Logfile of Trend Micro HijackThis v2.0.2Scan saved at 13:07, on 2008-03-29
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Programy\Alwil Software\Avast4\aswUpdSv.exe
C:\Programy\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\o2flash.exe
C:\WINDOWS\System32\svchost.exe
C:\Programy\Alwil Software\Avast4\ashMaiSv.exe
C:\Programy\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\tsnp2std.exe
C:\WINDOWS\vsnp2std.exe
C:\Programy\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programy\RocketDock\RocketDock.exe
C:\Programy\Alwil Software\Avast4\ashDisp.exe
C:\Programy\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\WINDOWS\explorer.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Programy\Krtecek_2_0_2\Krtecek.exe
C:\Programy\Winamp\winamp.exe
C:\Programy\Mozilla Firefox 3 Beta 3\firefox.exe
C:\Programy\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.daemon-search.com/startpageR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Burn4Free Toolbar Helper - {60BF5EE3-0105-4858-AD98-17C19F86B042} - C:\Program Files\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programy\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Burn4Free Toolbar - {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - C:\Program Files\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programy\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Programy\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Avast] C:\\Programy\\Alwil Software\\Avast4\\ashDisp.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Programy\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel -
res://C:\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programy\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programy\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -
http://driveragent.com/files/driveragent.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programy\MICROS~1\Office12\GR99D3~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programy\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programy\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programy\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programy\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\System32\o2flash.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
--
End of file - 6999 bytes
ComboFix 08-03-27.3 - Thief 2008-03-29 12:37:49.2 - NTFSx86Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.512 [GMT 1:00]
Running from: C:\Documents and Settings\Thief\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\Thief\Plocha\CFScript.txt
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!FILE ::
C:\dream.exe
C:\is2.exe
C:\sys.exe
C:\WINDOWS\system32\TUKernel.exe
C:\WINDOWS\system32\x264vfw.dll
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\dream.exe
C:\is2.exe
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise.exe
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isee.exe
C:\sys.exe
C:\WINDOWS\system32\TUKernel.exe
C:\WINDOWS\system32\x264vfw.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_npf
-------\Service_npf
((((((((((((((((((((((((( Files Created from 2008-02-28 to 2008-03-29 )))))))))))))))))))))))))))))))
.
2008-03-29 11:54 . 2008-03-29 11:54 1,009,033 --a------ C:\sytom.exe
2008-03-29 10:05 . 2008-03-29 10:05 241 --a------ C:\Documents and Settings\Thief\SR.vbs
2008-03-28 22:00 . 2008-03-29 12:46 1,639,712 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-03-28 22:00 . 2008-03-29 12:41 22,988 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-03-28 19:37 . 2008-03-28 19:37 0 --a------ C:\23990098.$$$
2008-03-28 19:14 . 2008-03-28 19:14 <DIR> d-------- C:\Program Files\ZoneAlarmSB
2008-03-28 19:11 . 2008-03-13 23:11 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-03-28 19:11 . 2004-04-27 04:40 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2008-03-28 19:11 . 2008-03-28 19:15 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-03-28 07:33 . 2008-03-28 15:50 <DIR> d-------- C:\WINDOWS\system32\dk
2008-03-25 17:29 . 2008-03-25 17:29 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-03-23 15:24 . 2008-03-23 15:24 <DIR> d-------- C:\Program Files\Common Files\snp2std
2008-03-23 15:24 . 2005-08-25 22:55 8,807,424 --a------ C:\WINDOWS\system32\drivers\snp2sxp.sys
2008-03-19 15:49 . 2008-03-19 15:49 <DIR> d-------- C:\Program Files\NSS
2008-03-19 15:49 . 2006-08-29 15:56 32,377 --a------ C:\WINDOWS\system32\drivers\prodigy.sys
2008-03-15 16:59 . 2008-03-24 18:35 <DIR> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-03-15 16:39 . 2008-03-15 16:39 362 --a------ C:\WINDOWS\Z stupce - WINDOWS.lnk
2008-03-14 22:35 . 2008-03-14 22:35 <DIR> d-------- C:\WINDOWS\Video Converter
2008-03-14 22:35 . 2008-03-14 22:52 <DIR> d-------- C:\Program Files\Video Converter
2008-03-11 16:36 . 2006-10-04 15:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-03-11 16:36 . 2006-10-04 15:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-03-11 16:36 . 2006-10-04 15:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-03-11 16:35 . 2008-03-11 16:35 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2008-03-11 16:32 . 2008-03-11 16:32 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-03-11 16:32 . 2008-03-22 21:42 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-03-08 15:01 . 2008-03-08 15:01 <DIR> d-------- C:\Program Files\Nokia
2008-03-05 15:51 . 2008-03-12 21:33 38 --a------ C:\WINDOWS\AviSplitter.INI
2008-03-01 15:59 . 2008-02-18 17:29 96,256 --a------ C:\WINDOWS\system32\drivers\mcdbus.sys
