Dobrý den, prosím o kontrolu logu.
Děkuji.
Zde log:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Tuan at 2010-03-04 16:00:44
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (22%) free of 76 GB
Total RAM: 511 MB (10% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:02, on 2010-03-04
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\msa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Program Files\Xilisoft\Video Converter Ultimate\vc5.exe
C:\Documents and Settings\Tuan\Dokumenty\Downloads\Programs\RSIT.exe
C:\Documents and Settings\Tuan\Plocha\Tuan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Hoa\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Hoa\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\DOCUME~1\Tuan\LOCALS~1\Temp\Zjq.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0484785968
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Documents and Settings\Tuan\AppData\LocalLow\Microńoft\redir.dll
O23 - Service: 1115479445 (.1115479445) - Unknown owner - C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\bntr1115479445.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 12812 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-838170752-725345543-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-838170752-725345543-1005UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{EE48918A-0245-4CA9-B03E-8BD1F96EB152}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2007-09-28 95664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2009-11-16 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll [2009-07-16 664888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2007-12-12 222448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Hoa\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Samsung Common SM"=C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe [2005-07-03 372736]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-13 1603152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"reset"=regedit /s reset.reg []
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2009-11-06 2090272]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 40448]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2010-02-10 932864]
"Google Update"=C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-02-07 135664]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"TOY5KNQ8OC"=C:\DOCUME~1\Tuan\LOCALS~1\Temp\Zjq.exe []
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-01-25 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-25 190976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======List of files/folders created in the last 1 months======
2010-03-04 15:14:10 ----A---- C:\WINDOWS\msa.exe
2010-03-02 18:23:01 ----A---- C:\WINDOWS\IE4 Error Log.txt
2010-03-01 20:17:59 ----D---- C:\WINDOWS\Globalization
2010-03-01 20:17:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
2010-02-28 15:19:12 ----A---- C:\WINDOWS\system32\H@tKeysH@@k.DLL
2010-02-27 21:54:44 ----D---- C:\Program Files\Common Files\PCSuite
2010-02-27 21:50:54 ----D---- C:\Program Files\PC Connectivity Solution
2010-02-27 21:49:24 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2010-02-27 21:49:24 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-02-27 18:08:03 ----D---- C:\Documents and Settings\Tuan\Data aplikací\InstallShield Installation Information
2010-02-27 10:25:10 ----D---- C:\Program Files\Common Files\Apple
2010-02-27 10:24:27 ----D---- C:\Program Files\Apple Software Update
2010-02-27 10:24:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2010-02-18 19:23:36 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-02-18 17:13:59 ----A---- C:\WINDOWS\ARCHPR.INI
2010-02-18 17:13:32 ----D---- C:\Program Files\ARCHPR
2010-02-17 20:24:10 ----D---- C:\Program Files\Wondershare
2010-02-17 20:01:06 ----D---- C:\Program Files\Xilisoft
2010-02-17 17:21:42 ----D---- C:\Documents and Settings\Tuan\Data aplikací\nod32 updater
2010-02-14 14:02:30 ----A---- C:\WINDOWS\system32\netcache.dll
2010-02-14 11:07:20 ----A---- C:\WINDOWS\system32\rshsvr.exe
2010-02-14 11:01:12 ----A---- C:\WINDOWS\system32\cryptx86.dll
2010-02-14 11:00:40 ----A---- C:\WINDOWS\system32\X3DAud32.dll
2010-02-11 18:06:31 ----D---- C:\ComboFix
2010-02-11 18:06:21 ----A---- C:\WINDOWS\system32\CF10123.exe
2010-02-11 18:05:45 ----D---- C:\Qoobox
2010-02-11 16:24:44 ----D---- C:\rsit
2010-02-11 15:56:21 ----A---- C:\ErrLog.txt
2010-02-11 15:56:13 ----D---- C:\WINDOWS\Your Product
2010-02-11 06:38:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 18:26:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2010-02-10 18:17:10 ----D---- C:\Documents and Settings\Tuan\Data aplikací\Orbit
2010-02-10 17:44:30 ----D---- C:\Program Files\ATI
2010-02-06 19:48:14 ----A---- C:\WINDOWS\system32\TUKernel.exe
2010-02-06 19:10:16 ----A---- C:\WINDOWS\system32\uxtheme.dll.backup
2010-02-06 19:06:52 ----HD---- C:\WINDOWS\NiwradSoft Shell Pack
2010-02-06 18:17:45 ----D---- C:\Program Files\Trojan Remover
2010-02-06 14:41:21 ----D---- C:\raptor
2010-02-06 14:05:29 ----D---- C:\Program Files\Thoosje
2010-02-06 13:56:45 ----D---- C:\Program Files\Alky for Applications
2010-02-05 19:53:42 ----D---- C:\Program Files\Thoosje Vista Sidebar
======List of files/folders modified in the last 1 months======
2010-03-04 16:02:42 ----D---- C:\WINDOWS\Temp
2010-03-04 15:58:11 ----SD---- C:\WINDOWS\Tasks
2010-03-04 15:44:59 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-04 15:35:04 ----D---- C:\WINDOWS\system32
2010-03-04 15:26:25 ----D---- C:\Program Files\BitComet
2010-03-04 15:25:10 ----D---- C:\Downloads
2010-03-04 15:14:10 ----D---- C:\WINDOWS
2010-03-04 14:42:58 ----D---- C:\Program Files\Mozilla Firefox
2010-03-04 14:42:12 ----D---- C:\Documents and Settings\Tuan\Data aplikací\DMCache
2010-03-04 07:43:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-03 19:58:52 ----D---- C:\Program Files\Valve
2010-03-02 22:05:44 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-01 20:19:28 ----D---- C:\Documents and Settings\Tuan\Data aplikací\Nokia
2010-03-01 20:19:09 ----SHD---- C:\WINDOWS\Installer
2010-03-01 20:18:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-01 20:17:43 ----SHD---- C:\Config.Msi
2010-03-01 20:17:43 ----RSD---- C:\WINDOWS\assembly
2010-03-01 20:17:34 ----RSD---- C:\WINDOWS\Fonts
2010-03-01 20:17:33 ----D---- C:\Program Files\Common Files\Nokia
2010-03-01 20:17:28 ----D---- C:\Program Files\Nokia
2010-03-01 19:01:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2010-02-28 17:32:58 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-02-28 11:10:20 ----RD---- C:\Program Files
2010-02-27 22:03:19 ----D---- C:\WINDOWS\system32\drivers
2010-02-27 22:03:04 ----HD---- C:\WINDOWS\inf
2010-02-27 22:02:26 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-27 21:54:22 ----D---- C:\Program Files\Common Files
2010-02-27 21:51:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-27 21:45:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-02-27 18:07:52 ----D---- C:\Program Files\Rockstar Games
2010-02-26 21:42:31 ----D---- C:\WINDOWS\Prefetch
2010-02-26 19:46:22 ----D---- C:\WINDOWS\Debug
2010-02-25 20:29:58 ----D---- C:\Program Files\DOSBox-0.72
2010-02-24 15:34:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-24 15:33:45 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-20 18:19:10 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-02-19 20:53:00 ----RSH---- C:\boot.ini
2010-02-18 17:04:49 ----D---- C:\Program Files\ESET
2010-02-18 17:01:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-02-17 19:59:12 ----D---- C:\WINDOWS\Minidump
2010-02-11 18:11:01 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-10 22:28:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-10 18:29:21 ----D---- C:\Program Files\Internet Download Manager
2010-02-10 17:45:14 ----D---- C:\Program Files\ATI Technologies
2010-02-10 17:44:56 ----D---- C:\WINDOWS\WinSxS
2010-02-10 17:23:21 ----D---- C:\Documents and Settings\Tuan\Data aplikací\IDM
2010-02-08 22:32:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-08 22:31:17 ----D---- C:\Program Files\Microsoft Works
2010-02-08 22:28:13 ----A---- C:\WINDOWS\win.ini
2010-02-07 14:16:16 ----D---- C:\Program Files\Download Direct
2010-02-06 19:21:27 ----D---- C:\WINDOWS\system32\Restore
2010-02-06 19:21:27 ----D---- C:\Program Files\Windows Media Player
2010-02-06 19:21:27 ----D---- C:\Program Files\Outlook Express
2010-02-06 19:21:27 ----D---- C:\Program Files\Common Files\System
2010-02-06 19:21:26 ----D---- C:\WINDOWS\system32\usmt
2010-02-06 19:21:26 ----D---- C:\WINDOWS\srchasst
2010-02-06 19:21:26 ----D---- C:\Program Files\Windows NT
2010-02-06 19:21:26 ----D---- C:\Program Files\Movie Maker
2010-02-06 19:21:26 ----D---- C:\Program Files\Internet Explorer
2010-02-06 19:21:24 ----D---- C:\WINDOWS\system32\wbem
2010-02-06 19:21:24 ----D---- C:\WINDOWS\system32\oobe
2010-02-06 19:21:24 ----D---- C:\WINDOWS\network diagnostic
2010-02-06 19:21:23 ----D---- C:\WINDOWS\system32\Setup
2010-02-06 19:21:23 ----D---- C:\WINDOWS\msagent
2010-02-06 19:21:22 ----D---- C:\WINDOWS\ime
2010-02-06 19:21:20 ----D---- C:\Program Files\NetMeeting
2010-02-06 19:10:16 ----A---- C:\WINDOWS\system32\uxtheme.dll
2010-02-06 19:05:30 ----D---- C:\WINDOWS\Media
2010-02-06 19:05:29 ----D---- C:\WINDOWS\Cursors
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2008-02-27 3840]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2005-03-14 41984]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-25 1478656]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-29 47360]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
S3 a1wnew13;a1wnew13; C:\WINDOWS\system32\drivers\a1wnew13.sys []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-25 405504]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-08-22 604416]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
R3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-08-22 361216]
S2 .1115479445;1115479445; C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\bntr1115479445.exe []
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-01-26 520192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-10-05 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Podle pravidel fóra se zde nelegálním softwarem nezabýváme (nelegální programy představují bezpečnostní hrozbu).
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte log z RSIT a CKScanner.
Vyberte si třeba free Avast + nějaký firewall http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523
Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe
Obstarejte si legální zabezpečení PC (antivir, firewall), poté sem vložte log z RSIT a CKScanner.
Vyberte si třeba free Avast + nějaký firewall http://www.viry.cz/forum/viewtopic.php?f=29&t=6152 + http://www.viry.cz/forum/viewtopic.php?f=41&t=6523
Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe- Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
- Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.
Re: Prosím o kontrolu logu
Nainstaloval jsem legální zdarma antivirus + firewall (počítač je od strejdy - jeho syn na něm často hraje)
zde je log z CKScanner:
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod.rar
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\eav_nt32_csy.msi
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\crack\crack.exe
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\crack\návod na crack k nod32.doc
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\crack\~$vod na crack k nod32.doc
c:\documents and settings\tuan\dokumenty\downloads\compressed\crack + keygen nfs most wanted\crack + keygen nfs.www.therebels.biz\nfsmw_new_crack.rar
c:\documents and settings\tuan\dokumenty\downloads\compressed\crack + keygen nfs most wanted\crack + keygen nfs.www.therebels.biz\nfsmw_new_crack\nfsmw_new_crack\speed.exe
c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\wga.cracked.exe
c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\www.9down.com.url
c:\documents and settings\tuan\dokumenty\downloads\compressed\xilisoft video converter ultimate 5.1.21 crack\crack.exe
c:\documents and settings\tuan\dokumenty\downloads\rebuilt.xilisoft video converter ultimate.5.2.7.keygen.true\true.nfo
c:\documents and settings\tuan\dokumenty\xilisoft corporation\hd video converter\crack.js
c:\documents and settings\tuan\dokumenty\xilisoft corporation\video converter ultimate\crack.js
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\crack.rar
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\crack\cu.nfo
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\crack\patch.exe
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\crack\www.9down.com.url
c:\program files\bitcomet\torrents\any video converter professional v2.7.6 + crack [rh].torrent
c:\program files\bitcomet\torrents\fifa.2007.keygen.torrent
c:\program files\bitcomet\torrents\fifa.2007.keygen[0].torrent
c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].torrent
c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].xml
c:\program files\rockstar games\gta san andreas\data\decision\craig\crack1.ped
c:\program files\valve\cstrike\maps\cs_crackhouse.bsp
c:\program files\xilisoft\video converter ultimate\script\crack.js
c:\windows\prefetch\win rar keygen.exe-00955ac5.pf
scanner sequence 3.ZZ.11
----- EOF -----
a z RSIT (nyní):
Logfile of random's system information tool 1.06 (written by random/random)
Run by Tuan at 2010-03-04 17:31:11
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (22%) free of 76 GB
Total RAM: 511 MB (21% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:31, on 2010-03-04
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\msa.exe
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\Tuan\Dokumenty\Downloads\Programs\CKScanner.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Tuan\Dokumenty\Downloads\Programs\RSIT.exe
C:\Documents and Settings\Tuan\Plocha\Tuan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Hoa\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Hoa\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\DOCUME~1\Tuan\LOCALS~1\Temp\Zjq.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0484785968
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Documents and Settings\Tuan\AppData\LocalLow\Microńoft\redir.dll
O23 - Service: 1115479445 (.1115479445) - Unknown owner - C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\bntr1115479445.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 13206 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-838170752-725345543-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-838170752-725345543-1005UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{EE48918A-0245-4CA9-B03E-8BD1F96EB152}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2007-09-28 95664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2009-11-16 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll [2009-07-16 664888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2007-12-12 222448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Hoa\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Samsung Common SM"=C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe [2005-07-03 372736]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-13 1603152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"reset"=regedit /s reset.reg []
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2009-11-06 2090272]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 40448]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2010-02-10 932864]
"Google Update"=C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-02-07 135664]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"TOY5KNQ8OC"=C:\DOCUME~1\Tuan\LOCALS~1\Temp\Zjq.exe []
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-01-25 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-25 190976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======List of files/folders created in the last 1 months======
2010-03-04 17:13:47 ----D---- C:\Program Files\Sunbelt Software
2010-03-04 16:52:51 ----D---- C:\Program Files\Avira
2010-03-04 16:52:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2010-03-04 16:35:05 ----D---- C:\Documents and Settings\Tuan\Data aplikací\AVG8
2010-03-04 15:14:10 ----A---- C:\WINDOWS\msa.exe
2010-03-02 18:23:01 ----A---- C:\WINDOWS\IE4 Error Log.txt
2010-03-01 20:17:59 ----D---- C:\WINDOWS\Globalization
2010-03-01 20:17:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
2010-02-28 15:19:12 ----A---- C:\WINDOWS\system32\H@tKeysH@@k.DLL
2010-02-27 21:54:44 ----D---- C:\Program Files\Common Files\PCSuite
2010-02-27 21:50:54 ----D---- C:\Program Files\PC Connectivity Solution
2010-02-27 21:49:24 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2010-02-27 21:49:24 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-02-27 18:08:03 ----D---- C:\Documents and Settings\Tuan\Data aplikací\InstallShield Installation Information
2010-02-27 10:25:10 ----D---- C:\Program Files\Common Files\Apple
2010-02-27 10:24:27 ----D---- C:\Program Files\Apple Software Update
2010-02-27 10:24:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2010-02-18 19:23:36 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-02-18 17:13:59 ----A---- C:\WINDOWS\ARCHPR.INI
2010-02-18 17:13:32 ----D---- C:\Program Files\ARCHPR
2010-02-17 20:24:10 ----D---- C:\Program Files\Wondershare
2010-02-17 20:01:06 ----D---- C:\Program Files\Xilisoft
2010-02-17 17:21:42 ----D---- C:\Documents and Settings\Tuan\Data aplikací\nod32 updater
2010-02-14 14:02:30 ----A---- C:\WINDOWS\system32\netcache.dll
2010-02-14 11:07:20 ----A---- C:\WINDOWS\system32\rshsvr.exe
2010-02-14 11:01:12 ----A---- C:\WINDOWS\system32\cryptx86.dll
2010-02-14 11:00:40 ----A---- C:\WINDOWS\system32\X3DAud32.dll
2010-02-11 18:06:31 ----D---- C:\ComboFix
2010-02-11 18:06:21 ----A---- C:\WINDOWS\system32\CF10123.exe
2010-02-11 18:05:45 ----D---- C:\Qoobox
2010-02-11 16:24:44 ----D---- C:\rsit
2010-02-11 15:56:21 ----A---- C:\ErrLog.txt
2010-02-11 15:56:13 ----D---- C:\WINDOWS\Your Product
2010-02-11 06:38:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 18:26:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2010-02-10 18:17:10 ----D---- C:\Documents and Settings\Tuan\Data aplikací\Orbit
2010-02-10 17:44:30 ----D---- C:\Program Files\ATI
2010-02-06 19:48:14 ----A---- C:\WINDOWS\system32\TUKernel.exe
2010-02-06 19:10:16 ----A---- C:\WINDOWS\system32\uxtheme.dll.backup
2010-02-06 19:06:52 ----HD---- C:\WINDOWS\NiwradSoft Shell Pack
2010-02-06 18:17:45 ----D---- C:\Program Files\Trojan Remover
2010-02-06 14:41:21 ----D---- C:\raptor
2010-02-06 14:05:29 ----D---- C:\Program Files\Thoosje
2010-02-06 13:56:45 ----D---- C:\Program Files\Alky for Applications
2010-02-05 19:53:42 ----D---- C:\Program Files\Thoosje Vista Sidebar
