17:57 . 2010-01-04 14:44 -------- d-----w- c:\program files\Musicmatch
2009-12-30 17:55 . 2010-01-03 14:30 -------- d-----w- c:\windows\system32\Philips GoGear HDD
2009-12-30 17:55 . 2010-01-04 14:41 -------- d-----w- c:\program files\Philips
2009-12-27 19:48 . 2010-01-08 07:35 -------- d-----w- c:\program files\Lavasoft
2009-12-27 19:44 . 2009-12-29 16:27 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-27 19:44 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-12-27 19:44 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-12-27 19:44 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-12-27 19:43 . 2009-12-27 19:43 -------- d-----w- c:\program files\Avira
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-19 14:14 . 2003-04-16 12:00 780596 ----a-w- c:\windows\system32\perfh005.dat
2010-01-19 14:14 . 2003-04-16 12:00 213984 ----a-w- c:\windows\system32\perfc005.dat
2010-01-19 14:09 . 2010-01-09 08:41 7584005 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-01-18 20:07 . 2007-06-19 17:23 -------- d-----w- c:\program files\Vstplugins
2010-01-13 18:18 . 2010-01-13 18:22 90112 ----a-w- c:\windows\Internet Logs\xDB5.tmp
2010-01-13 18:18 . 2010-01-13 18:22 1661952 ----a-w- c:\windows\Internet Logs\xDB6.tmp
2010-01-13 13:16 . 2007-01-12 14:44 -------- d-----w- c:\program files\Sony Setup
2010-01-12 00:15 . 2010-01-12 05:15 192512 ----a-w- c:\windows\Internet Logs\xDB3.tmp
2010-01-12 00:15 . 2010-01-12 05:15 1657856 ----a-w- c:\windows\Internet Logs\xDB4.tmp
2010-01-11 18:37 . 2007-04-02 17:50 -------- d-----w- c:\program files\Microsoft SQL Server
2010-01-09 21:40 . 2010-01-10 11:22 172032 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2010-01-09 21:40 . 2010-01-10 11:22 1636864 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2010-01-08 22:20 . 2010-01-08 22:20 -------- d-----w- c:\program files\CheckPoint
2010-01-08 22:20 . 2007-01-14 22:18 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-01-08 22:20 . 2010-01-08 22:20 -------- d-----w- c:\program files\Zone Labs
2010-01-08 21:07 . 2007-01-10 12:25 -------- d-----w- c:\program files\CCleaner
2010-01-08 14:49 . 2009-10-27 18:41 -------- d-----w- c:\program files\Diablo II
2010-01-05 16:14 . 2007-04-14 17:33 -------- d-----w- c:\program files\Winamp
2010-01-05 14:36 . 2008-09-17 16:21 -------- d-----w- c:\program files\Common Files\Nero
2010-01-05 14:19 . 2007-01-14 12:17 -------- d-----w- c:\program files\Nero
2010-01-04 14:50 . 2008-08-30 10:16 -------- d-----w- c:\program files\Easy CD-DA Extractor 11
2010-01-04 14:50 . 2007-11-07 17:41 -------- d-----w- c:\program files\DesetiPrsty
2010-01-04 14:49 . 2007-04-02 19:35 -------- d-----w- c:\program files\Azureus
2010-01-04 14:47 . 2007-12-16 18:19 -------- d-----w- c:\program files\IK Multimedia
2010-01-04 14:47 . 2007-01-09 00:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-27 19:41 . 2008-06-03 18:57 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-27 19:39 . 2008-06-06 16:10 -------- d-----w- c:\program files\ESET
2009-12-25 20:29 . 2007-04-02 17:25 90112 ----a-w- c:\windows\DUMP6ec7.tmp
2009-12-17 00:14 . 2009-12-17 00:13 -------- d-----w- c:\program files\iTunes
2009-12-17 00:13 . 2009-12-17 00:13 -------- d-----w- c:\program files\iPod
2009-12-17 00:13 . 2009-12-17 00:13 -------- d-----w- c:\program files\Bonjour
2009-12-17 00:12 . 2009-12-17 00:12 -------- d-----w- c:\program files\QuickTime
2009-12-17 00:12 . 2009-12-17 00:10 -------- d-----w- c:\program files\Common Files\Apple
2009-12-17 00:11 . 2009-12-17 00:11 -------- d-----w- c:\program files\Apple Software Update
2009-12-16 23:54 . 2009-11-19 15:26 -------- d-----w- c:\program files\Hero Editor
2009-12-15 23:03 . 2007-05-21 17:41 -------- d-----w- c:\program files\Last.fm
2009-12-14 16:13 . 2009-11-19 15:26 249856 ------w- c:\windows\Setup1.exe
2009-12-14 16:13 . 2007-12-16 20:25 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-11-28 12:25 . 2009-11-28 12:24 -------- d-----w- c:\program files\FileZilla FTP Client
2009-11-25 22:12 . 2009-11-25 22:12 -------- d-----w- c:\program files\MSXML 4.0
2009-11-22 14:42 . 2010-01-08 22:20 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2009-11-22 14:42 . 2010-01-08 22:20 69000 ----a-w- c:\windows\system32\zlcomm.dll
2009-11-22 14:42 . 2010-01-08 22:20 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2009-11-21 16:03 . 2003-04-16 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 07:43 . 2003-04-16 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-10-27 18:57 . 2009-10-27 18:47 35832 ----a-w- c:\windows\DIIUnin.dat
2009-10-27 18:56 . 2009-10-27 18:49 21840 ----atw- c:\windows\system32\SIntfNT.dll
2009-10-27 18:56 . 2009-10-27 18:49 17212 ----atw- c:\windows\system32\SIntf32.dll
2009-10-27 18:47 . 2009-10-27 18:47 94208 ----a-w- c:\windows\DIIUnin.exe
2009-10-27 18:47 . 2009-10-27 18:47 2829 ----a-w- c:\windows\DIIUnin.pif
2008-09-06 10:01 . 2008-09-06 10:01 126 ----a-w- c:\program files\arlsohfq.txt
2007-03-09 08:26 . 2007-03-09 08:27 4100096 ----a-w- c:\program files\npsibelius.dll
2008-06-30 10:16 . 2007-08-21 11:32 72 --sh--w- c:\windows\S8E6CA8FD.tmp
2007-03-09 07:12 . 2007-03-09 07:12 27648 --sha-w- c:\windows\system32\AVSredirect.dll
.
------- Sigcheck -------
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[7] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[7] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . DBDE980506B54AE928D151D12419B425 . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-07-26 . 46C3197AAC32EBA82453ACDD84114DC2 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . 5DE239E9CC9DB7430233EA7BE10EAD32 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . 676E6C3C8F3B4F8B64BE33FD20ADFCE2 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2004-08-17 . C72C15EE57E248C66E57C76CAB086CF2 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[7] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-17 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[7] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 2B33979FDE5D1B9293ADB025F323B0D9 . 984576 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . C23A84D7AB99678B2F1A52080280E4ED . 983040 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2006-07-05 . A0B58CBB3ADCD79F1414A8E62D2F719F . 983552 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . 72FB9AA607A21FD2485286C478FB9B01 . 982528 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll
[-] 2004-08-17 . 98DA079F61265BC26D4587E280B79F30 . 982016 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2004-08-17 14:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-08-17 14:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-09 3037696]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2009-10-14 730480]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-01-09 2166784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acrobat Assistant.lnk]
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Last.fm Helper.lnk]
backup=c:\windows\pss\Last.fm Helper.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Tonny^Nabídka Start^Programy^Po spuštění^Last.fm Helper.lnk]
backup=c:\windows\pss\Last.fm Helper.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Tonny^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
2007-09-02 14:43 1465280 ----a-w- c:\program files\SlySoft\AnyDVD\AnyDVD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2006-09-28 19:21 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE]
2007-01-14 14:07 958464 ----a-w- c:\program files\Labtec\Mouse\V3.0\moffice.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2008-05-20 15:27 2474031 ----a-w- c:\program files\Free Download Manager\fdm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
2005-05-11 01:46 200069 ----a-w- c:\program files\Syncrosoft\POS\H2O\cledx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWRTOOLBOX]
2005-10-26 00:29 344064 ----a-w- c:\program files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMONTRAY]
2003-11-03 14:44 32768 ------w- c:\program files\Intel\Intel(R) Active Monitor\imontray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-09-10 16:40 289576 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXSUPMON]
2002-01-28 12:48 885760 ----a-w- c:\windows\system32\LXSUPMON.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
2003-07-07 08:29 729088 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
2003-05-08 10:00 49152 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2004-03-10 22:26 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-09-06 14:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2003-05-30 08:42 585728 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2003-05-29 15:28 790528 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2008-09-16 11:16 1833296 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-08-15 15:37 1830128 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector]
2005-07-28 06:32 94208 ------w- c:\program files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-05-26 22:31 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AnyDVD"=c:\program files\SlySoft\AnyDVD\AnyDVD.exe
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Nero\Lib\NeroCheck.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\QIP Infium PafoPack\\inf.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-02-17 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-02-17 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-01-09 142592]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-12-27 108289]
R2 ASIXIo;ASIXIo;c:\windows\system32\drivers\asixio.sys [2007-04-16 3078]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2009-10-14 25208]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [2009-10-14 476528]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2007-12-16 33792]
R3 US122;US122 Driver;c:\windows\system32\drivers\US122.sys [2004-07-30 217472]
R3 Us122WdmService;US122 Wdm Audio;c:\windows\system32\drivers\US122Wdm.sys [2004-07-30 86648]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-02-17 7408]
