ComboFix 10-07-01.02 - Butterfly 2010-07-03 16:49:06.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.1022.563 [GMT 2:00]
Spuštěný z: c:\documents and settings\Butterfly\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Butterfly\Plocha\CFScript.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
FILE ::
"c:\windows\~DF23ED.tmp"
"c:\windows\~DF6E59.tmp"
"c:\windows\~DF7BF9.tmp"
"c:\windows\system32\drivers\pavboot.sys"
"c:\windows\system32\drivers\psi_mf.sys"
"c:\windows\Tasks\Norton Security Scan for Butterfly.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Norton Security Scan
c:\program files\Norton Security Scan\Engine\2.7.3.34\{2A85E335-7417-424d-AD89-31DED1689794}.dat
c:\program files\Norton Security Scan\Engine\2.7.3.34\{407D1C08-B366-4aca-92FB-E04E97F6681D}.dat
c:\program files\Norton Security Scan\Engine\2.7.3.34\BilBDRes.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\ccL80U.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\ccScanw.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\ccVrTrst.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\dec_abi.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\DefLoad.exe
c:\program files\Norton Security Scan\Engine\2.7.3.34\DefUtDCD.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\diLueCbk.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\ecmldr32.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\HeartBt.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\help.htm
c:\program files\Norton Security Scan\Engine\2.7.3.34\Microsoft.VC80.CRT.manifest
c:\program files\Norton Security Scan\Engine\2.7.3.34\msl.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\msvcp80.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\msvcr80.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe
c:\program files\Norton Security Scan\Engine\2.7.3.34\patch25d.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\PrdDtRes.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\ReputationCacheDB.db
c:\program files\Norton Security Scan\Engine\2.7.3.34\RevList.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\RptCdRes.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\SAUpdt.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\ScanCore.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\ScanRes.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\ScanText.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\SKUCfg.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\SKURes.dll
c:\program files\Norton Security Scan\Engine\2.7.3.34\symbos.exe
c:\program files\Norton Security Scan\Engine\2.7.3.34\SymHTML.dll
c:\program files\Norton Security Scan\isolate.ini
c:\program files\Secunia
c:\program files\Secunia\PSI\psi.exe
c:\program files\Secunia\PSI\psi.inf
c:\program files\Secunia\PSI\PSI_terms_and_conditions.rtf
c:\program files\Secunia\PSI\psires.dll
c:\program files\Secunia\PSI\RCX80.tmp
c:\program files\Secunia\PSI\Readme.rtf
c:\program files\Secunia\PSI\Uninstall.exe
c:\windows\~DF23ED.tmp
c:\windows\~DF6E59.tmp
c:\windows\~DF7BF9.tmp
c:\windows\Internet Logs\BACKUP.RDB
c:\windows\Internet Logs\IAMDB.RDB
c:\windows\Internet Logs\MTA.ldb
c:\windows\Internet Logs\tvDebug.log
c:\windows\Internet Logs\ZALog.txt
c:\windows\system32\AVSredirect.dll
c:\windows\system32\drivers\etc\lmhosts
c:\windows\system32\drivers\pavboot.sys
c:\windows\system32\drivers\psi_mf.sys
c:\windows\Tasks\Norton Security Scan for Butterfly.job
c:\windows\Internet Logs . . . . nemohl být smazán
c:\windows\Internet Logs\fwpktlog.txt . . . . nemohl být smazán
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ESIHDRV
-------\Legacy_PAVBOOT
-------\Legacy_PSI
-------\Service_esihdrv
-------\Service_pavboot
-------\Service_PSI
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-03 do 2010-07-03 )))))))))))))))))))))))))))))))
.