======List of files/folders modified in the last 1 months======
2010-03-04 17:24:43 ----D---- C:\Program Files\Internet Download Manager
2010-03-04 17:21:56 ----D---- C:\WINDOWS\system32
2010-03-04 17:21:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-04 17:19:42 ----D---- C:\WINDOWS\Temp
2010-03-04 17:19:40 ----D---- C:\Program Files\Mozilla Firefox
2010-03-04 17:19:36 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-04 17:19:12 ----D---- C:\WINDOWS
2010-03-04 17:17:22 ----D---- C:\Documents and Settings\Tuan\Data aplikací\DMCache
2010-03-04 17:17:15 ----SD---- C:\WINDOWS\Tasks
2010-03-04 17:15:17 ----SHD---- C:\WINDOWS\Installer
2010-03-04 17:15:17 ----SHD---- C:\Config.Msi
2010-03-04 17:15:00 ----HD---- C:\WINDOWS\inf
2010-03-04 17:14:23 ----D---- C:\WINDOWS\system32\drivers
2010-03-04 17:14:08 ----D---- C:\Program Files\BitComet
2010-03-04 17:13:47 ----RD---- C:\Program Files
2010-03-04 17:12:54 ----D---- C:\Downloads
2010-03-04 17:05:12 ----HD---- C:\WINDOWS\system32\GroupPolicy
2010-03-04 16:52:19 ----D---- C:\WINDOWS\WinSxS
2010-03-04 16:15:08 ----D---- C:\Documents and Settings\Tuan\Data aplikací\IDM
2010-03-04 15:44:59 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-04 07:43:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-03 19:58:52 ----D---- C:\Program Files\Valve
2010-03-01 20:19:28 ----D---- C:\Documents and Settings\Tuan\Data aplikací\Nokia
2010-03-01 20:17:43 ----RSD---- C:\WINDOWS\assembly
2010-03-01 20:17:34 ----RSD---- C:\WINDOWS\Fonts
2010-03-01 20:17:33 ----D---- C:\Program Files\Common Files\Nokia
2010-03-01 20:17:28 ----D---- C:\Program Files\Nokia
2010-03-01 19:01:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2010-02-28 17:32:58 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-02-27 22:02:26 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-27 21:54:22 ----D---- C:\Program Files\Common Files
2010-02-27 21:51:37 ----D---- C:\Program Files\DIFX
2010-02-27 21:51:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-27 21:45:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-02-27 18:07:52 ----D---- C:\Program Files\Rockstar Games
2010-02-26 21:42:31 ----D---- C:\WINDOWS\Prefetch
2010-02-26 19:46:22 ----D---- C:\WINDOWS\Debug
2010-02-25 20:29:58 ----D---- C:\Program Files\DOSBox-0.72
2010-02-24 15:34:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-24 15:33:45 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-20 18:19:10 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-02-19 20:53:00 ----RSH---- C:\boot.ini
2010-02-18 17:04:49 ----D---- C:\Program Files\ESET
2010-02-18 17:01:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-02-17 19:59:12 ----D---- C:\WINDOWS\Minidump
2010-02-11 18:11:01 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-10 22:28:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-10 17:45:14 ----D---- C:\Program Files\ATI Technologies
2010-02-08 22:32:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-08 22:31:17 ----D---- C:\Program Files\Microsoft Works
2010-02-08 22:28:13 ----A---- C:\WINDOWS\win.ini
2010-02-07 14:16:16 ----D---- C:\Program Files\Download Direct
2010-02-06 19:21:27 ----D---- C:\WINDOWS\system32\Restore
2010-02-06 19:21:27 ----D---- C:\Program Files\Windows Media Player
2010-02-06 19:21:27 ----D---- C:\Program Files\Outlook Express
2010-02-06 19:21:27 ----D---- C:\Program Files\Common Files\System
2010-02-06 19:21:26 ----D---- C:\WINDOWS\system32\usmt
2010-02-06 19:21:26 ----D---- C:\WINDOWS\srchasst
2010-02-06 19:21:26 ----D---- C:\Program Files\Windows NT
2010-02-06 19:21:26 ----D---- C:\Program Files\Movie Maker
2010-02-06 19:21:26 ----D---- C:\Program Files\Internet Explorer
2010-02-06 19:21:24 ----D---- C:\WINDOWS\system32\wbem
2010-02-06 19:21:24 ----D---- C:\WINDOWS\system32\oobe
2010-02-06 19:21:24 ----D---- C:\WINDOWS\network diagnostic
2010-02-06 19:21:23 ----D---- C:\WINDOWS\system32\Setup
2010-02-06 19:21:23 ----D---- C:\WINDOWS\msagent
2010-02-06 19:21:22 ----D---- C:\WINDOWS\ime
2010-02-06 19:21:20 ----D---- C:\Program Files\NetMeeting
2010-02-06 19:10:16 ----A---- C:\WINDOWS\system32\uxtheme.dll
2010-02-06 19:05:30 ----D---- C:\WINDOWS\Media
2010-02-06 19:05:29 ----D---- C:\WINDOWS\Cursors
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2008-02-27 3840]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
R2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2005-03-14 41984]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-25 1478656]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-29 47360]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 ayef8eu8;ayef8eu8; C:\WINDOWS\system32\drivers\ayef8eu8.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-25 405504]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-08-22 604416]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 .1115479445;1115479445; C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\bntr1115479445.exe []
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-01-26 520192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-10-05 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-08-22 361216]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
-----------------EOF-----------------
zde je log z CKScanner:
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod.rar
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\eav_nt32_csy.msi
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\crack\crack.exe
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\crack\návod na crack k nod32.doc
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\crack\~$vod na crack k nod32.doc
c:\documents and settings\tuan\dokumenty\downloads\compressed\crack + keygen nfs most wanted\crack + keygen nfs.www.therebels.biz\nfsmw_new_crack.rar
c:\documents and settings\tuan\dokumenty\downloads\compressed\crack + keygen nfs most wanted\crack + keygen nfs.www.therebels.biz\nfsmw_new_crack\nfsmw_new_crack\speed.exe
c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\wga.cracked.exe
c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\www.9down.com.url
c:\documents and settings\tuan\dokumenty\downloads\compressed\xilisoft video converter ultimate 5.1.21 crack\crack.exe
c:\documents and settings\tuan\dokumenty\downloads\rebuilt.xilisoft video converter ultimate.5.2.7.keygen.true\true.nfo
c:\documents and settings\tuan\dokumenty\xilisoft corporation\hd video converter\crack.js
c:\documents and settings\tuan\dokumenty\xilisoft corporation\video converter ultimate\crack.js
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\crack.rar
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\crack\cu.nfo
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\crack\patch.exe
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\crack\www.9down.com.url
c:\program files\bitcomet\torrents\any video converter professional v2.7.6 + crack [rh].torrent
c:\program files\bitcomet\torrents\fifa.2007.keygen.torrent
c:\program files\bitcomet\torrents\fifa.2007.keygen[0].torrent
c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].torrent
c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].xml
c:\program files\rockstar games\gta san andreas\data\decision\craig\crack1.ped
c:\program files\valve\cstrike\maps\cs_crackhouse.bsp
c:\program files\xilisoft\video converter ultimate\script\crack.js
c:\windows\prefetch\win rar keygen.exe-00955ac5.pf
scanner sequence 3.ZZ.11
----- EOF -----
a z RSIT (nyní):
Logfile of random's system information tool 1.06 (written by random/random)
Run by Tuan at 2010-03-04 17:31:11
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 17 GB (22%) free of 76 GB
Total RAM: 511 MB (21% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:31, on 2010-03-04
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\msa.exe
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Documents and Settings\Tuan\Dokumenty\Downloads\Programs\CKScanner.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Tuan\Dokumenty\Downloads\Programs\RSIT.exe
C:\Documents and Settings\Tuan\Plocha\Tuan.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Hoa\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Hoa\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [TOY5KNQ8OC] C:\DOCUME~1\Tuan\LOCALS~1\Temp\Zjq.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0484785968
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} - C:\Documents and Settings\Tuan\AppData\LocalLow\Microńoft\redir.dll
O23 - Service: 1115479445 (.1115479445) - Unknown owner - C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\bntr1115479445.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 13206 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-838170752-725345543-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-602162358-838170752-725345543-1005UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{EE48918A-0245-4CA9-B03E-8BD1F96EB152}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2007-09-28 95664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2009-11-16 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll [2009-07-16 664888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2007-12-12 222448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Hoa\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Samsung Common SM"=C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe [2005-07-03 372736]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-13 1603152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"reset"=regedit /s reset.reg []
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2009-11-06 2090272]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 40448]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2010-02-10 932864]
"Google Update"=C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-02-07 135664]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"TOY5KNQ8OC"=C:\DOCUME~1\Tuan\LOCALS~1\Temp\Zjq.exe []
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-01-25 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-25 190976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======List of files/folders created in the last 1 months======
2010-03-04 17:13:47 ----D---- C:\Program Files\Sunbelt Software
2010-03-04 16:52:51 ----D---- C:\Program Files\Avira
2010-03-04 16:52:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2010-03-04 16:35:05 ----D---- C:\Documents and Settings\Tuan\Data aplikací\AVG8
2010-03-04 15:14:10 ----A---- C:\WINDOWS\msa.exe
2010-03-02 18:23:01 ----A---- C:\WINDOWS\IE4 Error Log.txt
2010-03-01 20:17:59 ----D---- C:\WINDOWS\Globalization
2010-03-01 20:17:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
2010-02-28 15:19:12 ----A---- C:\WINDOWS\system32\H@tKeysH@@k.DLL
2010-02-27 21:54:44 ----D---- C:\Program Files\Common Files\PCSuite
2010-02-27 21:50:54 ----D---- C:\Program Files\PC Connectivity Solution
2010-02-27 21:49:24 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2010-02-27 21:49:24 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-02-27 18:08:03 ----D---- C:\Documents and Settings\Tuan\Data aplikací\InstallShield Installation Information
2010-02-27 10:25:10 ----D---- C:\Program Files\Common Files\Apple
2010-02-27 10:24:27 ----D---- C:\Program Files\Apple Software Update
2010-02-27 10:24:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2010-02-18 19:23:36 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-02-18 17:13:59 ----A---- C:\WINDOWS\ARCHPR.INI
2010-02-18 17:13:32 ----D---- C:\Program Files\ARCHPR
2010-02-17 20:24:10 ----D---- C:\Program Files\Wondershare
2010-02-17 20:01:06 ----D---- C:\Program Files\Xilisoft
2010-02-17 17:21:42 ----D---- C:\Documents and Settings\Tuan\Data aplikací\nod32 updater
2010-02-14 14:02:30 ----A---- C:\WINDOWS\system32\netcache.dll
2010-02-14 11:07:20 ----A---- C:\WINDOWS\system32\rshsvr.exe
2010-02-14 11:01:12 ----A---- C:\WINDOWS\system32\cryptx86.dll
2010-02-14 11:00:40 ----A---- C:\WINDOWS\system32\X3DAud32.dll
2010-02-11 18:06:31 ----D---- C:\ComboFix
2010-02-11 18:06:21 ----A---- C:\WINDOWS\system32\CF10123.exe
2010-02-11 18:05:45 ----D---- C:\Qoobox
2010-02-11 16:24:44 ----D---- C:\rsit
2010-02-11 15:56:21 ----A---- C:\ErrLog.txt
2010-02-11 15:56:13 ----D---- C:\WINDOWS\Your Product
2010-02-11 06:38:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 18:26:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2010-02-10 18:17:10 ----D---- C:\Documents and Settings\Tuan\Data aplikací\Orbit
2010-02-10 17:44:30 ----D---- C:\Program Files\ATI
2010-02-06 19:48:14 ----A---- C:\WINDOWS\system32\TUKernel.exe
2010-02-06 19:10:16 ----A---- C:\WINDOWS\system32\uxtheme.dll.backup
2010-02-06 19:06:52 ----HD---- C:\WINDOWS\NiwradSoft Shell Pack
2010-02-06 18:17:45 ----D---- C:\Program Files\Trojan Remover
2010-02-06 14:41:21 ----D---- C:\raptor
2010-02-06 14:05:29 ----D---- C:\Program Files\Thoosje
2010-02-06 13:56:45 ----D---- C:\Program Files\Alky for Applications
2010-02-05 19:53:42 ----D---- C:\Program Files\Thoosje Vista Sidebar
======List of files/folders modified in the last 1 months======
2010-03-04 17:24:43 ----D---- C:\Program Files\Internet Download Manager
2010-03-04 17:21:56 ----D---- C:\WINDOWS\system32
2010-03-04 17:21:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-04 17:19:42 ----D---- C:\WINDOWS\Temp
2010-03-04 17:19:40 ----D---- C:\Program Files\Mozilla Firefox
2010-03-04 17:19:36 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-04 17:19:12 ----D---- C:\WINDOWS
2010-03-04 17:17:22 ----D---- C:\Documents and Settings\Tuan\Data aplikací\DMCache
2010-03-04 17:17:15 ----SD---- C:\WINDOWS\Tasks
2010-03-04 17:15:17 ----SHD---- C:\WINDOWS\Installer
2010-03-04 17:15:17 ----SHD---- C:\Config.Msi
2010-03-04 17:15:00 ----HD---- C:\WINDOWS\inf
2010-03-04 17:14:23 ----D---- C:\WINDOWS\system32\drivers
2010-03-04 17:14:08 ----D---- C:\Program Files\BitComet
2010-03-04 17:13:47 ----RD---- C:\Program Files
2010-03-04 17:12:54 ----D---- C:\Downloads
2010-03-04 17:05:12 ----HD---- C:\WINDOWS\system32\GroupPolicy
2010-03-04 16:52:19 ----D---- C:\WINDOWS\WinSxS
2010-03-04 16:15:08 ----D---- C:\Documents and Settings\Tuan\Data aplikací\IDM
2010-03-04 15:44:59 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-04 07:43:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-03 19:58:52 ----D---- C:\Program Files\Valve
2010-03-01 20:19:28 ----D---- C:\Documents and Settings\Tuan\Data aplikací\Nokia
2010-03-01 20:17:43 ----RSD---- C:\WINDOWS\assembly
2010-03-01 20:17:34 ----RSD---- C:\WINDOWS\Fonts
2010-03-01 20:17:33 ----D---- C:\Program Files\Common Files\Nokia
2010-03-01 20:17:28 ----D---- C:\Program Files\Nokia
2010-03-01 19:01:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2010-02-28 17:32:58 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-02-27 22:02:26 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-27 21:54:22 ----D---- C:\Program Files\Common Files
2010-02-27 21:51:37 ----D---- C:\Program Files\DIFX
2010-02-27 21:51:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-27 21:45:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-02-27 18:07:52 ----D---- C:\Program Files\Rockstar Games
2010-02-26 21:42:31 ----D---- C:\WINDOWS\Prefetch
2010-02-26 19:46:22 ----D---- C:\WINDOWS\Debug
2010-02-25 20:29:58 ----D---- C:\Program Files\DOSBox-0.72
2010-02-24 15:34:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-24 15:33:45 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-20 18:19:10 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-02-19 20:53:00 ----RSH---- C:\boot.ini
2010-02-18 17:04:49 ----D---- C:\Program Files\ESET
2010-02-18 17:01:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-02-17 19:59:12 ----D---- C:\WINDOWS\Minidump
2010-02-11 18:11:01 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-10 22:28:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-10 17:45:14 ----D---- C:\Program Files\ATI Technologies
2010-02-08 22:32:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-08 22:31:17 ----D---- C:\Program Files\Microsoft Works
2010-02-08 22:28:13 ----A---- C:\WINDOWS\win.ini
2010-02-07 14:16:16 ----D---- C:\Program Files\Download Direct
2010-02-06 19:21:27 ----D---- C:\WINDOWS\system32\Restore
2010-02-06 19:21:27 ----D---- C:\Program Files\Windows Media Player
2010-02-06 19:21:27 ----D---- C:\Program Files\Outlook Express
2010-02-06 19:21:27 ----D---- C:\Program Files\Common Files\System
2010-02-06 19:21:26 ----D---- C:\WINDOWS\system32\usmt
2010-02-06 19:21:26 ----D---- C:\WINDOWS\srchasst
2010-02-06 19:21:26 ----D---- C:\Program Files\Windows NT
2010-02-06 19:21:26 ----D---- C:\Program Files\Movie Maker
2010-02-06 19:21:26 ----D---- C:\Program Files\Internet Explorer
2010-02-06 19:21:24 ----D---- C:\WINDOWS\system32\wbem
2010-02-06 19:21:24 ----D---- C:\WINDOWS\system32\oobe
2010-02-06 19:21:24 ----D---- C:\WINDOWS\network diagnostic
2010-02-06 19:21:23 ----D---- C:\WINDOWS\system32\Setup
2010-02-06 19:21:23 ----D---- C:\WINDOWS\msagent
2010-02-06 19:21:22 ----D---- C:\WINDOWS\ime
2010-02-06 19:21:20 ----D---- C:\Program Files\NetMeeting
2010-02-06 19:10:16 ----A---- C:\WINDOWS\system32\uxtheme.dll
2010-02-06 19:05:30 ----D---- C:\WINDOWS\Media
2010-02-06 19:05:29 ----D---- C:\WINDOWS\Cursors
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2008-02-27 3840]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
R2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2005-03-14 41984]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-25 1478656]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-29 47360]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 ayef8eu8;ayef8eu8; C:\WINDOWS\system32\drivers\ayef8eu8.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-25 405504]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-08-22 604416]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 .1115479445;1115479445; C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\bntr1115479445.exe []
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-01-26 520192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-10-05 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-08-22 361216]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrází stránka s licenčnímy podmínkami, pokračujte stisknutím tlačítka "Ano" Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna 
Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte. Během skenování může být počítač restartován.Re: Prosím o kontrolu logu
Zde je ComboFix Log:
ComboFix 10-03-03.09 - Tuan 2010-03-04 18:07:17.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.511.169 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tuan\Dokumenty\Downloads\Programs\mrcha.com.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\ErrLog.txt
c:\windows\msa.exe
c:\windows\system32\detoured.dll
c:\windows\system32\Thumbs.db
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
c:\windows\system32\midimap.dll . . . je infikován!!