S3 US122DL;US122 Firmware Downloader;c:\windows\system32\drivers\US122DL.sys [2004-07-30 17277]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-01-19 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Tonny\Data aplikací\Mozilla\Firefox\Profiles\q738j6ed.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: network.proxy.ftp - 192.168.10.8
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 192.168.10.8
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - 192.168.10.8
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 192.168.10.8
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 192.168.10.8
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 4
FF - component: c:\_net\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xwsg.dll
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\program files\CheckPoint\ZAForceField\TrustChecker\components\TrustCheckerMozillaPlugin.dll
FF - plugin: c:\_net\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\_video\Adobe\AcroRead 7\Reader\browser\nppdf32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\_net\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-QIP 2005 - c:\program files\QIP\unins001.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-19 15:10
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3E028637-126E-E622-091A-2A08ABDF253C}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iaaihplbjpniacjmod"=hex:6a,61,6d,69,63,6c,6d,6e,6b,70,63,6a,6f,67,6c,68,68,6c,
6c,68,00,01
"haognnpbpjdgaaoi"=hex:6a,61,6d,69,63,6c,6d,6e,6a,70,68,68,65,70,69,69,6a,68,
69,67,00,01
"hamghnjmbjemdeel"=hex:68,61,63,66,6f,69,67,65,64,6c,6c,68,69,6c,6a,70,00,00
"hamghnjmifmilabj"=hex:6b,62,67,69,61,6a,69,6a,62,6e,68,6c,70,6b,68,70,65,61,
6b,65,62,6b,64,66,62,70,65,65,6c,61,67,6d,6a,66,6e,66,6c,6b,62,6d,6e,62,64,\
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{62D1ACEB-304B-5F58-9CAB-BF16977A7300}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DB9A835C-18AD-9342-556A-F76AA869AF84}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"oacenclobnmggjpfmegpfchmfnpflh"=hex:63,61,62,6f,6d,69,00,7c
"oaoendmlfcjnmljhbljaolhpeplpnm"=hex:6a,61,63,6f,6a,69,6e,63,67,6a,67,68,6e,68,
70,6a,66,6a,65,68,00,16
"naeolfmnnpilikkhdhpagaegdbgo"=hex:69,61,6f,6e,6c,6d,66,68,68,6f,70,65,66,67,
66,69,70,67,00,00
"eagnnekgfb"=hex:64,61,62,64,6a,67,63,6b,00,3e
"cadela"=hex:6b,62,6d,6f,69,6c,62,64,6e,61,61,6f,63,6a,66,66,6d,6b,6f,62,66,61,
6a,63,65,6f,62,70,6d,63,67,6a,67,6c,6d,6c,61,6a,70,69,61,68,6b,70,63,64,6e,\
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F60F0158-26C7-9846-A857-DB315C9D305C}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"iankcnoialjggifpgl"=hex:6a,61,6a,6c,62,64,65,67,65,62,61,6f,6d,69,6d,6c,6f,67,
6f,63,00,01
"hadkmkalggapjgnk"=hex:6a,61,6a,6c,64,6f,6c,65,66,68,66,63,6d,6e,6b,6d,62,63,
67,6c,00,01
"hajjkmdnbpndolmc"=hex:61,61,00,7e
"hajjkmdneiegelao"=hex:61,61,00,7e
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Zepter Software\RegLib*2c8af0a3\AnyDVD/1]
"1"=dword:45bb7163
"2"=dword:45bb778a
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(804)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > 'lsass.exe'(860)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > 'explorer.exe'(1216)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Intel\Intel(R) Active Monitor\imonnt.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-01-19 15:20:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-19 14:20
ComboFix2.txt 2010-01-10 21:17
ComboFix3.txt 2009-02-27 16:22
Před spuštěním: Volných bajtů: 19,512,799,232
Po spuštění: Volných bajtů: 19,448,594,432
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - F368C1911DF73D5367B480ADE325F560
-
Rudy
- Site Admin
- Příspěvky: 119386
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý internet
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.Collect::
c:\windows\S8E6CA8FD.tmp
C:\WINDOWS\000001_.tmp
Regnull::
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{3E028637-126E-E622-091A-2A08ABDF253C}*]
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DB9A835C-18AD-9342-556A-F76AA869AF84}*]
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F60F0158-26C7-9846-A857-DB315C9D305C}*]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý internet
ComboFix 10-01-19.02 - Tonny 2010-01-19 23:37:28.6.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2046.1427 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tonny\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tonny\Plocha\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
file zipped: c:\windows\000001_.tmp
file zipped: c:\windows\S8E6CA8FD.tmp
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\000001_.tmp
c:\windows\S8E6CA8FD.tmp
c:\windows\system32\drivers\etc\lmhosts
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-19 do 2010-01-19 )))))))))))))))))))))))))))))))
.
2010-01-18 21:44 . 2010-01-18 21:44 390144 ----a-w- c:\windows\system32\CF10688.exe
2010-01-18 20:52 . 2010-01-18 20:52 390144 ----a-w- c:\windows\system32\CF558.exe
2010-01-12 05:11 . 2010-01-12 05:11 -------- d-----w- C:\1878d1784e0887690c
2010-01-11 18:11 . 2010-01-11 18:11 -------- d-----w- C:\MSDERelA
2010-01-11 17:30 . 2010-01-11 17:30 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-01-11 17:09 . 2008-04-14 07:00 80896 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2010-01-11 17:09 . 2008-04-14 07:51 81920 ------w- c:\windows\system32\ieencode.dll
2010-01-11 16:55 . 2010-01-11 16:55 -------- d-----w- C:\15dc9c805169d9204b4931052942
2010-01-10 20:46 . 2010-01-10 20:44 390144 ----a-w- c:\windows\system32\CF2785.exe
2010-01-10 12:53 . 2010-01-10 12:53 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-10 12:47 . 2010-01-10 12:47 -------- d-sh--w- c:\documents and settings\Tonny\PrivacIE
2010-01-10 12:46 . 2010-01-10 12:46 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-01-10 12:45 . 2010-01-10 12:45 -------- d-sh--w- c:\documents and settings\Tonny\IETldCache
2010-01-10 12:42 . 2010-01-10 12:56 -------- d-----w- c:\windows\ie8updates
2010-01-10 12:38 . 2010-01-10 12:40 -------- dc-h--w- c:\windows\ie8
2010-01-10 12:34 . 2009-10-29 07:43 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-10 12:34 . 2009-10-29 07:43 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-01-10 12:34 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-01-09 10:57 . 2010-01-09 10:57 -------- d-----w- c:\program files\Crawler
2010-01-09 10:57 . 2010-01-09 10:57 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-01-09 10:57 . 2010-01-19 17:38 -------- d-----w- c:\program files\Spyware Terminator
2010-01-08 16:03 . 2010-01-18 19:08 -------- d-----w- c:\program files\trend micro
2010-01-08 16:03 . 2010-01-08 16:03 -------- d-----w- C:\rsit
2010-01-08 08:26 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-08 08:26 . 2010-01-08 08:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-08 08:26 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-08 07:19 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-05 13:58 . 2010-01-05 13:58 -------- d-----w- c:\program files\Common Files\LightScribe
2010-01-05 13:52 . 2010-01-08 07:00 54 ----a-w- c:\windows\system32\rp_stats.dat
2010-01-05 13:52 . 2010-01-08 07:00 39 ----a-w- c:\windows\system32\rp_rules.dat
2010-01-05 13:44 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-01-05 13:44 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-01-05 13:43 . 2010-01-05 13:43 -------- d-----w- c:\windows\Logs
2010-01-05 13:43 . 2010-01-05 13:43 -------- d-----w- c:\program files\Winamp Detect
2010-01-03 12:25 . 2010-01-03 19:16 -------- d-----w- c:\program files\Herbert
2009-12-30 19:16 . 2009-12-30 19:16 -------- d-----w- c:\documents and settings\LocalService\Plocha
2009-12-30 17:57 . 2010-01-04 14:44 -------- d-----w- c:\program files\Musicmatch
2009-12-30 17:55 . 2010-01-03 14:30 -------- d-----w- c:\windows\system32\Philips GoGear HDD
2009-12-30 17:55 . 2010-01-04 14:41 -------- d-----w- c:\program files\Philips
2009-12-27 19:48 . 2010-01-08 07:35 -------- d-----w- c:\program files\Lavasoft
2009-12-27 19:44 . 2009-12-29 16:27 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-27 19:44 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-12-27 19:44 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-12-27 19:44 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-12-27 19:43 . 2009-12-27 19:43 -------- d-----w- c:\program files\Avira
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-19 23:12 . 2003-04-16 12:00 780930 ----a-w- c:\windows\system32\perfh005.dat
2010-01-19 23:12 . 2003-04-16 12:00 214102 ----a-w- c:\windows\system32\perfc005.dat
2010-01-19 23:09 . 2010-01-09 08:41 2328555 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-01-18 20:07 . 2007-06-19 17:23 -------- d-----w- c:\program files\Vstplugins
2010-01-13 18:18 . 2010-01-13 18:22 90112 ----a-w- c:\windows\Internet Logs\xDB5.tmp
2010-01-13 18:18 . 2010-01-13 18:22 1661952 ----a-w- c:\windows\Internet Logs\xDB6.tmp
2010-01-13 13:16 . 2007-01-12 14:44 -------- d-----w- c:\program files\Sony Setup
2010-01-12 00:15 . 2010-01-12 05:15 192512 ----a-w- c:\windows\Internet Logs\xDB3.tmp
2010-01-12 00:15 . 2010-01-12 05:15 1657856 ----a-w- c:\windows\Internet Logs\xDB4.tmp
2010-01-11 18:37 . 2007-04-02 17:50 -------- d-----w- c:\program files\Microsoft SQL Server
2010-01-09 21:40 . 2010-01-10 11:22 172032 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2010-01-09 21:40 . 2010-01-10 11:22 1636864 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2010-01-08 22:20 . 2010-01-08 22:20 -------- d-----w- c:\program files\CheckPoint
2010-01-08 22:20 . 2007-01-14 22:18 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-01-08 22:20 . 2010-01-08 22:20 -------- d-----w- c:\program files\Zone Labs
2010-01-08 21:07 . 2007-01-10 12:25 -------- d-----w- c:\program files\CCleaner
2010-01-08 14:49 . 2009-10-27 18:41 -------- d-----w- c:\program files\Diablo II
2010-01-05 16:14 . 2007-04-14 17:33 -------- d-----w- c:\program files\Winamp
2010-01-05 14:36 . 2008-09-17 16:21 -------- d-----w- c:\program files\Common Files\Nero
2010-01-05 14:19 . 2007-01-14 12:17 -------- d-----w- c:\program files\Nero