2010-07-02 21:41 . 2010-07-02 21:41 -------- d-----w- c:\program files\Mirillis
2010-07-02 20:08 . 2010-07-02 20:08 -------- d-----w- c:\program files\FreeTime
2010-07-02 19:38 . 2010-07-02 19:38 -------- d-----w- c:\program files\Avira
2010-07-02 19:38 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-07-02 19:38 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-07-02 19:38 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-07-02 19:38 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-07-01 10:25 . 2010-07-02 21:28 -------- d-----w- c:\program files\Trend Micro
2010-07-01 09:01 . 2010-07-01 09:02 -------- d-----w- c:\program files\QuickTime
2010-07-01 07:58 . 2010-07-01 07:58 -------- d-----w- c:\documents and settings\Butterfly\KBCertifikat
2010-06-30 08:34 . 2004-01-24 22:00 70656 ----a-w- c:\windows\system32\yv12vfw.dll
2010-06-30 08:34 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-06-30 08:34 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-06-30 08:34 . 2010-06-28 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-06-30 08:33 . 2010-07-01 10:12 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-06-30 08:29 . 2010-06-30 08:29 -------- d-----w- c:\windows\system32\drivers\NSS
2010-06-30 08:29 . 2010-06-30 08:29 -------- d-----w- c:\program files\NortonInstaller
2010-06-28 17:24 . 2010-06-23 11:51 69120 ----a-w- c:\windows\system32\zlcomm.dll
2010-06-28 17:24 . 2010-06-23 11:51 103936 ----a-w- c:\windows\system32\zlcommdb.dll
2010-06-28 17:24 . 2010-06-23 11:51 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2010-06-28 17:24 . 2010-06-28 17:25 -------- d-----w- c:\windows\system32\ZoneLabs
2010-06-28 17:24 . 2010-06-28 17:24 -------- d-----w- c:\program files\Zone Labs
2010-06-28 12:18 . 2010-06-28 17:37 -------- d-----w- c:\program files\Crawler
2010-06-28 12:18 . 2010-06-28 12:18 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-06-28 12:18 . 2010-06-29 16:03 -------- d-----w- c:\program files\Spyware Terminator
2010-06-27 07:54 . 2010-07-03 14:56 -------- d-----w- c:\windows\Internet Logs
2010-06-26 21:46 . 2010-06-26 21:46 -------- d-----w- c:\program files\Common Files\Java
2010-06-26 20:51 . 2010-07-02 20:43 -------- d-----w- c:\program files\NetLimiter
2010-06-26 16:23 . 2010-06-26 16:25 -------- d-----w- c:\program files\Ultimate Process Manager
2010-06-26 15:21 . 2010-06-26 15:21 -------- d-s---w- c:\documents and settings\LocalService\Oblíbené položky
2010-06-26 08:53 . 2010-06-26 08:55 -------- d-----w- c:\program files\Hide My IP
2010-06-23 19:30 . 2010-06-23 19:30 -------- d-----w- c:\program files\XP TCPIP Repair
2010-06-23 19:08 . 2010-06-23 19:08 -------- d-----w- c:\program files\VS Revo Group
2010-06-23 12:09 . 2010-06-14 14:39 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-06-21 08:05 . 2006-08-14 19:09 82816 ----a-w- c:\windows\system32\drivers\Rtnic.sys
2010-06-21 08:05 . 2006-08-14 19:09 82816 ----a-w- c:\windows\system32\drivers\Rtenic.sys
2010-06-21 07:53 . 2010-06-22 17:17 -------- d-----w- c:\program files\Driver Checker
2010-06-17 18:14 . 2010-06-25 12:41 217260 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-06-17 18:14 . 2010-06-25 12:41 217260 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-06-17 18:14 . 2010-06-25 12:41 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-06-17 17:46 . 2010-06-17 17:46 -------- d-----w- c:\program files\DAEMON Tools Pro
2010-06-17 14:05 . 2010-07-01 08:39 -------- d-----w- c:\program files\Opera 10.60 Beta
2010-06-17 13:59 . 2010-06-17 14:01 -------- dc-h--w- c:\windows\ie8
2010-06-17 05:46 . 2010-06-17 05:46 -------- d-sh--w- c:\documents and settings\Butterfly\wc
2010-06-17 05:43 . 2010-06-17 05:43 -------- d-----w- c:\program files\Flow
2010-06-13 21:07 . 2010-06-13 21:07 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2010-06-13 09:04 . 2010-06-13 09:04 55572 ---ha-w- c:\windows\system32\mlfcache.dat
2010-06-13 09:04 . 2010-06-13 09:04 -------- d-----w- c:\program files\Safari
