Mohl by ses podělit jak si to opravil, kdyby se vyskytl u někoho podobný problém tak by mu to mohlo pomoci.
Máš dvě možnosti, buď použij SDFix nebo ComboFix a dej sem co je napsáno u jejich postupu.
Vir - zprávy AVASTu
re
tak uz i tohle je vyreseny 
. Ted bych potreboval posledni radu, a to jak zapnout zobrazovani tech informaci pred startem windows, nevim si s tim rady, dik moc.
. Ted bych potreboval posledni radu, a to jak zapnout zobrazovani tech informaci pred startem windows, nevim si s tim rady, dik moc.Svasik
Nemuzu najit ten program, takze ti tady posilam hijack 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:23:19, on 11.12.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\LifeView DTV\RemoteControl.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\levelone\Common\RaUI.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ICQ6\ICQ.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\kluci\Plocha\DOWNLOADED\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DTVRemote] "C:\Program Files\LifeView DTV\RemoteControl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Levelone Wireless Utility.lnk = C:\Program Files\levelone\Common\RaUI.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZDWLan Utility.lnk = C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{50FF1C27-B1AC-4EFF-B100-7CCCFE943C28}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B711F6FE-0943-45BE-9F4A-64B2F0433ECC}: NameServer = 192.168.10.10
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
--
End of file - 8052 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:23:19, on 11.12.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\LifeView DTV\RemoteControl.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\levelone\Common\RaUI.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MySQL\MySQL Server 4.1\bin\mysqld-nt.exe
C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ICQ6\ICQ.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\kluci\Plocha\DOWNLOADED\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.19.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DTVRemote] "C:\Program Files\LifeView DTV\RemoteControl.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Levelone Wireless Utility.lnk = C:\Program Files\levelone\Common\RaUI.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZDWLan Utility.lnk = C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{50FF1C27-B1AC-4EFF-B100-7CCCFE943C28}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B711F6FE-0943-45BE-9F4A-64B2F0433ECC}: NameServer = 192.168.10.10
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
--
End of file - 8052 bytes
Svasik
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
V tomto případě je mi log z HJT celkem na nic, nicméně:
Máš tam dva antiviry, nech si tam jen jeden z nich a ten druhý odinstaluj.
Pro lepší zabezpečení by bylo dobré si doinstalovat firewall, můžeš si vybrat některý zde uvedený nebo některý jiný z odkazu: Přehled osobních firewallů
Firewally zdarma:
Comodo - kvalitní, pokročilý, s mnoha funkcemi, originálně v angličtině
Kerio - přehledný, větší možnosti nastavení, náročnější na systémové prostředky, v češtině
ZoneAlarm - jednoduchý, kompatibilní, nenáročný na systémové prostředky, málo možností nastavení, v angličtině
Pokud jsi použil SDFix tak log najdeš v jeho adresáři v souboru Report.txt, pokud ComboFix tak ten najdeš na disku C v souboru ComboFix.txt
Máš tam dva antiviry, nech si tam jen jeden z nich a ten druhý odinstaluj.
Pro lepší zabezpečení by bylo dobré si doinstalovat firewall, můžeš si vybrat některý zde uvedený nebo některý jiný z odkazu: Přehled osobních firewallů
Firewally zdarma:
Comodo - kvalitní, pokročilý, s mnoha funkcemi, originálně v angličtině
Kerio - přehledný, větší možnosti nastavení, náročnější na systémové prostředky, v češtině
ZoneAlarm - jednoduchý, kompatibilní, nenáročný na systémové prostředky, málo možností nastavení, v angličtině
Pokud jsi použil SDFix tak log najdeš v jeho adresáři v souboru Report.txt, pokud ComboFix tak ten najdeš na disku C v souboru ComboFix.txt
re
ComboFix 07-12-09.3 - kluci 2007-12-08 22:25:23.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.506 [GMT 1:00]
Running from: C:\Documents and Settings\kluci\Plocha\DOWNLOADED\ComboFix.exe
* Created a new restore point
.
ADS - svchost.exe: deleted 24064 bytes in 1 streams.
((((((((((((((((((((((((( Files Created from 2007-11-09 to 2007-12-09 )))))))))))))))))))))))))))))))
.
