Kód: Vybrat vše
File::
C:\WINDOWS\system\NOTEPAD.exe
C:\WINDOWS\System32\spread.exe
C:\WINDOWS\System32\salvage.exe
C:\WINDOWS\System32\systemconfig32.exe
Registry::
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"WMI Standard Event Consumer - Scripting"=-
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"FreezeScreenSaver"=-
Kód: Vybrat vše
Driver::
MSN RAV
NOTEPAD
File::
C:\WINDOWS\system\NOTEPAD.exe
C:\WINDOWS\system\msnrav.exe
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NOTEPAD"=-
"MSN RAV"=-
Kód: Vybrat vše
ComboFix 07-10-07.2 - J 2007-10-10 20:29:54.5 - NTFSx86
Syst‚m Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.120 [GMT 2:00]
Running from: C:\Documents and Settings\J \Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\J \Plocha\CFScript.txt
* Created a new restore point
FILE::
C:\WINDOWS\system\msnrav.exe
C:\WINDOWS\system\NOTEPAD.exe
.
((((((((((((((((((((((((( Files Created from 2007-09-10 to 2007-10-10 )))))))))))))))))))))))))))))))
.
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\zts2.exe
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\system32\systems.txt
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\rundll16.exe
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\rundl132.dll
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\logo1_.exe
2007-10-08 21:09 135,680 --a------ C:\WINDOWS\R.COM
2007-10-08 21:09 130,048 --a------ C:\WINDOWS\system32\T.COM
2007-10-07 20:51 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-10-07 16:33 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-07 14:58 2,358 --a------ C:\WINDOWS\system32\tmp.reg
2007-10-07 14:57 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-10-07 14:57 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-10-07 14:57 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-10-07 14:57 25,088 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-10-06 20:28 <DIR> d-------- C:\Program Files\Hard Truck 2
2007-09-30 21:22 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-09-30 20:41 <DIR> d-------- C:\Program Files\Eltima Software
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-10 20:26 --------- d-------- C:\Program Files\PeerGuardian2
2007-10-10 08:37 --------- d-------- C:\Program Files\Mozilla Thunderbird
2007-10-07 14:55 1969 --a--c--- C:\WINDOWS\system32\drivers\fwdrv.err
2007-09-30 21:22 --------- d-------- C:\Program Files\Zoner
2007-09-16 20:27 --------- d-------- C:\Program Files\VV3
2007-09-07 16:26 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-09-05 10:17 --------- d-------- C:\Program Files\Ubisoft
2007-09-04 20:09 --------- d-------- C:\Program Files\Microsoft ActiveSync
2007-09-04 20:09 --------- d-------- C:\Program Files\EurotelSMS
2007-09-04 20:08 --------- d-------- C:\Program Files\SANDYdemo
2007-09-04 20:08 --------- d-------- C:\Program Files\Psi
2007-09-04 20:08 --------- d-------- C:\Program Files\Hexacto Games
2007-09-04 20:08 --------- d-------- C:\Program Files\Banner Maker Pro 6
2007-09-04 20:07 --------- d-------- C:\Program Files\Penezni denik
2007-09-04 20:01 --------- d-------- C:\Program Files\BlueVoda Website Builder
2007-09-04 20:00 --------- d-------- C:\Program Files\HNR Game
2007-09-04 20:00 --------- d-------- C:\Program Files\Astraware
2007-09-04 19:59 --------- d-------- C:\Program Files\Web Gallery Wizard PRO
2007-09-04 19:58 --------- d-------- C:\Program Files\JAlbum
2007-09-04 19:50 --------- d-------- C:\Program Files\OpenTTD
2007-09-04 19:48 --------- d-------- C:\Program Files\PHP Home Edition 2
2007-09-04 19:45 --------- d-------- C:\Program Files\KONAMI
2007-08-30 10:39 --------- d-------- C:\Program Files\SMS Zdarma
2007-08-29 09:43 --------- d-------- C:\Program Files\Valve
2007-08-21 12:25 --------- d-------- C:\Program Files\PC Translator
2007-08-18 20:20 --------- d-------- C:\Program Files\Trymedia
2007-08-18 20:19 --------- d-------- C:\Program Files\Gold Miner
2007-08-16 20:36 --------- d-------- C:\Program Files\Common Files\Logitech
2007-08-16 14:53 --------- d-------- C:\Program Files\infium
2007-08-12 10:32 --------- d-------- C:\Program Files\EA SPORTS
2007-08-11 20:27 --------- d-------- C:\Program Files\Ubi Soft
2007-08-11 10:57 516096 --a------ C:\WINDOWS\UN32.EXE
2007-08-11 10:50 --------- d-------- C:\Program Files\Microton 2006
2007-08-10 21:23 294912 --a------ C:\WINDOWS\TrnWord.dll
1999-06-25 10:55 149504 --a--c--- C:\Program Files\UNWISE.EXE
.
((((((((((((((((((((((((((((( snapshot@2007-10-07_16.46.03.52 )))))))))))))))))))))))))))))))))))))))))
.
----a-r 29,696 2007-10-07 18:51:42 C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF11.exe
----a-r 18,944 2007-10-07 18:51:42 C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
----a-r 65,024 2007-10-07 18:51:42 C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
----a-w 262,144 2007-10-10 15:49:11 C:\WINDOWS\system32\config\systemprofile\NtUser.dat
-c--a-w 16,384 2007-10-09 14:27:30 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
-c--a-w 32,768 2007-10-09 14:27:30 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
----a-w 32,768 2007-10-09 14:27:30 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.