2010-06-12 09:26 . 2010-06-12 09:26 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-11 08:29 . 2010-06-17 14:01 -------- d--h--w- c:\windows\msdownld.tmp
2010-06-11 07:17 . 2010-06-11 07:18 94 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-06-10 21:43 . 2010-06-10 21:45 -------- d-----w- c:\program files\DVBViewerTE
2010-06-10 05:39 . 2010-06-08 15:16 64104 ----a-w- c:\windows\ALCMTR.EXE
2010-06-09 07:25 . 2010-05-06 10:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-07 18:39 . 2007-08-31 10:52 56496 ----a-w- c:\windows\system32\wbhelp2.dll
2010-06-07 18:39 . 2007-08-31 10:52 33968 ----a-w- c:\windows\system32\anim.dll
2010-06-07 18:39 . 1999-11-22 13:50 4608 ----a-w- c:\windows\system32\W95INF32.DLL
2010-06-07 18:39 . 1999-11-22 13:50 2272 ----a-w- c:\windows\system32\W95INF16.DLL
2010-06-07 18:39 . 2010-07-02 20:25 -------- d-----w- c:\program files\WinUtilities
2010-06-06 07:45 . 2010-06-23 18:41 -------- d-----w- c:\program files\Defraggler
2010-06-05 08:04 . 2010-06-07 18:15 -------- d-----w- c:\program files\ScreenCamera
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-03 13:07 . 2010-03-08 11:38 -------- d-----w- c:\program files\Steam
2010-07-02 20:29 . 2010-05-20 20:13 -------- d-----w- c:\program files\ScreenShots
2010-07-01 11:57 . 2010-02-12 21:12 -------- d-----w- c:\program files\Google
2010-07-01 08:49 . 2010-02-12 13:43 -------- d-----w- c:\program files\MSECache
2010-07-01 08:41 . 2010-02-12 04:39 -------- d-----w- c:\program files\Opera
2010-06-30 08:35 . 2010-03-03 21:53 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-06-28 17:25 . 2010-02-24 16:13 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-06-27 07:44 . 2010-03-20 11:58 -------- d-----w- c:\program files\IObit
2010-06-26 21:43 . 2010-04-24 08:02 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-26 08:02 . 2010-02-28 20:04 -------- d-----w- c:\program files\PKR
2010-06-23 12:09 . 2010-02-27 09:18 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-06-23 11:47 . 2001-10-25 14:00 79424 ----a-w- c:\windows\system32\perfc005.dat
2010-06-23 11:47 . 2001-10-25 14:00 432386 ----a-w- c:\windows\system32\perfh005.dat
2010-06-21 08:10 . 2010-03-28 13:00 -------- d-----w- c:\program files\Realtek
2010-06-21 08:10 . 2010-02-09 21:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-20 13:34 . 2010-04-05 19:11 -------- d-----w- c:\program files\ICQ6.5
2010-06-20 07:43 . 2010-02-14 16:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-17 18:15 . 2010-02-16 20:52 -------- d-----w- c:\program files\NVIDIA Corporation
2010-06-17 18:02 . 2010-05-08 08:47 -------- d-----w- c:\program files\BurnAware Free
2010-06-17 17:47 . 2010-02-28 21:24 697328 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-14 14:45 . 2010-02-27 09:19 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-06-13 09:03 . 2010-05-31 19:58 -------- d-----w- c:\program files\Bonjour
2010-06-12 09:08 . 2010-04-24 08:05 -------- d-----w- c:\program files\DivX
2010-06-12 09:07 . 2010-04-24 08:27 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-06-12 09:06 . 2010-05-30 08:27 -------- d-----r- c:\program files\Skype
2010-06-12 09:01 . 2010-04-03 08:58 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-06-11 07:18 . 2010-02-17 18:37 133836 ----a-w- c:\windows\BricoPackUninst.cmd
2010-06-09 10:55 . 2010-02-16 21:52 -------- d-----w- c:\program files\Alwil Software
2010-06-08 15:16 . 2010-03-29 18:56 84584 ----a-w- c:\windows\SOUNDMAN.EXE
2010-06-08 15:16 . 2010-03-29 18:56 359016 ----a-w- c:\windows\vncutil.exe
2010-06-08 15:16 . 2010-03-29 18:56 1833576 ----a-w- c:\windows\SkyTel.exe
2010-06-08 15:16 . 2010-03-29 18:56 1489512 ----a-w- c:\windows\RtlUpd.exe
2010-06-08 15:16 . 2010-03-29 18:56 9721960 ----a-w- c:\windows\RTLCPL.EXE
2010-06-08 15:16 . 2010-03-29 18:56 6056040 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-06-08 15:16 . 2010-03-29 18:56 129640 ----a-w- c:\windows\RtkAudioService.exe