2010-01-04 14:50 . 2008-08-30 10:16 -------- d-----w- c:\program files\Easy CD-DA Extractor 11
2010-01-04 14:50 . 2007-11-07 17:41 -------- d-----w- c:\program files\DesetiPrsty
2010-01-04 14:49 . 2007-04-02 19:35 -------- d-----w- c:\program files\Azureus
2010-01-04 14:47 . 2007-12-16 18:19 -------- d-----w- c:\program files\IK Multimedia
2010-01-04 14:47 . 2007-01-09 00:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-27 19:41 . 2008-06-03 18:57 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-27 19:39 . 2008-06-06 16:10 -------- d-----w- c:\program files\ESET
2009-12-25 20:29 . 2007-04-02 17:25 90112 ----a-w- c:\windows\DUMP6ec7.tmp
2009-12-17 00:14 . 2009-12-17 00:13 -------- d-----w- c:\program files\iTunes
2009-12-17 00:13 . 2009-12-17 00:13 -------- d-----w- c:\program files\iPod
2009-12-17 00:13 . 2009-12-17 00:13 -------- d-----w- c:\program files\Bonjour
2009-12-17 00:12 . 2009-12-17 00:12 -------- d-----w- c:\program files\QuickTime
2009-12-17 00:12 . 2009-12-17 00:10 -------- d-----w- c:\program files\Common Files\Apple
2009-12-17 00:11 . 2009-12-17 00:11 -------- d-----w- c:\program files\Apple Software Update
2009-12-16 23:54 . 2009-11-19 15:26 -------- d-----w- c:\program files\Hero Editor
2009-12-15 23:03 . 2007-05-21 17:41 -------- d-----w- c:\program files\Last.fm
2009-12-14 16:13 . 2009-11-19 15:26 249856 ------w- c:\windows\Setup1.exe
2009-12-14 16:13 . 2007-12-16 20:25 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-11-28 12:25 . 2009-11-28 12:24 -------- d-----w- c:\program files\FileZilla FTP Client
2009-11-25 22:12 . 2009-11-25 22:12 -------- d-----w- c:\program files\MSXML 4.0
2009-11-22 14:42 . 2010-01-08 22:20 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2009-11-22 14:42 . 2010-01-08 22:20 69000 ----a-w- c:\windows\system32\zlcomm.dll
2009-11-22 14:42 . 2010-01-08 22:20 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2009-11-21 16:03 . 2003-04-16 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 07:43 . 2003-04-16 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-10-27 18:57 . 2009-10-27 18:47 35832 ----a-w- c:\windows\DIIUnin.dat
2009-10-27 18:56 . 2009-10-27 18:49 21840 ----atw- c:\windows\system32\SIntfNT.dll
2009-10-27 18:56 . 2009-10-27 18:49 17212 ----atw- c:\windows\system32\SIntf32.dll
2009-10-27 18:47 . 2009-10-27 18:47 94208 ----a-w- c:\windows\DIIUnin.exe
2009-10-27 18:47 . 2009-10-27 18:47 2829 ----a-w- c:\windows\DIIUnin.pif
2008-09-06 10:01 . 2008-09-06 10:01 126 ----a-w- c:\program files\arlsohfq.txt
2007-03-09 08:26 . 2007-03-09 08:27 4100096 ----a-w- c:\program files\npsibelius.dll
2007-03-09 07:12 . 2007-03-09 07:12 27648 --sha-w- c:\windows\system32\AVSredirect.dll
.
------- Sigcheck -------
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[7] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[7] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . DBDE980506B54AE928D151D12419B425 . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-07-26 . 46C3197AAC32EBA82453ACDD84114DC2 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . 5DE239E9CC9DB7430233EA7BE10EAD32 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . 676E6C3C8F3B4F8B64BE33FD20ADFCE2 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2004-08-17 . C72C15EE57E248C66E57C76CAB086CF2 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[7] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-17 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[7] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 2B33979FDE5D1B9293ADB025F323B0D9 . 984576 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . C23A84D7AB99678B2F1A52080280E4ED . 983040 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2006-07-05 . A0B58CBB3ADCD79F1414A8E62D2F719F . 983552 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . 72FB9AA607A21FD2485286C478FB9B01 . 982528 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll
[-] 2004-08-17 . 98DA079F61265BC26D4587E280B79F30 . 982016 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2004-08-17 14:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-08-17 14:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-09 3037696]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2009-10-14 730480]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-01-09 2166784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acrobat Assistant.lnk]
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Last.fm Helper.lnk]
backup=c:\windows\pss\Last.fm Helper.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Tonny^Nabídka Start^Programy^Po spuštění^Last.fm Helper.lnk]
backup=c:\windows\pss\Last.fm Helper.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Tonny^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
2007-09-02 14:43 1465280 ----a-w- c:\program files\SlySoft\AnyDVD\AnyDVD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2006-09-28 19:21 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE]
2007-01-14 14:07 958464 ----a-w- c:\program files\Labtec\Mouse\V3.0\moffice.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2008-05-20 15:27 2474031 ----a-w- c:\program files\Free Download Manager\fdm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
2005-05-11 01:46 200069 ----a-w- c:\program files\Syncrosoft\POS\H2O\cledx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWRTOOLBOX]
2005-10-26 00:29 344064 ----a-w- c:\program files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMONTRAY]
2003-11-03 14:44 32768 ------w- c:\program files\Intel\Intel(R) Active Monitor\imontray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-09-10 16:40 289576 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXSUPMON]
2002-01-28 12:48 885760 ----a-w- c:\windows\system32\LXSUPMON.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
2003-07-07 08:29 729088 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
2003-05-08 10:00 49152 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2004-03-10 22:26 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-09-06 14:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2003-05-30 08:42 585728 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2003-05-29 15:28 790528 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2008-09-16 11:16 1833296 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-08-15 15:37 1830128 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector]
2005-07-28 06:32 94208 ------w- c:\program files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-05-26 22:31 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AnyDVD"=c:\program files\SlySoft\AnyDVD\AnyDVD.exe
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Nero\Lib\NeroCheck.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\QIP Infium PafoPack\\inf.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-02-17 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-02-17 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-01-09 142592]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-12-27 108289]
R2 ASIXIo;ASIXIo;c:\windows\system32\drivers\asixio.sys [2007-04-16 3078]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2009-10-14 25208]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [2009-10-14 476528]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2007-12-16 33792]
R3 US122;US122 Driver;c:\windows\system32\drivers\US122.sys [2004-07-30 217472]
R3 Us122WdmService;US122 Wdm Audio;c:\windows\system32\drivers\US122Wdm.sys [2004-07-30 86648]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-02-17 7408]
S3 US122DL;US122 Firmware Downloader;c:\windows\system32\drivers\US122DL.sys [2004-07-30 17277]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-01-19 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Tonny\Data aplikací\Mozilla\Firefox\Profiles\q738j6ed.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: network.proxy.ftp - 192.168.10.8
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 192.168.10.8
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - 192.168.10.8
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 192.168.10.8
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 192.168.10.8
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 4
FF - component: c:\_net\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xwsg.dll
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\program files\CheckPoint\ZAForceField\TrustChecker\components\TrustCheckerMozillaPlugin.dll
FF - plugin: c:\_net\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\_video\Adobe\AcroRead 7\Reader\browser\nppdf32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\_net\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 00:09
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Zepter Software\RegLib*2c8af0a3\AnyDVD/1]
"1"=dword:45bb7163
"2"=dword:45bb778a
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(800)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > 'lsass.exe'(856)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > 'explorer.exe'(1880)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Intel\Intel(R) Active Monitor\imonnt.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-01-20 00:18:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-19 23:18
ComboFix2.txt 2010-01-19 14:20
ComboFix3.txt 2010-01-10 21:17
ComboFix4.txt 2009-02-27 16:22
Před spuštěním: Volných bajtů: 18,743,160,832
Po spuštění: Volných bajtů: 18,970,796,032
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 4E1A07F831DA8216C53958D6A1B3F032
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2046.1427 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tonny\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Tonny\Plocha\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
file zipped: c:\windows\000001_.tmp
file zipped: c:\windows\S8E6CA8FD.tmp
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\000001_.tmp
c:\windows\S8E6CA8FD.tmp
c:\windows\system32\drivers\etc\lmhosts
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-19 do 2010-01-19 )))))))))))))))))))))))))))))))
.