----a-w 262,144 2007-10-07 14:34:52 C:\WINDOWS\system32\config\systemprofile\NtUser.dat
-c--a-w 16,384 2006-10-20 16:49:10 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
-c--a-w 32,768 2006-10-20 16:49:10 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
-c--a-w 49,152 2006-10-20 16:49:10 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"@"="" []
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2006-06-01 17:22]
"nwiz"="nwiz.exe" [2006-10-22 13:22 C:\WINDOWS\system32\nwiz.exe]
"Tweak UI"="TWEAKUI.CPL" [2003-03-25 05:49 C:\WINDOWS\system32\tweakui.cpl]
"MSConfig"="C:\WINDOWS\System32\msconfig.exe" [2005-04-02 17:11]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-09-14 22:09]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-30 21:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"@"="" []
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 19:05]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe -trayboot
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"RunStartupScriptSync"=0 (0x0)
"SynchronousMachineGroupPolicy"=0 (0x0)
"SynchronousUserGroupPolicy"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"=0 (0x0)
"NoStrCmpLogical"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoInstrumentation"=0 (0x0)
"NoSMBalloonTip"=0 (0x0)
"NoRecentDocsHistory"=0 (0x0)
"MemCheckBoxInRunDlg"=0 (0x0)
"NoAutoTrayNotify"=0 (0x0)
"NoResolveTrack"=0 (0x0)
"NoResolveSearch"=0 (0x0)
"NoWelcomeScreen"=1 (0x1)
"NoRecentDocsNetHood"=0 (0x0)
"NoDesktopCleanupWizard"=0 (0x0)
"NoSharedDocuments"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.exe.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.exe.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.exe.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Já^Nabídka Start^Programy^Po spuštění^Snow for Windows.lnk]
path=C:\Documents and Settings\Já\Nabídka Start\Programy\Po spuštění\Snow for Windows.lnk
backup=C:\WINDOWS\pss\Snow for Windows.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Já^Nabídka Start^Programy^Po spuštění^WinMySQLadmin.lnk]
path=C:\Documents and Settings\Já\Nabídka Start\Programy\Po spuštění\WinMysqlAdmin.lnk
backup=C:\WINDOWS\pss\WinMysqlAdmin.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Já^Nabídka Start^Programy^Po spuštění^Zástupce - ServiceMan.lnk]
path=C:\Documents and Settings\Já\Nabídka Start\Programy\Po spuštění\Zástupce - ServiceMan.lnk
backup=C:\WINDOWS\pss\Zástupce - ServiceMan.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApacheMonitor.exe]
C:\Program Files\PHP Home Edition 2\Apache2\bin\ApacheMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
"C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreativeMixer]
C:\Program Files\Creative\Audio2K\PROGRAM\CTMIX32.EXE /T
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
"C:\Program Files\D-Tools\daemon.exe" -lang 1029
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Disc Detector]
C:\Program Files\Creative\ShareDLL\CtNotify.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
"C:\Program Files\ICQLite\ICQLite.exe" -minimize
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NewsUpd]
C:\Program Files\Creative\News\NewsUpd.EXE /q
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nod32kui]
"C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\WINDOWS\System32\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcBoost]
"C:\Program Files\PcBoost\PcBoost.exe" /start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerGuardian]
C:\Program Files\PeerGuardian2\pg2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerStrip]
c:\program files\powerstrip\pstrip.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP2005]
C:\Program Files\qip\qip.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\supervisor.exe]
C:\WINDOWS\supervisor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VVNEWS]
C:\Program Files\VV3\main.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WEBTRAN]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampToQIP]
"C:\Program Files\qip\WinampToQIPSA.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Apache"=2 (0x2)
"StarWindService"=2 (0x2)
"LightScribeService"=2 (0x2)
"IDriverT"=3 (0x3)
"PHPGeekUtil"=2 (0x2)
"MySql"=2 (0x2)
"Apache2"=2 (0x2)
"Creative Service for CDROM Access"=2 (0x2)
R1 fwdrv;Firewall Driver;C:\WINDOWS\System32\drivers\fwdrv.sys
R1 khips;Kerio HIPS Driver;C:\WINDOWS\System32\drivers\khips.sys
R2 PStrip;PStrip;C:\WINDOWS\System32\drivers\pstrip.sys
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver;C:\WINDOWS\System32\drivers\WmBEnum.sys
R3 WmFilter;Logitech Gaming HID Filter Driver;C:\WINDOWS\System32\drivers\WmFilter.sys
R3 WmXlCore;Logitech WingMan Translation Layer Driver;C:\WINDOWS\System32\drivers\WmXlCore.sys
S3 ASPI;Advanced SCSI Programming Interface Driver;\??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys
S3 GPU-Z;GPU-Z;\??\C:\DOCUME~1\J1EA4~1\LOCALS~1\Temp\GPU-Z.sys
S3 pgfilter;pgfilter;\??\C:\Program Files\PeerGuardian2\pgfilter.sys
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
S3 WmVirHid;Logitech Virtual Hid Device Driver;C:\WINDOWS\System32\drivers\WmVirHid.sys
S4 PHPGeekUtil;PHPGeekUtil;"c:\apache\APACHE.EXE" --ntservice
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-10 20:38:59
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-10 20:42:52 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-10-10 20:42
C:\ComboFix2.txt ... 2007-10-10 17:58
C:\ComboFix3.txt ... 2007-10-08 20:55
.
--- E O F ---
Kód: Vybrat vše
2007-10-10,20:56:08
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 1 (Build 2600) - Administrative User - Completed Functions Allowed
Follow item(s) have been choosed:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Runing Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<CTFMON.EXE><C:\WINDOWS\System32\ctfmon.exe> [(Verified)Microsoft Windows XP Publisher]
<SUPERAntiSpyware><C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe> [SUPERAntiSpyware.com]
<H/PC Connection Agent><; "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"> [Microsoft Corporation]
<MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Windows XP Publisher]
<OEXPRESS><; > [N/A]
<PeerGuardian><; C:\Program Files\PeerGuardian2\pg2.exe> [Methlabs]
<QIP2005><; C:\Program Files\qip\qip.exe> [The Author of QIP]
<Skype><; "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized> [(Verified)Skype Technologies SA]
<supervisor.exe><; C:\WINDOWS\supervisor.exe> []
<WEBTRAN><; > [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<nwiz><nwiz.exe /install> []
<Tweak UI><RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp> [Microsoft Corporation]
<MSConfig><C:\WINDOWS\System32\msconfig.exe /auto> [Microsoft Corporation]
<DAEMON Tools><; "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033> [(Verified)DAEMON Tools Code Signing Services]
<!AVG Anti-Spyware><"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized> [(Verified)GRISOFT LTD]
<AGRSMMSG><; AGRSMMSG.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<ApacheMonitor.exe><; C:\Program Files\PHP Home Edition 2\Apache2\bin\ApacheMonitor.exe> [N/A]
<CloneCDTray><; "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s> [N/A]
<CreativeMixer><; C:\Program Files\Creative\Audio2K\PROGRAM\CTMIX32.EXE /T> [Creative Technology Ltd.]
<DAEMON Tools-1033><; "C:\Program Files\D-Tools\daemon.exe" -lang 1029> [N/A]
<Disc Detector><; C:\Program Files\Creative\ShareDLL\CtNotify.exe> [Creative Technology Ltd.]
<ICQ Lite><; "C:\Program Files\ICQLite\ICQLite.exe" -minimize> [(Verified)ICQ]
<NeroFilterCheck><; C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<NewsUpd><; C:\Program Files\Creative\News\NewsUpd.EXE /q> [Creative Technology Ltd.]
<nod32kui><; "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE> [Eset ]
<OODefragTray><; C:\WINDOWS\System32\oodtray.exe> [(Verified)O an]
<PcBoost><; "C:\Program Files\PcBoost\PcBoost.exe" /start> [PGWARE LLC]
<PowerStrip><; c:\program files\powerstrip\pstrip.exe> [EnTech Taiwan]
<QuickTime Task><; "C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Computer, Inc.]
<RemoteControl><; "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"> [Cyberlink Corp.]
<TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<VVNEWS><; C:\Program Files\VV3\main.exe> []
<WinampToQIP><; "C:\Program Files\qip\WinampToQIPSA.exe"> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows XP Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows XP Publisher]
<UIHost><logonui.exe> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll> [(Verified)GRISOFT LTD]
<{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}><C:\Program Files\SUPERAntiSpyware\SASSEH.DLL> [SuperAdBlocker.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
<WinlogonNotify: !SASWinLogon><C:\Program Files\SUPERAntiSpyware\SASWINLO.dll> [SUPERAntiSpyware.com]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player 6.4><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mswmp.inf,PerUserStub> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{306D6C21-C1B6-4629-986C-E59E1875B8AF}]
<N/A><"C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser> [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Adresář 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
==================================
Startup Folders
[DSLMON ]
<C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\DSLMON .lnk --> C:\PROGRA~1\SAGEM\SAGEM F@st 800-840\dslmon.exe []><N>
==================================
Services
[Apache / Apache][Stopped/Disabled]
<"c:\apache\Apache.exe" --ntservice><N/A>
[Apache2 / Apache2][Stopped/Disabled]
<"C:\Program Files\PHP Home Edition 2\Apache2\bin\Apache.exe" -k runservice><N/A>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
<C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe><N/A>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
<C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe><GRISOFT s.r.o.>
[Creative Service for CDROM Access / Creative Service for CDROM Access][Stopped/Disabled]
<C:\WINDOWS\System32\CTSvcCDA.exe><Creative Technology Ltd>
[Přístup k zařízením standardu HID / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Disabled]
<"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[Sunbelt Kerio Personal Firewall 4 / KPF4][Running/Auto Start]
<"C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe"><Sunbelt Software>
[LightScribeService Direct Disc Labeling Service / LightScribeService][Stopped/Disabled]
<"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[NOD32 Kernel Service / NOD32krn][Running/Auto Start]
<"C:\Program Files\Eset\nod32krn.exe"><Eset>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[O&O Defrag / O&O Defrag][Running/Auto Start]
<C:\WINDOWS\System32\oodag.exe><O&O Software GmbH>
[PHPGeekUtil / PHPGeekUtil][Stopped/Disabled]
<"c:\apache\APACHE.EXE" --ntservice><N/A>
[StarWind iSCSI Service / StarWindService][Stopped/Disabled]
<C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe><Rocket Division Software>
==================================
Drivers
[General Purpose USB Driver (adildr.sys) / ADILOADER][Stopped/Auto Start]
<System32\Drivers\adildr.sys><Analog Deivces>
[USB ADSL WAN Adapter / adiusbaw][Running/Manual Start]
<System32\DRIVERS\adiusbaw.sys><Analog Devices Inc.>
[Microcom InPorte Home / AgereSoftModem][Stopped/Manual Start]
<System32\DRIVERS\AGRSM.sys><Agere Systems>
[AMON / AMON][Running/Auto Start]
<\??\C:\WINDOWS\System32\drivers\amon.sys><Eset>
[Advanced SCSI Programming Interface Driver / ASPI][Stopped/Manual Start]
<\??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys><Adaptec>
[AVG Anti-Rootkit / AVG Anti-Rootkit][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\avgarkt.sys><GRISOFT, s.r.o.>
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
<\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys><N/A>
[Avg Anti-Rootkit Clean Driver / AvgArCln][Running/System Start]
<System32\DRIVERS\AvgArCln.sys><GRISOFT, s.r.o.>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
<System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[catchme / catchme][Running/Manual Start]
<\??\C:\DOCUME~1\J1EA4~1\LOCALS~1\Temp\catchme.sys><N/A>
[dtscsi / dtscsi][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\dtscsi.sys><N/A>
[Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Stopped/Manual Start]
<system32\drivers\es1371mp.sys><Creative Technology Ltd.>
[Firewall Driver / fwdrv][Running/System Start]
<\SystemRoot\system32\drivers\fwdrv.sys><Sunbelt Software>
[giveio / giveio][Running/Boot Start]
<\SystemRoot\System32\giveio.sys><N/A>
[GPU-Z / GPU-Z][Stopped/Manual Start]
<\??\C:\DOCUME~1\J1EA4~1\LOCALS~1\Temp\GPU-Z.sys><N/A>
[Hamachi Network Interface / hamachi][Stopped/Manual Start]
<System32\DRIVERS\hamachi.sys><Applied Networking Inc.>
[Kerio HIPS Driver / khips][Running/System Start]
<\SystemRoot\system32\drivers\khips.sys><>
[nv / nv][Running/System Start]
<System32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PfModNT / PfModNT][Running/Auto Start]
<\??\C:\WINDOWS\System32\PfModNT.sys><Creative Technology Ltd.>
[PStrip / PStrip][Running/Auto Start]
<system32\drivers\pstrip.sys><EnTech Taiwan>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[SASDIFSV / SASDIFSV][Running/System Start]
<\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS><>
[SASENUM / SASENUM][Running/Manual Start]
<\??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS><SuperAdBlocker, Inc.>
[SASKUTIL / SASKUTIL][Running/System Start]
<\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys><>
[Sound Blaster AudioPCI Audio Driver (WDM) / sbpci][Running/Manual Start]
<system32\drivers\sbpci.sys><Creative Technology Ltd.>
[Secdrv / Secdrv][Running/Auto Start]
<System32\DRIVERS\secdrv.sys><Macrovision Europe Ltd>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
<\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology>
[StarForce Protection VFS Driver (version 2.x) / sfvfs02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfvfs02.sys><Protection Technology>
[speedfan / speedfan][Running/Boot Start]
<\SystemRoot\System32\speedfan.sys><Windows (R) 2000 DDK provider>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[Ovladač filtru Obnovy systému / sr][Running/Boot Start]
<\SystemRoot\\SystemRoot\System32\DRIVERS\sr.sys><N/A>
[vaxscsi / vaxscsi][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\vaxscsi.sys><N/A>
[Logitech Virtual Bus Enumerator Driver / WmBEnum][Running/Manual Start]
<system32\drivers\WmBEnum.sys><Logitech Inc.>
[Logitech Gaming HID Filter Driver / WmFilter][Running/Manual Start]
<system32\drivers\WmFilter.sys><Logitech Inc.>
[Logitech Virtual Hid Device Driver / WmVirHid][Stopped/Manual Start]
<system32\drivers\WmVirHid.sys><Logitech Inc.>
[Logitech WingMan Translation Layer Driver / WmXlCore][Running/Manual Start]
<system32\drivers\WmXlCore.sys><Logitech Inc.>
[pgfilter / pgfilter][Running/Manual Start]