2007-12-08 20:59 . 2007-12-08 20:59 1,016 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2007-12-04 14:19 . 2007-12-04 14:23 <DIR> d-------- C:\Program Files\FlatOut2
2007-12-04 13:49 . 2007-12-04 14:46 <DIR> d-------- C:\Program Files\ICQ6
2007-12-04 10:10 . 2007-12-04 10:10 <DIR> d-------- C:\Program Files\SlySoft
2007-12-03 09:30 . 2007-12-03 10:16 <DIR> d-------- C:\Program Files\QIP Infium
2007-11-29 20:35 . 2007-11-29 20:35 <DIR> d-------- C:\Program Files\YouTUBE (TM) movie downloader
2007-11-26 19:39 . 2007-11-26 19:39 <DIR> d-------- C:\Program Files\FDRLab
2007-11-26 19:29 . 2007-11-26 19:41 <DIR> d-------- C:\Program Files\TubeSucker
2007-11-26 19:28 . 2007-11-26 19:28 <DIR> d-------- C:\Program Files\PQDVD
2007-11-26 18:31 . 2007-11-26 19:34 <DIR> d-------- C:\Temp
2007-11-26 18:30 . 2007-11-26 18:30 <DIR> d-------- C:\Program Files\ImTOO
2007-11-25 11:31 . 2007-11-25 11:31 <DIR> d-------- C:\Program Files\MegauploadToolbar
2007-11-12 19:06 . 2007-11-12 19:06 <DIR> d-------- C:\Program Files\Disc2Phone
2007-11-12 19:03 . 2007-11-12 19:04 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-11-12 19:03 . 2007-11-12 19:04 1,409 --a------ C:\WINDOWS\QTFont.for
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-09 21:27 --------- d-----w C:\Program Files\lg_fwupdate
2007-12-05 14:44 --------- d-----w C:\Program Files\GamePark
2007-12-04 09:14 --------- d-----w C:\Program Files\MediaCoder
2007-11-22 10:49 --------- d-----w C:\Program Files\BitComet
2007-11-12 13:16 --------- d-----w C:\Program Files\Lineage II
2007-10-31 19:27 --------- d-----w C:\Program Files\Asprate
2007-10-31 19:20 --------- d-----w C:\Program Files\Opera
2007-10-31 14:18 --------- d-----w C:\Program Files\Tibia
2007-10-31 13:24 --------- d-----w C:\Program Files\Counter-Strike Source
2007-10-31 13:14 --------- d-----w C:\Program Files\Tibia008
2007-10-30 20:25 --------- d-----w C:\Program Files\High Quality Photo Resizer
2007-10-25 10:11 --------- d-----w C:\Program Files\Nokia
2007-10-25 10:11 --------- d-----w C:\Program Files\DIFX
2007-10-25 10:11 --------- d-----w C:\Program Files\Common Files\PCSuite
2007-10-25 10:11 --------- d-----w C:\Program Files\Common Files\Nokia
2007-10-25 06:33 --------- d-----w C:\Program Files\Half-Life 2 Deathmatch
2007-10-21 14:37 --------- d-----w C:\Program Files\Valve
2007-10-18 13:54 --------- d-----w C:\Program Files\l2jserver
2007-10-18 11:22 --------- d-----w C:\Program Files\MySQL
2007-10-17 20:03 --------- d-----w C:\Program Files\PremiumSoft
2007-10-10 12:58 25,544 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-10-10 12:58 --------- d-----w C:\Program Files\Hamachi
2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 13:49]
"PowerBar"="" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-17 14:58]
"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe" [2007-09-14 18:06]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-04-11 16:52]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2006-02-10 19:40]
"ICQ"="C:\Program Files\ICQ6\ICQ.exe" [2007-10-11 14:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16:21 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 17:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-17 13:49 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-10-22 11:22 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-17 13:49 C:\WINDOWS\system32\rundll32.exe]
"DTVRemote"="C:\Program Files\LifeView DTV\RemoteControl.exe" [2006-04-26 16:28]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 19:24]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-11-02 06:55]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50]
"LGODDFU"="C:\Program Files\lg_fwupdate\fwupdate.exe" [2005-04-12 09:11]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-04-26 07:29]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-11-24 18:24]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 13:49]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-11-24 18:24]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys
R3 LVHybrid;LVHybrid service;C:\WINDOWS\system32\DRIVERS\LVHybrid.sys
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys
S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys
S3 SF-620;Kingsun SF-620 USB Infrared Adapter;C:\WINDOWS\system32\DRIVERS\SF-620.sys
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.2180]
-> C:\DOCUME~1\kluci\LOCALS~1\Temp\fkchehfw.dll
.
**************************************************************************
catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-09 22:35:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2007-12-09 22:38:10 - machine was rebooted
.
--- E O F ---
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.506 [GMT 1:00]
Running from: C:\Documents and Settings\kluci\Plocha\DOWNLOADED\ComboFix.exe
* Created a new restore point
.
ADS - svchost.exe: deleted 24064 bytes in 1 streams.
((((((((((((((((((((((((( Files Created from 2007-11-09 to 2007-12-09 )))))))))))))))))))))))))))))))
.
2007-12-08 20:59 . 2007-12-08 20:59 1,016 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2007-12-04 14:19 . 2007-12-04 14:23 <DIR> d-------- C:\Program Files\FlatOut2
2007-12-04 13:49 . 2007-12-04 14:46 <DIR> d-------- C:\Program Files\ICQ6
2007-12-04 10:10 . 2007-12-04 10:10 <DIR> d-------- C:\Program Files\SlySoft
2007-12-03 09:30 . 2007-12-03 10:16 <DIR> d-------- C:\Program Files\QIP Infium
2007-11-29 20:35 . 2007-11-29 20:35 <DIR> d-------- C:\Program Files\YouTUBE (TM) movie downloader
2007-11-26 19:39 . 2007-11-26 19:39 <DIR> d-------- C:\Program Files\FDRLab
2007-11-26 19:29 . 2007-11-26 19:41 <DIR> d-------- C:\Program Files\TubeSucker
2007-11-26 19:28 . 2007-11-26 19:28 <DIR> d-------- C:\Program Files\PQDVD
2007-11-26 18:31 . 2007-11-26 19:34 <DIR> d-------- C:\Temp
2007-11-26 18:30 . 2007-11-26 18:30 <DIR> d-------- C:\Program Files\ImTOO
2007-11-25 11:31 . 2007-11-25 11:31 <DIR> d-------- C:\Program Files\MegauploadToolbar
2007-11-12 19:06 . 2007-11-12 19:06 <DIR> d-------- C:\Program Files\Disc2Phone
2007-11-12 19:03 . 2007-11-12 19:04 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-11-12 19:03 . 2007-11-12 19:04 1,409 --a------ C:\WINDOWS\QTFont.for