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-04 do 2010-03-04 )))))))))))))))))))))))))))))))
.
2010-03-04 16:14 . 2008-06-21 03:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-03-04 16:14 . 2008-10-31 06:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2010-03-04 16:13 . 2010-03-04 16:13 -------- d-----w- c:\program files\Sunbelt Software
2010-03-04 15:52 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-03-04 15:52 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-03-04 15:52 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-03-04 15:52 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-03-04 15:52 . 2010-03-04 15:52 -------- d-----w- c:\program files\Avira
2010-03-01 19:17 . 2010-03-01 19:18 -------- d-----w- c:\windows\Globalization
2010-02-28 14:19 . 2010-02-28 14:21 20480 ----a-w- c:\windows\system32\H@tKeysH@@k.DLL
2010-02-27 20:54 . 2010-02-27 20:54 -------- d-----w- c:\program files\Common Files\PCSuite
2010-02-27 20:51 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-02-27 20:50 . 2010-02-27 20:51 -------- d-----w- c:\program files\PC Connectivity Solution
2010-02-27 20:49 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-02-27 20:49 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-02-27 20:49 . 2009-10-06 10:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-02-27 20:49 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2010-02-27 20:49 . 2009-10-06 10:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-02-27 20:49 . 2009-10-06 10:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-02-27 09:25 . 2010-02-27 09:25 -------- d-----w- c:\program files\Common Files\Apple
2010-02-27 09:24 . 2010-02-27 09:24 -------- d-----w- c:\program files\Apple Software Update
2010-02-26 18:42 . 2010-02-26 18:42 -------- d-----w- c:\documents and settings\Tuan\AppData
2010-02-21 12:34 . 2010-02-21 12:34 -------- d-s---w- c:\documents and settings\LocalService\Dokumenty
2010-02-21 12:34 . 2010-02-21 12:34 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-02-20 17:28 . 2005-06-06 17:06 14448 ------w- c:\windows\system32\drivers\wg6n.sys
2010-02-20 17:28 . 2005-06-06 17:06 14448 ------w- c:\windows\system32\drivers\wg5n.sys
2010-02-20 17:28 . 2005-06-06 17:05 14448 ------w- c:\windows\system32\drivers\wg4n.sys
2010-02-18 18:23 . 2010-02-20 17:22 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-18 16:13 . 2010-02-18 16:14 -------- d-----w- c:\program files\ARCHPR
2010-02-17 19:24 . 2010-02-17 19:37 -------- d-----w- c:\program files\Wondershare
2010-02-17 19:01 . 2010-03-04 14:34 -------- d-----w- c:\program files\Xilisoft
2010-02-14 13:02 . 2010-02-14 13:11 219124 ----a-w- c:\windows\system32\netcache.dll
2010-02-14 10:07 . 2010-02-14 10:07 2625536 ----a-w- c:\windows\system32\rshsvr.exe
2010-02-14 10:00 . 2010-02-14 10:00 135168 ----a-w- c:\windows\system32\X3DAud32.dll
2010-02-11 17:06 . 2010-03-04 16:51 -------- d-----w- C:\ComboFix
2010-02-11 17:06 . 2010-02-11 17:05 391680 ----a-w- c:\windows\system32\CF10123.exe
2010-02-11 15:24 . 2010-02-11 15:25 -------- d-----w- C:\rsit
2010-02-11 14:56 . 2010-02-11 14:56 19968 ----a-w- c:\windows\system32\drivers\services.exe.vir
2010-02-11 14:56 . 2010-02-11 14:56 -------- d-----w- c:\windows\Your Product
2010-02-10 16:44 . 2010-02-10 16:44 -------- d-----w- c:\program files\ATI
2010-02-06 18:48 . 2010-02-19 19:52 2331008 ----a-w- c:\windows\system32\TUKernel.exe
2010-02-06 18:06 . 2010-02-06 18:19 -------- d--h--w- c:\windows\NiwradSoft Shell Pack
2010-02-06 17:17 . 2010-02-20 17:23 -------- d-----w- c:\program files\Trojan Remover
2010-02-06 13:41 . 2010-02-20 21:31 -------- d-----w- C:\raptor
2010-02-06 13:05 . 2010-02-07 12:58 -------- d-----w- c:\program files\Thoosje
2010-02-06 12:56 . 2010-02-06 12:56 -------- d-----w- c:\program files\Alky for Applications
2010-02-05 18:53 . 2010-02-05 18:57 -------- d-----w- c:\program files\Thoosje Vista Sidebar
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-04 16:59 . 2001-10-25 14:00 90258 ----a-w- c:\windows\system32\perfc005.dat
2010-03-04 16:59 . 2001-10-25 14:00 460786 ----a-w- c:\windows\system32\perfh005.dat
2010-03-04 16:24 . 2010-01-24 18:48 -------- d-----w- c:\program files\Internet Download Manager
2010-03-04 16:14 . 2008-09-06 09:53 -------- d-----w- c:\program files\BitComet
2010-03-03 18:58 . 2010-02-01 15:08 -------- d-----w- c:\program files\Valve
2010-03-01 19:17 . 2009-05-18 15:50 -------- d-----w- c:\program files\Common Files\Nokia
2010-03-01 19:17 . 2009-05-18 15:49 -------- d-----w- c:\program files\Nokia
2010-02-28 16:32 . 2008-09-06 12:48 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-27 21:03 . 2010-02-27 21:03 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-27 21:03 . 2010-02-27 21:03 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-02-27 20:51 . 2008-09-03 21:00 -------- d-----w- c:\program files\DIFX
2010-02-27 17:07 . 2009-10-29 16:50 -------- d-----w- c:\program files\Rockstar Games
2010-02-25 19:29 . 2009-06-03 11:31 -------- d-----w- c:\program files\DOSBox-0.72
2010-02-18 16:04 . 2009-08-04 08:28 -------- d-----w- c:\program files\ESET
2010-02-11 17:11 . 2009-12-26 14:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-10 16:45 . 2008-09-03 20:52 -------- d-----w- c:\program files\ATI Technologies
2010-02-08 21:31 . 2009-06-06 12:42 -------- d-----w- c:\program files\Microsoft Works
2010-02-07 13:16 . 2010-01-30 12:48 -------- d-----w- c:\program files\Download Direct
2010-02-06 18:10 . 2004-08-17 13:49 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-01-31 18:23 . 2010-01-31 18:23 -------- d-----w- c:\program files\Common Files\EasyInfo
2010-01-30 16:34 . 2010-01-28 17:41 -------- d-----w- c:\program files\Multi Theft Auto
2010-01-28 17:14 . 2010-01-28 17:14 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-28 17:13 . 2009-08-08 15:18 -------- d-----w- c:\program files\TuneUp Utilities 2009
2010-01-28 16:38 . 2010-01-28 16:37 -------- d-----w- c:\program files\RocketDock
2010-01-26 16:26 . 2008-09-03 20:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-26 16:15 . 2010-01-26 16:15 -------- d-----w- c:\program files\Astroburn Lite
2010-01-26 16:15 . 2009-12-02 16:49 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-01-26 16:15 . 2010-01-26 16:15 -------- d-----w- c:\program files\Astroburn Toolbar
2010-01-24 19:20 . 2008-09-03 21:52 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-24 13:09 . 2010-01-24 13:02 5368 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-01-24 13:09 . 2010-01-24 11:37 71910 ----a-w- c:\windows\BricoPackUninst.cmd
2010-01-23 21:21 . 2008-11-06 19:31 -------- d-----w- c:\program files\Common Files\Nero
2010-01-23 19:44 . 2008-11-06 19:31 -------- d-----w- c:\program files\Nero
2010-01-23 15:54 . 2010-01-18 21:48 -------- d-----w- c:\program files\8ee2867e7ef9f99331d53e95b62d40
2010-01-21 14:53 . 2008-09-03 22:46 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 21:43 . 2010-01-18 21:42 -------- d-----w- c:\program files\da0873f77db6d46b9cc963
2010-01-17 17:35 . 2009-06-06 12:41 -------- d-----w- c:\program files\MSBuild
2010-01-17 17:35 . 2010-01-17 17:35 -------- d-----w- c:\program files\Reference Assemblies
2010-01-13 16:37 . 2008-09-03 21:04 -------- d-----w- c:\program files\Yahoo!
2010-01-11 20:40 . 2010-01-10 13:47 -------- d-----w- c:\program files\Windows Desktop Search
2010-01-11 14:14 . 2010-01-11 14:14 -------- d-----w- c:\program files\Last.fm
2010-01-07 15:07 . 2009-12-26 14:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-12-26 14:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-03 18:22 . 2010-01-03 18:22 -------- d-----w- c:\program files\Lavalys
2009-12-31 16:50 . 2004-08-03 21:14 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2004-08-17 13:49 983040 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 20:51 . 2009-05-11 18:55 124 ----a-w- c:\program files\config.ini
2009-12-17 07:42 . 2008-09-03 20:35 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2004-08-17 15:45 2068224 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-09 10:11 . 2004-08-17 13:45 2191360 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-04 18:22 . 2004-08-03 21:15 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2005-02-05 07:38 . 2009-05-11 18:55 1024000 ----a-w- c:\program files\Milan's GUI 4.exe
2005-02-03 14:45 . 2009-05-11 18:55 3505 ----a-w- c:\program files\release notes.txt
2004-06-30 11:20 . 2009-05-11 18:55 160768 ----a-w- c:\program files\fmod.dll
2009-03-08 12:09 . 2010-02-06 18:15 727904 --sha-w- c:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
2007-01-05 18:56 . 2010-02-06 18:17 64000 --sha-w- c:\windows\NiwradSoft Shell Pack\Backup\wmplayer.exe
.
------- Sigcheck -------
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . 92FAE100B7A31616DEBF6F91175000AA . 724992 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2008-04-14 . 244159B19BC4B9B6E3CFE0305049F1C3 . 694784 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 244159B19BC4B9B6E3CFE0305049F1C3 . 694784 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2009-12-21 . 4045EC195F5456FC803D9DDD22B83562 . 6167552 . . [8.00.6001.18876] . . c:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll
[-] 2009-12-21 . CCFF262E4DF7E86510ACC38ED2FD053B . 6104064 . . [8.00.6001.18876] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2009-12-21 . CCFF262E4DF7E86510ACC38ED2FD053B . 6104064 . . [8.00.6001.18876] . . c:\windows\system32\mshtml.dll
[-] 2009-12-21 . CCFF262E4DF7E86510ACC38ED2FD053B . 6104064 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2009-12-21 . BD424F12E808F3AA345C4816F7124F7C . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 . 00EC3DE6B7C581CC2675CCD549B692D7 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[7] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-10-22 . B459C87AA60BADADF3F0887737889CFF . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[7] 2009-10-22 . 3E902BD4D0EFB9E73C515DD3DEB6003B . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[7] 2009-08-29 . 8097658FEC4E7E65C8A63E6B7B2B0921 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[7] 2009-08-29 . F343C3CE6026ADE482D48B2D4F881A1D . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 . D6DA6137433E02999C1229DC692250CD . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[7] 2009-07-19 . 54E07F3B4EEF71607437367BA1922F6A . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . 53FF3AE6C6C6F7888E845C6A755D5C09 . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . 3BABDB8AAEED25E0EFE23561C1A2BCE1 . 5936128 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll
[7] 2009-02-21 . 920B2B7C54C6B102A98EE54C56134CEC . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[7] 2009-02-20 . DB1BCEDF3C640170A9E78E199516A8C9 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie8\mshtml.dll
[7] 2009-01-16 . 95E1214DBB029B3D37076999B53407D6 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[7] 2009-01-16 . D049549814B44670C88C0C3777D24FFA . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[7] 2008-12-13 . A3F482D8B827DDFBDA3F47B922DF5020 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[7] 2008-12-13 . E32432E44F926075122F5B17E224ABF5 . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[7] 2008-10-17 . 00439C27E013BE9DC0A6DDE4B626B6DC . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll
[7] 2008-10-16 . B5F7E24595A3F05ACE4F1152542FB07F . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[7] 2008-08-27 . 2ECA71D805E010713BE4EA0E86827410 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll
[7] 2008-08-26 . F1877EA1F348638E803DED6BEFB20637 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[7] 2008-06-24 . EC936148284F557F19C333178768109B . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll
[7] 2008-06-23 . 28B8231CA8D55FC85E027A57C90F5C88 . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
[7] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll
[7] 2004-08-17 . EF74351C9098210CC9C1A3679DB62041 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll
[-] 2008-04-14 . 581480DE9C65D6BD0552E35BF17379B2 . 587776 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2009-12-21 . B3698A70E869D9AD36A88EDB7602E864 . 1017856 . . [8.00.6001.18876] . . c:\windows\NiwradSoft Shell Pack\Backup\wininet.dll
[-] 2009-12-21 . E16024C3D64F431D2D5027DE025F4C49 . 983040 . . [8.00.6001.18876] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2009-12-21 . E16024C3D64F431D2D5027DE025F4C49 . 983040 . . [8.00.6001.18876] . . c:\windows\system32\wininet.dll
[-] 2009-12-21 . E16024C3D64F431D2D5027DE025F4C49 . 983040 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\wininet.dll
[7] 2009-12-21 . 9256DA4AEE5E2C20FC6C126BDBC11997 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 . F651D2A69B7037D6063BC697CF296D8C . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[7] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-08-29 . 37CFE7928711C8157CF4D191F0EF5F69 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[7] 2009-08-29 . F658908845F3EB727FEF4769ED0E52FE . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . 0B1AA91DFEDB1298FF7D93EBA45F8DB5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . FCD887F2BA15CD8D95F8D70766D42739 . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[7] 2009-05-13 . 0C20BF283DE5BA50060240383B8AA41C . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[7] 2009-05-13 . 9122013C5668D967C4AE7F52252898DE . 915456 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll
[7] 2009-03-03 . 3D7B87D8102C41BABBE5922B5275AA7C . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[7] 2009-03-03 . BA2611F55D9AE29554008ADBC49D7664 . 826368 . . [7.00.6000.16827] . . c:\windows\ie8\wininet.dll
[7] 2008-12-20 . A039CE5F34BF98760F877B29E5A1D4CD . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[7] 2008-12-20 . 793DA751C812EFC3C6786BBD3B8489A8 . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[7] 2008-10-16 . 84801E4617B5AFB065DD58438850587D . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[7] 2008-10-16 . A72D6CC0F715D415003478294C4ECB2A . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 . A74381B8D7024B2D8BB5691A93F825B8 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 . 0930F57122FF74739E3684D0016877F1 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[7] 2008-06-23 . 8C13D4A7479FA0A026EDA8ABCE82C0ED . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[7] 2008-06-23 . C66402A06B83B036C195242C0C8CF83C . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[7] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[7] 2004-08-17 . 50D263E3454E8357D13BB598129185AD . 657408 . . [6.00.2900.2180] . . c:\windows\ie7\wininet.dll
[-] 2008-04-14 . 121A686E3D61D9D45F25C03A1E4EC6D5 . 1541120 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . B720487896E2D91DA23E59820F718E34 . 1552384 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . 121A686E3D61D9D45F25C03A1E4EC6D5 . 1541120 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2008-04-14 . D8152865F2A59D765AF8317E38AA5FB4 . 25088 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-02-10 932864]
"Google Update"="c:\documents and settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-02-07 135664]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Samsung Common SM"="c:\windows\Samsung\ComSMMgr\ssmmgr.exe" [2005-07-03 372736]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-25 652624]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-09-13 1603152]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2009-11-06 2090272]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
c:\documents and settings\Hoa\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" -lang 1033
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8341:TCP"= 8341:TCP:BitComet 8341 TCP
"8341:UDP"= 8341:UDP:BitComet 8341 UDP
"23204:TCP"= 23204:TCP:BitComet 23204 TCP
"23204:UDP"= 23204:UDP:BitComet 23204 UDP
"14945:TCP"= 14945:TCP:BitComet 14945 TCP
"14945:UDP"= 14945:UDP:BitComet 14945 UDP
"3074:TCP"= 3074:TCP:30
"3074:UDP"= 3074:UDP:31
"88:UDP"= 88:UDP:32
"24371:TCP"= 24371:TCP:BitComet 24371 TCP
"24371:UDP"= 24371:UDP:BitComet 24371 UDP
"8561:TCP"= 8561:TCP:BitComet 8561 TCP
"8561:UDP"= 8561:UDP:BitComet 8561 UDP
"14509:TCP"= 14509:TCP:BitComet 14509 TCP
"14509:UDP"= 14509:UDP:BitComet 14509 UDP
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2009-01-05 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2009-01-05 5248]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2010-03-04 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-03-04 108289]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2010-03-04 65576]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-07-22 691696]
S2 .1115479445;1115479445;c:\program files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\bntr1115479445.exe --> c:\program files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\bntr1115479445.exe [?]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [2008-09-03 93440]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-03-04 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:37]
2010-02-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-03-04 c:\windows\Tasks\User_Feed_Synchronization-{EE48918A-0245-4CA9-B03E-8BD1F96EB152}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files\Verdict Free\etnxp.dll
FF - ProfilePath - c:\documents and settings\Tuan\Data aplikací\Mozilla\Firefox\Profiles\j4j3hmaf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://facebook.com
FF - component: c:\documents and settings\Tuan\Data aplikací\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\documents and settings\Tuan\Data aplikací\Mozilla\Firefox\Profiles\j4j3hmaf.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKU-Default-Run-Nokia.PCSync - c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-04 18:20
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: TUKERNEL.EXE catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8202D008]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf857af28
\Driver\ACPI -> ACPI.sys @ 0xf84c7cb8
\Driver\atapi -> 0x8202d008
IoDeviceObjectType -> DeleteProcedure -> TUKERNEL.EXE @ 0x805a0598
ParseProcedure -> TUKERNEL.EXE @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> TUKERNEL.EXE @ 0x805a0598
ParseProcedure -> TUKERNEL.EXE @ 0x8056ea15
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-602162358-838170752-725345543-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\MSSYCLM]
@Denied: (B C D 1 2 3 4 5 6) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1416)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
- - - - - - - > 'lsass.exe'(1488)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\psbase.dll
.