2010-06-08 15:16 . 2010-03-29 18:56 19552872 ----a-w- c:\windows\RTHDCPL.EXE
2010-06-08 15:16 . 2010-02-14 08:00 52840 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-06-08 15:16 . 2010-03-29 18:56 2180712 ----a-w- c:\windows\MicCal.exe
2010-06-08 15:16 . 2010-03-29 18:56 2815592 ----a-w- c:\windows\ALCWZRD.EXE
2010-06-07 23:57 . 2010-02-10 18:46 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-06-07 23:57 . 2010-02-10 18:46 10531200 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-06-07 23:57 . 2010-02-10 18:46 4554752 ----a-w- c:\windows\system32\nvcuda.dll
2010-06-07 23:57 . 2010-02-10 18:46 2632296 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-06-07 23:57 . 2010-02-10 18:46 232040 ----a-w- c:\windows\system32\nvcodins.dll
2010-06-07 23:57 . 2010-02-10 18:46 232040 ----a-w- c:\windows\system32\nvcod.dll
2010-06-07 23:57 . 2010-02-10 18:46 2165352 ----a-w- c:\windows\system32\nvcuvid.dll
2010-06-07 23:57 . 2010-02-10 18:46 15192064 ----a-w- c:\windows\system32\nvoglnt.dll
2010-06-07 23:57 . 2010-02-10 18:46 1359872 ----a-w- c:\windows\system32\nvapi.dll
2010-06-07 23:57 . 2010-02-10 18:46 10256384 ----a-w- c:\windows\system32\nvcompiler.dll
2010-06-07 23:57 . 2010-02-10 18:46 6300544 ----a-w- c:\windows\system32\nv4_disp.dll
2010-06-07 23:57 . 2010-02-10 18:46 2186342 ----a-w- c:\windows\system32\nvdata.bin
2010-06-07 18:20 . 2010-03-08 18:33 -------- d-----w- c:\program files\The KMPlayer
2010-06-04 11:58 . 2010-03-09 09:17 -------- d-----w- c:\program files\SlySoft
2010-05-31 20:00 . 2010-02-18 21:38 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-31 19:44 . 2010-05-31 19:44 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-05-27 17:05 . 2010-04-12 18:53 -------- d-----w- c:\program files\Valve
2010-05-27 16:53 . 2010-05-27 17:23 -------- d-----w- c:\program files\AviSynth 2.5
2010-05-27 13:34 . 2010-02-10 22:42 -------- d-----w- c:\program files\CCleaner
2010-05-26 10:52 . 2010-05-26 10:46 -------- d-----w- c:\program files\VPN Anonymizer
2010-05-23 20:27 . 2010-05-22 08:13 -------- d-----w- c:\program files\VideoLAN
2010-05-23 20:11 . 2010-05-21 13:30 -------- d--h--w- c:\program files\Process Lasso
2010-05-22 07:58 . 2010-03-07 14:26 -------- d-----w- c:\program files\Microsoft Games
2010-05-20 15:56 . 2010-05-20 15:56 -------- d-----w- c:\program files\Microsoft Research
2010-05-20 15:52 . 2010-05-20 15:52 -------- d-----w- c:\program files\Common Files\Windows Live
2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-12 19:03 . 2010-02-12 16:23 -------- d-----w- c:\program files\CyberLink
2010-05-12 16:41 . 2010-03-27 20:28 -------- d-----w- c:\program files\Trillian
2010-05-11 14:23 . 2010-02-12 21:17 -------- d-----w- c:\program files\Common Files\CyberLink
2010-05-11 14:20 . 2010-02-12 21:17 29480 ----a-w- c:\windows\system32\msxml3a.dll
2010-05-11 14:20 . 2010-02-12 16:23 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-05-11 14:20 . 2010-02-12 16:23 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-05-10 21:59 . 2010-05-09 11:02 -------- d-----w- c:\program files\DAP
2010-05-08 18:47 . 2010-05-08 18:47 -------- d-----w- c:\program files\LIUtilities
2010-05-06 10:35 . 2004-08-17 13:49 907264 ----a-w- c:\windows\system32\wininet.dll
2010-05-05 19:51 . 2010-02-12 21:53 -------- d-----w- c:\program files\QIP
2010-05-05 17:25 . 2010-02-11 19:56 -------- d-----w- c:\program files\Common Files\BinarySense
2010-05-02 08:09 . 2010-03-21 11:47 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 13:39 . 2010-02-25 20:28 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2010-02-25 20:28 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-28 16:45 . 2010-02-18 14:35 1251872 ----a-w- c:\windows\RtlExUpd.dll
2010-04-24 08:32 . 2010-03-19 16:35 8030 ----a-w- c:\program files\Common Files\unins000.dat
2010-04-24 08:31 . 2010-03-19 16:35 728858 ----a-w- c:\program files\Common Files\unins000.exe