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-09 21:27 --------- d-----w C:\Program Files\lg_fwupdate
2007-12-05 14:44 --------- d-----w C:\Program Files\GamePark
2007-12-04 09:14 --------- d-----w C:\Program Files\MediaCoder
2007-11-22 10:49 --------- d-----w C:\Program Files\BitComet
2007-11-12 13:16 --------- d-----w C:\Program Files\Lineage II
2007-10-31 19:27 --------- d-----w C:\Program Files\Asprate
2007-10-31 19:20 --------- d-----w C:\Program Files\Opera
2007-10-31 14:18 --------- d-----w C:\Program Files\Tibia
2007-10-31 13:24 --------- d-----w C:\Program Files\Counter-Strike Source
2007-10-31 13:14 --------- d-----w C:\Program Files\Tibia008
2007-10-30 20:25 --------- d-----w C:\Program Files\High Quality Photo Resizer
2007-10-25 10:11 --------- d-----w C:\Program Files\Nokia
2007-10-25 10:11 --------- d-----w C:\Program Files\DIFX
2007-10-25 10:11 --------- d-----w C:\Program Files\Common Files\PCSuite
2007-10-25 10:11 --------- d-----w C:\Program Files\Common Files\Nokia
2007-10-25 06:33 --------- d-----w C:\Program Files\Half-Life 2 Deathmatch
2007-10-21 14:37 --------- d-----w C:\Program Files\Valve
2007-10-18 13:54 --------- d-----w C:\Program Files\l2jserver
2007-10-18 11:22 --------- d-----w C:\Program Files\MySQL
2007-10-17 20:03 --------- d-----w C:\Program Files\PremiumSoft
2007-10-10 12:58 25,544 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-10-10 12:58 --------- d-----w C:\Program Files\Hamachi
2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 13:49]
"PowerBar"="" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-17 14:58]
"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe" [2007-09-14 18:06]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-04-11 16:52]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2006-02-10 19:40]
"ICQ"="C:\Program Files\ICQ6\ICQ.exe" [2007-10-11 14:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16:21 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 17:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-17 13:49 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-10-22 11:22 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-17 13:49 C:\WINDOWS\system32\rundll32.exe]
"DTVRemote"="C:\Program Files\LifeView DTV\RemoteControl.exe" [2006-04-26 16:28]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 19:24]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-11-02 06:55]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50]
"LGODDFU"="C:\Program Files\lg_fwupdate\fwupdate.exe" [2005-04-12 09:11]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-04-26 07:29]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-11-24 18:24]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 13:49]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-11-24 18:24]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys
R3 LVHybrid;LVHybrid service;C:\WINDOWS\system32\DRIVERS\LVHybrid.sys
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys
S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys
S3 SF-620;Kingsun SF-620 USB Infrared Adapter;C:\WINDOWS\system32\DRIVERS\SF-620.sys
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.2180]
-> C:\DOCUME~1\kluci\LOCALS~1\Temp\fkchehfw.dll
.
**************************************************************************
catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-09 22:35:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2007-12-09 22:38:10 - machine was rebooted
.
--- E O F ---
Svasik
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Pro tuto akci je potřeba mít ComboFix přímo na ploše!
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok)
Zkopíruj do něj následující text označený zeleně:
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesut
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok)
Zkopíruj do něj následující text označený zeleně:
Kód: Vybrat vše
File::
C:\DOCUME~1\kluci\LOCALS~1\Temp\fkchehfw.dllZvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesut
tady to je, ale nevim, protoze mi to v prubehu blokoval firewall
ComboFix 07-12-09.3 - kluci 2007-12-13 7:19:23.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.551 [GMT 1:00]
Running from: C:\Documents and Settings\kluci\Plocha\DOWNLOADED\ComboFix.exe
Command switches used :: C:\Documents and Settings\kluci\Plocha\CFScript.txt
* Created a new restore point
FILE
C:\DOCUME~1\kluci\LOCALS~1\Temp\fkchehfw.dll
.
((((((((((((((((((((((((( Files Created from 2007-11-13 to 2007-12-13 )))))))))))))))))))))))))))))))
.
2007-12-12 14:42 . 2007-12-12 14:42 <DIR> d-------- C:\Program Files\Sony Ericsson
2007-12-12 10:04 . 2007-12-12 10:08 <DIR> d-------- C:\Program Files\FlatOut2
2007-12-12 07:58 . 2007-12-13 07:15 6,120 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
2007-12-12 07:40 . 2007-12-12 07:40 <DIR> d-------- C:\Program Files\Sunbelt Software
2007-12-10 11:54 . 2007-12-10 11:54 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2007-12-08 20:59 . 2007-12-08 20:59 1,016 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2007-12-05 16:46 . 2007-12-05 16:46 <DIR> d-------- C:\Documents and Settings\kluci\Data aplikací\Ahead
2007-12-04 13:49 . 2007-12-04 14:46 <DIR> d-------- C:\Program Files\ICQ6
2007-12-04 10:36 . 2007-12-04 10:36 <DIR> d-------- C:\Documents and Settings\kluci\Data aplikací\SlySoft
2007-12-04 10:10 . 2007-12-04 10:10 <DIR> d-------- C:\Program Files\SlySoft
2007-12-03 09:30 . 2007-12-03 10:16 <DIR> d-------- C:\Program Files\QIP Infium
2007-11-29 20:35 . 2007-11-29 20:35 <DIR> d-------- C:\Program Files\YouTUBE (TM) movie downloader
2007-11-26 19:39 . 2007-11-26 19:39 <DIR> d-------- C:\Program Files\FDRLab
2007-11-26 19:29 . 2007-11-26 19:41 <DIR> d-------- C:\Program Files\TubeSucker
2007-11-26 19:28 . 2007-11-26 19:28 <DIR> d-------- C:\Program Files\PQDVD
2007-11-26 18:31 . 2007-11-26 19:34 <DIR> d-------- C:\Temp
2007-11-26 18:30 . 2007-11-26 18:30 <DIR> d-------- C:\Program Files\ImTOO
2007-11-25 11:31 . 2007-11-25 11:31 <DIR> d-------- C:\Program Files\MegauploadToolbar