Celkový čas: 2010-03-04 18:27:20
ComboFix-quarantined-files.txt 2010-03-04 17:27
Před spuštěním: Volných bajtů: 17,310,363,648
Po spuštění: Volných bajtů: 21,501,153,280
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /TUTag=KVVJZS /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional (TuneUp Backup)" /noexecute=optin /fastdetect /TUTag=KVVJZS-BAK
- - End Of File - - E95BE634CB1C40AE27B03C5D295A6D5E
ComboFix 10-03-03.09 - Tuan 2010-03-04 18:07:17.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.511.169 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tuan\Dokumenty\Downloads\Programs\mrcha.com.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\ErrLog.txt
c:\windows\msa.exe
c:\windows\system32\detoured.dll
c:\windows\system32\Thumbs.db
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job
c:\windows\system32\midimap.dll . . . je infikován!!
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-04 do 2010-03-04 )))))))))))))))))))))))))))))))
.
2010-03-04 16:14 . 2008-06-21 03:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-03-04 16:14 . 2008-10-31 06:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2010-03-04 16:13 . 2010-03-04 16:13 -------- d-----w- c:\program files\Sunbelt Software
2010-03-04 15:52 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-03-04 15:52 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-03-04 15:52 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-03-04 15:52 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-03-04 15:52 . 2010-03-04 15:52 -------- d-----w- c:\program files\Avira
2010-03-01 19:17 . 2010-03-01 19:18 -------- d-----w- c:\windows\Globalization
2010-02-28 14:19 . 2010-02-28 14:21 20480 ----a-w- c:\windows\system32\H@tKeysH@@k.DLL
2010-02-27 20:54 . 2010-02-27 20:54 -------- d-----w- c:\program files\Common Files\PCSuite
2010-02-27 20:51 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-02-27 20:50 . 2010-02-27 20:51 -------- d-----w- c:\program files\PC Connectivity Solution
2010-02-27 20:49 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-02-27 20:49 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-02-27 20:49 . 2009-10-06 10:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-02-27 20:49 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2010-02-27 20:49 . 2009-10-06 10:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-02-27 20:49 . 2009-10-06 10:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-02-27 09:25 . 2010-02-27 09:25 -------- d-----w- c:\program files\Common Files\Apple
2010-02-27 09:24 . 2010-02-27 09:24 -------- d-----w- c:\program files\Apple Software Update
2010-02-26 18:42 . 2010-02-26 18:42 -------- d-----w- c:\documents and settings\Tuan\AppData
2010-02-21 12:34 . 2010-02-21 12:34 -------- d-s---w- c:\documents and settings\LocalService\Dokumenty
2010-02-21 12:34 . 2010-02-21 12:34 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-02-20 17:28 . 2005-06-06 17:06 14448 ------w- c:\windows\system32\drivers\wg6n.sys
2010-02-20 17:28 . 2005-06-06 17:06 14448 ------w- c:\windows\system32\drivers\wg5n.sys
2010-02-20 17:28 . 2005-06-06 17:05 14448 ------w- c:\windows\system32\drivers\wg4n.sys
2010-02-18 18:23 . 2010-02-20 17:22 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-18 16:13 . 2010-02-18 16:14 -------- d-----w- c:\program files\ARCHPR
2010-02-17 19:24 . 2010-02-17 19:37 -------- d-----w- c:\program files\Wondershare
2010-02-17 19:01 . 2010-03-04 14:34 -------- d-----w- c:\program files\Xilisoft
2010-02-14 13:02 . 2010-02-14 13:11 219124 ----a-w- c:\windows\system32\netcache.dll
2010-02-14 10:07 . 2010-02-14 10:07 2625536 ----a-w- c:\windows\system32\rshsvr.exe
2010-02-14 10:00 . 2010-02-14 10:00 135168 ----a-w- c:\windows\system32\X3DAud32.dll
2010-02-11 17:06 . 2010-03-04 16:51 -------- d-----w- C:\ComboFix
2010-02-11 17:06 . 2010-02-11 17:05 391680 ----a-w- c:\windows\system32\CF10123.exe
2010-02-11 15:24 . 2010-02-11 15:25 -------- d-----w- C:\rsit
2010-02-11 14:56 . 2010-02-11 14:56 19968 ----a-w- c:\windows\system32\drivers\services.exe.vir
2010-02-11 14:56 . 2010-02-11 14:56 -------- d-----w- c:\windows\Your Product
2010-02-10 16:44 . 2010-02-10 16:44 -------- d-----w- c:\program files\ATI
2010-02-06 18:48 . 2010-02-19 19:52 2331008 ----a-w- c:\windows\system32\TUKernel.exe
2010-02-06 18:06 . 2010-02-06 18:19 -------- d--h--w- c:\windows\NiwradSoft Shell Pack
2010-02-06 17:17 . 2010-02-20 17:23 -------- d-----w- c:\program files\Trojan Remover
2010-02-06 13:41 . 2010-02-20 21:31 -------- d-----w- C:\raptor
2010-02-06 13:05 . 2010-02-07 12:58 -------- d-----w- c:\program files\Thoosje
2010-02-06 12:56 . 2010-02-06 12:56 -------- d-----w- c:\program files\Alky for Applications
2010-02-05 18:53 . 2010-02-05 18:57 -------- d-----w- c:\program files\Thoosje Vista Sidebar
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-04 16:59 . 2001-10-25 14:00 90258 ----a-w- c:\windows\system32\perfc005.dat
2010-03-04 16:59 . 2001-10-25 14:00 460786 ----a-w- c:\windows\system32\perfh005.dat
2010-03-04 16:24 . 2010-01-24 18:48 -------- d-----w- c:\program files\Internet Download Manager
2010-03-04 16:14 . 2008-09-06 09:53 -------- d-----w- c:\program files\BitComet
2010-03-03 18:58 . 2010-02-01 15:08 -------- d-----w- c:\program files\Valve
2010-03-01 19:17 . 2009-05-18 15:50 -------- d-----w- c:\program files\Common Files\Nokia
2010-03-01 19:17 . 2009-05-18 15:49 -------- d-----w- c:\program files\Nokia
2010-02-28 16:32 . 2008-09-06 12:48 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-27 21:03 . 2010-02-27 21:03 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-27 21:03 . 2010-02-27 21:03 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-02-27 20:51 . 2008-09-03 21:00 -------- d-----w- c:\program files\DIFX
2010-02-27 17:07 . 2009-10-29 16:50 -------- d-----w- c:\program files\Rockstar Games
2010-02-25 19:29 . 2009-06-03 11:31 -------- d-----w- c:\program files\DOSBox-0.72
2010-02-18 16:04 . 2009-08-04 08:28 -------- d-----w- c:\program files\ESET
2010-02-11 17:11 . 2009-12-26 14:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-10 16:45 . 2008-09-03 20:52 -------- d-----w- c:\program files\ATI Technologies
2010-02-08 21:31 . 2009-06-06 12:42 -------- d-----w- c:\program files\Microsoft Works
2010-02-07 13:16 . 2010-01-30 12:48 -------- d-----w- c:\program files\Download Direct
2010-02-06 18:10 . 2004-08-17 13:49 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-01-31 18:23 . 2010-01-31 18:23 -------- d-----w- c:\program files\Common Files\EasyInfo
2010-01-30 16:34 . 2010-01-28 17:41 -------- d-----w- c:\program files\Multi Theft Auto
2010-01-28 17:14 . 2010-01-28 17:14 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-28 17:13 . 2009-08-08 15:18 -------- d-----w- c:\program files\TuneUp Utilities 2009
2010-01-28 16:38 . 2010-01-28 16:37 -------- d-----w- c:\program files\RocketDock
2010-01-26 16:26 . 2008-09-03 20:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-26 16:15 . 2010-01-26 16:15 -------- d-----w- c:\program files\Astroburn Lite
2010-01-26 16:15 . 2009-12-02 16:49 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-01-26 16:15 . 2010-01-26 16:15 -------- d-----w- c:\program files\Astroburn Toolbar
2010-01-24 19:20 . 2008-09-03 21:52 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-24 13:09 . 2010-01-24 13:02 5368 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-01-24 13:09 . 2010-01-24 11:37 71910 ----a-w- c:\windows\BricoPackUninst.cmd
2010-01-23 21:21 . 2008-11-06 19:31 -------- d-----w- c:\program files\Common Files\Nero
2010-01-23 19:44 . 2008-11-06 19:31 -------- d-----w- c:\program files\Nero
2010-01-23 15:54 . 2010-01-18 21:48 -------- d-----w- c:\program files\8ee2867e7ef9f99331d53e95b62d40
2010-01-21 14:53 . 2008-09-03 22:46 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 21:43 . 2010-01-18 21:42 -------- d-----w- c:\program files\da0873f77db6d46b9cc963
2010-01-17 17:35 . 2009-06-06 12:41 -------- d-----w- c:\program files\MSBuild
2010-01-17 17:35 . 2010-01-17 17:35 -------- d-----w- c:\program files\Reference Assemblies
2010-01-13 16:37 . 2008-09-03 21:04 -------- d-----w- c:\program files\Yahoo!
2010-01-11 20:40 . 2010-01-10 13:47 -------- d-----w- c:\program files\Windows Desktop Search
2010-01-11 14:14 . 2010-01-11 14:14 -------- d-----w- c:\program files\Last.fm
2010-01-07 15:07 . 2009-12-26 14:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-12-26 14:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-03 18:22 . 2010-01-03 18:22 -------- d-----w- c:\program files\Lavalys
2009-12-31 16:50 . 2004-08-03 21:14 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2004-08-17 13:49 983040 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 20:51 . 2009-05-11 18:55 124 ----a-w- c:\program files\config.ini
2009-12-17 07:42 . 2008-09-03 20:35 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2004-08-17 15:45 2068224 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-09 10:11 . 2004-08-17 13:45 2191360 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-04 18:22 . 2004-08-03 21:15 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2005-02-05 07:38 . 2009-05-11 18:55 1024000 ----a-w- c:\program files\Milan's GUI 4.exe
2005-02-03 14:45 . 2009-05-11 18:55 3505 ----a-w- c:\program files\release notes.txt
2004-06-30 11:20 . 2009-05-11 18:55 160768 ----a-w- c:\program files\fmod.dll
2009-03-08 12:09 . 2010-02-06 18:15 727904 --sha-w- c:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
2007-01-05 18:56 . 2010-02-06 18:17 64000 --sha-w- c:\windows\NiwradSoft Shell Pack\Backup\wmplayer.exe
.
------- Sigcheck -------
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . 92FAE100B7A31616DEBF6F91175000AA . 724992 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2008-04-14 . 244159B19BC4B9B6E3CFE0305049F1C3 . 694784 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 244159B19BC4B9B6E3CFE0305049F1C3 . 694784 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2009-12-21 . 4045EC195F5456FC803D9DDD22B83562 . 6167552 . . [8.00.6001.18876] . . c:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll
[-] 2009-12-21 . CCFF262E4DF7E86510ACC38ED2FD053B . 6104064 . . [8.00.6001.18876] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2009-12-21 . CCFF262E4DF7E86510ACC38ED2FD053B . 6104064 . . [8.00.6001.18876] . . c:\windows\system32\mshtml.dll
[-] 2009-12-21 . CCFF262E4DF7E86510ACC38ED2FD053B . 6104064 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2009-12-21 . BD424F12E808F3AA345C4816F7124F7C . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 . 00EC3DE6B7C581CC2675CCD549B692D7 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[7] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-10-22 . B459C87AA60BADADF3F0887737889CFF . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[7] 2009-10-22 . 3E902BD4D0EFB9E73C515DD3DEB6003B . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[7] 2009-08-29 . 8097658FEC4E7E65C8A63E6B7B2B0921 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[7] 2009-08-29 . F343C3CE6026ADE482D48B2D4F881A1D . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 . D6DA6137433E02999C1229DC692250CD . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[7] 2009-07-19 . 54E07F3B4EEF71607437367BA1922F6A . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . 53FF3AE6C6C6F7888E845C6A755D5C09 . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . 3BABDB8AAEED25E0EFE23561C1A2BCE1 . 5936128 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll
[7] 2009-02-21 . 920B2B7C54C6B102A98EE54C56134CEC . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[7] 2009-02-20 . DB1BCEDF3C640170A9E78E199516A8C9 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie8\mshtml.dll
[7] 2009-01-16 . 95E1214DBB029B3D37076999B53407D6 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[7] 2009-01-16 . D049549814B44670C88C0C3777D24FFA . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[7] 2008-12-13 . A3F482D8B827DDFBDA3F47B922DF5020 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[7] 2008-12-13 . E32432E44F926075122F5B17E224ABF5 . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[7] 2008-10-17 . 00439C27E013BE9DC0A6DDE4B626B6DC . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll
[7] 2008-10-16 . B5F7E24595A3F05ACE4F1152542FB07F . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[7] 2008-08-27 . 2ECA71D805E010713BE4EA0E86827410 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll
[7] 2008-08-26 . F1877EA1F348638E803DED6BEFB20637 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[7] 2008-06-24 . EC936148284F557F19C333178768109B . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll
[7] 2008-06-23 . 28B8231CA8D55FC85E027A57C90F5C88 . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
[7] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll
[7] 2004-08-17 . EF74351C9098210CC9C1A3679DB62041 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll
[-] 2008-04-14 . 581480DE9C65D6BD0552E35BF17379B2 . 587776 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2009-12-21 . B3698A70E869D9AD36A88EDB7602E864 . 1017856 . . [8.00.6001.18876] . . c:\windows\NiwradSoft Shell Pack\Backup\wininet.dll
[-] 2009-12-21 . E16024C3D64F431D2D5027DE025F4C49 . 983040 . . [8.00.6001.18876] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2009-12-21 . E16024C3D64F431D2D5027DE025F4C49 . 983040 . . [8.00.6001.18876] . . c:\windows\system32\wininet.dll
[-] 2009-12-21 . E16024C3D64F431D2D5027DE025F4C49 . 983040 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\wininet.dll
[7] 2009-12-21 . 9256DA4AEE5E2C20FC6C126BDBC11997 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 . F651D2A69B7037D6063BC697CF296D8C . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[7] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-08-29 . 37CFE7928711C8157CF4D191F0EF5F69 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[7] 2009-08-29 . F658908845F3EB727FEF4769ED0E52FE . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . 0B1AA91DFEDB1298FF7D93EBA45F8DB5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . FCD887F2BA15CD8D95F8D70766D42739 . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[7] 2009-05-13 . 0C20BF283DE5BA50060240383B8AA41C . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[7] 2009-05-13 . 9122013C5668D967C4AE7F52252898DE . 915456 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll
[7] 2009-03-03 . 3D7B87D8102C41BABBE5922B5275AA7C . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[7] 2009-03-03 . BA2611F55D9AE29554008ADBC49D7664 . 826368 . . [7.00.6000.16827] . . c:\windows\ie8\wininet.dll
[7] 2008-12-20 . A039CE5F34BF98760F877B29E5A1D4CD . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[7] 2008-12-20 . 793DA751C812EFC3C6786BBD3B8489A8 . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[7] 2008-10-16 . 84801E4617B5AFB065DD58438850587D . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[7] 2008-10-16 . A72D6CC0F715D415003478294C4ECB2A . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 . A74381B8D7024B2D8BB5691A93F825B8 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 . 0930F57122FF74739E3684D0016877F1 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[7] 2008-06-23 . 8C13D4A7479FA0A026EDA8ABCE82C0ED . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[7] 2008-06-23 . C66402A06B83B036C195242C0C8CF83C . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[7] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[7] 2004-08-17 . 50D263E3454E8357D13BB598129185AD . 657408 . . [6.00.2900.2180] . . c:\windows\ie7\wininet.dll
[-] 2008-04-14 . 121A686E3D61D9D45F25C03A1E4EC6D5 . 1541120 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . B720487896E2D91DA23E59820F718E34 . 1552384 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . 121A686E3D61D9D45F25C03A1E4EC6D5 . 1541120 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2008-04-14 . D8152865F2A59D765AF8317E38AA5FB4 . 25088 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-02-10 932864]
"Google Update"="c:\documents and settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-02-07 135664]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Samsung Common SM"="c:\windows\Samsung\ComSMMgr\ssmmgr.exe" [2005-07-03 372736]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-25 652624]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-09-13 1603152]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2009-11-06 2090272]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
c:\documents and settings\Hoa\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" -lang 1033
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8341:TCP"= 8341:TCP:BitComet 8341 TCP
"8341:UDP"= 8341:UDP:BitComet 8341 UDP
"23204:TCP"= 23204:TCP:BitComet 23204 TCP
"23204:UDP"= 23204:UDP:BitComet 23204 UDP
"14945:TCP"= 14945:TCP:BitComet 14945 TCP
"14945:UDP"= 14945:UDP:BitComet 14945 UDP
"3074:TCP"= 3074:TCP:30
"3074:UDP"= 3074:UDP:31
"88:UDP"= 88:UDP:32
"24371:TCP"= 24371:TCP:BitComet 24371 TCP
"24371:UDP"= 24371:UDP:BitComet 24371 UDP
"8561:TCP"= 8561:TCP:BitComet 8561 TCP
"8561:UDP"= 8561:UDP:BitComet 8561 UDP
"14509:TCP"= 14509:TCP:BitComet 14509 TCP
"14509:UDP"= 14509:UDP:BitComet 14509 UDP
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2009-01-05 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2009-01-05 5248]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2010-03-04 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-03-04 108289]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2010-03-04 65576]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-07-22 691696]
S2 .1115479445;1115479445;c:\program files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\bntr1115479445.exe --> c:\program files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\bntr1115479445.exe [?]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [2008-09-03 93440]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-03-04 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:37]
2010-02-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-03-04 c:\windows\Tasks\User_Feed_Synchronization-{EE48918A-0245-4CA9-B03E-8BD1F96EB152}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files\Verdict Free\etnxp.dll
FF - ProfilePath - c:\documents and settings\Tuan\Data aplikací\Mozilla\Firefox\Profiles\j4j3hmaf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://facebook.com
FF - component: c:\documents and settings\Tuan\Data aplikací\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\documents and settings\Tuan\Data aplikací\Mozilla\Firefox\Profiles\j4j3hmaf.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKU-Default-Run-Nokia.PCSync - c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-04 18:20
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: TUKERNEL.EXE catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8202D008]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf857af28
\Driver\ACPI -> ACPI.sys @ 0xf84c7cb8
\Driver\atapi -> 0x8202d008
IoDeviceObjectType -> DeleteProcedure -> TUKERNEL.EXE @ 0x805a0598
ParseProcedure -> TUKERNEL.EXE @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> TUKERNEL.EXE @ 0x805a0598
ParseProcedure -> TUKERNEL.EXE @ 0x8056ea15
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-602162358-838170752-725345543-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\MSSYCLM]
@Denied: (B C D 1 2 3 4 5 6) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1416)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
- - - - - - - > 'lsass.exe'(1488)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\psbase.dll
.