2010-01-18 21:44 . 2010-01-18 21:44 390144 ----a-w- c:\windows\system32\CF10688.exe
2010-01-18 20:52 . 2010-01-18 20:52 390144 ----a-w- c:\windows\system32\CF558.exe
2010-01-12 05:11 . 2010-01-12 05:11 -------- d-----w- C:\1878d1784e0887690c
2010-01-11 18:11 . 2010-01-11 18:11 -------- d-----w- C:\MSDERelA
2010-01-11 17:30 . 2010-01-11 17:30 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2010-01-11 17:09 . 2008-04-14 07:00 80896 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2010-01-11 17:09 . 2008-04-14 07:51 81920 ------w- c:\windows\system32\ieencode.dll
2010-01-11 16:55 . 2010-01-11 16:55 -------- d-----w- C:\15dc9c805169d9204b4931052942
2010-01-10 20:46 . 2010-01-10 20:44 390144 ----a-w- c:\windows\system32\CF2785.exe
2010-01-10 12:53 . 2010-01-10 12:53 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-10 12:47 . 2010-01-10 12:47 -------- d-sh--w- c:\documents and settings\Tonny\PrivacIE
2010-01-10 12:46 . 2010-01-10 12:46 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-01-10 12:45 . 2010-01-10 12:45 -------- d-sh--w- c:\documents and settings\Tonny\IETldCache
2010-01-10 12:42 . 2010-01-10 12:56 -------- d-----w- c:\windows\ie8updates
2010-01-10 12:38 . 2010-01-10 12:40 -------- dc-h--w- c:\windows\ie8
2010-01-10 12:34 . 2009-10-29 07:43 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-10 12:34 . 2009-10-29 07:43 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-01-10 12:34 . 2009-10-02 04:44 92160 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-01-09 10:57 . 2010-01-09 10:57 -------- d-----w- c:\program files\Crawler
2010-01-09 10:57 . 2010-01-09 10:57 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-01-09 10:57 . 2010-01-19 17:38 -------- d-----w- c:\program files\Spyware Terminator
2010-01-08 16:03 . 2010-01-18 19:08 -------- d-----w- c:\program files\trend micro
2010-01-08 16:03 . 2010-01-08 16:03 -------- d-----w- C:\rsit
2010-01-08 08:26 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-08 08:26 . 2010-01-08 08:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-08 08:26 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-08 07:19 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-05 13:58 . 2010-01-05 13:58 -------- d-----w- c:\program files\Common Files\LightScribe
2010-01-05 13:52 . 2010-01-08 07:00 54 ----a-w- c:\windows\system32\rp_stats.dat
2010-01-05 13:52 . 2010-01-08 07:00 39 ----a-w- c:\windows\system32\rp_rules.dat
2010-01-05 13:44 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2010-01-05 13:44 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-01-05 13:43 . 2010-01-05 13:43 -------- d-----w- c:\windows\Logs
2010-01-05 13:43 . 2010-01-05 13:43 -------- d-----w- c:\program files\Winamp Detect
2010-01-03 12:25 . 2010-01-03 19:16 -------- d-----w- c:\program files\Herbert
2009-12-30 19:16 . 2009-12-30 19:16 -------- d-----w- c:\documents and settings\LocalService\Plocha
2009-12-30 17:57 . 2010-01-04 14:44 -------- d-----w- c:\program files\Musicmatch
2009-12-30 17:55 . 2010-01-03 14:30 -------- d-----w- c:\windows\system32\Philips GoGear HDD
2009-12-30 17:55 . 2010-01-04 14:41 -------- d-----w- c:\program files\Philips
2009-12-27 19:48 . 2010-01-08 07:35 -------- d-----w- c:\program files\Lavasoft
2009-12-27 19:44 . 2009-12-29 16:27 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-27 19:44 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-12-27 19:44 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2009-12-27 19:44 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2009-12-27 19:43 . 2009-12-27 19:43 -------- d-----w- c:\program files\Avira
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-19 23:12 . 2003-04-16 12:00 780930 ----a-w- c:\windows\system32\perfh005.dat
2010-01-19 23:12 . 2003-04-16 12:00 214102 ----a-w- c:\windows\system32\perfc005.dat
2010-01-19 23:09 . 2010-01-09 08:41 2328555 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-01-18 20:07 . 2007-06-19 17:23 -------- d-----w- c:\program files\Vstplugins
2010-01-13 18:18 . 2010-01-13 18:22 90112 ----a-w- c:\windows\Internet Logs\xDB5.tmp
2010-01-13 18:18 . 2010-01-13 18:22 1661952 ----a-w- c:\windows\Internet Logs\xDB6.tmp
2010-01-13 13:16 . 2007-01-12 14:44 -------- d-----w- c:\program files\Sony Setup
2010-01-12 00:15 . 2010-01-12 05:15 192512 ----a-w- c:\windows\Internet Logs\xDB3.tmp
2010-01-12 00:15 . 2010-01-12 05:15 1657856 ----a-w- c:\windows\Internet Logs\xDB4.tmp
2010-01-11 18:37 . 2007-04-02 17:50 -------- d-----w- c:\program files\Microsoft SQL Server
2010-01-09 21:40 . 2010-01-10 11:22 172032 ----a-w- c:\windows\Internet Logs\xDB1.tmp
2010-01-09 21:40 . 2010-01-10 11:22 1636864 ----a-w- c:\windows\Internet Logs\xDB2.tmp
2010-01-08 22:20 . 2010-01-08 22:20 -------- d-----w- c:\program files\CheckPoint
2010-01-08 22:20 . 2007-01-14 22:18 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-01-08 22:20 . 2010-01-08 22:20 -------- d-----w- c:\program files\Zone Labs
2010-01-08 21:07 . 2007-01-10 12:25 -------- d-----w- c:\program files\CCleaner
2010-01-08 14:49 . 2009-10-27 18:41 -------- d-----w- c:\program files\Diablo II
2010-01-05 16:14 . 2007-04-14 17:33 -------- d-----w- c:\program files\Winamp
2010-01-05 14:36 . 2008-09-17 16:21 -------- d-----w- c:\program files\Common Files\Nero
2010-01-05 14:19 . 2007-01-14 12:17 -------- d-----w- c:\program files\Nero
2010-01-04 14:50 . 2008-08-30 10:16 -------- d-----w- c:\program files\Easy CD-DA Extractor 11
2010-01-04 14:50 . 2007-11-07 17:41 -------- d-----w- c:\program files\DesetiPrsty
2010-01-04 14:49 . 2007-04-02 19:35 -------- d-----w- c:\program files\Azureus
2010-01-04 14:47 . 2007-12-16 18:19 -------- d-----w- c:\program files\IK Multimedia
2010-01-04 14:47 . 2007-01-09 00:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-27 19:41 . 2008-06-03 18:57 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-27 19:39 . 2008-06-06 16:10 -------- d-----w- c:\program files\ESET
2009-12-25 20:29 . 2007-04-02 17:25 90112 ----a-w- c:\windows\DUMP6ec7.tmp
2009-12-17 00:14 . 2009-12-17 00:13 -------- d-----w- c:\program files\iTunes
2009-12-17 00:13 . 2009-12-17 00:13 -------- d-----w- c:\program files\iPod
2009-12-17 00:13 . 2009-12-17 00:13 -------- d-----w- c:\program files\Bonjour
2009-12-17 00:12 . 2009-12-17 00:12 -------- d-----w- c:\program files\QuickTime
2009-12-17 00:12 . 2009-12-17 00:10 -------- d-----w- c:\program files\Common Files\Apple
2009-12-17 00:11 . 2009-12-17 00:11 -------- d-----w- c:\program files\Apple Software Update
2009-12-16 23:54 . 2009-11-19 15:26 -------- d-----w- c:\program files\Hero Editor
2009-12-15 23:03 . 2007-05-21 17:41 -------- d-----w- c:\program files\Last.fm
2009-12-14 16:13 . 2009-11-19 15:26 249856 ------w- c:\windows\Setup1.exe
2009-12-14 16:13 . 2007-12-16 20:25 73216 ----a-w- c:\windows\ST6UNST.EXE
2009-11-28 12:25 . 2009-11-28 12:24 -------- d-----w- c:\program files\FileZilla FTP Client
2009-11-25 22:12 . 2009-11-25 22:12 -------- d-----w- c:\program files\MSXML 4.0
2009-11-22 14:42 . 2010-01-08 22:20 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2009-11-22 14:42 . 2010-01-08 22:20 69000 ----a-w- c:\windows\system32\zlcomm.dll
2009-11-22 14:42 . 2010-01-08 22:20 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2009-11-21 16:03 . 2003-04-16 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-29 07:43 . 2003-04-16 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-10-27 18:57 . 2009-10-27 18:47 35832 ----a-w- c:\windows\DIIUnin.dat
2009-10-27 18:56 . 2009-10-27 18:49 21840 ----atw- c:\windows\system32\SIntfNT.dll
2009-10-27 18:56 . 2009-10-27 18:49 17212 ----atw- c:\windows\system32\SIntf32.dll
2009-10-27 18:47 . 2009-10-27 18:47 94208 ----a-w- c:\windows\DIIUnin.exe
2009-10-27 18:47 . 2009-10-27 18:47 2829 ----a-w- c:\windows\DIIUnin.pif
2008-09-06 10:01 . 2008-09-06 10:01 126 ----a-w- c:\program files\arlsohfq.txt
2007-03-09 08:26 . 2007-03-09 08:27 4100096 ----a-w- c:\program files\npsibelius.dll
2007-03-09 07:12 . 2007-03-09 07:12 27648 --sha-w- c:\windows\system32\AVSredirect.dll
.