2007-11-25 11:31 . 2007-12-03 16:33 <DIR> d-------- C:\Documents and Settings\kluci\Data aplikací\MegauploadToolbar
2007-11-24 18:25 . 2007-11-24 18:25 <DIR> d-------- C:\Documents and Settings\LocalService\Data aplikací\AVG7
2007-11-24 18:25 . 2007-12-11 13:58 <DIR> d-------- C:\Documents and Settings\kluci\Data aplikací\AVG7
2007-11-24 18:24 . 2007-12-12 07:38 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\avg7
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-13 06:14 --------- d-----w C:\Program Files\lg_fwupdate
2007-12-12 15:09 --------- d-----w C:\Documents and Settings\kluci\Data aplikací\Skype
2007-12-12 11:28 --------- d-----w C:\Program Files\Counter-Strike Source
2007-12-12 07:17 --------- d-----w C:\Program Files\GamePark
2007-12-10 17:21 --------- d-----w C:\Program Files\Lineage II
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-12-04 09:14 --------- d-----w C:\Program Files\MediaCoder
2007-11-22 10:49 --------- d-----w C:\Program Files\BitComet
2007-11-21 13:55 --------- d-----w C:\Documents and Settings\kluci\Data aplikací\Tibia
2007-11-12 18:06 --------- d-----w C:\Program Files\Disc2Phone
2007-10-31 19:27 --------- d-----w C:\Program Files\Asprate
2007-10-31 19:20 --------- d-----w C:\Program Files\Opera
2007-10-31 14:18 --------- d-----w C:\Program Files\Tibia
2007-10-31 13:14 --------- d-----w C:\Program Files\Tibia008
2007-10-30 20:25 --------- d-----w C:\Program Files\High Quality Photo Resizer
2007-10-30 14:47 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\WinZip
2007-10-25 10:55 --------- d-----w C:\Documents and Settings\kluci\Data aplikací\Nokia
2007-10-25 10:14 --------- d-----w C:\Documents and Settings\kluci\Data aplikací\Datalayer
2007-10-25 10:13 --------- d-----w C:\Documents and Settings\kluci\Data aplikací\Nokia Multimedia Player
2007-10-25 10:11 --------- d-----w C:\Program Files\Nokia
2007-10-25 10:11 --------- d-----w C:\Program Files\DIFX
2007-10-25 10:11 --------- d-----w C:\Program Files\Common Files\PCSuite
2007-10-25 10:11 --------- d-----w C:\Program Files\Common Files\Nokia
2007-10-25 10:11 --------- d-----w C:\Documents and Settings\kluci\Data aplikací\PC Suite
2007-10-25 10:10 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\PC Suite
2007-10-25 10:09 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
2007-10-25 06:33 --------- d-----w C:\Program Files\Half-Life 2 Deathmatch
2007-10-21 15:28 14,336 ----a-w C:\WINDOWS\system32\svchost.exe
2007-10-21 14:37 --------- d-----w C:\Program Files\Valve
2007-10-18 13:54 --------- d-----w C:\Program Files\l2jserver
2007-10-18 11:22 --------- d-----w C:\Program Files\MySQL
2007-10-17 20:03 --------- d-----w C:\Program Files\PremiumSoft
2007-09-22 08:26 53,248 ----a-w C:\WINDOWS\system32\unrar.dll
2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.
((((((((((((((((((((((((((((( snapshot@2007-12-09_22.36.42.93 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-12-12 08:51:27 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2007-12-12 08:51:27 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2007-12-12 08:51:27 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2007-12-12 08:51:24 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:24 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:25 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:25 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:25 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:25 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:26 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:26 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:26 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:27 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:27 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2007-12-12 08:51:27 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2007-12-12 08:51:27 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2007-12-12 08:51:28 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2007-12-12 08:51:27 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2007-12-12 06:40:10 18,718 ----a-r C:\WINDOWS\Installer\{E659E0EE-10E6-49B7-8696-60F38D0EB174}\ARPPRODUCTICON.exe
+ 2007-12-12 06:40:10 18,718 ----a-r C:\WINDOWS\Installer\{E659E0EE-10E6-49B7-8696-60F38D0EB174}\NewShortcut1_E659E0EE10E649B7869660F38D0EB174.exe
+ 2007-12-12 06:40:10 18,718 ----a-r C:\WINDOWS\Installer\{E659E0EE-10E6-49B7-8696-60F38D0EB174}\NewShortcut2_8315396A5EA1419DBEC4978284BDF556.exe
+ 2005-03-18 15:23:10 53,248 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2005-03-18 15:23:10 12,800 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
+ 2005-03-18 15:23:14 473,600 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
+ 2004-09-29 11:38:58 2,676,224 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-03-18 15:23:10 145,920 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
+ 2005-03-18 15:23:10 159,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
+ 2005-03-18 15:23:14 364,544 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
+ 2005-03-18 15:23:12 178,176 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2005-03-18 15:23:14 223,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
+ 2004-12-01 14:53:06 2,846,720 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-02-05 18:32:54 563,712 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-03-18 16:23:14 567,296 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-05-26 14:15:56 576,000 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-07-22 16:21:34 577,024 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-09-28 13:11:52 577,536 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-12-05 16:20:50 577,536 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
+ 2006-02-03 06:40:48 578,560 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
+ 2006-03-31 10:27:50 578,560 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
- 2007-12-08 20:28:00 184,130 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cache\Professional_32_1029.dat
+ 2007-12-10 11:00:51 184,130 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cache\Professional_32_1029.dat