<\??\C:\Program Files\PeerGuardian2\pgfilter.sys><N/A>
==================================
Browser Add-ons
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[WebTransBHO Class]
{2DB66063-BB98-466A-AA0D-3E7ACF5ED853} <C:\Program Files\PC Translator\WebIE.dll, >
[FDMIECookiesBHO Class]
{CC59E0F9-7E43-44FA-9FAA-8377850BF205} <C:\Program Files\Free Download Manager\iefdmcks.dll, N/A>
[Java Plug-in 1.5.0_05]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll, Sun Microsystems, Inc.>
[Create Mobile Favorite]
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} <C:\PROGRA~1\MICROS~4\INetRepl.dll, Microsoft Corporation>
[Create Mobile Favorite]
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} <C:\PROGRA~1\MICROS~4\INetRepl.dll, Microsoft Corporation>
[ToolBarButton Class]
{7E6A20FB-153F-402c-A84B-1A64E1955D3D} <C:\Program Files\PC Translator\WebIE.dll, >
[&Zdroje informací]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[ICQ Lite]
{B863453A-26C3-4e1f-A54D-A2CD196348E9} <C:\Program Files\ICQLite\ICQLite.exe, ICQ Ltd.>
[MenuItem4 Class]
{CC963627-B1DC-40E0-B52A-CF21EE748449} <C:\Program Files\PC Translator\WebIE.dll, >
[MenuItem4 Class]
{CC963627-B1DC-40E0-B52A-CF21EE748450} <C:\Program Files\PC Translator\WebIE.dll, >
[MenuItem2 Class]
{CC963627-B1DC-40E0-B52A-CF21EE748451} <C:\Program Files\PC Translator\WebIE.dll, >
[MenuItem1 Class]
{CC963627-B1DC-40E0-B52A-CF21EE748452} <C:\Program Files\PC Translator\WebIE.dll, >
[Alcohol Soft - Alcohol 120% Toolbar]
{1CE4EE89-2D5C-4361-AF3B-D902AB545381} <C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll, N/A>
[WebTranslator]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} <C:\Program Files\PC Translator\WebIE.dll, >
[&Rádio]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[&ICQ Toolbar Search]
<res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML, N/A>
[&Search]
<http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000, N/A>
[E&xportovat do aplikace Microsoft Excel]
<res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>
[E&xportovat do aplikace Microsoft Office Excel]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[Stáhnout Free Download Managerem]
<file://C:\Program Files\Free Download Manager\dllink.htm, N/A>
[Stáhnout vybrané Free Download Managerem]
<file://C:\Program Files\Free Download Manager\dlselected.htm, N/A>
[Stáhnout vše Free Download Managerem]
<file://C:\Program Files\Free Download Manager\dlall.htm, N/A>
==================================
Running Processes
[PID: 548][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 616][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 656][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[C:\Program Files\SUPERAntiSpyware\SASWINLO.dll] [SUPERAntiSpyware.com, 1, 0, 0, 1046]
[PID: 700][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 712][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 880][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\imon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 924][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\imon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 980][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\imon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 1012][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148)]
[C:\WINDOWS\system32\cpwmon2k.dll] [N/A, ]
[C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0]
[PID: 1060][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1344][C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe] [Sunbelt Software, 4.2.3]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\kfe.dll] [Sunbelt Software, 4.2.2746]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\KTLIBEAY32_0.9.7.2.DLL] [, 0.9.7]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\KTSSLEAY32_0.9.7.2.DLL] [, 0.9.7]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\KTZLIB.dll] [, 1.2.3]
[C:\WINDOWS\System32\imon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\kwsapi.dll] [Sunbelt Software, 1, 1, 813, 1436]
[PID: 1392][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\WINDOWS\System32\BROWSEUI.dll] [Společnost Microsoft, 6.00.2800.1106 (xpsp1.020828-1920)]
[PID: 1456][C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL] [Microsoft Corporation, 7.00.9466]
[PID: 1484][C:\Program Files\Eset\nod32krn.exe] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\nod32krr.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\ps_amon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_amon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\ps_dmon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_dmon.dll] [N/A, ]
[C:\Program Files\Eset\ps_emon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_emon.dll] [N/A, ]
[C:\WINDOWS\System32\imon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[C:\Program Files\Eset\ps_nod32.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_nod32.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\ps_upd.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_upd.dll] [N/A, ]
[PID: 1500][C:\WINDOWS\System32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.9131]
[PID: 1516][C:\WINDOWS\System32\oodag.exe] [O&O Software GmbH, 10.0.1634]
[C:\WINDOWS\System32\OODAGRS.DLL] [O&O Software GmbH, 10.0.1.1617]
[C:\WINDOWS\System32\imon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 1580][C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe] [Sunbelt Software, 4.2.3]
[C:\WINDOWS\System32\imon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\KTSSLEAY32_0.9.7.2.DLL] [, 0.9.7]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\KTLIBEAY32_0.9.7.2.DLL] [, 0.9.7]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\KTZLIB.dll] [, 1.2.3]
[PID: 1644][C:\WINDOWS\System32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1676][C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe] [Sunbelt Software, 4.2.3]
[C:\WINDOWS\System32\imon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\KTSSLEAY32_0.9.7.2.DLL] [, 0.9.7]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\KTLIBEAY32_0.9.7.2.DLL] [, 0.9.7]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\MSVCR70.dll] [Microsoft Corporation, 7.00.9466.0]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\KTZLIB.dll] [, 1.2.3]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\gkh.dll] [Sunbelt Software, 1, 0, 4, 1]
[PID: 492][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\System32\imon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[PID: 676][C:\Program Files\DAEMON Tools\daemon.exe] [DT Soft Ltd., 4.06.0.0]
[C:\Program Files\DAEMON Tools\daemon.dll] [DT Soft Ltd., 4.06.0.0]
[C:\Program Files\DAEMON Tools\PFCTOC.DLL] [Padus(R), Inc., 1, 0, 0, 12]