------- Sigcheck -------
[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[7] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[7] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
[-] 2005-07-26 . DBDE980506B54AE928D151D12419B425 . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll
[-] 2005-07-26 . 46C3197AAC32EBA82453ACDD84114DC2 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . 5DE239E9CC9DB7430233EA7BE10EAD32 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-04-28 . 676E6C3C8F3B4F8B64BE33FD20ADFCE2 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll
[-] 2004-08-17 . C72C15EE57E248C66E57C76CAB086CF2 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB894391$\rpcss.dll
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[7] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[7] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
[-] 2004-08-17 . 6E401E61F952FBBF708AFBECEFAFAE81 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[7] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[7] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
[-] 2007-04-16 . 2B33979FDE5D1B9293ADB025F323B0D9 . 984576 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll
[-] 2007-04-16 . C23A84D7AB99678B2F1A52080280E4ED . 983040 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll
[-] 2006-07-05 . A0B58CBB3ADCD79F1414A8E62D2F719F . 983552 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . 72FB9AA607A21FD2485286C478FB9B01 . 982528 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll
[-] 2004-08-17 . 98DA079F61265BC26D4587E280B79F30 . 982016 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2004-08-17 14:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2004-08-17 14:49 . E02E913B3841717A890A644EE167B9A5 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-08-20 2363392]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-01-09 3037696]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2009-10-14 730480]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-01-09 2166784]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Acrobat Assistant.lnk]
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Last.fm Helper.lnk]
backup=c:\windows\pss\Last.fm Helper.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Tonny^Nabídka Start^Programy^Po spuštění^Last.fm Helper.lnk]
backup=c:\windows\pss\Last.fm Helper.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Tonny^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
2007-09-02 14:43 1465280 ----a-w- c:\program files\SlySoft\AnyDVD\AnyDVD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2006-09-28 19:21 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMOFFICE4DMOUSE]
2007-01-14 14:07 958464 ----a-w- c:\program files\Labtec\Mouse\V3.0\moffice.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Free Download Manager]
2008-05-20 15:27 2474031 ----a-w- c:\program files\Free Download Manager\fdm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
2005-05-11 01:46 200069 ----a-w- c:\program files\Syncrosoft\POS\H2O\cledx.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPWRTOOLBOX]
2005-10-26 00:29 344064 ----a-w- c:\program files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMONTRAY]
2003-11-03 14:44 32768 ------w- c:\program files\Intel\Intel(R) Active Monitor\imontray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-09-10 16:40 289576 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXSUPMON]
2002-01-28 12:48 885760 ----a-w- c:\windows\system32\LXSUPMON.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OPSE reminder]
2003-07-07 08:29 729088 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\EregEng\Ereg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
2003-05-08 10:00 49152 ----a-w- c:\program files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2004-03-10 22:26 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-09-06 14:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2003-05-30 08:42 585728 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2003-05-29 15:28 790528 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2008-09-16 11:16 1833296 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-08-15 15:37 1830128 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead AutoDetector]
2005-07-28 06:32 94208 ------w- c:\program files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-05-26 22:31 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AnyDVD"=c:\program files\SlySoft\AnyDVD\AnyDVD.exe
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NeroFilterCheck"=c:\program files\Common Files\Nero\Lib\NeroCheck.exe
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\QIP Infium PafoPack\\inf.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-02-17 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2009-02-17 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-01-09 142592]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-12-27 108289]
R2 ASIXIo;ASIXIo;c:\windows\system32\drivers\asixio.sys [2007-04-16 3078]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2009-10-14 25208]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\ISWSVC.exe [2009-10-14 476528]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2007-12-16 33792]
R3 US122;US122 Driver;c:\windows\system32\drivers\US122.sys [2004-07-30 217472]
R3 Us122WdmService;US122 Wdm Audio;c:\windows\system32\drivers\US122Wdm.sys [2004-07-30 86648]
S0 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-02-17 7408]
S3 US122DL;US122 Firmware Downloader;c:\windows\system32\drivers\US122DL.sys [2004-07-30 17277]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 12:24 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
2010-01-19 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 13:07]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Tonny\Data aplikací\Mozilla\Firefox\Profiles\q738j6ed.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: network.proxy.ftp - 192.168.10.8
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 192.168.10.8
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - 192.168.10.8
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 192.168.10.8
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 192.168.10.8
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 4
FF - component: c:\_net\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xwsg.dll
FF - component: c:\program files\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: c:\program files\CheckPoint\ZAForceField\TrustChecker\components\TrustCheckerMozillaPlugin.dll
FF - plugin: c:\_net\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: c:\_video\Adobe\AcroRead 7\Reader\browser\nppdf32.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\_net\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-20 00:09
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-1715567821-1979792683-725345543-1003\Software\Zepter Software\RegLib*2c8af0a3\AnyDVD/1]
"1"=dword:45bb7163
"2"=dword:45bb778a
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(800)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > 'lsass.exe'(856)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
- - - - - - - > 'explorer.exe'(1880)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Analog Devices\SoundMAX\SMAgent.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Intel\Intel(R) Active Monitor\imonnt.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-01-20 00:18:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-19 23:18
ComboFix2.txt 2010-01-19 14:20
ComboFix3.txt 2010-01-10 21:17
ComboFix4.txt 2009-02-27 16:22
Před spuštěním: Volných bajtů: 18,743,160,832
Po spuštění: Volných bajtů: 18,970,796,032
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 4E1A07F831DA8216C53958D6A1B3F032
-
Rudy
- Site Admin
- Příspěvky: 119386
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý internet
Log již vypadá čistý.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý internet
Mockrát děkuji!
-
Rudy
- Site Admin
- Příspěvky: 119386
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý internet
Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý internet
Dobrý den,
nechci kvůli jinému problému zakládat nové téma, takže to napíšu sem. Jedná se opět o omezení internetu ze strany UPC (prý odesílám vir). Internetové připojení doma používají celkem 3 mašinky (PC a 2 notebooky). Tuto zprávu píšu z jednoho notebooku, který je sice zabezpečen, ale ještě nikdy jsem s ním nekontroloval RSIT log (zbylé dva už si kontrolu odbyly). Prosím vás tedy o kontrolu:
Logfile of random's system information tool 1.06 (written by random/random)
Run by manďa at 2010-01-22 18:55:56
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 44 GB (19%) free of 230 GB
Total RAM: 2037 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:56:05, on 22.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\MsiExec.exe
C:\Windows\system32\werfault.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\manďa\Desktop\RSIT.exe
C:\Program Files\trend micro\manďa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9730 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{3CF0940F-6DB2-4E9D-B45D-33C12445F641}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-10-25 212992]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-09-30 181544]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-27 202032]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-09-13 222504]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe []
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-10-03 480560]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2006-04-29 94208]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-11-22 1037192]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-01-09 2166784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"AdobeBridge"= []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-01-09 3037696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-05-11 200069]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77d6d68b-fd18-11de-834a-001eec1fad9c}]
shell\AutoRun\command - F:\SamsungSoftware\APPInst.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-01-22 18:45:10 ----D---- C:\Program Files\trend micro
2010-01-22 18:45:06 ----D---- C:\rsit
2010-01-22 18:41:55 ----D---- C:\Program Files\Bonjour
2010-01-22 18:41:30 ----SHD---- C:\Config.Msi
2010-01-17 10:42:48 ----A---- C:\Windows\system32\t2embed.dll
2010-01-17 10:42:47 ----A---- C:\Windows\system32\fontsub.dll
2010-01-09 12:58:46 ----D---- C:\Users\manďa\AppData\Roaming\Spyware Terminator
2010-01-09 12:58:34 ----D---- C:\ProgramData\Spyware Terminator
2010-01-09 12:58:27 ----D---- C:\Program Files\Spyware Terminator
2010-01-09 12:32:05 ----A---- C:\Windows\system32\javaws.exe
2010-01-09 12:32:05 ----A---- C:\Windows\system32\javaw.exe
2010-01-09 12:32:05 ----A---- C:\Windows\system32\java.exe
2010-01-09 12:10:45 ----A---- C:\Windows\system32\vsregexp.dll
2010-01-09 12:10:40 ----A---- C:\Windows\system32\zlcommdb.dll
2010-01-09 12:10:40 ----A---- C:\Windows\system32\zlcomm.dll
2010-01-09 12:10:33 ----A---- C:\Windows\system32\vswmi.dll
2010-01-09 12:10:29 ----A---- C:\Windows\system32\zpeng25.dll
2010-01-09 12:10:28 ----A---- C:\Windows\system32\vsxml.dll
2010-01-09 12:10:27 ----A---- C:\Windows\system32\vspubapi.dll
2010-01-09 12:10:26 ----A---- C:\Windows\system32\vsmonapi.dll
2010-01-09 12:10:22 ----A---- C:\Windows\system32\vsdata.dll
2010-01-09 12:10:03 ----D---- C:\Windows\system32\ZoneLabs
2010-01-09 12:10:01 ----D---- C:\Program Files\Zone Labs
2010-01-09 12:09:35 ----D---- C:\ProgramData\CheckPoint
2010-01-09 12:09:34 ----D---- C:\Windows\Internet Logs
2010-01-09 12:09:33 ----A---- C:\Windows\system32\vsutil.dll
2010-01-09 12:09:33 ----A---- C:\Windows\system32\vsinit.dll
2010-01-06 23:12:17 ----D---- C:\Program Files\FileZilla FTP Client
2009-12-27 19:50:18 ----D---- C:\ProgramData\Avira
2009-12-27 19:50:18 ----D---- C:\Program Files\Avira
2009-12-27 13:41:33 ----D---- C:\Program Files\Windows Portable Devices
2009-12-27 13:38:17 ----A---- C:\Windows\system32\UIAnimation.dll
2009-12-27 13:38:16 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-12-27 13:38:15 ----A---- C:\Windows\system32\UIRibbon.dll
2009-12-27 13:37:40 ----A---- C:\Windows\system32\WMPhoto.dll
2009-12-27 13:37:39 ----A---- C:\Windows\system32\cdd.dll
2009-12-27 13:37:37 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-12-27 13:37:37 ----A---- C:\Windows\system32\d3d10warp.dll
2009-12-27 13:37:36 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-12-27 13:37:36 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-12-27 13:37:36 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-12-27 13:37:36 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-12-27 13:37:36 ----A---- C:\Windows\system32\dxdiagn.dll
2009-12-27 13:37:36 ----A---- C:\Windows\system32\d2d1.dll
2009-12-27 13:37:35 ----A---- C:\Windows\system32\XpsPrint.dll
2009-12-27 13:37:35 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-12-27 13:37:35 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-12-27 13:37:35 ----A---- C:\Windows\system32\OpcServices.dll
2009-12-27 13:37:35 ----A---- C:\Windows\system32\dxdiag.exe
2009-12-27 13:37:34 ----A---- C:\Windows\system32\xpsservices.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\FntCache.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\dxgi.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\DWrite.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\d3d11.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\d3d10level9.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\d3d10core.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-12-27 13:37:33 ----A---- C:\Windows\system32\d3d10_1.dll
2009-12-27 13:37:33 ----A---- C:\Windows\system32\d3d10.dll
2009-12-27 13:36:49 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-12-27 13:36:49 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-12-27 13:36:49 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-12-27 13:36:44 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-12-27 13:36:42 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-12-27 13:36:42 ----A---- C:\Windows\system32\WpdConns.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\WPDSp.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\wpdshext.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\WpdMtp.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\wpd_ci.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-12-27 13:35:20 ----A---- C:\Windows\system32\oleaccrc.dll
2009-12-27 13:35:13 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-12-27 13:35:13 ----A---- C:\Windows\system32\oleacc.dll
2009-12-27 11:13:32 ----D---- C:\ProgramData\Lavasoft
2009-12-27 11:10:33 ----D---- C:\Program Files\Alwil Software
2009-12-26 17:45:08 ----D---- C:\Windows\system32\vi-VN
2009-12-26 17:45:08 ----D---- C:\Windows\system32\eu-ES
2009-12-26 17:45:08 ----D---- C:\Windows\system32\ca-ES
2009-12-26 17:22:54 ----D---- C:\Windows\system32\EventProviders
======List of files/folders modified in the last 1 months======
2010-01-22 18:56:03 ----D---- C:\Windows\Temp
2010-01-22 18:55:52 ----SHD---- C:\Windows\Installer
2010-01-22 18:45:10 ----RD---- C:\Program Files
2010-01-22 18:43:47 ----SHD---- C:\System Volume Information
2010-01-22 18:42:53 ----D---- C:\Windows\system32\catroot
2010-01-22 18:42:48 ----D---- C:\Windows\system32\catroot2
2010-01-22 18:42:43 ----D---- C:\Windows\winsxs
2010-01-22 18:41:55 ----D---- C:\Windows\System32
2010-01-19 16:46:07 ----D---- C:\ProgramData\Microsoft Help
2010-01-19 16:44:16 ----D---- C:\Program Files\Windows Mail
2010-01-17 10:47:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-17 10:47:38 ----D---- C:\Windows\inf
2010-01-17 10:46:22 ----D---- C:\Mandísek
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-09 12:58:59 ----D---- C:\Windows\system32\drivers
2010-01-09 12:58:34 ----HD---- C:\ProgramData
2010-01-09 12:32:16 ----D---- C:\Windows\Prefetch
2010-01-09 12:32:01 ----D---- C:\Program Files\Java
2010-01-09 12:19:33 ----D---- C:\Windows
2010-01-09 11:33:17 ----DC---- C:\Windows\system32\DRVSTORE
2010-01-09 11:19:12 ----D---- C:\Windows\system32\Tasks
2010-01-07 21:24:00 ----D---- C:\Windows\system
2010-01-07 21:23:59 ----RSD---- C:\Windows\Fonts
2010-01-07 21:22:12 ----D---- C:\Users\manďa\AppData\Roaming\Sony
2010-01-07 21:22:12 ----D---- C:\Program Files\Sony
2010-01-07 19:08:18 ----D---- C:\Windows\Tasks
2010-01-06 23:14:08 ----D---- C:\Users\manďa\AppData\Roaming\FileZilla
2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe
2009-12-29 18:14:26 ----D---- C:\Windows\rescache
2009-12-28 20:33:45 ----D---- C:\Windows\Microsoft.NET
2009-12-28 20:33:35 ----RSD---- C:\Windows\assembly
2009-12-27 13:41:36 ----D---- C:\Windows\system32\cs-CZ
2009-12-27 13:41:32 ----D---- C:\Windows\system32\wbem
2009-12-27 13:41:28 ----D---- C:\Windows\system32\uk-UA
2009-12-27 13:41:28 ----D---- C:\Windows\system32\sl-SI
2009-12-27 13:41:28 ----D---- C:\Windows\system32\pt-PT
2009-12-27 13:41:28 ----D---- C:\Windows\system32\pt-BR
2009-12-27 13:41:28 ----D---- C:\Windows\system32\pl-PL
2009-12-27 13:41:28 ----D---- C:\Windows\system32\ko-KR
2009-12-27 13:41:28 ----D---- C:\Windows\system32\it-IT
2009-12-27 13:41:28 ----D---- C:\Windows\system32\hu-HU
2009-12-27 13:41:28 ----D---- C:\Windows\system32\hr-HR
2009-12-27 13:41:28 ----D---- C:\Windows\system32\he-IL
2009-12-27 13:41:28 ----D---- C:\Windows\system32\bg-BG
2009-12-27 13:41:27 ----D---- C:\Windows\system32\zh-TW
2009-12-27 13:41:27 ----D---- C:\Windows\system32\zh-HK
2009-12-27 13:41:27 ----D---- C:\Windows\system32\zh-CN
2009-12-27 13:41:27 ----D---- C:\Windows\system32\tr-TR
2009-12-27 13:41:27 ----D---- C:\Windows\system32\th-TH
2009-12-27 13:41:27 ----D---- C:\Windows\system32\sv-SE
2009-12-27 13:41:27 ----D---- C:\Windows\system32\sr-Latn-CS
2009-12-27 13:41:27 ----D---- C:\Windows\system32\sk-SK
2009-12-27 13:41:27 ----D---- C:\Windows\system32\ru-RU
2009-12-27 13:41:27 ----D---- C:\Windows\system32\ro-RO
2009-12-27 13:41:27 ----D---- C:\Windows\system32\nl-NL
2009-12-27 13:41:27 ----D---- C:\Windows\system32\nb-NO
2009-12-27 13:41:27 ----D---- C:\Windows\system32\lv-LV
2009-12-27 13:41:27 ----D---- C:\Windows\system32\lt-LT
2009-12-27 13:41:27 ----D---- C:\Windows\system32\ja-JP
2009-12-27 13:41:27 ----D---- C:\Windows\system32\fr-FR
2009-12-27 13:41:27 ----D---- C:\Windows\system32\fi-FI
2009-12-27 13:41:27 ----D---- C:\Windows\system32\et-EE
2009-12-27 13:41:27 ----D---- C:\Windows\system32\es-ES
2009-12-27 13:41:27 ----D---- C:\Windows\system32\el-GR
2009-12-27 13:41:27 ----D---- C:\Windows\system32\de-DE
2009-12-27 13:41:27 ----D---- C:\Windows\system32\da-DK
2009-12-27 13:41:27 ----D---- C:\Windows\system32\ar-SA
2009-12-27 13:41:26 ----D---- C:\Windows\system32\en-US
2009-12-26 17:53:20 ----SHD---- C:\boot
2009-12-26 17:48:16 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-12-26 17:45:33 ----D---- C:\Program Files\Windows Sidebar
2009-12-26 17:45:33 ----D---- C:\Program Files\Windows Photo Gallery
2009-12-26 17:45:33 ----D---- C:\Program Files\Windows Media Player
2009-12-26 17:45:33 ----D---- C:\Program Files\Windows Journal
2009-12-26 17:45:33 ----D---- C:\Program Files\Windows Collaboration
2009-12-26 17:45:33 ----D---- C:\Program Files\Windows Calendar
2009-12-26 17:45:33 ----D---- C:\Program Files\Movie Maker