+ 2007-12-10 11:00:51 184,130 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cache\Professional_32_1029.dat.bak
+ 2007-03-12 15:42:30 1,123,696 ----a-w C:\WINDOWS\system32\D3DCompiler_33.dll
+ 2007-05-16 15:45:16 1,124,720 ----a-w C:\WINDOWS\system32\D3DCompiler_34.dll
+ 2007-03-15 15:57:58 443,752 ----a-w C:\WINDOWS\system32\d3dx10_33.dll
+ 2007-05-16 15:45:16 443,752 ----a-w C:\WINDOWS\system32\d3dx10_34.dll
+ 2005-02-05 18:45:26 2,222,800 ----a-w C:\WINDOWS\system32\d3dx9_24.dll
+ 2005-03-18 16:19:58 2,337,488 ----a-w C:\WINDOWS\system32\d3dx9_25.dll
+ 2005-05-26 14:34:52 2,297,552 ----a-w C:\WINDOWS\system32\d3dx9_26.dll
+ 2005-07-22 18:59:04 2,319,568 ----a-w C:\WINDOWS\system32\d3dx9_27.dll
+ 2005-12-05 17:09:18 2,323,664 ----a-w C:\WINDOWS\system32\d3dx9_28.dll
+ 2006-02-03 07:43:16 2,332,368 ----a-w C:\WINDOWS\system32\d3dx9_29.dll
+ 2006-03-31 11:40:58 2,388,176 ----a-w C:\WINDOWS\system32\d3dx9_30.dll
+ 2006-09-28 15:05:20 2,414,360 ----a-w C:\WINDOWS\system32\d3dx9_31.dll
+ 2006-11-29 12:06:18 3,426,072 ----a-w C:\WINDOWS\system32\d3dx9_32.dll
+ 2007-03-12 15:42:30 3,495,784 ----a-w C:\WINDOWS\system32\d3dx9_33.dll
+ 2007-05-16 15:45:16 3,497,832 ----a-w C:\WINDOWS\system32\d3dx9_34.dll
+ 2007-02-20 12:34:02 302,000 ----a-w C:\WINDOWS\system32\drivers\fwdrv.sys
+ 2007-02-20 12:34:08 71,088 ----a-w C:\WINDOWS\system32\drivers\khips.sys
- 2007-10-24 17:39:00 155,912 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2007-12-12 13:19:08 175,808 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2005-08-27 12:08:06 1,398,408 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2007-11-21 00:52:38 2,884,992 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2007-11-21 00:52:40 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2007-12-12 11:04:04 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
- 2001-10-24 10:24:48 2,565,120 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVIMG50.DLL
+ 2001-10-24 11:24:48 2,565,120 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVIMG50.DLL
- 2001-10-24 10:24:48 80,384 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVUD50.DLL
+ 2001-10-24 11:24:48 80,384 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVUD50.DLL
- 2001-10-24 10:24:48 33,280 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVUI50.DLL
+ 2001-10-24 11:24:48 33,280 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVUI50.DLL
- 2004-08-17 13:49:20 264,704 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV.DLL
+ 2004-08-17 14:49:20 264,704 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV.DLL
- 2004-08-17 13:49:20 197,632 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
+ 2004-08-17 14:49:20 197,632 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
- 2004-08-17 13:48:52 619,520 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2004-08-17 14:48:52 619,520 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2006-02-03 07:41:26 14,032 ----a-w C:\WINDOWS\system32\x3daudio1_0.dll
+ 2007-03-05 11:42:18 15,128 ----a-w C:\WINDOWS\system32\x3daudio1_1.dll
+ 2007-06-20 19:45:20 18,280 ----a-w C:\WINDOWS\system32\x3daudio1_2.dll
+ 2006-02-03 07:42:06 230,096 ----a-w C:\WINDOWS\system32\xactengine2_0.dll
+ 2006-03-31 11:39:48 229,584 ----a-w C:\WINDOWS\system32\xactengine2_1.dll
+ 2006-05-31 06:24:16 230,168 ----a-w C:\WINDOWS\system32\xactengine2_2.dll
+ 2006-07-28 08:30:32 236,824 ----a-w C:\WINDOWS\system32\xactengine2_3.dll
+ 2006-09-28 15:05:56 237,848 ----a-w C:\WINDOWS\system32\xactengine2_4.dll
+ 2006-12-08 11:02:00 251,672 ----a-w C:\WINDOWS\system32\xactengine2_5.dll
+ 2007-01-24 14:27:30 255,848 ----a-w C:\WINDOWS\system32\xactengine2_6.dll
+ 2007-04-04 17:55:00 261,480 ----a-w C:\WINDOWS\system32\xactengine2_7.dll
+ 2007-06-20 19:46:04 266,088 ----a-w C:\WINDOWS\system32\xactengine2_8.dll
+ 2006-03-31 11:39:24 62,672 ----a-w C:\WINDOWS\system32\xinput1_1.dll
+ 2006-07-28 08:30:14 62,744 ----a-w C:\WINDOWS\system32\xinput1_2.dll
+ 2007-04-04 17:53:42 81,768 ----a-w C:\WINDOWS\system32\xinput1_3.dll
+ 2005-12-05 17:07:30 61,136 ----a-w C:\WINDOWS\system32\xinput9_1_0.dll
+ 2007-12-12 12:14:33 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_f8.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 13:49]
"PowerBar"="" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-17 14:58]
"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe" []
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-04-11 16:52]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2006-02-10 19:40]
"ICQ"="C:\Program Files\ICQ6\ICQ.exe" [2007-10-11 14:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16:21 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 17:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-17 13:49 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-10-22 11:22 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-17 13:49 C:\WINDOWS\system32\rundll32.exe]
"DTVRemote"="C:\Program Files\LifeView DTV\RemoteControl.exe" [2006-04-26 16:28]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 19:24]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-11-02 06:55]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50]
"LGODDFU"="C:\Program Files\lg_fwupdate\fwupdate.exe" [2005-04-12 09:11]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-04-26 07:29]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 13:49]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Levelone Wireless Utility.lnk - C:\Program Files\levelone\Common\RaUI.exe [2007-02-26 12:35:04]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 19:05:56]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-10-30 15:47:18]
ZDWLan Utility.lnk - C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe [2007-08-02 12:27:27]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys
R3 LVHybrid;LVHybrid service;C:\WINDOWS\system32\DRIVERS\LVHybrid.sys
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys
S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys
S3 SF-620;Kingsun SF-620 USB Infrared Adapter;C:\WINDOWS\system32\DRIVERS\SF-620.sys
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
.