[C:\Program Files\DAEMON Tools\Plugins\Images\bw5mount.dll] [, 1.1.0.0]
[C:\Program Files\DAEMON Tools\Plugins\Images\ccdmount.dll] [GENERIC, 1.10.0.0]
[C:\Program Files\DAEMON Tools\Plugins\Images\cuemount.dll] [DT Soft Ltd., 1.0.0.0]
[C:\Program Files\DAEMON Tools\Plugins\Images\mdsmount.dll] [DT Soft Ltd., 1.16.0.0]
[C:\Program Files\DAEMON Tools\Plugins\Images\nrgmount.dll] [GENERIC, 1.11.0.0]
[C:\Program Files\DAEMON Tools\Plugins\Images\pdimount.dll] [GENERIC, 1.01.0.0]
[PID: 1920][C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe] [GRISOFT s.r.o., 7, 5, 1, 43]
[C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll] [GRISOFT s.r.o., 4, 2, 0, 19]
[PID: 2020][C:\WINDOWS\System32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 604][C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe] [SUPERAntiSpyware.com, 3, 9, 0, 1008]
[C:\Program Files\SUPERAntiSpyware\deupx.dll] [SuperAntiSpyware.com, 1, 0, 0, 2]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [GRISOFT s.r.o., 7, 5, 1, 36]
[C:\Program Files\SUPERAntiSpyware\SASSEH.DLL] [SuperAdBlocker.com, 1, 0, 0, 1008]
[PID: 244][C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe] [, 1, 0, 0, 1]
[C:\Program Files\SAGEM\SAGEM F@st 800-840\Languages\English.dll] [, 1, 0, 0, 1]
[PID: 264][C:\Program Files\ESET\nod32kui.exe] [Eset , 2, 50, 19 ]
[C:\Program Files\ESET\nod32rui.dll] [N/A, ]
[C:\Program Files\Eset\pu_amon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_amon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pu_dmon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_dmon.dll] [N/A, ]
[C:\Program Files\Eset\pu_emon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_emon.dll] [N/A, ]
[C:\Program Files\Eset\pu_imon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[C:\Program Files\Eset\pu_nod32.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_nod32.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pu_upd.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_upd.dll] [N/A, ]
[PID: 3260][C:\Program Files\PeerGuardian2\pg2.exe] [Methlabs, 1, 0, 6, 4]
[PID: 3340][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.7: 2007091417]
[C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0]
[C:\Program Files\Mozilla Firefox\nspr4.dll] [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.7: 2007091417]
[C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.7]
[C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.7: 2007091417]
[C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.7: 2007091417]
[C:\Program Files\Mozilla Firefox\components\jsd3250.dll] [Mozilla Foundation, 1.8.1.7: 2007091417]
[C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.7: 2007091417]
[C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.7: 2007091417]
[C:\Program Files\Mozilla Firefox\components\xpinstal.dll] [Mozilla Foundation, 1.8.1.7: 2007091417]
[C:\WINDOWS\System32\imon.dll] [Eset , 2, 50, 19 ]
[C:\Program Files\Eset\pr_imon.dll] [N/A, ]
[C:\Documents and Settings\Já\Data aplikací\Mozilla\Firefox\Profiles\s2tbg4x7.Nepojmenovaný\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll] [N/A, ]
[C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.8.1.7: 2007091417]
[C:\Documents and Settings\Já\Data aplikací\Mozilla\Firefox\Profiles\s2tbg4x7.Nepojmenovaný\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll] [N/A, ]
[C:\Documents and Settings\Já\Data aplikací\Mozilla\Firefox\Profiles\s2tbg4x7.Nepojmenovaný\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll] [ , 1, 0, 0, 1]
[C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.64]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\gkh.dll] [Sunbelt Software, 1, 0, 4, 1]
[C:\WINDOWS\System32\browseui.dll] [Společnost Microsoft, 6.00.2800.1106 (xpsp1.020828-1920)]
[PID: 3872][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1984][C:\Program Files\totalcmd\totalcmd.exe] [C. Ghisler & Co., 7.01]
[C:\Program Files\Sunbelt Software\Personal Firewall 4\gkh.dll] [Sunbelt Software, 1, 0, 4, 1]
[C:\WINDOWS\System32\browseui.dll] [Společnost Microsoft, 6.00.2800.1106 (xpsp1.020828-1920)]
[C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll] [GRISOFT s.r.o., 7, 5, 1, 36]
[C:\Program Files\SUPERAntiSpyware\SASSEH.DLL] [SuperAdBlocker.com, 1, 0, 0, 1008]
[PID: 2184][C:\Program Files\sreng\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[C:\Program Files\sreng\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS Error. []
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock Provider
NOD32 protected [MSAFD Tcpip [TCP/IP]]
imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [UDP/IP]]
imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [MSAFD Tcpip [RAW/IP]]
imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP UDP Service Provider]
imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32 protected [RSVP TCP Service Provider]
imon.dll(Eset , NOD32 IMON - Internet scanning support)
NOD32
imon.dll(Eset , NOD32 IMON - Internet scanning support)
==================================
Autorun.Inf
N/A
==================================
HOSTS File
127.0.0.1 localhost
==================================
Process Privileges Scan
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1344, C:\PROGRAM FILES\SUNBELT SOFTWARE\PERSONAL FIREWALL 4\KPF4SS.EXE]
Special Privilege Enabled: SeDebugPrivilege [PID = 604, C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 604, C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 244, C:\PROGRAM FILES\SAGEM\SAGEM F@ST 800-840\DSLMON.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 264, C:\PROGRAM FILES\ESET\NOD32KUI.EXE]
Special Privilege Enabled: SeLoadDriverPrivilege [PID = 3260, C:\PROGRAM FILES\PEERGUARDIAN2\PG2.EXE]
==================================
API HOOK
Entrypoint Error: CreateProcessA (Dangerous Level: High, Hooked by Module: 0x00130239)
Entrypoint Error: CreateProcessW (Dangerous Level: High, Hooked by Module: 0x001302C5)
Entrypoint Error: CreateRemoteThread (Dangerous Level: High, Hooked by Module: 0x001304F5)
Entrypoint Error: CreateThread (Dangerous Level: High, Hooked by Module: 0x00130581)
Entrypoint Error: WriteProcessMemory (Dangerous Level: High, Hooked by Module: 0x00130699)
Entrypoint Error: SetWindowsHookExA (Dangerous Level: High, Hooked by Module: 0x00130725)
Entrypoint Error: SetWindowsHookExW (Dangerous Level: High, Hooked by Module: 0x001307B1)
==================================
Hidden Process
N/A
==================================
Kód: Vybrat vše
Process:
System Idle Process
System
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\ESET\nod32kui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\smss.exe
