ComboFix 08-01-04.1 - Adminko 2008-01-09 22:21:26.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.83 [GMT 1:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Plocha\CFScript.txt
* Created a new restore point
FILE
C:\WINDOWS\system32\afggbbkb.ini
C:\WINDOWS\system32\ssttt.exe
C:\WINDOWS\Tasks\At1.job
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\afggbbkb.ini
C:\WINDOWS\system32\ssttt.exe
C:\WINDOWS\Tasks\At1.job
.
((((((((((((((((((((((((( Files Created from 2007-12-09 to 2008-01-09 )))))))))))))))))))))))))))))))
.
2008-01-09 20:12 . 2008-01-09 20:12 <DIR> d-------- C:\WINDOWS\LastGood
2008-01-09 20:12 . 2008-01-09 20:12 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-01-09 14:56 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-08 16:27 . 2008-01-08 16:27 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\Lavasoft
2008-01-08 16:24 . 2008-01-08 16:24 <DIR> d-------- C:\Program Files\Lavasoft
2008-01-06 15:53 . 2006-12-19 16:53 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll
2008-01-06 15:51 . 2008-01-06 15:51 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\TuneUp Software
2008-01-06 15:50 . 2008-01-06 15:56 <DIR> d-------- C:\Program Files\TuneUp Utilities 2007
2008-01-06 15:47 . 2008-01-06 15:47 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\TuneUp Software
2008-01-06 15:46 . 2008-01-06 15:46 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-12-30 07:52 . 2007-12-30 07:52 138,752 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2007-12-30 07:50 . 2007-12-30 09:07 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2007-12-30 07:49 . 2007-12-31 13:36 <DIR> d-------- C:\Program Files\Spyware Terminator
2007-12-29 19:28 . 2007-12-29 19:53 <DIR> d-------- C:\Program Files\BSplayer
2007-12-29 19:17 . 2007-12-29 19:18 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\Media Player Classic
2007-12-29 19:16 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
2007-12-29 15:33 . 2007-12-29 15:33 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\Ahead
2007-12-29 15:27 . 2007-12-29 15:27 <DIR> d-------- C:\Program Files\WhereIsIt
2007-12-29 15:17 . 2007-12-29 15:17 <DIR> d-------- C:\Program Files\DAEMON Tools
2007-12-29 15:17 . 2007-12-29 15:17 223,128 --a------ C:\WINDOWS\system32\drivers\dtscsi.sys
2007-12-29 15:13 . 2008-01-06 14:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-29 15:13 . 2007-12-30 07:14 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-29 15:12 . 2007-12-29 15:12 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\Apple Computer
2007-12-29 15:10 . 2007-12-29 15:10 642,560 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-12-29 15:10 . 2007-12-29 15:10 96,256 --a------ C:\WINDOWS\system32\drivers\sptd9069.sys
2007-12-29 15:09 . 2008-01-09 22:21 <DIR> d-------- C:\Program Files\iTunes
2007-12-29 15:09 . 2007-12-29 15:09 <DIR> d-------- C:\Program Files\iPod
2007-12-29 15:04 . 2007-12-29 15:09 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2007-12-29 15:02 . 2007-12-29 15:02 <DIR> d-------- C:\Program Files\Apple Software Update
2007-12-29 15:00 . 2007-12-29 15:01 <DIR> d-------- C:\Program Files\FlashGet
2007-12-29 14:59 . 2007-12-29 14:59 <DIR> d-------- C:\Program Files\Common Files\Apple
2007-12-29 14:59 . 2007-12-29 14:59 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Apple
2007-12-29 14:54 . 2007-12-29 14:54 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\XnView
2007-12-29 14:52 . 2007-12-29 14:54 <DIR> d-------- C:\Program Files\XnView
2007-12-29 14:51 . 2007-12-29 17:15 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2007-12-29 14:43 . 2001-10-19 15:40 1,683,792 --a------ C:\WINDOWS\system32\wmvcore2.dll
2007-12-29 14:43 . 2001-10-19 15:40 665,424 --a------ C:\WINDOWS\system32\wmv8dmoe.dll
2007-12-29 14:43 . 2002-10-09 13:21 566,272 --a------ C:\WINDOWS\system32\wmvdmoe.dll
2007-12-29 14:43 . 2001-10-19 15:40 438,608 --a------ C:\WINDOWS\system32\wmv8dmod.dll
2007-12-29 14:43 . 2001-10-19 03:05 285,184 --a------ C:\WINDOWS\system32\wmidx2.ocx
2007-12-29 14:43 . 2007-12-29 14:43 156,910 --a------ C:\WINDOWS\WMSysPr8.prx
2007-12-29 14:41 . 2007-12-29 14:45 <DIR> d-------- C:\Program Files\Vegas 4.0
2007-12-29 14:39 . 2007-12-29 14:39 <DIR> d-------- C:\Program Files\PowerDVD
2007-12-29 14:39 . 2007-12-29 14:39 <DIR> d-------- C:\Program Files\CyberLink
2007-12-29 14:39 . 2007-12-29 14:39 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\CyberLink
2007-12-29 14:36 . 2003-03-29 16:45 89,184 --a------ C:\WINDOWS\system32\drivers\imagedrv.sys