**************************************************************************
catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-13 07:23:08
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-13 7:24:25
C:\ComboFix2.txt ... 2007-12-09 22:38
.
--- E O F ---
ComboFix 07-12-09.3 - kluci 2007-12-13 7:19:23.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.551 [GMT 1:00]
Running from: C:\Documents and Settings\kluci\Plocha\DOWNLOADED\ComboFix.exe
Command switches used :: C:\Documents and Settings\kluci\Plocha\CFScript.txt
* Created a new restore point
FILE
C:\DOCUME~1\kluci\LOCALS~1\Temp\fkchehfw.dll
.
((((((((((((((((((((((((( Files Created from 2007-11-13 to 2007-12-13 )))))))))))))))))))))))))))))))
.
2007-12-12 14:42 . 2007-12-12 14:42 <DIR> d-------- C:\Program Files\Sony Ericsson
2007-12-12 10:04 . 2007-12-12 10:08 <DIR> d-------- C:\Program Files\FlatOut2
2007-12-12 07:58 . 2007-12-13 07:15 6,120 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
2007-12-12 07:40 . 2007-12-12 07:40 <DIR> d-------- C:\Program Files\Sunbelt Software
2007-12-10 11:54 . 2007-12-10 11:54 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2007-12-08 20:59 . 2007-12-08 20:59 1,016 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2007-12-05 16:46 . 2007-12-05 16:46 <DIR> d-------- C:\Documents and Settings\kluci\Data aplikací\Ahead
2007-12-04 13:49 . 2007-12-04 14:46 <DIR> d-------- C:\Program Files\ICQ6
2007-12-04 10:36 . 2007-12-04 10:36 <DIR> d-------- C:\Documents and Settings\kluci\Data aplikací\SlySoft
2007-12-04 10:10 . 2007-12-04 10:10 <DIR> d-------- C:\Program Files\SlySoft
2007-12-03 09:30 . 2007-12-03 10:16 <DIR> d-------- C:\Program Files\QIP Infium
2007-11-29 20:35 . 2007-11-29 20:35 <DIR> d-------- C:\Program Files\YouTUBE (TM) movie downloader
2007-11-26 19:39 . 2007-11-26 19:39 <DIR> d-------- C:\Program Files\FDRLab
2007-11-26 19:29 . 2007-11-26 19:41 <DIR> d-------- C:\Program Files\TubeSucker
2007-11-26 19:28 . 2007-11-26 19:28 <DIR> d-------- C:\Program Files\PQDVD
2007-11-26 18:31 . 2007-11-26 19:34 <DIR> d-------- C:\Temp
2007-11-26 18:30 . 2007-11-26 18:30 <DIR> d-------- C:\Program Files\ImTOO
2007-11-25 11:31 . 2007-11-25 11:31 <DIR> d-------- C:\Program Files\MegauploadToolbar
2007-11-25 11:31 . 2007-12-03 16:33 <DIR> d-------- C:\Documents and Settings\kluci\Data aplikací\MegauploadToolbar
2007-11-24 18:25 . 2007-11-24 18:25 <DIR> d-------- C:\Documents and Settings\LocalService\Data aplikací\AVG7
2007-11-24 18:25 . 2007-12-11 13:58 <DIR> d-------- C:\Documents and Settings\kluci\Data aplikací\AVG7
2007-11-24 18:24 . 2007-12-12 07:38 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\avg7
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-13 06:14 --------- d-----w C:\Program Files\lg_fwupdate
2007-12-12 15:09 --------- d-----w C:\Documents and Settings\kluci\Data aplikací\Skype
2007-12-12 11:28 --------- d-----w C:\Program Files\Counter-Strike Source
2007-12-12 07:17 --------- d-----w C:\Program Files\GamePark
2007-12-10 17:21 --------- d-----w C:\Program Files\Lineage II
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-12-04 09:14 --------- d-----w C:\Program Files\MediaCoder
2007-11-22 10:49 --------- d-----w C:\Program Files\BitComet
2007-11-21 13:55 --------- d-----w C:\Documents and Settings\kluci\Data aplikací\Tibia
2007-11-12 18:06 --------- d-----w C:\Program Files\Disc2Phone
2007-10-31 19:27 --------- d-----w C:\Program Files\Asprate
2007-10-31 19:20 --------- d-----w C:\Program Files\Opera
2007-10-31 14:18 --------- d-----w C:\Program Files\Tibia
2007-10-31 13:14 --------- d-----w C:\Program Files\Tibia008
2007-10-30 20:25 --------- d-----w C:\Program Files\High Quality Photo Resizer
2007-10-30 14:47 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\WinZip
2007-10-25 10:55 --------- d-----w C:\Documents and Settings\kluci\Data aplikací\Nokia
2007-10-25 10:14 --------- d-----w C:\Documents and Settings\kluci\Data aplikací\Datalayer
2007-10-25 10:13 --------- d-----w C:\Documents and Settings\kluci\Data aplikací\Nokia Multimedia Player
2007-10-25 10:11 --------- d-----w C:\Program Files\Nokia
2007-10-25 10:11 --------- d-----w C:\Program Files\DIFX
2007-10-25 10:11 --------- d-----w C:\Program Files\Common Files\PCSuite
2007-10-25 10:11 --------- d-----w C:\Program Files\Common Files\Nokia
2007-10-25 10:11 --------- d-----w C:\Documents and Settings\kluci\Data aplikací\PC Suite
2007-10-25 10:10 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\PC Suite
2007-10-25 10:09 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
2007-10-25 06:33 --------- d-----w C:\Program Files\Half-Life 2 Deathmatch
2007-10-21 15:28 14,336 ----a-w C:\WINDOWS\system32\svchost.exe
2007-10-21 14:37 --------- d-----w C:\Program Files\Valve
2007-10-18 13:54 --------- d-----w C:\Program Files\l2jserver
2007-10-18 11:22 --------- d-----w C:\Program Files\MySQL
2007-10-17 20:03 --------- d-----w C:\Program Files\PremiumSoft
2007-09-22 08:26 53,248 ----a-w C:\WINDOWS\system32\unrar.dll
2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
.