C:\Program Files\IceSword122en\IceSword.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\alg.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\MDM.EXE
C:\Program Files\ESET\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
Kód: Vybrat vše
Kernel Module:
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
sptd.sys
\WINDOWS\System32\Drivers\WMILIB.SYS
\WINDOWS\System32\Drivers\SCSIPORT.SYS
ACPI.sys
pci.sys
isapnp.sys
avgarkt.sys
viaide.sys
\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
atapi.sys
disk.sys
\WINDOWS\System32\DRIVERS\CLASSPNP.SYS
sr.sys
PxHelp20.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
viaagp.sys
speedfan.sys
sfvfs02.sys
sfhlp02.sys
sfdrv01.sys
Mup.sys
giveio.sys
\SystemRoot\System32\DRIVERS\processr.sys
\SystemRoot\System32\DRIVERS\nv4_mini.sys
\SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\fdc.sys
\SystemRoot\System32\DRIVERS\parport.sys
\SystemRoot\System32\DRIVERS\serial.sys
\SystemRoot\System32\DRIVERS\serenum.sys
\SystemRoot\System32\DRIVERS\i8042prt.sys
\SystemRoot\System32\DRIVERS\kbdclass.sys
\SystemRoot\System32\DRIVERS\mouclass.sys
\SystemRoot\System32\DRIVERS\imapi.sys
\SystemRoot\System32\DRIVERS\cdrom.sys
\SystemRoot\System32\DRIVERS\redbook.sys
\SystemRoot\System32\DRIVERS\ks.sys
\SystemRoot\System32\DRIVERS\usbuhci.sys
\SystemRoot\System32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\drivers\sbpci.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\akz84vtr.SYS
\SystemRoot\System32\DRIVERS\audstub.sys
\SystemRoot\System32\DRIVERS\rasl2tp.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\DRIVERS\ndiswan.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\raspptp.sys
\SystemRoot\System32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\psched.sys
\SystemRoot\System32\DRIVERS\msgpc.sys
\SystemRoot\System32\DRIVERS\ptilink.sys
\SystemRoot\System32\DRIVERS\raspti.sys
\SystemRoot\System32\DRIVERS\rdpdr.sys
\SystemRoot\System32\DRIVERS\termdd.sys
\SystemRoot\System32\DRIVERS\swenum.sys
\SystemRoot\System32\DRIVERS\update.sys
\SystemRoot\system32\drivers\WmBEnum.sys
\SystemRoot\system32\drivers\WmXlCore.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\DRIVERS\flpydisk.sys
\SystemRoot\System32\DRIVERS\gameenum.sys
\SystemRoot\System32\DRIVERS\usbhub.sys
\SystemRoot\System32\DRIVERS\USBD.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\DRIVERS\AvgArCln.sys
\SystemRoot\System32\DRIVERS\AvgAsCln.sys
\SystemRoot\System32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\fwdrv.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\System32\DRIVERS\ipsec.sys
\SystemRoot\System32\DRIVERS\tcpip.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\System32\DRIVERS\netbios.sys
\SystemRoot\System32\DRIVERS\adiusbaw.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
\SystemRoot\System32\DRIVERS\rdbss.sys
\SystemRoot\System32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\drivers\khips.sys
\SystemRoot\System32\Drivers\Fips.SYS
\??\C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
\SystemRoot\System32\Drivers\ASPI32.SYS
\SystemRoot\System32\DRIVERS\hidusb.sys
\SystemRoot\System32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\drivers\WmFilter.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\nv4_disp.dll
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\system32\drivers\pstrip.sys
\??\C:\WINDOWS\System32\drivers\amon.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\??\C:\WINDOWS\System32\PfModNT.sys
\SystemRoot\System32\DRIVERS\secdrv.sys
\??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
\??\C:\DOCUME~1\J1EA4~1\LOCALS~1\Temp\catchme.sys
\SystemRoot\System32\DRIVERS\ipfltdrv.sys
\??\C:\Program Files\PeerGuardian2\pgfilter.sys
\SystemRoot\System32\Drivers\IsDrv122.sys
\WINDOWS\system32\ntdll.dll
C:\WINDOWS\System32\giveio.sys
C:\WINDOWS\System32\speedfan.sys
Kód: Vybrat vše
Port:
Protocol Local Address Foreign Address State PID PathName
TCP 127.0.0.1 : 1025 127.0.0.1 : 44334 ESTABLISHED 1580 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
TCP 127.0.0.1 : 44334 127.0.0.1 : 1025 ESTABLISHED 1344 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
TCP 127.0.0.1 : 1033 127.0.0.1 : 1035 ESTABLISHED 1676 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
TCP 127.0.0.1 : 1035 127.0.0.1 : 1033 ESTABLISHED 1344 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
TCP 127.0.0.1 : 1027 127.0.0.1 : 1029 ESTABLISHED 1580 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
TCP 127.0.0.1 : 1029 127.0.0.1 : 1027 ESTABLISHED 1344 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
TCP 127.0.0.1 : 1041 127.0.0.1 : 1040 ESTABLISHED 3340 C:\Program Files\Mozilla Firefox\firefox.exe
TCP 127.0.0.1 : 1040 127.0.0.1 : 1041 ESTABLISHED 3340 C:\Program Files\Mozilla Firefox\firefox.exe
TCP 127.0.0.1 : 1038 127.0.0.1 : 1039 ESTABLISHED 3340 C:\Program Files\Mozilla Firefox\firefox.exe
TCP 127.0.0.1 : 1039 127.0.0.1 : 1038 ESTABLISHED 3340 C:\Program Files\Mozilla Firefox\firefox.exe
TCP 127.0.0.1 : 44334 127.0.0.1 : 1031 ESTABLISHED 1344 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
TCP 127.0.0.1 : 1031 127.0.0.1 : 44334 ESTABLISHED 1676 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
TCP 85.71.108.3 : 1264 66.249.91.104 : 80 ESTABLISHED 3340 C:\Program Files\Mozilla Firefox\firefox.exe
TCP 0.0.0.0 : 1030 0.0.0.0 : 0 LISTENING 4 NT OS Kernel
TCP 0.0.0.0 : 5000 0.0.0.0 : 0 LISTENING 492 C:\WINDOWS\system32\svchost.exe
TCP 0.0.0.0 : 445 0.0.0.0 : 0 LISTENING 4 NT OS Kernel
TCP 0.0.0.0 : 135 0.0.0.0 : 0 LISTENING 880 C:\WINDOWS\system32\svchost.exe
TCP 127.0.0.1 : 1040 0.0.0.0 : 0 LISTENING 3340 C:\Program Files\Mozilla Firefox\firefox.exe
TCP 0.0.0.0 : 1027 0.0.0.0 : 0 LISTENING 1580 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
TCP 0.0.0.0 : 1031 0.0.0.0 : 0 LISTENING 1676 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
TCP 0.0.0.0 : 1035 0.0.0.0 : 0 LISTENING 1344 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
TCP 0.0.0.0 : 1039 0.0.0.0 : 0 LISTENING 3340 C:\Program Files\Mozilla Firefox\firefox.exe
TCP 0.0.0.0 : 1264 0.0.0.0 : 0 LISTENING 3340 C:\Program Files\Mozilla Firefox\firefox.exe
TCP 0.0.0.0 : 50300 0.0.0.0 : 0 LISTENING 1516 C:\WINDOWS\system32\oodag.exe
TCP 127.0.0.1 : 1038 0.0.0.0 : 0 LISTENING 3340 C:\Program Files\Mozilla Firefox\firefox.exe
TCP 0.0.0.0 : 1025 0.0.0.0 : 0 LISTENING 1580 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
TCP 0.0.0.0 : 1029 0.0.0.0 : 0 LISTENING 1344 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
TCP 0.0.0.0 : 44334 0.0.0.0 : 0 LISTENING 1344 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
TCP 0.0.0.0 : 1033 0.0.0.0 : 0 LISTENING 1676 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