2008-03-01 15:48 . 2008-03-01 15:48 123 --a------ C:\WINDOWS\Winchat.ini
2008-03-01 13:46 . 2008-03-01 13:46 <DIR> d-------- C:\Program Files\DIFX
2008-03-01 13:46 . 2008-03-01 13:46 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-03-01 13:46 . 2008-03-08 15:01 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-03-01 13:45 . 2008-03-01 13:46 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-03-01 13:45 . 2008-03-01 13:45 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-03-01 13:45 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-03-01 13:45 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-03-01 13:45 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-03-01 13:45 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-03-01 13:45 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-03-01 13:45 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-02-29 20:51 . 2008-02-29 20:51 48 --a------ C:\plug_in.ini
2008-02-29 18:35 . 2008-02-29 18:35 <DIR> d-------- C:\Documents and Settings\LocalService\Plocha
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-29 11:33 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-03-23 14:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-05 15:49 --------- d-----w C:\Program Files\Java
2008-02-28 17:00 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-02-24 21:28 --------- d-----w C:\Program Files\AdVantage
2008-02-24 17:44 --------- d-----w C:\Program Files\MSBuild
2008-02-24 17:44 --------- d-----w C:\Program Files\Microsoft Works
2008-02-24 17:42 --------- d-----w C:\Program Files\Microsoft.NET
2008-02-24 17:32 --------- d-----w C:\Program Files\OpenOffice.org 2.3
2008-02-24 10:41 --------- d-----w C:\Program Files\VstPlugins
2008-02-24 10:41 --------- d-----w C:\Program Files\Image-Line
2008-02-23 12:52 --------- d-----w C:\Program Files\ASIO4ALL v2
2008-02-23 12:42 --------- d-----w C:\Program Files\AVG
2008-02-19 11:21 --------- d-----w C:\Program Files\Creative
2008-02-19 08:31 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
2008-02-19 08:18 --------- d-----w C:\Program Files\AnswerWorks 4.0
2008-02-19 08:11 --------- d-----w C:\Program Files\Autodesk
2008-02-17 22:36 --------- d-----w C:\Program Files\uTorrent
2008-02-17 22:28 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-02-17 22:27 229,727 ----a-w C:\WINDOWS\Burn4Free_Toolbar_Uninstaller_7015.exe
2008-02-17 22:27 --------- d-----w C:\Program Files\Burn4Free Toolbar
2008-02-17 22:26 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-17 22:20 --------- d-----w C:\Program Files\Common Files\Java
2008-02-17 22:09 --------- d-----w C:\Program Files\Realtek
2008-02-17 22:08 20,747 ----a-w C:\WINDOWS\system32\drivers\AegisP.sys
2008-02-17 22:08 --------- d-----w C:\Program Files\RALINK
2008-02-17 22:05 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-17 22:05 --------- d-----w C:\Program Files\ATI Technologies
2008-02-17 22:00 --------- d-----w C:\Program Files\AMD
2008-02-17 21:53 558,142 ----a-w C:\WINDOWS\java\Packages\E2GKO9JJ.ZIP
2008-02-17 21:53 155,995 ----a-w C:\WINDOWS\java\Packages\NHBL3DFF.ZIP
2008-02-17 21:53 --------- d-----w C:\Program Files\microsoft frontpage
.
((((((((((((((((((((((((((((( snapshot@2008-03-29_10.23.33.32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-03-29 11:41:57 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_664.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
2008-03-28 19:14 262144 --a------ C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= "C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL" [2008-03-28 19:14 262144]
[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49 15360]
"RocketDock"="C:\Programy\RocketDock\RocketDock.exe" [2007-09-02 13:58 495616]
"Avast"="C:\\Programy\\Alwil Software\\Avast4\\ashDisp.exe" [2007-12-04 14:00 79224]
"PC Suite Tray"="C:\Programy\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 10:12 695808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 14:43 45056]
"AGRSMMSG"="AGRSMMSG.exe" [2005-09-09 04:20 88203 C:\WINDOWS\AGRSMMSG.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-14 10:01 16010752 C:\WINDOWS\RTHDCPL.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"tsnp2std"="C:\WINDOWS\tsnp2std.exe" [2005-08-17 15:57 90112]
"snp2std"="C:\WINDOWS\vsnp2std.exe" [2005-08-16 21:54 339968]
"ZoneAlarm Client"="C:\Programy\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-13 23:11 919016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-17 15:49 15360]
"Nokia.PCSync"="C:\Programy\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="C:\\WINDOWS\\system32\\logonui.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Programy\\QIP\\qip.exe"=
"C:\\Programy\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Programy\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Programy\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
R0 O2MDRDR;O2MDRDR;C:\WINDOWS\system32\DRIVERS\o2media.sys [2006-02-27 08:00]
R0 O2SDRDR;O2SDRDR;C:\WINDOWS\system32\DRIVERS\o2sd.sys [2006-02-20 09:01]
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe [2004-08-17 15:49]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
S3 FLASHSYS;FLASHSYS;C:\WINDOWS\system32\DRIVERS\FLASHSYS.sys []
S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2005-08-25 22:55]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-02-28 18:01]
S3 WEBNTACCESS;WEBNTACCESS;C:\WINDOWS\system32\NTACCESS.SYS []
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
"2008-03-29 11:45:54 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Programy\TuneUp Utilities 2008\OneClickStarter.exe
.
