ComboFix 07-10-11.8 - Martin 2007-10-13 21:54:24.3 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1029.18.991 [GMT 2:00]
Running from: C:\programy\ComboFix.exe
Command switches used :: C:\Documents and Settings\Martin.MARTIN-EFF2A3CA\Plocha\CFScript.txt
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2007-09-13 to 2007-10-13 )))))))))))))))))))))))))))))))
.
2007-10-13 00:15 <DIR> d-------- C:\Program Files\DVD Decrypter
2007-10-11 19:17 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-10 19:38 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-10-09 21:01 <DIR> d-------- C:\Program Files\Your Uninstaller 2006
2007-10-09 17:34 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-10-09 17:34 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-10-09 17:20 <DIR> d-------- C:\Program Files\Lavalys
2007-10-09 17:04 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-10-09 17:04 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-10-09 17:04 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-10-07 18:09 294,912 --a------ C:\WINDOWS\bndsrdkq.dll
2007-10-07 18:09 50,176 --a------ C:\WINDOWS\wsremover.exe
2007-10-07 15:29 47,360 --a------ C:\WINDOWS\system32\drivers\Pcouffin.sys
2007-10-07 15:28 <DIR> d-------- C:\Program Files\vso
2007-10-04 19:49 42,672 --a------ C:\WINDOWS\system32\wbsys.dll
2007-10-04 19:48 <DIR> d-------- C:\Program Files\Stardock
2007-10-03 23:06 <DIR> d-------- C:\Program Files\Nero
2007-10-03 23:06 <DIR> d-------- C:\Program Files\Common Files\Nero
2007-09-24 09:05 132,904 --a------ C:\WINDOWS\system32\drivers\imagesrv.sys
2007-09-24 09:05 11,304 --a------ C:\WINDOWS\system32\drivers\imagedrv.sys
2007-09-20 09:59 972,072 --a------ C:\WINDOWS\UNRecode.exe
2007-09-20 09:55 972,072 --a------ C:\WINDOWS\UNNeroMediaHome.exe
2007-09-20 09:55 95,600 --a------ C:\WINDOWS\system32\NeroCo.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-12 14:35 --------- d-----w C:\Program Files\ICQToolbar
2007-10-09 18:56 --------- d-----w C:\Program Files\Lexmark X1100 Series
2007-10-04 21:21 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2007-10-03 20:53 --------- d-----w C:\Program Files\Common Files\Ahead
2007-09-21 12:49 --------- d-----w C:\Program Files\OpenOffice.org 2.1
2007-09-07 22:36 --------- d-----w C:\Program Files\QuickTime
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-09-06 10:05 94,416 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-09-06 10:05 92,848 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-09-06 10:03 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-06 10:02 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-09-06 10:00 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-09-06 10:00 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-08-25 15:07 --------- d-----w C:\Program Files\Infogrames
2007-08-25 11:23 --------- d-----w C:\Program Files\ICQ6
2007-08-24 08:57 --------- d-----w C:\Program Files\MSXML 4.0
2007-08-23 11:06 2,322,176 ----a-w C:\WINDOWS\system32\TUKernel.exe
2007-08-23 01:01 17,480 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-08-21 06:18 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-20 22:16 --------- d-----w C:\Program Files\ATI Technologies
2007-08-20 22:14 --------- d-----w C:\Program Files\Common Files\ATI Technologies
2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-30 17:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-30 17:19 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-07-30 17:19 207,736 ----a-w C:\WINDOWS\system32\muweb.dll
2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2003-04-10 17:20 40,448 ----a-w C:\Documents and Settings\Martin.MARTIN-EFF2A3CA\trial_setup.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-02 16:35]
"nwiz"="nwiz.exe" [2005-08-02 16:35 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-08-02 16:35]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06]
"WinFast Schedule"="C:\Program Files\WinFast\WFTVFM\WFWIZ.exe" [2005-03-02 13:21]
"SoundMan"="SOUNDMAN.EXE" [2004-12-01 09:54 C:\WINDOWS\SOUNDMAN.EXE]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [2004-01-14 04:10]
"Cas 2"="C:\programy\Čas 2.1\Cas 2.1.exe" []
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48]
"PinnacleDriverCheck"="C:\WINDOWS\system32\\PSDrvCheck.exe" [2004-03-11 01:26]
"UVS11 Preload"="C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 14:12]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-08 00:36]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CursorXP"="C:\Program Files\CursorXP\CursorXP.exe" [2005-01-19 17:34]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-18 14:00]
"SkinClock"="C:\Program Files\Free Desktop Clock\DesktopClock.exe" [2006-10-01 16:50]
"UberIcon"="C:\Program Files\UberIcon\UberIcon Manager.exe" [2006-07-17 23:16]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 15:35]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll 2007-09-23 10:10 143360 C:\Program Files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
R2 BT848;WinFast TV2000 XP WDM Video Capture;C:\WINDOWS\system32\drivers\wf2kvcap.sys
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3;C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
R2 nxsIO32;NextSensor Kernel I/O Driver;\??\C:\WINDOWS\System32\DRIVERS\nxsIO32.sys
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;C:\WINDOWS\system32\drivers\wf2ktunr.sys
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;C:\WINDOWS\system32\drivers\wf2kxbar.sys
R2 UxTuneUp;TuneUp Design Expansion;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys
R3 WFIOCTL;WFIOCTL;\??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS
R3 WLAN; Wireless LAN Driver;C:\WINDOWS\system32\DRIVERS\wlanNDS.sys
S3 axskbus;axskbus;C:\WINDOWS\system32\DRIVERS\axskbus.sys
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
"2007-10-12 15:16:40 C:\WINDOWS\Tasks\1-Click Maintenance.job"
"2007-10-08 14:31:28 C:\WINDOWS\Tasks\Úklid 1 kliknutím.job"
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2007-10-13 21:58:03
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-13 21:59:05
.
--- E O F ---