TCP 0.0.0.0 : 1041 0.0.0.0 : 0 LISTENING 3340 C:\Program Files\Mozilla Firefox\firefox.exe
TCP 0.0.0.0 : 44501 0.0.0.0 : 0 LISTENING 1344 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
UDP 0.0.0.0 : 1028 * : * 1580 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
UDP 0.0.0.0 : 1032 * : * 1676 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
UDP 85.71.108.3 : 123 * : * 924 C:\WINDOWS\system32\svchost.exe
UDP 127.0.0.1 : 123 * : * 924 C:\WINDOWS\system32\svchost.exe
UDP 0.0.0.0 : 44334 * : * 1344 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
UDP 0.0.0.0 : 1045 * : * 980 C:\WINDOWS\system32\svchost.exe
UDP 0.0.0.0 : 1057 * : * 980 C:\WINDOWS\system32\svchost.exe
UDP 0.0.0.0 : 1026 * : * 1580 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
UDP 85.71.108.3 : 1900 * : * 492 C:\WINDOWS\system32\svchost.exe
UDP 0.0.0.0 : 1034 * : * 1676 C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
UDP 127.0.0.1 : 1900 * : * 492 C:\WINDOWS\system32\svchost.exe
UDP 0.0.0.0 : 445 * : * 4 NT OS Kernel
RAW --- --- --- 4 NT OS Kernel
Kód: Vybrat vše
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:19:52, on 11. 10. 2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\CTSvcCDA.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\oodag.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\totalcmd\totalcmd.exe
D:\Stažený\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ad2.billboard.cz/please/redir.bb/1627/1/1/1/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: XBTP05231 - {031F120A-BBAF-45d8-B306-375F2A6B9398} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\PC Translator\WebIE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll (file missing)
O3 - Toolbar: (no name) - {515AB855-A175-436a-BC5C-0E4F50A023A5} - (no file)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC Translator\WebIE.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [nod32kui] ; "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\System32\msconfig.exe /auto
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [PeerGuardian] ; C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot (User 'Default user')
O4 - Global Startup: DSLMON .lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC Translator\WebIE.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{62A56BFA-A811-4217-9CE2-67B90BC72BBC}: NameServer = 194.228.41.65 194.228.41.113
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apache - Unknown owner - c:\apache\Apache.exe (file missing)
O23 - Service: Apache2 - Unknown owner - C:\Program Files\PHP Home Edition 2\Apache2\bin\Apache.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe
O23 - Service: PHPGeekUtil - Unknown owner - c:\apache\APACHE.EXE (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 8977 bytes
Kód: Vybrat vše
ComboFix 07-10-07.2 - J 2007-10-11 13:07:25.6 - NTFSx86
Syst‚m Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.193 [GMT 2:00]
Running from: C:\Documents and Settings\J \Plocha\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2007-09-11 to 2007-10-11 )))))))))))))))))))))))))))))))
.
2007-10-10 20:57 <DIR> d-------- C:\Program Files\IceSword122en
2007-10-10 20:46 <DIR> d-------- C:\Program Files\sreng
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\zts2.exe
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\system32\systems.txt
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\rundll16.exe
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\rundl132.dll
2007-10-09 16:54 <DIR> d-a------ C:\WINDOWS\logo1_.exe
2007-10-08 21:09 135,680 --a------ C:\WINDOWS\R.COM
2007-10-08 21:09 130,048 --a------ C:\WINDOWS\system32\T.COM
2007-10-07 20:51 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-10-07 16:33 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-07 14:58 2,358 --a------ C:\WINDOWS\system32\tmp.reg
2007-10-07 14:57 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-10-07 14:57 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-10-07 14:57 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-10-07 14:57 25,088 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-10-06 20:28 <DIR> d-------- C:\Program Files\Hard Truck 2
2007-09-30 21:22 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-09-30 20:41 <DIR> d-------- C:\Program Files\Eltima Software
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-11 13:06 --------- d-------- C:\Program Files\PeerGuardian2
2007-10-10 08:37 --------- d-------- C:\Program Files\Mozilla Thunderbird
2007-10-07 14:55 1969 --a--c--- C:\WINDOWS\system32\drivers\fwdrv.err
2007-09-30 21:22 --------- d-------- C:\Program Files\Zoner
2007-09-16 20:27 --------- d-------- C:\Program Files\VV3
2007-09-07 16:26 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-09-05 10:17 --------- d-------- C:\Program Files\Ubisoft
2007-09-04 20:09 --------- d-------- C:\Program Files\Microsoft ActiveSync
2007-09-04 20:09 --------- d-------- C:\Program Files\EurotelSMS
2007-09-04 20:08 --------- d-------- C:\Program Files\SANDYdemo
2007-09-04 20:08 --------- d-------- C:\Program Files\Psi
2007-09-04 20:08 --------- d-------- C:\Program Files\Hexacto Games
2007-09-04 20:08 --------- d-------- C:\Program Files\Banner Maker Pro 6
2007-09-04 20:07 --------- d-------- C:\Program Files\Penezni denik
2007-09-04 20:01 --------- d-------- C:\Program Files\BlueVoda Website Builder
2007-09-04 20:00 --------- d-------- C:\Program Files\HNR Game
2007-09-04 20:00 --------- d-------- C:\Program Files\Astraware
2007-09-04 19:59 --------- d-------- C:\Program Files\Web Gallery Wizard PRO
2007-09-04 19:58 --------- d-------- C:\Program Files\JAlbum
2007-09-04 19:50 --------- d-------- C:\Program Files\OpenTTD
2007-09-04 19:48 --------- d-------- C:\Program Files\PHP Home Edition 2
2007-09-04 19:45 --------- d-------- C:\Program Files\KONAMI
2007-08-30 10:39 --------- d-------- C:\Program Files\SMS Zdarma
2007-08-29 09:43 --------- d-------- C:\Program Files\Valve
2007-08-21 12:25 --------- d-------- C:\Program Files\PC Translator
2007-08-18 20:20 --------- d-------- C:\Program Files\Trymedia
2007-08-18 20:19 --------- d-------- C:\Program Files\Gold Miner
2007-08-16 20:36 --------- d-------- C:\Program Files\Common Files\Logitech
2007-08-16 14:53 --------- d-------- C:\Program Files\infium
2007-08-12 10:32 --------- d-------- C:\Program Files\EA SPORTS
2007-08-11 20:27 --------- d-------- C:\Program Files\Ubi Soft
2007-08-11 10:57 516096 --a------ C:\WINDOWS\UN32.EXE
2007-08-11 10:50 --------- d-------- C:\Program Files\Microton 2006
2007-08-10 21:23 294912 --a------ C:\WINDOWS\TrnWord.dll
1999-06-25 10:55 149504 --a--c--- C:\Program Files\UNWISE.EXE
.
((((((((((((((((((((((((((((( snapshot@2007-10-07_16.46.03.52 )))))))))))))))))))))))))))))))))))))))))
.