Celkový čas: 2010-03-04 18:27:20
ComboFix-quarantined-files.txt 2010-03-04 17:27
Před spuštěním: Volných bajtů: 17,310,363,648
Po spuštění: Volných bajtů: 21,501,153,280
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /TUTag=KVVJZS /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional (TuneUp Backup)" /noexecute=optin /fastdetect /TUTag=KVVJZS-BAK
- - End Of File - - E95BE634CB1C40AE27B03C5D295A6D5E
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Tohle otestujte na http://www.virustotal.com/cs/ c:\windows\system32\winlogon.exe
c:\windows\system32\comctl32.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\user32.dll
c:\windows\system32\wininet.dll
c:\windows\explorer.exe
c:\windows\system32\ctfmon.exe
c:\windows\system32\rshsvr.exe
(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)
Pokud nemáte, přesuňte Combofix na plochu
- Otevřete si Poznámkový blok a zkopírujte do něj text z bílého okénka.
Kód: Vybrat vše
Driver::
.1115479445
File::
c:\program files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\bntr1115479445.exe
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod.rar
c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\wga.cracked.exe
c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\www.9down.com.url
c:\windows\prefetch\win rar keygen.exe-00955ac5.pf
c:\program files\bitcomet\torrents\any video converter professional v2.7.6 + crack [rh].torrent
c:\program files\bitcomet\torrents\fifa.2007.keygen.torrent
c:\program files\bitcomet\torrents\fifa.2007.keygen[0].torrent
c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].torrent
c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].xml
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"=-
RegLock::
[HKEY_USERS\S-1-5-21-602162358-838170752-725345543-1005\Software\Microsoft\SystemCertificates\AddressBook*]
Folder::
c:\documents and settings\tuan\dokumenty\downloads\compressed\xilisoft video converter ultimate 5.1.21 crack
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod
c:\documents and settings\tuan\dokumenty\downloads\compressed\crack + keygen nfs most
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch
c:\documents and settings\tuan\dokumenty\downloads\rebuilt.xilisoft video converter ultimate.5.2.7.keygen.true
Restore::
c:\windows\system32\midimap.dll- Uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
- Po uložení uchopte vámi vytvořený skript levým myšítkem a přesuňte ho nad ikonu Combofixu, kde ho upustíte:
- Po aplikaci na Vás vypadne další log,vložte ho sem
Re: Prosím o kontrolu logu
Zde je Virustotal:
http://www.virustotal.com/cs/analisis/6 ... 1267725410
http://www.virustotal.com/cs/analisis/d ... 1267458521
http://www.virustotal.com/cs/analisis/e ... 1267725559
http://www.virustotal.com/cs/analisis/e ... 1267725678
http://www.virustotal.com/cs/analisis/d ... 1267725749
http://www.virustotal.com/cs/analisis/d ... 1267725874
http://www.virustotal.com/cs/analisis/1 ... 1267726000
Sedmý soubor se nepodařil analyzovat, ptž antivirus se i po vypnutí nějak zapnul a odstranil ho.
Zde je ComboFix:
ComboFix 10-03-03.09 - Tuan 2010-03-04 19:17:55.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.511.202 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tuan\Plocha\mrcha.com.exe
Použité ovládací přepínače :: c:\documents and settings\Tuan\Plocha\CFScript.txt
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
FILE ::
"c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod.rar"
"c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\wga.cracked.exe"
"c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\www.9down.com.url"
"c:\program files\bitcomet\torrents\any video converter professional v2.7.6 + crack [rh].torrent"
"c:\program files\bitcomet\torrents\fifa.2007.keygen.torrent"
"c:\program files\bitcomet\torrents\fifa.2007.keygen[0].torrent"
"c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].torrent"
"c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].xml"
"c:\program files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\bntr1115479445.exe"
"c:\windows\prefetch\win rar keygen.exe-00955ac5.pf"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod.rar
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\crack\~$vod na crack k NOD32.doc
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\crack\crack.exe
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\crack\Návod na crack k NOD32.doc
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\eav_nt32_csy.msi
c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\wga.cracked.exe
c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\www.9down.com.url
c:\documents and settings\tuan\dokumenty\downloads\compressed\xilisoft video converter ultimate 5.1.21 crack
c:\documents and settings\tuan\dokumenty\downloads\compressed\xilisoft video converter ultimate 5.1.21 crack\Crack.exe
c:\documents and settings\tuan\dokumenty\downloads\rebuilt.xilisoft video converter ultimate.5.2.7.keygen.true
c:\documents and settings\tuan\dokumenty\downloads\rebuilt.xilisoft video converter ultimate.5.2.7.keygen.true\tRUE.nfo
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\Crack.rar
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\Crack\cu.nfo
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\Crack\Patch.exe
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\Crack\www.9down.com.url
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\Setup.exe
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\www.9down.com.url
c:\program files\bitcomet\torrents\any video converter professional v2.7.6 + crack [rh].torrent
c:\program files\bitcomet\torrents\fifa.2007.keygen.torrent
c:\program files\bitcomet\torrents\fifa.2007.keygen[0].torrent
c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].torrent
c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].xml
c:\windows\prefetch\win rar keygen.exe-00955ac5.pf
c:\windows\system32\midimap.dll . . . je infikován!!
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_.1115479445
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-04 do 2010-03-04 )))))))))))))))))))))))))))))))
.
2010-03-04 16:14 . 2008-06-21 03:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-03-04 16:14 . 2008-10-31 06:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2010-03-04 16:13 . 2010-03-04 16:13 -------- d-----w- c:\program files\Sunbelt Software
2010-03-04 15:52 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-03-04 15:52 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-03-04 15:52 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-03-04 15:52 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-03-04 15:52 . 2010-03-04 15:52 -------- d-----w- c:\program files\Avira
2010-03-01 19:17 . 2010-03-01 19:18 -------- d-----w- c:\windows\Globalization
2010-02-28 14:19 . 2010-02-28 14:21 20480 ----a-w- c:\windows\system32\H@tKeysH@@k.DLL
2010-02-27 20:54 . 2010-02-27 20:54 -------- d-----w- c:\program files\Common Files\PCSuite
2010-02-27 20:51 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-02-27 20:50 . 2010-02-27 20:51 -------- d-----w- c:\program files\PC Connectivity Solution
2010-02-27 20:49 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-02-27 20:49 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-02-27 20:49 . 2009-10-06 10:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-02-27 20:49 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2010-02-27 20:49 . 2009-10-06 10:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-02-27 20:49 . 2009-10-06 10:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-02-27 09:25 . 2010-02-27 09:25 -------- d-----w- c:\program files\Common Files\Apple
2010-02-27 09:24 . 2010-02-27 09:24 -------- d-----w- c:\program files\Apple Software Update
2010-02-26 18:42 . 2010-02-26 18:42 -------- d-----w- c:\documents and settings\Tuan\AppData
2010-02-21 12:34 . 2010-02-21 12:34 -------- d-s---w- c:\documents and settings\LocalService\Dokumenty
2010-02-21 12:34 . 2010-02-21 12:34 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-02-20 17:28 . 2005-06-06 17:06 14448 ------w- c:\windows\system32\drivers\wg6n.sys
2010-02-20 17:28 . 2005-06-06 17:06 14448 ------w- c:\windows\system32\drivers\wg5n.sys
2010-02-20 17:28 . 2005-06-06 17:05 14448 ------w- c:\windows\system32\drivers\wg4n.sys
2010-02-18 18:23 . 2010-02-20 17:22 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-18 16:13 . 2010-02-18 16:14 -------- d-----w- c:\program files\ARCHPR
2010-02-17 19:24 . 2010-02-17 19:37 -------- d-----w- c:\program files\Wondershare
2010-02-17 19:01 . 2010-03-04 14:34 -------- d-----w- c:\program files\Xilisoft
2010-02-14 13:02 . 2010-02-14 13:11 219124 ----a-w- c:\windows\system32\netcache.dll
2010-02-14 10:00 . 2010-02-14 10:00 135168 ----a-w- c:\windows\system32\X3DAud32.dll
2010-02-11 17:06 . 2010-03-04 16:51 -------- d-----w- C:\ComboFix
2010-02-11 17:06 . 2010-02-11 17:05 391680 ----a-w- c:\windows\system32\CF10123.exe
2010-02-11 15:24 . 2010-02-11 15:25 -------- d-----w- C:\rsit
2010-02-11 14:56 . 2010-02-11 14:56 19968 ----a-w- c:\windows\system32\drivers\services.exe.vir
2010-02-11 14:56 . 2010-02-11 14:56 -------- d-----w- c:\windows\Your Product
2010-02-10 16:44 . 2010-02-10 16:44 -------- d-----w- c:\program files\ATI
2010-02-06 18:48 . 2010-02-19 19:52 2331008 ----a-w- c:\windows\system32\TUKernel.exe
2010-02-06 18:06 . 2010-02-06 18:19 -------- d--h--w- c:\windows\NiwradSoft Shell Pack
2010-02-06 17:17 . 2010-02-20 17:23 -------- d-----w- c:\program files\Trojan Remover
2010-02-06 13:41 . 2010-02-20 21:31 -------- d-----w- C:\raptor
2010-02-06 13:05 . 2010-02-07 12:58 -------- d-----w- c:\program files\Thoosje
2010-02-06 12:56 . 2010-02-06 12:56 -------- d-----w- c:\program files\Alky for Applications
2010-02-05 18:53 . 2010-02-05 18:57 -------- d-----w- c:\program files\Thoosje Vista Sidebar
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-04 18:35 . 2001-10-25 14:00 460786 ----a-w- c:\windows\system32\perfh005.dat
2010-03-04 18:35 . 2001-10-25 14:00 90258 ----a-w- c:\windows\system32\perfc005.dat
2010-03-04 16:24 . 2010-01-24 18:48 -------- d-----w- c:\program files\Internet Download Manager
2010-03-04 16:14 . 2008-09-06 09:53 -------- d-----w- c:\program files\BitComet
2010-03-03 18:58 . 2010-02-01 15:08 -------- d-----w- c:\program files\Valve
2010-03-01 19:17 . 2009-05-18 15:50 -------- d-----w- c:\program files\Common Files\Nokia
2010-03-01 19:17 . 2009-05-18 15:49 -------- d-----w- c:\program files\Nokia
2010-02-28 16:32 . 2008-09-06 12:48 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-27 21:03 . 2010-02-27 21:03 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-27 21:03 . 2010-02-27 21:03 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-02-27 20:51 . 2008-09-03 21:00 -------- d-----w- c:\program files\DIFX
2010-02-27 17:07 . 2009-10-29 16:50 -------- d-----w- c:\program files\Rockstar Games
2010-02-25 19:29 . 2009-06-03 11:31 -------- d-----w- c:\program files\DOSBox-0.72
2010-02-18 16:04 . 2009-08-04 08:28 -------- d-----w- c:\program files\ESET
2010-02-11 17:11 . 2009-12-26 14:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-10 16:45 . 2008-09-03 20:52 -------- d-----w- c:\program files\ATI Technologies
2010-02-08 21:31 . 2009-06-06 12:42 -------- d-----w- c:\program files\Microsoft Works
2010-02-07 13:16 . 2010-01-30 12:48 -------- d-----w- c:\program files\Download Direct
2010-02-06 18:10 . 2004-08-17 13:49 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-01-31 18:23 . 2010-01-31 18:23 -------- d-----w- c:\program files\Common Files\EasyInfo
2010-01-30 16:34 . 2010-01-28 17:41 -------- d-----w- c:\program files\Multi Theft Auto
2010-01-28 17:14 . 2010-01-28 17:14 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-28 17:13 . 2009-08-08 15:18 -------- d-----w- c:\program files\TuneUp Utilities 2009
2010-01-28 16:38 . 2010-01-28 16:37 -------- d-----w- c:\program files\RocketDock
2010-01-26 16:26 . 2008-09-03 20:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-26 16:15 . 2010-01-26 16:15 -------- d-----w- c:\program files\Astroburn Lite
2010-01-26 16:15 . 2009-12-02 16:49 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-01-26 16:15 . 2010-01-26 16:15 -------- d-----w- c:\program files\Astroburn Toolbar
2010-01-24 19:20 . 2008-09-03 21:52 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-24 13:09 . 2010-01-24 13:02 5368 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-01-24 13:09 . 2010-01-24 11:37 71910 ----a-w- c:\windows\BricoPackUninst.cmd
2010-01-23 21:21 . 2008-11-06 19:31 -------- d-----w- c:\program files\Common Files\Nero
2010-01-23 19:44 . 2008-11-06 19:31 -------- d-----w- c:\program files\Nero
2010-01-23 15:54 . 2010-01-18 21:48 -------- d-----w- c:\program files\8ee2867e7ef9f99331d53e95b62d40
2010-01-21 14:53 . 2008-09-03 22:46 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 21:43 . 2010-01-18 21:42 -------- d-----w- c:\program files\da0873f77db6d46b9cc963
2010-01-17 17:35 . 2009-06-06 12:41 -------- d-----w- c:\program files\MSBuild
2010-01-17 17:35 . 2010-01-17 17:35 -------- d-----w- c:\program files\Reference Assemblies
2010-01-13 16:37 . 2008-09-03 21:04 -------- d-----w- c:\program files\Yahoo!
2010-01-11 20:40 . 2010-01-10 13:47 -------- d-----w- c:\program files\Windows Desktop Search
2010-01-11 14:14 . 2010-01-11 14:14 -------- d-----w- c:\program files\Last.fm
2010-01-07 15:07 . 2009-12-26 14:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-12-26 14:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-31 16:50 . 2004-08-03 21:14 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2004-08-17 13:49 983040 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 20:51 . 2009-05-11 18:55 124 ----a-w- c:\program files\config.ini
2009-12-17 07:42 . 2008-09-03 20:35 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2004-08-17 15:45 2068224 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-09 10:11 . 2004-08-17 13:45 2191360 ------w- c:\windows\system32\ntoskrnl.exe
2005-02-05 07:38 . 2009-05-11 18:55 1024000 ----a-w- c:\program files\Milan's GUI 4.exe
2005-02-03 14:45 . 2009-05-11 18:55 3505 ----a-w- c:\program files\release notes.txt
2004-06-30 11:20 . 2009-05-11 18:55 160768 ----a-w- c:\program files\fmod.dll
2009-03-08 12:09 . 2010-02-06 18:15 727904 --sha-w- c:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
2007-01-05 18:56 . 2010-02-06 18:17 64000 --sha-w- c:\windows\NiwradSoft Shell Pack\Backup\wmplayer.exe
.