2007-12-29 14:36 . 2003-07-29 17:09 57,344 --a------ C:\WINDOWS\system32\ImageDrive.cpl
2007-12-29 14:35 . 2007-12-29 14:35 <DIR> d-------- C:\Program Files\nero
2007-12-29 14:35 . 2007-12-29 14:35 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-12-29 14:35 . 2001-07-06 14:41 569,344 --a------ C:\WINDOWS\system32\imagr5.dll
2007-12-29 14:35 . 2001-07-06 12:44 544,768 --a------ C:\WINDOWS\system32\imagx5.dll
2007-12-29 14:35 . 2001-07-06 18:24 283,920 --a------ C:\WINDOWS\system32\ImagXpr5.dll
2007-12-29 14:35 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2007-12-29 14:35 . 2001-06-26 08:15 38,912 --a------ C:\WINDOWS\system32\picn20.dll
2007-12-29 14:33 . 1999-12-17 11:13 86,016 --a------ C:\WINDOWS\unvise32.exe
2007-12-29 14:31 . 2007-12-29 19:15 <DIR> d-------- C:\Program Files\codecs
2007-12-29 09:34 . 2007-12-29 16:37 <DIR> d-------- C:\WINDOWS\system32\cs-cz
2007-12-29 08:56 . 2006-08-21 10:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2007-12-29 08:56 . 2006-08-21 10:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2007-12-29 08:56 . 2006-08-21 13:27 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2007-12-28 23:42 . 2007-12-28 23:42 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-12-28 22:41 . 2007-07-09 14:11 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-12-28 20:22 . 2007-03-22 13:38 215,144 -ra------ C:\WINDOWS\pw32a.dll
2007-12-28 15:59 . 2007-12-28 16:08 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2007-12-28 13:28 . 2008-01-09 14:27 15,360 --a------ C:\WINDOWS\system32\ctfmon .exe
2007-12-28 13:01 . 2007-12-28 13:03 <DIR> d-------- C:\Program Files\manli-honestech TVR 2.5
2007-12-28 13:01 . 2007-12-28 13:30 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\Symantec
2007-12-28 13:01 . 2001-05-11 12:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
2007-12-28 13:00 . 2008-01-09 22:21 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2007-12-28 13:00 . 2007-12-28 21:18 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Symantec
2007-12-28 12:59 . 2007-12-28 12:59 <DIR> d-------- C:\WINDOWS\MyInstall
2007-12-28 12:59 . 2007-12-28 12:59 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\InstallShield
2007-12-28 12:58 . 2005-09-09 19:56 <DIR> d-------- C:\Program Files\Support
2007-12-28 12:58 . 2007-12-28 12:59 <DIR> d-------- C:\Program Files\Driver Validation
2007-12-28 12:55 . 2007-01-24 04:00 716,160 --a------ C:\WINDOWS\system32\drivers\3xHybrid.sys
2007-12-28 12:55 . 2005-12-13 07:28 3,072 --a------ C:\WINDOWS\system32\34CoInstaller.dll
2007-12-28 11:49 . 2007-12-28 11:49 390 --a------ C:\WINDOWS\ODBC.INI
2007-12-28 11:47 . 2007-12-28 11:47 <DIR> d-------- C:\WINDOWS\ShellNew
2007-12-28 11:39 . 2008-01-09 21:54 95 --a------ C:\WINDOWS\winamp.ini
2007-12-28 11:38 . 2007-12-29 19:01 <DIR> d-------- C:\Program Files\Winamp
2007-12-28 11:38 . 2004-08-17 15:49 23,552 --a------ C:\WINDOWS\system32\SETB1.tmp
2007-12-28 11:38 . 2004-08-17 15:49 4,096 --a------ C:\WINDOWS\system32\SETA4.tmp
2007-12-28 11:34 . 2004-08-17 15:49 23,552 --a------ C:\WINDOWS\system32\SET33.tmp
2007-12-28 11:25 . 2007-12-28 11:27 39 --a------ C:\WINDOWS\TVRMT.INI
2007-12-28 11:22 . 2007-12-28 11:22 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\Teleca
2007-12-28 11:19 . 2007-12-28 11:19 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\Sony Ericsson
2007-12-28 11:13 . 2007-12-29 19:43 <DIR> d-------- C:\Program Files\ICQLite
2007-12-28 11:13 . 2007-12-28 11:16 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\ICQLite
2007-12-28 11:08 . 2007-12-29 15:01 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-12-28 11:08 . 2007-12-28 11:08 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Sony Ericsson
2007-12-28 11:07 . 2007-12-28 11:07 <DIR> d-------- C:\Program Files\Sony Ericsson
2007-12-28 11:07 . 2007-12-28 11:08 <DIR> d-------- C:\Program Files\Common Files\Teleca Shared
2007-12-28 11:07 . 2007-12-28 11:08 <DIR> d-------- C:\Program Files\Common Files\Sony Ericsson Shared
2007-12-28 11:07 . 2007-12-28 11:08 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Teleca
2007-12-28 10:54 . 2008-01-09 16:58 1,744 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-12-28 10:52 . 2008-01-09 14:27 <DIR> d-------- C:\Program Files\NOD32
2007-12-28 10:52 . 2007-12-28 10:52 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\ESET
2007-12-28 10:47 . 2007-12-28 10:47 <DIR> d---s---- C:\WINDOWS\system32\Microsoft
2007-12-28 10:36 . 2007-12-28 10:36 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\Avant Profiles