----a-r 29,696 2007-10-07 18:51:42 C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF11.exe
----a-r 18,944 2007-10-07 18:51:42 C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
----a-r 65,024 2007-10-07 18:51:42 C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
----a-w 262,144 2007-10-11 11:07:06 C:\WINDOWS\system32\config\systemprofile\NtUser.dat
-c--a-w 16,384 2007-10-09 14:27:30 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
-c--a-w 32,768 2007-10-09 14:27:30 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
----a-w 32,768 2007-10-09 14:27:30 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.
----a-w 262,144 2007-10-07 14:34:52 C:\WINDOWS\system32\config\systemprofile\NtUser.dat
-c--a-w 16,384 2006-10-20 16:49:10 C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
-c--a-w 32,768 2006-10-20 16:49:10 C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
-c--a-w 49,152 2006-10-20 16:49:10 C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2006-06-01 17:22]
"nwiz"="nwiz.exe" [2006-10-22 13:22 C:\WINDOWS\system32\nwiz.exe]
"Tweak UI"="TWEAKUI.CPL" [2003-03-25 05:49 C:\WINDOWS\system32\tweakui.cpl]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-30 21:25]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2006-04-30 08:46]
"MSConfig"="C:\WINDOWS\System32\msconfig.exe" [2005-04-02 17:11]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]
"PeerGuardian"="C:\Program Files\PeerGuardian2\pg2.exe" [2005-09-18 19:40]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 19:05]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"ICQ Lite"=C:\Program Files\ICQLite\ICQLite.exe -trayboot
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"RunStartupScriptSync"=0 (0x0)
"SynchronousMachineGroupPolicy"=0 (0x0)
"SynchronousUserGroupPolicy"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"=0 (0x0)
"NoStrCmpLogical"=1 (0x1)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoInstrumentation"=0 (0x0)
"NoSMBalloonTip"=0 (0x0)
"NoRecentDocsHistory"=0 (0x0)
"MemCheckBoxInRunDlg"=0 (0x0)
"NoAutoTrayNotify"=0 (0x0)
"NoResolveTrack"=0 (0x0)
"NoResolveSearch"=0 (0x0)
"NoWelcomeScreen"=1 (0x1)
"NoRecentDocsNetHood"=0 (0x0)
"NoDesktopCleanupWizard"=0 (0x0)
"NoSharedDocuments"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.exe.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.exe.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.exe.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Já^Nabídka Start^Programy^Po spuštění^Snow for Windows.lnk]
path=C:\Documents and Settings\Já\Nabídka Start\Programy\Po spuštění\Snow for Windows.lnk
backup=C:\WINDOWS\pss\Snow for Windows.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Já^Nabídka Start^Programy^Po spuštění^WinMysqlAdmin.lnk]
path=C:\Documents and Settings\Já\Nabídka Start\Programy\Po spuštění\WinMysqlAdmin.lnk
backup=C:\WINDOWS\pss\WinMysqlAdmin.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Já^Nabídka Start^Programy^Po spuštění^Zástupce - ServiceMan.lnk]
path=C:\Documents and Settings\Já\Nabídka Start\Programy\Po spuštění\Zástupce - ServiceMan.lnk
backup=C:\WINDOWS\pss\Zástupce - ServiceMan.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
; AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApacheMonitor.exe]
; C:\Program Files\PHP Home Edition 2\Apache2\bin\ApacheMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
; "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CreativeMixer]
; C:\Program Files\Creative\Audio2K\PROGRAM\CTMIX32.EXE /T
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
; "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
; "C:\Program Files\D-Tools\daemon.exe" -lang 1029
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Disc Detector]
; C:\Program Files\Creative\ShareDLL\CtNotify.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
; "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite]
; "C:\Program Files\ICQLite\ICQLite.exe" -minimize
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
; "C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
; C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NewsUpd]
; C:\Program Files\Creative\News\NewsUpd.EXE /q
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
;
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
; C:\WINDOWS\System32\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcBoost]
; "C:\Program Files\PcBoost\PcBoost.exe" /start
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerStrip]
; c:\program files\powerstrip\pstrip.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP2005]
; C:\Program Files\qip\qip.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
; "C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
; "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
; "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\supervisor.exe]
; C:\WINDOWS\supervisor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VVNEWS]
; C:\Program Files\VV3\main.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WEBTRAN]
;
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampToQIP]
; "C:\Program Files\qip\WinampToQIPSA.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MySql"=2 (0x2)
R1 fwdrv;Firewall Driver;C:\WINDOWS\System32\drivers\fwdrv.sys
R1 khips;Kerio HIPS Driver;C:\WINDOWS\System32\drivers\khips.sys
R2 PStrip;PStrip;C:\WINDOWS\System32\drivers\pstrip.sys
R3 pgfilter;pgfilter;\??\C:\Program Files\PeerGuardian2\pgfilter.sys
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver;C:\WINDOWS\System32\drivers\WmBEnum.sys
R3 WmFilter;Logitech Gaming HID Filter Driver;C:\WINDOWS\System32\drivers\WmFilter.sys
R3 WmXlCore;Logitech WingMan Translation Layer Driver;C:\WINDOWS\System32\drivers\WmXlCore.sys
S2 PHPGeekUtil;PHPGeekUtil;"c:\apache\APACHE.EXE" --ntservice
S3 ASPI;Advanced SCSI Programming Interface Driver;\??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys
S3 GPU-Z;GPU-Z;\??\C:\DOCUME~1\J1EA4~1\LOCALS~1\Temp\GPU-Z.sys
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS
S3 WmVirHid;Logitech Virtual Hid Device Driver;C:\WINDOWS\System32\drivers\WmVirHid.sys
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-11 13:13:39
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-11 13:16:17
C:\ComboFix-quarantined-files.txt ... 2007-10-11 13:16
C:\ComboFix2.txt ... 2007-10-10 20:42
C:\ComboFix3.txt ... 2007-10-10 17:58
.
--- E O F ---
Kód: Vybrat vše
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:38:35, on 11. 10. 2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\CTSvcCDA.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\oodag.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Program Files\totalcmd\totalcmd.exe
D:\Stažený\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ad2.billboard.cz/please/redir.bb/1627/1/1/1/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Program Files\PC Translator\WebIE.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdmcks.dll
O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll (file missing)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC Translator\WebIE.dll
O3 - Toolbar: &Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [nod32kui] ; "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\System32\msconfig.exe /auto
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [PeerGuardian] ; C:\Program Files\PeerGuardian2\pg2.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot (User 'Default user')
O4 - Global Startup: DSLMON .lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC Translator\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC Translator\WebIE.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apache - Unknown owner - c:\apache\Apache.exe (file missing)
O23 - Service: Apache2 - Unknown owner - C:\Program Files\PHP Home Edition 2\Apache2\bin\Apache.exe (file missing)
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\System32\oodag.exe
O23 - Service: PHPGeekUtil - Unknown owner - c:\apache\APACHE.EXE (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
--
End of file - 8588 bytes
Zpět na “Viry, antiviry, firewally…”
Uživatelé prohlížející si toto fórum: Google [Bot] a 0 hostů