((((((((((((((((((((((((((((( snapshot@2007-12-09_22.36.42.93 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-12-12 08:51:27 53,248 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.AudioVideoPlayback\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2007-12-12 08:51:27 12,800 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Diagnostics\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Diagnostics.dll
+ 2007-12-12 08:51:27 473,600 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3D\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3D.dll
+ 2007-12-12 08:51:24 2,676,224 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:24 2,846,720 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2903.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:25 563,712 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2904.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:25 567,296 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2905.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:25 576,000 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2906.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:25 577,024 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2907.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:26 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2908.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:26 577,536 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2909.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:26 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2910.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:27 578,560 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.Direct3DX\1.0.2911.0__31bf3856ad364e35\Microsoft.DirectX.Direct3DX.dll
+ 2007-12-12 08:51:27 145,920 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectDraw\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectDraw.dll
+ 2007-12-12 08:51:27 159,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectInput\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectInput.dll
+ 2007-12-12 08:51:27 364,544 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectPlay\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectPlay.dll
+ 2007-12-12 08:51:28 178,176 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX.DirectSound\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.DirectSound.dll
+ 2007-12-12 08:51:27 223,232 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.DirectX\1.0.2902.0__31bf3856ad364e35\Microsoft.DirectX.dll
+ 2007-12-12 06:40:10 18,718 ----a-r C:\WINDOWS\Installer\{E659E0EE-10E6-49B7-8696-60F38D0EB174}\ARPPRODUCTICON.exe
+ 2007-12-12 06:40:10 18,718 ----a-r C:\WINDOWS\Installer\{E659E0EE-10E6-49B7-8696-60F38D0EB174}\NewShortcut1_E659E0EE10E649B7869660F38D0EB174.exe
+ 2007-12-12 06:40:10 18,718 ----a-r C:\WINDOWS\Installer\{E659E0EE-10E6-49B7-8696-60F38D0EB174}\NewShortcut2_8315396A5EA1419DBEC4978284BDF556.exe
+ 2005-03-18 15:23:10 53,248 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.AudioVideoPlayback.dll
+ 2005-03-18 15:23:10 12,800 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Diagnostics.dll
+ 2005-03-18 15:23:14 473,600 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3D.dll
+ 2004-09-29 11:38:58 2,676,224 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-03-18 15:23:10 145,920 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectDraw.dll
+ 2005-03-18 15:23:10 159,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectInput.dll
+ 2005-03-18 15:23:14 364,544 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectPlay.dll
+ 2005-03-18 15:23:12 178,176 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.DirectSound.dll
+ 2005-03-18 15:23:14 223,232 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2902.0\Microsoft.DirectX.dll
+ 2004-12-01 14:53:06 2,846,720 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2903.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-02-05 18:32:54 563,712 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2904.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-03-18 16:23:14 567,296 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2905.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-05-26 14:15:56 576,000 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2906.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-07-22 16:21:34 577,024 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2907.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-09-28 13:11:52 577,536 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2908.0\Microsoft.DirectX.Direct3DX.dll
+ 2005-12-05 16:20:50 577,536 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2909.0\Microsoft.DirectX.Direct3DX.dll
+ 2006-02-03 06:40:48 578,560 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2910.0\Microsoft.DirectX.Direct3DX.dll
+ 2006-03-31 10:27:50 578,560 ----a-w C:\WINDOWS\Microsoft.NET\DirectX for Managed Code\1.0.2911.0\Microsoft.DirectX.Direct3DX.dll
- 2007-12-08 20:28:00 184,130 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cache\Professional_32_1029.dat
+ 2007-12-10 11:00:51 184,130 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cache\Professional_32_1029.dat
+ 2007-12-10 11:00:51 184,130 ----a-w C:\WINDOWS\pchealth\helpctr\Config\Cache\Professional_32_1029.dat.bak
+ 2007-03-12 15:42:30 1,123,696 ----a-w C:\WINDOWS\system32\D3DCompiler_33.dll
+ 2007-05-16 15:45:16 1,124,720 ----a-w C:\WINDOWS\system32\D3DCompiler_34.dll
+ 2007-03-15 15:57:58 443,752 ----a-w C:\WINDOWS\system32\d3dx10_33.dll
+ 2007-05-16 15:45:16 443,752 ----a-w C:\WINDOWS\system32\d3dx10_34.dll
+ 2005-02-05 18:45:26 2,222,800 ----a-w C:\WINDOWS\system32\d3dx9_24.dll
+ 2005-03-18 16:19:58 2,337,488 ----a-w C:\WINDOWS\system32\d3dx9_25.dll
+ 2005-05-26 14:34:52 2,297,552 ----a-w C:\WINDOWS\system32\d3dx9_26.dll
+ 2005-07-22 18:59:04 2,319,568 ----a-w C:\WINDOWS\system32\d3dx9_27.dll