2010-04-20 05:32 . 2004-08-17 13:48 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-17 15:46 . 2004-08-17 13:49 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-04-15 19:52 . 2010-04-14 18:02 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-13 17:17 . 2010-02-09 21:16 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-13 17:17 . 2010-02-09 21:16 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-04-07 19:08 . 2010-04-07 19:08 55232 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2010-04-07 19:08 . 2010-04-07 19:08 32584 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-04-07 19:08 . 2010-04-07 19:08 134488 ----a-w- c:\windows\system32\drivers\epfw.sys
2010-04-06 15:28 . 2010-04-06 15:28 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-03-09 20:31 . 2010-03-09 20:31 480 ----a-w- c:\program files\keys.dat
2010-03-09 20:31 . 2010-03-09 20:31 813976 ----a-w- c:\program files\normal.vs
2010-03-09 20:31 . 2010-03-09 20:31 61495 ----a-w- c:\program files\ssimages.vs
2010-03-09 20:31 . 2010-03-09 20:31 102400 ----a-w- c:\program files\HXAudioDeviceHook.dll
2010-03-09 20:31 . 2010-03-09 20:31 112168 ----a-w- c:\program files\rdsf3260.dll
2010-03-09 20:31 . 2010-03-09 20:31 86016 ----a-w- c:\program files\rpplugprot.dll
2010-03-09 20:31 . 2010-03-09 20:31 63016 ----a-w- c:\program files\rpshell.dll
2010-03-09 20:31 . 2010-03-09 20:31 50 ----a-w- c:\program files\strs23.dat
.
------- Sigcheck -------
[-] 2009-08-06 . A089AB141D4E25E543EEC2230CB50BD6 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . A089AB141D4E25E543EEC2230CB50BD6 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[-] 2010-05-06 . 05379DF185A4199865D8B1AA169C3FD3 . 6224896 . . [8.00.6001.18928] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2010-05-06 . 05379DF185A4199865D8B1AA169C3FD3 . 6224896 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll
[7] 2010-05-06 . 06B941C7749A9F071444B4C7563F36B5 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2010-05-06 . 3F88F981AA7BC20744E0D2C699F500EF . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[7] 2010-02-26 . 23CB63CC448E14C4069E9CE40483E987 . 3094528 . . [6.00.2900.5945] . . c:\windows\$hf_mig$\KB980182\SP3QFE\mshtml.dll
[7] 2010-02-25 . AC93856CC1D10E74986EA4E70D90748F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[7] 2010-01-05 . 5DA02EE50F8FC661964857F21A2AE606 . 3602944 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll
[7] 2009-12-22 . 25B289964AE031D4ECF189B8CD50F306 . 3092480 . . [6.00.2900.3660] . . c:\windows\$hf_mig$\KB978207\SP2QFE\mshtml.dll
[7] 2009-12-22 . 41A55A865F00CE20284132E8FDE1FFB3 . 3092480 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\mshtml.dll
[7] 2009-12-22 . BD2EE2BDF5954172F509A16EBEA06D85 . 3094528 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll
[7] 2009-12-21 . BD424F12E808F3AA345C4816F7124F7C . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 . 00EC3DE6B7C581CC2675CCD549B692D7 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[7] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[7] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB978207-IE7\mshtml.dll
[-] 2010-05-06 . C9C1E562FE51D92193AD5F19AB5F9E36 . 907264 . . [8.00.6001.18923] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2010-05-06 . C9C1E562FE51D92193AD5F19AB5F9E36 . 907264 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll
[7] 2010-05-06 . B7ECEF0CCF63119356E174A78C185171 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll
[7] 2010-05-06 . 72064DA077E9D6912F39438D97CC0C60 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[7] 2010-02-26 . FD0F4E4BC28B18715BC1323ACD48E1A6 . 669696 . . [6.00.2900.5945] . . c:\windows\$hf_mig$\KB980182\SP3QFE\wininet.dll
[7] 2010-02-25 . 2E6504E28C7E0F753F68731861A94214 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[7] 2010-01-05 . 0D90D150ED0DD4C673C627C52D3F7149 . 841216 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll
[7] 2009-12-22 . A0C158A24DA9F9C48B5B067948B31AA4 . 669696 . . [6.00.2900.3660] . . c:\windows\$hf_mig$\KB978207\SP2QFE\wininet.dll