2009-12-26 17:45:33 ----D---- C:\Program Files\Internet Explorer
2009-12-26 17:45:33 ----D---- C:\Program Files\Common Files\System
2009-12-26 17:45:32 ----D---- C:\Windows\servicing
2009-12-26 17:45:32 ----D---- C:\Windows\ehome
2009-12-26 17:45:32 ----D---- C:\Program Files\Windows Defender
2009-12-26 17:45:29 ----D---- C:\Windows\system32\XPSViewer
2009-12-26 17:45:29 ----D---- C:\Windows\IME
2009-12-26 17:45:28 ----D---- C:\Windows\system32\oobe
2009-12-26 17:45:28 ----D---- C:\Windows\system32\migration
2009-12-26 17:45:27 ----D---- C:\Windows\system32\setup
2009-12-26 17:45:27 ----D---- C:\Windows\system32\cs
2009-12-26 17:45:27 ----D---- C:\Windows\system32\AdvancedInstallers
2009-12-26 17:45:26 ----D---- C:\Windows\system32\SLUI
2009-12-26 17:45:26 ----D---- C:\Windows\system32\manifeststore
2009-12-26 17:45:25 ----D---- C:\Windows\system32\migwiz
2009-12-26 17:45:13 ----D---- C:\Windows\AppPatch
2009-12-26 17:45:08 ----D---- C:\Windows\system32\Boot
2009-12-26 17:20:20 ----D---- C:\ProgramData\Symantec
2009-12-26 17:18:40 ----D---- C:\Program Files\Common Files
2009-12-24 09:35:11 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-09-26 25768]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-01-09 142592]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-12-30 28520]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2009-11-22 446664]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-28 56816]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-10-29 162088]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-05-30 735232]
R3 CLEDX;Team H2O CLEDX service; C:\Windows\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-02-26 201728]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2007-04-23 50176]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S2 Nsynas32;Nsynas32; C:\Windows\system32\drivers\Nsynas32.sys [2001-04-09 17784]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-07-07 25280]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-10-11 176640]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 US122;US122 Driver; C:\Windows\System32\Drivers\US122.sys [2003-04-17 215708]
S3 US122DL;US122 Firmware Downloader; C:\Windows\System32\Drivers\US122DL.sys [2003-04-17 17263]
S3 Us122WdmService;US122 Wdm Audio; C:\Windows\System32\Drivers\US122Wdm.sys [2003-04-17 84092]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 vsdatant7;vsdatant7; C:\Windows\System32\drivers\vsdatant.win7.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2006-05-02 135168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-01-09 488960]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2009-11-22 2384240]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-11 655624]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
nechci kvůli jinému problému zakládat nové téma, takže to napíšu sem. Jedná se opět o omezení internetu ze strany UPC (prý odesílám vir). Internetové připojení doma používají celkem 3 mašinky (PC a 2 notebooky). Tuto zprávu píšu z jednoho notebooku, který je sice zabezpečen, ale ještě nikdy jsem s ním nekontroloval RSIT log (zbylé dva už si kontrolu odbyly). Prosím vás tedy o kontrolu:
Logfile of random's system information tool 1.06 (written by random/random)
Run by manďa at 2010-01-22 18:55:56
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 44 GB (19%) free of 230 GB
Total RAM: 2037 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:56:05, on 22.1.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\MsiExec.exe
C:\Windows\system32\werfault.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\manďa\Desktop\RSIT.exe
C:\Program Files\trend micro\manďa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9730 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{3CF0940F-6DB2-4E9D-B45D-33C12445F641}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-10-25 212992]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-09-30 181544]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-27 202032]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-09-13 222504]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"HP Health Check Scheduler"=[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe []
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-10-03 480560]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2006-04-29 94208]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-02-18 2221352]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-11-22 1037192]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-01-09 2166784]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-02-28 1828136]
"AdobeBridge"= []
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-01-09 3037696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H2O]
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-05-11 200069]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{77d6d68b-fd18-11de-834a-001eec1fad9c}]
shell\AutoRun\command - F:\SamsungSoftware\APPInst.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-01-22 18:45:10 ----D---- C:\Program Files\trend micro
2010-01-22 18:45:06 ----D---- C:\rsit
2010-01-22 18:41:55 ----D---- C:\Program Files\Bonjour
2010-01-22 18:41:30 ----SHD---- C:\Config.Msi
2010-01-17 10:42:48 ----A---- C:\Windows\system32\t2embed.dll
2010-01-17 10:42:47 ----A---- C:\Windows\system32\fontsub.dll
2010-01-09 12:58:46 ----D---- C:\Users\manďa\AppData\Roaming\Spyware Terminator
2010-01-09 12:58:34 ----D---- C:\ProgramData\Spyware Terminator
2010-01-09 12:58:27 ----D---- C:\Program Files\Spyware Terminator
2010-01-09 12:32:05 ----A---- C:\Windows\system32\javaws.exe
2010-01-09 12:32:05 ----A---- C:\Windows\system32\javaw.exe
2010-01-09 12:32:05 ----A---- C:\Windows\system32\java.exe
2010-01-09 12:10:45 ----A---- C:\Windows\system32\vsregexp.dll
2010-01-09 12:10:40 ----A---- C:\Windows\system32\zlcommdb.dll
2010-01-09 12:10:40 ----A---- C:\Windows\system32\zlcomm.dll
2010-01-09 12:10:33 ----A---- C:\Windows\system32\vswmi.dll
2010-01-09 12:10:29 ----A---- C:\Windows\system32\zpeng25.dll
2010-01-09 12:10:28 ----A---- C:\Windows\system32\vsxml.dll
2010-01-09 12:10:27 ----A---- C:\Windows\system32\vspubapi.dll
2010-01-09 12:10:26 ----A---- C:\Windows\system32\vsmonapi.dll
2010-01-09 12:10:22 ----A---- C:\Windows\system32\vsdata.dll
2010-01-09 12:10:03 ----D---- C:\Windows\system32\ZoneLabs
2010-01-09 12:10:01 ----D---- C:\Program Files\Zone Labs
2010-01-09 12:09:35 ----D---- C:\ProgramData\CheckPoint
2010-01-09 12:09:34 ----D---- C:\Windows\Internet Logs
2010-01-09 12:09:33 ----A---- C:\Windows\system32\vsutil.dll
2010-01-09 12:09:33 ----A---- C:\Windows\system32\vsinit.dll
2010-01-06 23:12:17 ----D---- C:\Program Files\FileZilla FTP Client
2009-12-27 19:50:18 ----D---- C:\ProgramData\Avira
2009-12-27 19:50:18 ----D---- C:\Program Files\Avira
2009-12-27 13:41:33 ----D---- C:\Program Files\Windows Portable Devices
2009-12-27 13:38:17 ----A---- C:\Windows\system32\UIAnimation.dll
2009-12-27 13:38:16 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-12-27 13:38:15 ----A---- C:\Windows\system32\UIRibbon.dll
2009-12-27 13:37:40 ----A---- C:\Windows\system32\WMPhoto.dll
2009-12-27 13:37:39 ----A---- C:\Windows\system32\cdd.dll
2009-12-27 13:37:37 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-12-27 13:37:37 ----A---- C:\Windows\system32\d3d10warp.dll
2009-12-27 13:37:36 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-12-27 13:37:36 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-12-27 13:37:36 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-12-27 13:37:36 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-12-27 13:37:36 ----A---- C:\Windows\system32\dxdiagn.dll
2009-12-27 13:37:36 ----A---- C:\Windows\system32\d2d1.dll
2009-12-27 13:37:35 ----A---- C:\Windows\system32\XpsPrint.dll
2009-12-27 13:37:35 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-12-27 13:37:35 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-12-27 13:37:35 ----A---- C:\Windows\system32\OpcServices.dll
2009-12-27 13:37:35 ----A---- C:\Windows\system32\dxdiag.exe
2009-12-27 13:37:34 ----A---- C:\Windows\system32\xpsservices.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\FntCache.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\dxgi.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\DWrite.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\d3d11.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\d3d10level9.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\d3d10core.dll
2009-12-27 13:37:34 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-12-27 13:37:33 ----A---- C:\Windows\system32\d3d10_1.dll
2009-12-27 13:37:33 ----A---- C:\Windows\system32\d3d10.dll
2009-12-27 13:36:49 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-12-27 13:36:49 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-12-27 13:36:49 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-12-27 13:36:44 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-12-27 13:36:42 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-12-27 13:36:42 ----A---- C:\Windows\system32\WpdConns.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\WPDSp.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\wpdshext.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\WpdMtp.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\wpd_ci.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-12-27 13:36:41 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-12-27 13:35:20 ----A---- C:\Windows\system32\oleaccrc.dll
2009-12-27 13:35:13 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-12-27 13:35:13 ----A---- C:\Windows\system32\oleacc.dll
2009-12-27 11:13:32 ----D---- C:\ProgramData\Lavasoft