------- Sigcheck -------
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . 92FAE100B7A31616DEBF6F91175000AA . 724992 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2008-04-14 . 244159B19BC4B9B6E3CFE0305049F1C3 . 694784 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 244159B19BC4B9B6E3CFE0305049F1C3 . 694784 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2009-12-21 . 4045EC195F5456FC803D9DDD22B83562 . 6167552 . . [8.00.6001.18876] . . c:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll
[-] 2009-12-21 . CCFF262E4DF7E86510ACC38ED2FD053B . 6104064 . . [8.00.6001.18876] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2009-12-21 . CCFF262E4DF7E86510ACC38ED2FD053B . 6104064 . . [8.00.6001.18876] . . c:\windows\system32\mshtml.dll
[-] 2009-12-21 . CCFF262E4DF7E86510ACC38ED2FD053B . 6104064 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2009-12-21 . BD424F12E808F3AA345C4816F7124F7C . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 . 00EC3DE6B7C581CC2675CCD549B692D7 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[7] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-10-22 . B459C87AA60BADADF3F0887737889CFF . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[7] 2009-10-22 . 3E902BD4D0EFB9E73C515DD3DEB6003B . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[7] 2009-08-29 . 8097658FEC4E7E65C8A63E6B7B2B0921 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[7] 2009-08-29 . F343C3CE6026ADE482D48B2D4F881A1D . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 . D6DA6137433E02999C1229DC692250CD . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[7] 2009-07-19 . 54E07F3B4EEF71607437367BA1922F6A . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . 53FF3AE6C6C6F7888E845C6A755D5C09 . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . 3BABDB8AAEED25E0EFE23561C1A2BCE1 . 5936128 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll
[7] 2009-02-21 . 920B2B7C54C6B102A98EE54C56134CEC . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[7] 2009-02-20 . DB1BCEDF3C640170A9E78E199516A8C9 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie8\mshtml.dll
[7] 2009-01-16 . 95E1214DBB029B3D37076999B53407D6 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[7] 2009-01-16 . D049549814B44670C88C0C3777D24FFA . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[7] 2008-12-13 . A3F482D8B827DDFBDA3F47B922DF5020 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[7] 2008-12-13 . E32432E44F926075122F5B17E224ABF5 . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[7] 2008-10-17 . 00439C27E013BE9DC0A6DDE4B626B6DC . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll
[7] 2008-10-16 . B5F7E24595A3F05ACE4F1152542FB07F . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[7] 2008-08-27 . 2ECA71D805E010713BE4EA0E86827410 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll
[7] 2008-08-26 . F1877EA1F348638E803DED6BEFB20637 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[7] 2008-06-24 . EC936148284F557F19C333178768109B . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll
[7] 2008-06-23 . 28B8231CA8D55FC85E027A57C90F5C88 . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
[7] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll
[7] 2004-08-17 . EF74351C9098210CC9C1A3679DB62041 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll
[-] 2008-04-14 . 581480DE9C65D6BD0552E35BF17379B2 . 587776 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2009-12-21 . B3698A70E869D9AD36A88EDB7602E864 . 1017856 . . [8.00.6001.18876] . . c:\windows\NiwradSoft Shell Pack\Backup\wininet.dll
[-] 2009-12-21 . E16024C3D64F431D2D5027DE025F4C49 . 983040 . . [8.00.6001.18876] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2009-12-21 . E16024C3D64F431D2D5027DE025F4C49 . 983040 . . [8.00.6001.18876] . . c:\windows\system32\wininet.dll
[-] 2009-12-21 . E16024C3D64F431D2D5027DE025F4C49 . 983040 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\wininet.dll
[7] 2009-12-21 . 9256DA4AEE5E2C20FC6C126BDBC11997 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 . F651D2A69B7037D6063BC697CF296D8C . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[7] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-08-29 . 37CFE7928711C8157CF4D191F0EF5F69 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[7] 2009-08-29 . F658908845F3EB727FEF4769ED0E52FE . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . 0B1AA91DFEDB1298FF7D93EBA45F8DB5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . FCD887F2BA15CD8D95F8D70766D42739 . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[7] 2009-05-13 . 0C20BF283DE5BA50060240383B8AA41C . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[7] 2009-05-13 . 9122013C5668D967C4AE7F52252898DE . 915456 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll
[7] 2009-03-03 . 3D7B87D8102C41BABBE5922B5275AA7C . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[7] 2009-03-03 . BA2611F55D9AE29554008ADBC49D7664 . 826368 . . [7.00.6000.16827] . . c:\windows\ie8\wininet.dll
[7] 2008-12-20 . A039CE5F34BF98760F877B29E5A1D4CD . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[7] 2008-12-20 . 793DA751C812EFC3C6786BBD3B8489A8 . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[7] 2008-10-16 . 84801E4617B5AFB065DD58438850587D . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[7] 2008-10-16 . A72D6CC0F715D415003478294C4ECB2A . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 . A74381B8D7024B2D8BB5691A93F825B8 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 . 0930F57122FF74739E3684D0016877F1 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[7] 2008-06-23 . 8C13D4A7479FA0A026EDA8ABCE82C0ED . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[7] 2008-06-23 . C66402A06B83B036C195242C0C8CF83C . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[7] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[7] 2004-08-17 . 50D263E3454E8357D13BB598129185AD . 657408 . . [6.00.2900.2180] . . c:\windows\ie7\wininet.dll
[-] 2008-04-14 . 121A686E3D61D9D45F25C03A1E4EC6D5 . 1541120 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . B720487896E2D91DA23E59820F718E34 . 1552384 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . 121A686E3D61D9D45F25C03A1E4EC6D5 . 1541120 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2008-04-14 . D8152865F2A59D765AF8317E38AA5FB4 . 25088 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-02-10 932864]
"Google Update"="c:\documents and settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-02-07 135664]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Samsung Common SM"="c:\windows\Samsung\ComSMMgr\ssmmgr.exe" [2005-07-03 372736]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-25 652624]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-09-13 1603152]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2009-11-06 2090272]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
c:\documents and settings\Hoa\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" -lang 1033
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8341:TCP"= 8341:TCP:BitComet 8341 TCP
"8341:UDP"= 8341:UDP:BitComet 8341 UDP
"23204:TCP"= 23204:TCP:BitComet 23204 TCP
"23204:UDP"= 23204:UDP:BitComet 23204 UDP
"14945:TCP"= 14945:TCP:BitComet 14945 TCP
"14945:UDP"= 14945:UDP:BitComet 14945 UDP
"3074:TCP"= 3074:TCP:30
"3074:UDP"= 3074:UDP:31
"88:UDP"= 88:UDP:32
"24371:TCP"= 24371:TCP:BitComet 24371 TCP
"24371:UDP"= 24371:UDP:BitComet 24371 UDP
"8561:TCP"= 8561:TCP:BitComet 8561 TCP
"8561:UDP"= 8561:UDP:BitComet 8561 UDP
"14509:TCP"= 14509:TCP:BitComet 14509 TCP
"14509:UDP"= 14509:UDP:BitComet 14509 UDP
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2009-01-05 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2009-01-05 5248]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-07-22 691696]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2010-03-04 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-03-04 108289]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2010-03-04 65576]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [2008-09-03 93440]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-03-04 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:37]
2010-02-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-03-04 c:\windows\Tasks\User_Feed_Synchronization-{EE48918A-0245-4CA9-B03E-8BD1F96EB152}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files\Verdict Free\etnxp.dll
FF - ProfilePath - c:\documents and settings\Tuan\Data aplikací\Mozilla\Firefox\Profiles\j4j3hmaf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://facebook.com
FF - component: c:\documents and settings\Tuan\Data aplikací\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\documents and settings\Tuan\Data aplikací\Mozilla\Firefox\Profiles\j4j3hmaf.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-04 19:31
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: TUKERNEL.EXE CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x81DD3418]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf857af28
\Driver\ACPI -> ACPI.sys @ 0xf83bccb8
\Driver\atapi -> 0x81dd3418
IoDeviceObjectType -> DeleteProcedure -> TUKERNEL.EXE @ 0x805a0598
ParseProcedure -> TUKERNEL.EXE @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> TUKERNEL.EXE @ 0x805a0598
ParseProcedure -> TUKERNEL.EXE @ 0x8056ea15
NDIS: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xf8247bb0
PacketIndicateHandler -> NDIS.sys @ 0xf8254a21
SendHandler -> NDIS.sys @ 0xf823287b
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-602162358-838170752-725345543-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\MSSYCLM]
@Denied: (B C D 1 2 3 4 5 6) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1456)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
- - - - - - - > 'lsass.exe'(1532)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\psbase.dll
- - - - - - - > 'explorer.exe'(1780)
c:\program files\RocketDock\RocketDock.dll
c:\program files\Unlocker\UnlockerHook.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\program files\Internet Download Manager\idmmkb.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\msi.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\System32\TUProgSt.exe
c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
c:\windows\SOUNDMAN.EXE
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\Internet Download Manager\IEMonitor.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Celkový čas: 2010-03-04 19:42:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-04 18:42
ComboFix2.txt 2010-03-04 17:27
Před spuštěním: Volných bajtů: 21,510,483,968
Po spuštění: Volných bajtů: 21,378,088,960
- - End Of File - - 2860DADCF35F488C6E0D150E0F264C0A
http://www.virustotal.com/cs/analisis/6 ... 1267725410
http://www.virustotal.com/cs/analisis/d ... 1267458521
http://www.virustotal.com/cs/analisis/e ... 1267725559
http://www.virustotal.com/cs/analisis/e ... 1267725678
http://www.virustotal.com/cs/analisis/d ... 1267725749
http://www.virustotal.com/cs/analisis/d ... 1267725874
http://www.virustotal.com/cs/analisis/1 ... 1267726000
Sedmý soubor se nepodařil analyzovat, ptž antivirus se i po vypnutí nějak zapnul a odstranil ho.
Zde je ComboFix:
ComboFix 10-03-03.09 - Tuan 2010-03-04 19:17:55.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.511.202 [GMT 1:00]
Spuštěný z: c:\documents and settings\Tuan\Plocha\mrcha.com.exe
Použité ovládací přepínače :: c:\documents and settings\Tuan\Plocha\CFScript.txt
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Sunbelt Personal Firewall *enabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
FILE ::
"c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod.rar"
"c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\wga.cracked.exe"
"c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\www.9down.com.url"
"c:\program files\bitcomet\torrents\any video converter professional v2.7.6 + crack [rh].torrent"
"c:\program files\bitcomet\torrents\fifa.2007.keygen.torrent"
"c:\program files\bitcomet\torrents\fifa.2007.keygen[0].torrent"
"c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].torrent"
"c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].xml"
"c:\program files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.0.0.134\bntr1115479445.exe"
"c:\windows\prefetch\win rar keygen.exe-00955ac5.pf"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod.rar
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\crack\~$vod na crack k NOD32.doc
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\crack\crack.exe
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\crack\Návod na crack k NOD32.doc
c:\documents and settings\tuan\dokumenty\antiviry\nod 32 v. 3.0.650 cz + funkční crack do roku 2050 + návod\eav_nt32_csy.msi
c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\wga.cracked.exe
c:\documents and settings\tuan\dokumenty\downloads\compressed\windows.genuine.advantage.validation.v1.9.40.0.cracked.v2\www.9down.com.url
c:\documents and settings\tuan\dokumenty\downloads\compressed\xilisoft video converter ultimate 5.1.21 crack
c:\documents and settings\tuan\dokumenty\downloads\compressed\xilisoft video converter ultimate 5.1.21 crack\Crack.exe
c:\documents and settings\tuan\dokumenty\downloads\rebuilt.xilisoft video converter ultimate.5.2.7.keygen.true
c:\documents and settings\tuan\dokumenty\downloads\rebuilt.xilisoft video converter ultimate.5.2.7.keygen.true\tRUE.nfo
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\Crack.rar
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\Crack\cu.nfo
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\Crack\Patch.exe
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\Crack\www.9down.com.url
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\Setup.exe
c:\documents and settings\tuan\plocha\internet.download.manager.v5.12.incl.patch\www.9down.com.url
c:\program files\bitcomet\torrents\any video converter professional v2.7.6 + crack [rh].torrent
c:\program files\bitcomet\torrents\fifa.2007.keygen.torrent
c:\program files\bitcomet\torrents\fifa.2007.keygen[0].torrent
c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].torrent
c:\program files\bitcomet\torrents\xilisoft hd video converter v5.1.2 [true keygen][h33t][matt14].xml
c:\windows\prefetch\win rar keygen.exe-00955ac5.pf
c:\windows\system32\midimap.dll . . . je infikován!!
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_.1115479445
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-04 do 2010-03-04 )))))))))))))))))))))))))))))))
.
2010-03-04 16:14 . 2008-06-21 03:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-03-04 16:14 . 2008-10-31 06:09 270888 ----a-r- c:\windows\system32\drivers\SbFw.sys
2010-03-04 16:13 . 2010-03-04 16:13 -------- d-----w- c:\program files\Sunbelt Software
2010-03-04 15:52 . 2009-07-28 14:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-03-04 15:52 . 2009-03-30 08:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-03-04 15:52 . 2009-02-13 10:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-03-04 15:52 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-03-04 15:52 . 2010-03-04 15:52 -------- d-----w- c:\program files\Avira
2010-03-01 19:17 . 2010-03-01 19:18 -------- d-----w- c:\windows\Globalization
2010-02-28 14:19 . 2010-02-28 14:21 20480 ----a-w- c:\windows\system32\H@tKeysH@@k.DLL
2010-02-27 20:54 . 2010-02-27 20:54 -------- d-----w- c:\program files\Common Files\PCSuite
2010-02-27 20:51 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-02-27 20:50 . 2010-02-27 20:51 -------- d-----w- c:\program files\PC Connectivity Solution
2010-02-27 20:49 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-02-27 20:49 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-02-27 20:49 . 2009-10-06 10:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-02-27 20:49 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2010-02-27 20:49 . 2009-10-06 10:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-02-27 20:49 . 2009-10-06 10:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-02-27 09:25 . 2010-02-27 09:25 -------- d-----w- c:\program files\Common Files\Apple
2010-02-27 09:24 . 2010-02-27 09:24 -------- d-----w- c:\program files\Apple Software Update
2010-02-26 18:42 . 2010-02-26 18:42 -------- d-----w- c:\documents and settings\Tuan\AppData
2010-02-21 12:34 . 2010-02-21 12:34 -------- d-s---w- c:\documents and settings\LocalService\Dokumenty
2010-02-21 12:34 . 2010-02-21 12:34 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-02-20 17:28 . 2005-06-06 17:06 14448 ------w- c:\windows\system32\drivers\wg6n.sys
2010-02-20 17:28 . 2005-06-06 17:06 14448 ------w- c:\windows\system32\drivers\wg5n.sys
2010-02-20 17:28 . 2005-06-06 17:05 14448 ------w- c:\windows\system32\drivers\wg4n.sys
2010-02-18 18:23 . 2010-02-20 17:22 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-02-18 16:13 . 2010-02-18 16:14 -------- d-----w- c:\program files\ARCHPR
2010-02-17 19:24 . 2010-02-17 19:37 -------- d-----w- c:\program files\Wondershare
2010-02-17 19:01 . 2010-03-04 14:34 -------- d-----w- c:\program files\Xilisoft
2010-02-14 13:02 . 2010-02-14 13:11 219124 ----a-w- c:\windows\system32\netcache.dll
2010-02-14 10:00 . 2010-02-14 10:00 135168 ----a-w- c:\windows\system32\X3DAud32.dll
2010-02-11 17:06 . 2010-03-04 16:51 -------- d-----w- C:\ComboFix
2010-02-11 17:06 . 2010-02-11 17:05 391680 ----a-w- c:\windows\system32\CF10123.exe
2010-02-11 15:24 . 2010-02-11 15:25 -------- d-----w- C:\rsit
2010-02-11 14:56 . 2010-02-11 14:56 19968 ----a-w- c:\windows\system32\drivers\services.exe.vir
2010-02-11 14:56 . 2010-02-11 14:56 -------- d-----w- c:\windows\Your Product
2010-02-10 16:44 . 2010-02-10 16:44 -------- d-----w- c:\program files\ATI
2010-02-06 18:48 . 2010-02-19 19:52 2331008 ----a-w- c:\windows\system32\TUKernel.exe
2010-02-06 18:06 . 2010-02-06 18:19 -------- d--h--w- c:\windows\NiwradSoft Shell Pack
2010-02-06 17:17 . 2010-02-20 17:23 -------- d-----w- c:\program files\Trojan Remover
2010-02-06 13:41 . 2010-02-20 21:31 -------- d-----w- C:\raptor
2010-02-06 13:05 . 2010-02-07 12:58 -------- d-----w- c:\program files\Thoosje
2010-02-06 12:56 . 2010-02-06 12:56 -------- d-----w- c:\program files\Alky for Applications
2010-02-05 18:53 . 2010-02-05 18:57 -------- d-----w- c:\program files\Thoosje Vista Sidebar
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-04 18:35 . 2001-10-25 14:00 460786 ----a-w- c:\windows\system32\perfh005.dat
2010-03-04 18:35 . 2001-10-25 14:00 90258 ----a-w- c:\windows\system32\perfc005.dat
2010-03-04 16:24 . 2010-01-24 18:48 -------- d-----w- c:\program files\Internet Download Manager
2010-03-04 16:14 . 2008-09-06 09:53 -------- d-----w- c:\program files\BitComet
2010-03-03 18:58 . 2010-02-01 15:08 -------- d-----w- c:\program files\Valve
2010-03-01 19:17 . 2009-05-18 15:50 -------- d-----w- c:\program files\Common Files\Nokia
2010-03-01 19:17 . 2009-05-18 15:49 -------- d-----w- c:\program files\Nokia
2010-02-28 16:32 . 2008-09-06 12:48 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-27 21:03 . 2010-02-27 21:03 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-27 21:03 . 2010-02-27 21:03 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-02-27 20:51 . 2008-09-03 21:00 -------- d-----w- c:\program files\DIFX
2010-02-27 17:07 . 2009-10-29 16:50 -------- d-----w- c:\program files\Rockstar Games
2010-02-25 19:29 . 2009-06-03 11:31 -------- d-----w- c:\program files\DOSBox-0.72
2010-02-18 16:04 . 2009-08-04 08:28 -------- d-----w- c:\program files\ESET
2010-02-11 17:11 . 2009-12-26 14:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-10 16:45 . 2008-09-03 20:52 -------- d-----w- c:\program files\ATI Technologies
2010-02-08 21:31 . 2009-06-06 12:42 -------- d-----w- c:\program files\Microsoft Works
2010-02-07 13:16 . 2010-01-30 12:48 -------- d-----w- c:\program files\Download Direct
2010-02-06 18:10 . 2004-08-17 13:49 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-01-31 18:23 . 2010-01-31 18:23 -------- d-----w- c:\program files\Common Files\EasyInfo
2010-01-30 16:34 . 2010-01-28 17:41 -------- d-----w- c:\program files\Multi Theft Auto
2010-01-28 17:14 . 2010-01-28 17:14 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-28 17:13 . 2009-08-08 15:18 -------- d-----w- c:\program files\TuneUp Utilities 2009
2010-01-28 16:38 . 2010-01-28 16:37 -------- d-----w- c:\program files\RocketDock
2010-01-26 16:26 . 2008-09-03 20:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-26 16:15 . 2010-01-26 16:15 -------- d-----w- c:\program files\Astroburn Lite
2010-01-26 16:15 . 2009-12-02 16:49 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-01-26 16:15 . 2010-01-26 16:15 -------- d-----w- c:\program files\Astroburn Toolbar
2010-01-24 19:20 . 2008-09-03 21:52 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-24 13:09 . 2010-01-24 13:02 5368 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-01-24 13:09 . 2010-01-24 11:37 71910 ----a-w- c:\windows\BricoPackUninst.cmd
2010-01-23 21:21 . 2008-11-06 19:31 -------- d-----w- c:\program files\Common Files\Nero
2010-01-23 19:44 . 2008-11-06 19:31 -------- d-----w- c:\program files\Nero
2010-01-23 15:54 . 2010-01-18 21:48 -------- d-----w- c:\program files\8ee2867e7ef9f99331d53e95b62d40
2010-01-21 14:53 . 2008-09-03 22:46 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-18 21:43 . 2010-01-18 21:42 -------- d-----w- c:\program files\da0873f77db6d46b9cc963
2010-01-17 17:35 . 2009-06-06 12:41 -------- d-----w- c:\program files\MSBuild
2010-01-17 17:35 . 2010-01-17 17:35 -------- d-----w- c:\program files\Reference Assemblies
2010-01-13 16:37 . 2008-09-03 21:04 -------- d-----w- c:\program files\Yahoo!