+ 2005-12-05 17:09:18 2,323,664 ----a-w C:\WINDOWS\system32\d3dx9_28.dll
+ 2006-02-03 07:43:16 2,332,368 ----a-w C:\WINDOWS\system32\d3dx9_29.dll
+ 2006-03-31 11:40:58 2,388,176 ----a-w C:\WINDOWS\system32\d3dx9_30.dll
+ 2006-09-28 15:05:20 2,414,360 ----a-w C:\WINDOWS\system32\d3dx9_31.dll
+ 2006-11-29 12:06:18 3,426,072 ----a-w C:\WINDOWS\system32\d3dx9_32.dll
+ 2007-03-12 15:42:30 3,495,784 ----a-w C:\WINDOWS\system32\d3dx9_33.dll
+ 2007-05-16 15:45:16 3,497,832 ----a-w C:\WINDOWS\system32\d3dx9_34.dll
+ 2007-02-20 12:34:02 302,000 ----a-w C:\WINDOWS\system32\drivers\fwdrv.sys
+ 2007-02-20 12:34:08 71,088 ----a-w C:\WINDOWS\system32\drivers\khips.sys
- 2007-10-24 17:39:00 155,912 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2007-12-12 13:19:08 175,808 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2005-08-27 12:08:06 1,398,408 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2007-11-21 00:52:38 2,884,992 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2007-11-21 00:52:40 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
+ 2007-12-12 11:04:04 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
- 2001-10-24 10:24:48 2,565,120 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVIMG50.DLL
+ 2001-10-24 11:24:48 2,565,120 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVIMG50.DLL
- 2001-10-24 10:24:48 80,384 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVUD50.DLL
+ 2001-10-24 11:24:48 80,384 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVUD50.DLL
- 2001-10-24 10:24:48 33,280 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVUI50.DLL
+ 2001-10-24 11:24:48 33,280 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\HPVUI50.DLL
- 2004-08-17 13:49:20 264,704 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV.DLL
+ 2004-08-17 14:49:20 264,704 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRV.DLL
- 2004-08-17 13:49:20 197,632 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
+ 2004-08-17 14:49:20 197,632 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIDRVUI.DLL
- 2004-08-17 13:48:52 619,520 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2004-08-17 14:48:52 619,520 ----a-w C:\WINDOWS\system32\spool\drivers\w32x86\3\UNIRES.DLL
+ 2006-02-03 07:41:26 14,032 ----a-w C:\WINDOWS\system32\x3daudio1_0.dll
+ 2007-03-05 11:42:18 15,128 ----a-w C:\WINDOWS\system32\x3daudio1_1.dll
+ 2007-06-20 19:45:20 18,280 ----a-w C:\WINDOWS\system32\x3daudio1_2.dll
+ 2006-02-03 07:42:06 230,096 ----a-w C:\WINDOWS\system32\xactengine2_0.dll
+ 2006-03-31 11:39:48 229,584 ----a-w C:\WINDOWS\system32\xactengine2_1.dll
+ 2006-05-31 06:24:16 230,168 ----a-w C:\WINDOWS\system32\xactengine2_2.dll
+ 2006-07-28 08:30:32 236,824 ----a-w C:\WINDOWS\system32\xactengine2_3.dll
+ 2006-09-28 15:05:56 237,848 ----a-w C:\WINDOWS\system32\xactengine2_4.dll
+ 2006-12-08 11:02:00 251,672 ----a-w C:\WINDOWS\system32\xactengine2_5.dll
+ 2007-01-24 14:27:30 255,848 ----a-w C:\WINDOWS\system32\xactengine2_6.dll
+ 2007-04-04 17:55:00 261,480 ----a-w C:\WINDOWS\system32\xactengine2_7.dll
+ 2007-06-20 19:46:04 266,088 ----a-w C:\WINDOWS\system32\xactengine2_8.dll
+ 2006-03-31 11:39:24 62,672 ----a-w C:\WINDOWS\system32\xinput1_1.dll
+ 2006-07-28 08:30:14 62,744 ----a-w C:\WINDOWS\system32\xinput1_2.dll
+ 2007-04-04 17:53:42 81,768 ----a-w C:\WINDOWS\system32\xinput1_3.dll
+ 2005-12-05 17:07:30 61,136 ----a-w C:\WINDOWS\system32\xinput9_1_0.dll
+ 2007-12-12 12:14:33 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_f8.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 13:49]
"PowerBar"="" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-17 14:58]
"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe" []
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-04-11 16:52]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2006-02-10 19:40]
"ICQ"="C:\Program Files\ICQ6\ICQ.exe" [2007-10-11 14:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16:21 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 17:04 C:\WINDOWS\SkyTel.exe]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-17 13:49 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-10-22 11:22 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-17 13:49 C:\WINDOWS\system32\rundll32.exe]
"DTVRemote"="C:\Program Files\LifeView DTV\RemoteControl.exe" [2006-04-26 16:28]
"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 19:24]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-11-02 06:55]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50]
"LGODDFU"="C:\Program Files\lg_fwupdate\fwupdate.exe" [2005-04-12 09:11]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-04-26 07:29]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 13:49]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Levelone Wireless Utility.lnk - C:\Program Files\levelone\Common\RaUI.exe [2007-02-26 12:35:04]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 19:05:56]
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE [2007-10-30 15:47:18]
ZDWLan Utility.lnk - C:\Program Files\ZyDAS Technology Corporation\ZyDAS_802.11g_Utility\ZDWlan.exe [2007-08-02 12:27:27]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);C:\WINDOWS\system32\drivers\sfdrv01a.sys
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys
R3 LVHybrid;LVHybrid service;C:\WINDOWS\system32\DRIVERS\LVHybrid.sys
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys
S3 BRGSp50;BRGSp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\BRGSp50.sys
S3 SF-620;Kingsun SF-620 USB Infrared Adapter;C:\WINDOWS\system32\DRIVERS\SF-620.sys
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
.
**************************************************************************
catchme 0.3.1331 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-13 07:23:08
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-13 7:24:25
C:\ComboFix2.txt ... 2007-12-09 22:38
.
--- E O F ---
Svasik
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 2 hosti