2009-12-27 11:10:33 ----D---- C:\Program Files\Alwil Software
2009-12-26 17:45:08 ----D---- C:\Windows\system32\vi-VN
2009-12-26 17:45:08 ----D---- C:\Windows\system32\eu-ES
2009-12-26 17:45:08 ----D---- C:\Windows\system32\ca-ES
2009-12-26 17:22:54 ----D---- C:\Windows\system32\EventProviders
======List of files/folders modified in the last 1 months======
2010-01-22 18:56:03 ----D---- C:\Windows\Temp
2010-01-22 18:55:52 ----SHD---- C:\Windows\Installer
2010-01-22 18:45:10 ----RD---- C:\Program Files
2010-01-22 18:43:47 ----SHD---- C:\System Volume Information
2010-01-22 18:42:53 ----D---- C:\Windows\system32\catroot
2010-01-22 18:42:48 ----D---- C:\Windows\system32\catroot2
2010-01-22 18:42:43 ----D---- C:\Windows\winsxs
2010-01-22 18:41:55 ----D---- C:\Windows\System32
2010-01-19 16:46:07 ----D---- C:\ProgramData\Microsoft Help
2010-01-19 16:44:16 ----D---- C:\Program Files\Windows Mail
2010-01-17 10:47:39 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-17 10:47:38 ----D---- C:\Windows\inf
2010-01-17 10:46:22 ----D---- C:\Mandísek
2010-01-14 11:12:06 ----N---- C:\Windows\system32\MpSigStub.exe
2010-01-09 12:58:59 ----D---- C:\Windows\system32\drivers
2010-01-09 12:58:34 ----HD---- C:\ProgramData
2010-01-09 12:32:16 ----D---- C:\Windows\Prefetch
2010-01-09 12:32:01 ----D---- C:\Program Files\Java
2010-01-09 12:19:33 ----D---- C:\Windows
2010-01-09 11:33:17 ----DC---- C:\Windows\system32\DRVSTORE
2010-01-09 11:19:12 ----D---- C:\Windows\system32\Tasks
2010-01-07 21:24:00 ----D---- C:\Windows\system
2010-01-07 21:23:59 ----RSD---- C:\Windows\Fonts
2010-01-07 21:22:12 ----D---- C:\Users\manďa\AppData\Roaming\Sony
2010-01-07 21:22:12 ----D---- C:\Program Files\Sony
2010-01-07 19:08:18 ----D---- C:\Windows\Tasks
2010-01-06 23:14:08 ----D---- C:\Users\manďa\AppData\Roaming\FileZilla
2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe
2009-12-29 18:14:26 ----D---- C:\Windows\rescache
2009-12-28 20:33:45 ----D---- C:\Windows\Microsoft.NET
2009-12-28 20:33:35 ----RSD---- C:\Windows\assembly
2009-12-27 13:41:36 ----D---- C:\Windows\system32\cs-CZ
2009-12-27 13:41:32 ----D---- C:\Windows\system32\wbem
2009-12-27 13:41:28 ----D---- C:\Windows\system32\uk-UA
2009-12-27 13:41:28 ----D---- C:\Windows\system32\sl-SI
2009-12-27 13:41:28 ----D---- C:\Windows\system32\pt-PT
2009-12-27 13:41:28 ----D---- C:\Windows\system32\pt-BR
2009-12-27 13:41:28 ----D---- C:\Windows\system32\pl-PL
2009-12-27 13:41:28 ----D---- C:\Windows\system32\ko-KR
2009-12-27 13:41:28 ----D---- C:\Windows\system32\it-IT
2009-12-27 13:41:28 ----D---- C:\Windows\system32\hu-HU
2009-12-27 13:41:28 ----D---- C:\Windows\system32\hr-HR
2009-12-27 13:41:28 ----D---- C:\Windows\system32\he-IL
2009-12-27 13:41:28 ----D---- C:\Windows\system32\bg-BG
2009-12-27 13:41:27 ----D---- C:\Windows\system32\zh-TW
2009-12-27 13:41:27 ----D---- C:\Windows\system32\zh-HK
2009-12-27 13:41:27 ----D---- C:\Windows\system32\zh-CN
2009-12-27 13:41:27 ----D---- C:\Windows\system32\tr-TR
2009-12-27 13:41:27 ----D---- C:\Windows\system32\th-TH
2009-12-27 13:41:27 ----D---- C:\Windows\system32\sv-SE
2009-12-27 13:41:27 ----D---- C:\Windows\system32\sr-Latn-CS
2009-12-27 13:41:27 ----D---- C:\Windows\system32\sk-SK
2009-12-27 13:41:27 ----D---- C:\Windows\system32\ru-RU
2009-12-27 13:41:27 ----D---- C:\Windows\system32\ro-RO
2009-12-27 13:41:27 ----D---- C:\Windows\system32\nl-NL
2009-12-27 13:41:27 ----D---- C:\Windows\system32\nb-NO
2009-12-27 13:41:27 ----D---- C:\Windows\system32\lv-LV
2009-12-27 13:41:27 ----D---- C:\Windows\system32\lt-LT
2009-12-27 13:41:27 ----D---- C:\Windows\system32\ja-JP
2009-12-27 13:41:27 ----D---- C:\Windows\system32\fr-FR
2009-12-27 13:41:27 ----D---- C:\Windows\system32\fi-FI
2009-12-27 13:41:27 ----D---- C:\Windows\system32\et-EE
2009-12-27 13:41:27 ----D---- C:\Windows\system32\es-ES
2009-12-27 13:41:27 ----D---- C:\Windows\system32\el-GR
2009-12-27 13:41:27 ----D---- C:\Windows\system32\de-DE
2009-12-27 13:41:27 ----D---- C:\Windows\system32\da-DK
2009-12-27 13:41:27 ----D---- C:\Windows\system32\ar-SA
2009-12-27 13:41:26 ----D---- C:\Windows\system32\en-US
2009-12-26 17:53:20 ----SHD---- C:\boot
2009-12-26 17:48:16 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-12-26 17:45:33 ----D---- C:\Program Files\Windows Sidebar
2009-12-26 17:45:33 ----D---- C:\Program Files\Windows Photo Gallery
2009-12-26 17:45:33 ----D---- C:\Program Files\Windows Media Player
2009-12-26 17:45:33 ----D---- C:\Program Files\Windows Journal
2009-12-26 17:45:33 ----D---- C:\Program Files\Windows Collaboration
2009-12-26 17:45:33 ----D---- C:\Program Files\Windows Calendar
2009-12-26 17:45:33 ----D---- C:\Program Files\Movie Maker
2009-12-26 17:45:33 ----D---- C:\Program Files\Internet Explorer
2009-12-26 17:45:33 ----D---- C:\Program Files\Common Files\System
2009-12-26 17:45:32 ----D---- C:\Windows\servicing
2009-12-26 17:45:32 ----D---- C:\Windows\ehome
2009-12-26 17:45:32 ----D---- C:\Program Files\Windows Defender
2009-12-26 17:45:29 ----D---- C:\Windows\system32\XPSViewer
2009-12-26 17:45:29 ----D---- C:\Windows\IME
2009-12-26 17:45:28 ----D---- C:\Windows\system32\oobe
2009-12-26 17:45:28 ----D---- C:\Windows\system32\migration
2009-12-26 17:45:27 ----D---- C:\Windows\system32\setup
2009-12-26 17:45:27 ----D---- C:\Windows\system32\cs
2009-12-26 17:45:27 ----D---- C:\Windows\system32\AdvancedInstallers
2009-12-26 17:45:26 ----D---- C:\Windows\system32\SLUI
2009-12-26 17:45:26 ----D---- C:\Windows\system32\manifeststore
2009-12-26 17:45:25 ----D---- C:\Windows\system32\migwiz
2009-12-26 17:45:13 ----D---- C:\Windows\AppPatch
2009-12-26 17:45:08 ----D---- C:\Windows\system32\Boot
2009-12-26 17:20:20 ----D---- C:\ProgramData\Symantec
2009-12-26 17:18:40 ----D---- C:\Program Files\Common Files
2009-12-24 09:35:11 ----D---- C:\Program Files\Mozilla Firefox
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-09-26 25768]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-01-09 142592]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-12-30 28520]
R1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys [2009-11-22 446664]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-28 56816]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-10-29 162088]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-05-30 735232]
R3 CLEDX;Team H2O CLEDX service; C:\Windows\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-02-26 201728]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2007-04-23 50176]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S2 Nsynas32;Nsynas32; C:\Windows\system32\drivers\Nsynas32.sys [2001-04-09 17784]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-07-07 25280]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-10-11 176640]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys []
S3 US122;US122 Driver; C:\Windows\System32\Drivers\US122.sys [2003-04-17 215708]
S3 US122DL;US122 Firmware Downloader; C:\Windows\System32\Drivers\US122DL.sys [2003-04-17 17263]
S3 Us122WdmService;US122 Wdm Audio; C:\Windows\System32\Drivers\US122Wdm.sys [2003-04-17 84092]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-11-07 32000]
S3 vsdatant7;vsdatant7; C:\Windows\System32\drivers\vsdatant.win7.sys []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2006-05-02 135168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936]
R2 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-02-18 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-01-09 488960]
R2 vsmon;TrueVector Internet Monitor; C:\Windows\System32\ZoneLabs\vsmon.exe [2009-11-22 2384240]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-11 655624]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119386
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý internet
Nic nebezpečného nevidím. Dejte log z MBAM: http://www.malwarebytes.org/mbam.php . Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý internet
MBAM nic nenalezl. Ještě zkusím kontrolu přes Aviru. Log z MBAM:
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3616
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882
23.1.2010 13:08:33
mbam-log-2010-01-23 (13-08-33).txt
Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 319153
Uplynulý čas: 1 hour(s), 28 minute(s), 32 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
Malwarebytes' Anti-Malware 1.44
Verze databáze: 3616
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882
23.1.2010 13:08:33
mbam-log-2010-01-23 (13-08-33).txt
Typ kontroly: Kompletní kontrola (C:\|D:\|)
Zkontrolované objekty: 319153
Uplynulý čas: 1 hour(s), 28 minute(s), 32 second(s)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)
Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)
Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)
Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)
Re: Pomalý internet
avira našla:
C:\HP\BIN\EndProcess.exe
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
[NOTE] The file was moved to '4bbf0e6f.qua'!
C:\HP\HPQWare\EasySetup\SetACL.exe
[DETECTION] Contains recognition pattern of the APPL/ACLSet application
[NOTE] The file was moved to '4bcf0e66.qua'!
a Spyware Terminator nějaké cookies...
C:\HP\BIN\EndProcess.exe
[DETECTION] Contains recognition pattern of the APPL/KillApp.A application
[NOTE] The file was moved to '4bbf0e6f.qua'!
C:\HP\HPQWare\EasySetup\SetACL.exe
[DETECTION] Contains recognition pattern of the APPL/ACLSet application
[NOTE] The file was moved to '4bcf0e66.qua'!
a Spyware Terminator nějaké cookies...
-
Rudy
- Site Admin
- Příspěvky: 119386
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý internet
Co s tím Avira udělala? Smazala? Cookies nemohou váš problém způsobovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?