2010-01-11 20:40 . 2010-01-10 13:47 -------- d-----w- c:\program files\Windows Desktop Search
2010-01-11 14:14 . 2010-01-11 14:14 -------- d-----w- c:\program files\Last.fm
2010-01-07 15:07 . 2009-12-26 14:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2009-12-26 14:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-31 16:50 . 2004-08-03 21:14 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:08 . 2004-08-17 13:49 983040 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 20:51 . 2009-05-11 18:55 124 ----a-w- c:\program files\config.ini
2009-12-17 07:42 . 2008-09-03 20:35 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2004-08-17 15:45 2068224 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-09 10:11 . 2004-08-17 13:45 2191360 ------w- c:\windows\system32\ntoskrnl.exe
2005-02-05 07:38 . 2009-05-11 18:55 1024000 ----a-w- c:\program files\Milan's GUI 4.exe
2005-02-03 14:45 . 2009-05-11 18:55 3505 ----a-w- c:\program files\release notes.txt
2004-06-30 11:20 . 2009-05-11 18:55 160768 ----a-w- c:\program files\fmod.dll
2009-03-08 12:09 . 2010-02-06 18:15 727904 --sha-w- c:\windows\NiwradSoft Shell Pack\Backup\iexplore.exe
2007-01-05 18:56 . 2010-02-06 18:17 64000 --sha-w- c:\windows\NiwradSoft Shell Pack\Backup\wmplayer.exe
.
------- Sigcheck -------
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . 92FAE100B7A31616DEBF6F91175000AA . 724992 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2008-04-14 . 244159B19BC4B9B6E3CFE0305049F1C3 . 694784 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 244159B19BC4B9B6E3CFE0305049F1C3 . 694784 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2009-12-21 . 4045EC195F5456FC803D9DDD22B83562 . 6167552 . . [8.00.6001.18876] . . c:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll
[-] 2009-12-21 . CCFF262E4DF7E86510ACC38ED2FD053B . 6104064 . . [8.00.6001.18876] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2009-12-21 . CCFF262E4DF7E86510ACC38ED2FD053B . 6104064 . . [8.00.6001.18876] . . c:\windows\system32\mshtml.dll
[-] 2009-12-21 . CCFF262E4DF7E86510ACC38ED2FD053B . 6104064 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2009-12-21 . BD424F12E808F3AA345C4816F7124F7C . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 . 00EC3DE6B7C581CC2675CCD549B692D7 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[7] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-10-22 . B459C87AA60BADADF3F0887737889CFF . 5939712 . . [8.00.6001.18852] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[7] 2009-10-22 . 3E902BD4D0EFB9E73C515DD3DEB6003B . 5943296 . . [8.00.6001.22942] . . c:\windows\$hf_mig$\KB976749-IE8\SP3QFE\mshtml.dll
[7] 2009-08-29 . 8097658FEC4E7E65C8A63E6B7B2B0921 . 5940224 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976749-IE8\mshtml.dll
[7] 2009-08-29 . F343C3CE6026ADE482D48B2D4F881A1D . 5942272 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\mshtml.dll
[7] 2009-07-19 . D6DA6137433E02999C1229DC692250CD . 5937152 . . [8.00.6001.18812] . . c:\windows\ie8updates\KB974455-IE8\mshtml.dll
[7] 2009-07-19 . 54E07F3B4EEF71607437367BA1922F6A . 5938176 . . [8.00.6001.22902] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . 53FF3AE6C6C6F7888E845C6A755D5C09 . 5936128 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\mshtml.dll
[7] 2009-05-13 . 3BABDB8AAEED25E0EFE23561C1A2BCE1 . 5936128 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\mshtml.dll
[7] 2009-02-21 . 920B2B7C54C6B102A98EE54C56134CEC . 3596800 . . [7.00.6000.21015] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\mshtml.dll
[7] 2009-02-20 . DB1BCEDF3C640170A9E78E199516A8C9 . 3595264 . . [7.00.6000.16825] . . c:\windows\ie8\mshtml.dll
[7] 2009-01-16 . 95E1214DBB029B3D37076999B53407D6 . 3594752 . . [7.00.6000.16809] . . c:\windows\ie7updates\KB963027-IE7\mshtml.dll
[7] 2009-01-16 . D049549814B44670C88C0C3777D24FFA . 3596288 . . [7.00.6000.20996] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\mshtml.dll
[7] 2008-12-13 . A3F482D8B827DDFBDA3F47B922DF5020 . 3593216 . . [7.00.6000.16788] . . c:\windows\ie7updates\KB961260-IE7\mshtml.dll
[7] 2008-12-13 . E32432E44F926075122F5B17E224ABF5 . 3594752 . . [7.00.6000.20973] . . c:\windows\$hf_mig$\KB960714-IE7\SP2QFE\mshtml.dll
[7] 2008-10-17 . 00439C27E013BE9DC0A6DDE4B626B6DC . 3593216 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB960714-IE7\mshtml.dll
[7] 2008-10-16 . B5F7E24595A3F05ACE4F1152542FB07F . 3595264 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\mshtml.dll
[7] 2008-08-27 . 2ECA71D805E010713BE4EA0E86827410 . 3593216 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\mshtml.dll
[7] 2008-08-26 . F1877EA1F348638E803DED6BEFB20637 . 3594752 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\mshtml.dll
[7] 2008-06-24 . EC936148284F557F19C333178768109B . 3592192 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\mshtml.dll
[7] 2008-06-23 . 28B8231CA8D55FC85E027A57C90F5C88 . 3594240 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\mshtml.dll
[7] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB953838-IE7\mshtml.dll
[7] 2004-08-17 . EF74351C9098210CC9C1A3679DB62041 . 3003392 . . [6.00.2900.2180] . . c:\windows\ie7\mshtml.dll
[-] 2008-04-14 . 581480DE9C65D6BD0552E35BF17379B2 . 587776 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2009-12-21 . B3698A70E869D9AD36A88EDB7602E864 . 1017856 . . [8.00.6001.18876] . . c:\windows\NiwradSoft Shell Pack\Backup\wininet.dll
[-] 2009-12-21 . E16024C3D64F431D2D5027DE025F4C49 . 983040 . . [8.00.6001.18876] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2009-12-21 . E16024C3D64F431D2D5027DE025F4C49 . 983040 . . [8.00.6001.18876] . . c:\windows\system32\wininet.dll
[-] 2009-12-21 . E16024C3D64F431D2D5027DE025F4C49 . 983040 . . [8.00.6001.18876] . . c:\windows\system32\dllcache\wininet.dll
[7] 2009-12-21 . 9256DA4AEE5E2C20FC6C126BDBC11997 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 . F651D2A69B7037D6063BC697CF296D8C . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[7] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-08-29 . 37CFE7928711C8157CF4D191F0EF5F69 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[7] 2009-08-29 . F658908845F3EB727FEF4769ED0E52FE . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . 0B1AA91DFEDB1298FF7D93EBA45F8DB5 . 915456 . . [8.00.6001.22896] . . c:\windows\$hf_mig$\KB972260-IE8\SP3QFE\wininet.dll
[7] 2009-07-03 . FCD887F2BA15CD8D95F8D70766D42739 . 915456 . . [8.00.6001.18806] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll
[7] 2009-05-13 . 0C20BF283DE5BA50060240383B8AA41C . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll
[7] 2009-05-13 . 9122013C5668D967C4AE7F52252898DE . 915456 . . [8.00.6001.18783] . . c:\windows\ie8updates\KB972260-IE8\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB969897-IE8\wininet.dll
[7] 2009-03-03 . 3D7B87D8102C41BABBE5922B5275AA7C . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll
[7] 2009-03-03 . BA2611F55D9AE29554008ADBC49D7664 . 826368 . . [7.00.6000.16827] . . c:\windows\ie8\wininet.dll
[7] 2008-12-20 . A039CE5F34BF98760F877B29E5A1D4CD . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll
[7] 2008-12-20 . 793DA751C812EFC3C6786BBD3B8489A8 . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll
[7] 2008-10-16 . 84801E4617B5AFB065DD58438850587D . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll
[7] 2008-10-16 . A72D6CC0F715D415003478294C4ECB2A . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 . A74381B8D7024B2D8BB5691A93F825B8 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll
[7] 2008-08-26 . 0930F57122FF74739E3684D0016877F1 . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll
[7] 2008-06-23 . 8C13D4A7479FA0A026EDA8ABCE82C0ED . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll
[7] 2008-06-23 . C66402A06B83B036C195242C0C8CF83C . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll
[7] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll
[7] 2004-08-17 . 50D263E3454E8357D13BB598129185AD . 657408 . . [6.00.2900.2180] . . c:\windows\ie7\wininet.dll
[-] 2008-04-14 . 121A686E3D61D9D45F25C03A1E4EC6D5 . 1541120 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . B720487896E2D91DA23E59820F718E34 . 1552384 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . 121A686E3D61D9D45F25C03A1E4EC6D5 . 1541120 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2008-04-14 . D8152865F2A59D765AF8317E38AA5FB4 . 25088 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-02-10 932864]
"Google Update"="c:\documents and settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-02-07 135664]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Samsung Common SM"="c:\windows\Samsung\ComSMMgr\ssmmgr.exe" [2005-07-03 372736]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-25 652624]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-09-13 1603152]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"NokiaMusic FastStart"="c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe" [2009-11-06 2090272]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 40448]
c:\documents and settings\Hoa\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" -lang 1033
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8341:TCP"= 8341:TCP:BitComet 8341 TCP
"8341:UDP"= 8341:UDP:BitComet 8341 UDP
"23204:TCP"= 23204:TCP:BitComet 23204 TCP
"23204:UDP"= 23204:UDP:BitComet 23204 UDP
"14945:TCP"= 14945:TCP:BitComet 14945 TCP
"14945:UDP"= 14945:UDP:BitComet 14945 UDP
"3074:TCP"= 3074:TCP:30
"3074:UDP"= 3074:UDP:31
"88:UDP"= 88:UDP:32
"24371:TCP"= 24371:TCP:BitComet 24371 TCP
"24371:UDP"= 24371:UDP:BitComet 24371 UDP
"8561:TCP"= 8561:TCP:BitComet 8561 TCP
"8561:UDP"= 8561:UDP:BitComet 8561 UDP
"14509:TCP"= 14509:TCP:BitComet 14509 TCP
"14509:UDP"= 14509:UDP:BitComet 14509 UDP
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2009-01-05 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2009-01-05 5248]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2009-07-22 691696]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2010-03-04 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-06-21 66600]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-03-04 108289]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2010-03-04 65576]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\drivers\adusbser.sys [2008-09-03 93440]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-03-04 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2009-04-27 13:37]
2010-02-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-03-04 c:\windows\Tasks\User_Feed_Synchronization-{EE48918A-0245-4CA9-B03E-8BD1F96EB152}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files\Verdict Free\etnxp.dll
FF - ProfilePath - c:\documents and settings\Tuan\Data aplikací\Mozilla\Firefox\Profiles\j4j3hmaf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://facebook.com
FF - component: c:\documents and settings\Tuan\Data aplikací\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\documents and settings\Tuan\Data aplikací\Mozilla\Firefox\Profiles\j4j3hmaf.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-04 19:31
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: TUKERNEL.EXE CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x81DD3418]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf857af28
\Driver\ACPI -> ACPI.sys @ 0xf83bccb8
\Driver\atapi -> 0x81dd3418
IoDeviceObjectType -> DeleteProcedure -> TUKERNEL.EXE @ 0x805a0598
ParseProcedure -> TUKERNEL.EXE @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> TUKERNEL.EXE @ 0x805a0598
ParseProcedure -> TUKERNEL.EXE @ 0x8056ea15
NDIS: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xf8247bb0
PacketIndicateHandler -> NDIS.sys @ 0xf8254a21
SendHandler -> NDIS.sys @ 0xf823287b
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-602162358-838170752-725345543-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\MSSYCLM]
@Denied: (B C D 1 2 3 4 5 6) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(1456)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
- - - - - - - > 'lsass.exe'(1532)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\psbase.dll
- - - - - - - > 'explorer.exe'(1780)
c:\program files\RocketDock\RocketDock.dll
c:\program files\Unlocker\UnlockerHook.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\program files\Internet Download Manager\idmmkb.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\msi.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\System32\TUProgSt.exe
c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
c:\windows\SOUNDMAN.EXE
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\Internet Download Manager\IEMonitor.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Celkový čas: 2010-03-04 19:42:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-03-04 18:42
ComboFix2.txt 2010-03-04 17:27
Před spuštěním: Volných bajtů: 21,510,483,968
Po spuštění: Volných bajtů: 21,378,088,960
- - End Of File - - 2860DADCF35F488C6E0D150E0F264C0A
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Odinstalujte všechny emulátory virtuálních mechanik. Stáhněte SPTD http://www.duplexsecure.com/en/downloads
- Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
- zvolte možnost Uninstall a restartujte PC.
Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe Start > Spustit (Win + R)- Vyskočí okénko, zkopírujte do něj:
Kód: Vybrat vše
"%userprofile%\plocha\mbr" -t- Klikněte na OK
- Vytvoří se log s názvem mbr.log, vložte ho sem.
Re: Prosím o kontrolu logu
Zde log z MBR:
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: TUKERNEL.EXE CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys atapi.sys pciide.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: TUKERNEL.EXE CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys atapi.sys pciide.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Vypadá že je v pořádku, možná jen ta přeinstalace toho Keria, žádné vytížení CPU apod., v pohodě
Díky moc.
Díky moc.
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Odinstalujte ComboFix přes:Start >> Spustit, zkopírujte do okénka:
ComboFix /Uninstall
stiskněte Enter
Stáhněte T-Cleanerhttp://sweb.cz/Marinus/T-Cleaner.exe
- Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
- Po použití program vymažte. Pozor,antiviry ho mohou falešně označit za vir.
Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe
- Spusťte.