2007-12-28 10:32 . 2007-12-29 14:44 316,640 --a------ C:\WINDOWS\WMSysPr9.prx
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-06 13:53 159,232 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
2008-01-06 13:43 159,232 ----a-w C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\msconfig.exe
2007-12-07 17:28 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll
2007-12-04 01:33 682,496 ----a-w C:\WINDOWS\system32\divx.dll
2007-11-29 22:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-11-29 22:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-29 22:44 1,290,240 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 09:00 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll
.
Kód: Vybrat vše
<pre>
----a-w 267,064 2008-01-06 13:32:37 C:\Program Files\iTunes\iTunesHelper .exe
----a-w 1,443,072 2008-01-09 13:27:34 C:\Program Files\NOD32\egui .exe
----a-w 286,720 2007-12-29 14:16:54 C:\Program Files\QuickTime\QTTask .exe
----a-w 2,834,432 2007-12-31 12:28:58 C:\Program Files\Spyware Terminator\SpywareTerminatorShield .exe
----a-w 159,232 2008-01-06 13:53:40 C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\MSConfig .exe
----a-w 15,360 2008-01-09 13:27:30 C:\WINDOWS\system32\ctfmon .exe
</pre>((((((((((((((((((((((((((((( snapshot@2008-01-09_15.55.03.36 )))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="C:\Program Files\NOD32\egui.exe" [2008-01-09 15:52 1443072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ManliTV Remote.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\ManliTV Remote.lnk
backup=C:\WINDOWS\pss\ManliTV Remote.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^TVR Scheduler.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\TVR Scheduler.lnk
backup=C:\WINDOWS\pss\TVR Scheduler.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
C:\Program Files\AdVantage\AdVantage.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-17 15:49 15360 --a------ C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
CTHELPER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2001-07-09 11:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask .exe -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe /startoptions
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TV Card Remote Control Device Monitor]
C:\WINDOWS\3xHybridRMT.exe
R0 sonyhcb;Sony Digital Imaging Base;C:\WINDOWS\system32\DRIVERS\sonyhcb.sys [2001-11-05 09:23]
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 08:21]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2007-12-30 07:52]
R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe [2004-08-17 15:49]
R3 3xHybrid;SAA7130 TV Card Service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2007-01-24 04:00]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
S2 713xTVCard;SAA7130 TV Card;C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2005-03-15 12:00]
S3 Cap7134;ManliTV Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2002-07-05 06:38]
S3 PhTVTune;ManliTV TVTuner;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2002-07-05 06:38]
S3 sonyhcs;Sony Digital Imaging Video;C:\WINDOWS\system32\DRIVERS\sonyhcs.sys [2001-11-05 09:23]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
"2008-01-06 14:55:03 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-01-09 22:24:23
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-09 22:25:29
ComboFix-quarantined-files.txt 2008-01-09 21:25:04
ComboFix2.txt 2008-01-09 14:55:55
.
2007-12-29 15:45:21 --- E O F ---
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:28:25, on 9. 1. 2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NOD32\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\BlueSoleil-bluetooth\BTNtService.exe
C:\Program Files\NOD32\ekrn.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\PROGRAMY\HijackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\Jccatch.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\NOD32\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stiahnuť položku pomocou FlashGetu - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Stiahnuť všetky položky pomocou FlashGetu - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/windows ... 8797787762
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\BlueSoleil-bluetooth\BTNtService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\NOD32\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\NOD32\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
--
End of file - 4414 bytes
.