- Klikněte na "CleanUp!". Potvrďte hlášky stiskem "Yes" (Bude následovat restart)
Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
- Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
Záložka Čistič - Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
Záložka Registry - Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít
Dejte log z RSIT.Re: Prosím o kontrolu logu
Dočištěno T-Cleanerem a CCleanerem, OTC také
Zde nový RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Tuan at 2010-03-04 20:34:29
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 21 GB (28%) free of 76 GB
Total RAM: 511 MB (15% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:34:45, on 4.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tuan\Dokumenty\Downloads\RSIT.exe
C:\Documents and Settings\Tuan\Plocha\Tuan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0484785968
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 12535 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{EE48918A-0245-4CA9-B03E-8BD1F96EB152}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2007-09-28 95664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2009-11-16 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll [2009-07-16 664888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2007-12-12 222448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Samsung Common SM"=C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe [2005-07-03 372736]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-13 1603152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2009-11-06 2090272]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2010-02-10 932864]
"Google Update"=C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-02-07 135664]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 40448]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-01-25 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-25 190976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======List of files/folders created in the last 1 months======
2010-03-04 20:34:29 ----D---- C:\rsit
2010-03-04 19:33:04 ----SHD---- C:\RECYCLER
2010-03-04 18:04:53 ----A---- C:\Boot.bak
2010-03-04 18:04:46 ----RASHD---- C:\cmdcons
2010-03-04 17:13:47 ----D---- C:\Program Files\Sunbelt Software
2010-03-04 16:52:51 ----D---- C:\Program Files\Avira
2010-03-04 16:52:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2010-03-04 16:35:05 ----D---- C:\Documents and Settings\Tuan\Data aplikací\AVG8
2010-03-01 20:17:59 ----D---- C:\WINDOWS\Globalization
2010-03-01 20:17:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
2010-02-28 15:19:12 ----A---- C:\WINDOWS\system32\H@tKeysH@@k.DLL
2010-02-27 21:54:44 ----D---- C:\Program Files\Common Files\PCSuite
2010-02-27 21:50:54 ----D---- C:\Program Files\PC Connectivity Solution
2010-02-27 21:49:24 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2010-02-27 21:49:24 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-02-27 18:08:03 ----D---- C:\Documents and Settings\Tuan\Data aplikací\InstallShield Installation Information
2010-02-27 10:25:10 ----D---- C:\Program Files\Common Files\Apple
2010-02-27 10:24:27 ----D---- C:\Program Files\Apple Software Update
2010-02-27 10:24:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2010-02-18 19:23:36 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-02-18 17:13:59 ----A---- C:\WINDOWS\ARCHPR.INI
2010-02-18 17:13:32 ----D---- C:\Program Files\ARCHPR
2010-02-17 20:24:10 ----D---- C:\Program Files\Wondershare
2010-02-17 20:01:06 ----D---- C:\Program Files\Xilisoft
2010-02-17 17:21:42 ----D---- C:\Documents and Settings\Tuan\Data aplikací\nod32 updater
2010-02-14 14:02:30 ----A---- C:\WINDOWS\system32\netcache.dll
2010-02-14 11:00:40 ----A---- C:\WINDOWS\system32\X3DAud32.dll
2010-02-11 15:56:13 ----D---- C:\WINDOWS\Your Product
2010-02-11 06:38:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 18:26:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2010-02-10 18:17:10 ----D---- C:\Documents and Settings\Tuan\Data aplikací\Orbit
2010-02-10 17:44:30 ----D---- C:\Program Files\ATI
2010-02-06 19:48:14 ----A---- C:\WINDOWS\system32\TUKernel.exe
2010-02-06 19:10:16 ----A---- C:\WINDOWS\system32\uxtheme.dll.backup
2010-02-06 19:06:52 ----HD---- C:\WINDOWS\NiwradSoft Shell Pack
2010-02-06 18:17:45 ----D---- C:\Program Files\Trojan Remover
2010-02-06 14:41:21 ----D---- C:\raptor
2010-02-06 14:05:29 ----D---- C:\Program Files\Thoosje
2010-02-06 13:56:45 ----D---- C:\Program Files\Alky for Applications
2010-02-05 19:53:42 ----D---- C:\Program Files\Thoosje Vista Sidebar
======List of files/folders modified in the last 1 months======
2010-03-04 20:34:42 ----D---- C:\WINDOWS\Prefetch
2010-03-04 20:29:13 ----D---- C:\WINDOWS
2010-03-04 20:24:53 ----D---- C:\Program Files\Mozilla Firefox
2010-03-04 20:21:57 ----D---- C:\WINDOWS\Temp
2010-03-04 20:21:49 ----D---- C:\Documents and Settings\Tuan\Data aplikací\DMCache
2010-03-04 20:21:40 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-04 20:19:19 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-03-04 20:17:01 ----SHD---- C:\System Volume Information
2010-03-04 20:17:01 ----D---- C:\WINDOWS\system32\Restore
2010-03-04 20:16:25 ----D---- C:\WINDOWS\system32
2010-03-04 20:11:24 ----D---- C:\WINDOWS\system32\drivers
2010-03-04 20:04:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-04 19:55:33 ----D---- C:\Config.Msi
2010-03-04 19:55:32 ----HD---- C:\WINDOWS\inf
2010-03-04 19:55:15 ----SHD---- C:\WINDOWS\Installer
2010-03-04 19:55:15 ----RD---- C:\Program Files
2010-03-04 19:54:40 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-03-04 19:31:42 ----A---- C:\WINDOWS\system.ini
2010-03-04 19:28:17 ----D---- C:\WINDOWS\system32\config
2010-03-04 19:24:01 ----D---- C:\WINDOWS\AppPatch
2010-03-04 19:23:58 ----D---- C:\Program Files\Common Files
2010-03-04 18:26:07 ----SD---- C:\WINDOWS\Tasks
2010-03-04 18:04:53 ----RASH---- C:\boot.ini
2010-03-04 17:24:43 ----D---- C:\Program Files\Internet Download Manager
2010-03-04 17:14:08 ----D---- C:\Program Files\BitComet
2010-03-04 17:12:54 ----D---- C:\Downloads
2010-03-04 17:05:12 ----HD---- C:\WINDOWS\system32\GroupPolicy
2010-03-04 16:52:19 ----D---- C:\WINDOWS\WinSxS
2010-03-04 16:15:08 ----D---- C:\Documents and Settings\Tuan\Data aplikací\IDM
2010-03-04 15:44:59 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-03 19:58:52 ----D---- C:\Program Files\Valve
2010-03-01 20:19:28 ----D---- C:\Documents and Settings\Tuan\Data aplikací\Nokia
2010-03-01 20:17:43 ----RSD---- C:\WINDOWS\assembly
2010-03-01 20:17:34 ----RSD---- C:\WINDOWS\Fonts
2010-03-01 20:17:33 ----D---- C:\Program Files\Common Files\Nokia
2010-03-01 20:17:28 ----D---- C:\Program Files\Nokia
2010-03-01 19:01:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2010-02-28 17:32:58 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-02-27 22:02:26 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-27 21:51:37 ----D---- C:\Program Files\DIFX
2010-02-27 21:51:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-27 21:45:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-02-27 18:07:52 ----D---- C:\Program Files\Rockstar Games
2010-02-26 19:46:22 ----D---- C:\WINDOWS\Debug
2010-02-25 20:29:58 ----D---- C:\Program Files\DOSBox-0.72
2010-02-24 15:34:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-24 15:33:45 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-18 17:04:49 ----D---- C:\Program Files\ESET
2010-02-18 17:01:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-02-17 19:59:12 ----D---- C:\WINDOWS\Minidump
2010-02-11 18:11:01 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-10 22:28:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-10 17:45:14 ----D---- C:\Program Files\ATI Technologies
2010-02-08 22:32:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-08 22:31:17 ----D---- C:\Program Files\Microsoft Works
2010-02-08 22:28:13 ----A---- C:\WINDOWS\win.ini
2010-02-07 14:16:16 ----D---- C:\Program Files\Download Direct
2010-02-06 19:21:27 ----D---- C:\Program Files\Windows Media Player
2010-02-06 19:21:27 ----D---- C:\Program Files\Outlook Express
2010-02-06 19:21:27 ----D---- C:\Program Files\Common Files\System
2010-02-06 19:21:26 ----D---- C:\WINDOWS\system32\usmt
2010-02-06 19:21:26 ----D---- C:\WINDOWS\srchasst
2010-02-06 19:21:26 ----D---- C:\Program Files\Windows NT
2010-02-06 19:21:26 ----D---- C:\Program Files\Movie Maker
2010-02-06 19:21:26 ----D---- C:\Program Files\Internet Explorer
2010-02-06 19:21:24 ----D---- C:\WINDOWS\system32\wbem
2010-02-06 19:21:24 ----D---- C:\WINDOWS\system32\oobe
2010-02-06 19:21:24 ----D---- C:\WINDOWS\network diagnostic
2010-02-06 19:21:23 ----D---- C:\WINDOWS\system32\Setup
2010-02-06 19:21:23 ----D---- C:\WINDOWS\msagent
2010-02-06 19:21:22 ----D---- C:\WINDOWS\ime
2010-02-06 19:21:20 ----D---- C:\Program Files\NetMeeting
2010-02-06 19:10:16 ----A---- C:\WINDOWS\system32\uxtheme.dll
2010-02-06 19:05:30 ----D---- C:\WINDOWS\Media
2010-02-06 19:05:29 ----D---- C:\WINDOWS\Cursors
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2008-02-27 3840]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
R2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2005-03-14 41984]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-25 1478656]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-29 47360]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-25 405504]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-08-22 604416]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-01-26 520192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-10-05 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-08-22 361216]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
-----------------EOF-----------------
Zde nový RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Tuan at 2010-03-04 20:34:29
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 21 GB (28%) free of 76 GB
Total RAM: 511 MB (15% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:34:45, on 4.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFCl.exe
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Tuan\Dokumenty\Downloads\RSIT.exe
C:\Documents and Settings\Tuan\Plocha\Tuan.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0484785968
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
--
End of file - 12535 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{EE48918A-0245-4CA9-B03E-8BD1F96EB152}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files\Internet Download Manager\IDMIECC.dll [2007-09-28 95664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2009-11-16 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll [2009-07-16 664888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2007-12-12 222448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Samsung Common SM"=C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe [2005-07-03 372736]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-10-25 652624]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-09-13 1603152]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NokiaMusic FastStart"=C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe [2009-11-06 2090272]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"IDMan"=C:\Program Files\Internet Download Manager\IDMan.exe [2010-02-10 932864]
"Google Update"=C:\Documents and Settings\Tuan\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-02-07 135664]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 40448]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-01-25 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-25 190976]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======List of files/folders created in the last 1 months======
2010-03-04 20:34:29 ----D---- C:\rsit
2010-03-04 19:33:04 ----SHD---- C:\RECYCLER
2010-03-04 18:04:53 ----A---- C:\Boot.bak
2010-03-04 18:04:46 ----RASHD---- C:\cmdcons
2010-03-04 17:13:47 ----D---- C:\Program Files\Sunbelt Software
2010-03-04 16:52:51 ----D---- C:\Program Files\Avira
2010-03-04 16:52:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2010-03-04 16:35:05 ----D---- C:\Documents and Settings\Tuan\Data aplikací\AVG8
2010-03-01 20:17:59 ----D---- C:\WINDOWS\Globalization
2010-03-01 20:17:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaMusic
2010-02-28 15:19:12 ----A---- C:\WINDOWS\system32\H@tKeysH@@k.DLL
2010-02-27 21:54:44 ----D---- C:\Program Files\Common Files\PCSuite
2010-02-27 21:50:54 ----D---- C:\Program Files\PC Connectivity Solution
2010-02-27 21:49:24 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2010-02-27 21:49:24 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-02-27 18:08:03 ----D---- C:\Documents and Settings\Tuan\Data aplikací\InstallShield Installation Information
2010-02-27 10:25:10 ----D---- C:\Program Files\Common Files\Apple
2010-02-27 10:24:27 ----D---- C:\Program Files\Apple Software Update
2010-02-27 10:24:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2010-02-18 19:23:36 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-02-18 17:13:59 ----A---- C:\WINDOWS\ARCHPR.INI
2010-02-18 17:13:32 ----D---- C:\Program Files\ARCHPR
2010-02-17 20:24:10 ----D---- C:\Program Files\Wondershare
2010-02-17 20:01:06 ----D---- C:\Program Files\Xilisoft
2010-02-17 17:21:42 ----D---- C:\Documents and Settings\Tuan\Data aplikací\nod32 updater
2010-02-14 14:02:30 ----A---- C:\WINDOWS\system32\netcache.dll
2010-02-14 11:00:40 ----A---- C:\WINDOWS\system32\X3DAud32.dll
2010-02-11 15:56:13 ----D---- C:\WINDOWS\Your Product
2010-02-11 06:38:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 18:26:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2010-02-10 18:17:10 ----D---- C:\Documents and Settings\Tuan\Data aplikací\Orbit
2010-02-10 17:44:30 ----D---- C:\Program Files\ATI
2010-02-06 19:48:14 ----A---- C:\WINDOWS\system32\TUKernel.exe
2010-02-06 19:10:16 ----A---- C:\WINDOWS\system32\uxtheme.dll.backup
2010-02-06 19:06:52 ----HD---- C:\WINDOWS\NiwradSoft Shell Pack
2010-02-06 18:17:45 ----D---- C:\Program Files\Trojan Remover
2010-02-06 14:41:21 ----D---- C:\raptor
2010-02-06 14:05:29 ----D---- C:\Program Files\Thoosje
2010-02-06 13:56:45 ----D---- C:\Program Files\Alky for Applications
2010-02-05 19:53:42 ----D---- C:\Program Files\Thoosje Vista Sidebar
======List of files/folders modified in the last 1 months======
2010-03-04 20:34:42 ----D---- C:\WINDOWS\Prefetch
2010-03-04 20:29:13 ----D---- C:\WINDOWS
2010-03-04 20:24:53 ----D---- C:\Program Files\Mozilla Firefox
2010-03-04 20:21:57 ----D---- C:\WINDOWS\Temp
2010-03-04 20:21:49 ----D---- C:\Documents and Settings\Tuan\Data aplikací\DMCache
2010-03-04 20:21:40 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-04 20:19:19 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-03-04 20:17:01 ----SHD---- C:\System Volume Information
2010-03-04 20:17:01 ----D---- C:\WINDOWS\system32\Restore
2010-03-04 20:16:25 ----D---- C:\WINDOWS\system32
2010-03-04 20:11:24 ----D---- C:\WINDOWS\system32\drivers
2010-03-04 20:04:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-04 19:55:33 ----D---- C:\Config.Msi
2010-03-04 19:55:32 ----HD---- C:\WINDOWS\inf
2010-03-04 19:55:15 ----SHD---- C:\WINDOWS\Installer
2010-03-04 19:55:15 ----RD---- C:\Program Files
2010-03-04 19:54:40 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-03-04 19:31:42 ----A---- C:\WINDOWS\system.ini
2010-03-04 19:28:17 ----D---- C:\WINDOWS\system32\config
2010-03-04 19:24:01 ----D---- C:\WINDOWS\AppPatch
2010-03-04 19:23:58 ----D---- C:\Program Files\Common Files
2010-03-04 18:26:07 ----SD---- C:\WINDOWS\Tasks
2010-03-04 18:04:53 ----RASH---- C:\boot.ini
2010-03-04 17:24:43 ----D---- C:\Program Files\Internet Download Manager
2010-03-04 17:14:08 ----D---- C:\Program Files\BitComet
2010-03-04 17:12:54 ----D---- C:\Downloads
2010-03-04 17:05:12 ----HD---- C:\WINDOWS\system32\GroupPolicy
2010-03-04 16:52:19 ----D---- C:\WINDOWS\WinSxS
2010-03-04 16:15:08 ----D---- C:\Documents and Settings\Tuan\Data aplikací\IDM
2010-03-04 15:44:59 ----A---- C:\WINDOWS\NeroDigital.ini
2010-03-03 19:58:52 ----D---- C:\Program Files\Valve
2010-03-01 20:19:28 ----D---- C:\Documents and Settings\Tuan\Data aplikací\Nokia
2010-03-01 20:17:43 ----RSD---- C:\WINDOWS\assembly
2010-03-01 20:17:34 ----RSD---- C:\WINDOWS\Fonts
2010-03-01 20:17:33 ----D---- C:\Program Files\Common Files\Nokia
2010-03-01 20:17:28 ----D---- C:\Program Files\Nokia
2010-03-01 19:01:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2010-02-28 17:32:58 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2010-02-27 22:02:26 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-27 21:51:37 ----D---- C:\Program Files\DIFX
2010-02-27 21:51:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-27 21:45:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-02-27 18:07:52 ----D---- C:\Program Files\Rockstar Games
2010-02-26 19:46:22 ----D---- C:\WINDOWS\Debug
2010-02-25 20:29:58 ----D---- C:\Program Files\DOSBox-0.72
2010-02-24 15:34:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-24 15:33:45 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-18 17:04:49 ----D---- C:\Program Files\ESET
2010-02-18 17:01:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-02-17 19:59:12 ----D---- C:\WINDOWS\Minidump
2010-02-11 18:11:01 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-10 22:28:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-10 17:45:14 ----D---- C:\Program Files\ATI Technologies
2010-02-08 22:32:33 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-08 22:31:17 ----D---- C:\Program Files\Microsoft Works
2010-02-08 22:28:13 ----A---- C:\WINDOWS\win.ini
2010-02-07 14:16:16 ----D---- C:\Program Files\Download Direct
2010-02-06 19:21:27 ----D---- C:\Program Files\Windows Media Player
2010-02-06 19:21:27 ----D---- C:\Program Files\Outlook Express
2010-02-06 19:21:27 ----D---- C:\Program Files\Common Files\System
2010-02-06 19:21:26 ----D---- C:\WINDOWS\system32\usmt
2010-02-06 19:21:26 ----D---- C:\WINDOWS\srchasst
2010-02-06 19:21:26 ----D---- C:\Program Files\Windows NT
2010-02-06 19:21:26 ----D---- C:\Program Files\Movie Maker
2010-02-06 19:21:26 ----D---- C:\Program Files\Internet Explorer
2010-02-06 19:21:24 ----D---- C:\WINDOWS\system32\wbem
2010-02-06 19:21:24 ----D---- C:\WINDOWS\system32\oobe
2010-02-06 19:21:24 ----D---- C:\WINDOWS\network diagnostic
2010-02-06 19:21:23 ----D---- C:\WINDOWS\system32\Setup
2010-02-06 19:21:23 ----D---- C:\WINDOWS\msagent
2010-02-06 19:21:22 ----D---- C:\WINDOWS\ime
2010-02-06 19:21:20 ----D---- C:\Program Files\NetMeeting
2010-02-06 19:10:16 ----A---- C:\WINDOWS\system32\uxtheme.dll
2010-02-06 19:05:30 ----D---- C:\WINDOWS\Media
2010-02-06 19:05:29 ----D---- C:\WINDOWS\Cursors
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2008-02-27 3840]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 sbhips;Sunbelt HIPS Driver; C:\WINDOWS\system32\drivers\sbhips.sys [2008-06-21 66600]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
R2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2005-03-14 41984]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-25 1478656]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-29 47360]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\WINDOWS\system32\DRIVERS\adusbser.sys [2006-10-23 93440]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 se59bus;Sony Ericsson Device 089 driver (WDM); C:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 61536]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-07-21 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-05-13 108289]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-25 405504]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 SbPF.Launcher;SbPF.Launcher; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
R2 SPF4;Sunbelt Personal Firewall 4; C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-08-22 604416]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-01-26 520192]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-10-05 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-08-22 361216]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
-----------------EOF-----------------
-
Caroprd111
- VIP
- Příspěvky: 13492
- Registrován: 22 bře 2009 20:48
- Bydliště: Třebíč
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.Jinak je log v pořádku.
Přispějete na provoz fóra?