[7] 2009-12-22 . 50C587017A3F2FB5B1B1B4267CB2EA91 . 668160 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\wininet.dll
[7] 2009-12-22 . 5F072B7F1CF448D6ED5FF79511890E60 . 669696 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll
[7] 2009-12-21 . 9256DA4AEE5E2C20FC6C126BDBC11997 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 . F651D2A69B7037D6063BC697CF296D8C . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[7] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[7] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB978207-IE7\wininet.dll
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-06-08 19552872]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-07 13902440]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Documents and Settings\\Butterfly\\Dokumenty\\My DAP Downloads\\TeamViewerPortable_en\\TeamViewer.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\condition zero\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Program Files\\Flow\\Flow.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\counter-strike\\hl.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2010-02-21 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2010-02-21 52224]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2010-02-09 13696]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-06-28 142592]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-07-02 135336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-06-14 1051976]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [2010-03-17 18944]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [2010-03-17 11520]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-03-29 1691480]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-06-13 23456]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-02-25 38224]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [2007-06-21 30720]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-02-28 697328]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-07-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-06-25 c:\windows\Tasks\Automatic maintenance.job
- c:\program files\TuneUp Utilities 2010\OneClickStarter.exe [2010-06-14 14:48]
2010-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 20:33]
2010-07-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-879983540-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
2010-06-25 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-879983540-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.cz/
IE: &Download with &DAP
IE: Download &all with DAP
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Zobrazit originál
FF - ProfilePath - c:\documents and settings\Butterfly\Data aplikací\Mozilla\Firefox\Profiles\s8h2coht.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - www.google.cz
---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-Secunia PSI - c:\program files\Secunia\PSI\uninstall.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-03 16:59
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-796845957-879983540-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(2484)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wscntfy.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
.
**************************************************************************
.
Celkový čas: 2010-07-03 17:02:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-03 15:02
Před spuštěním: Volných bajtů: 76,352,139,264
Po spuštění: Volných bajtů: 76,176,945,152
- - End Of File - - 9D3011C3A858AFA10A5BFB56E60C4749
Prosim o preventivní kontrolu Vyřešeno
-
martin.efres
- Level 2
- Příspěvky: 204
- Registrován: prosinec 09
- Pohlaví:
- Stav:
Offline
Re: Prosim o preventivní kontrolu
Jak to ted vypadá s počítačem?
-
martin.efres
- Level 2
- Příspěvky: 204
- Registrován: prosinec 09
- Pohlaví:
- Stav:
Offline
Re: Prosim o preventivní kontrolu
mam pomalej start pc ,jinak vpohode.
Re: Prosim o preventivní kontrolu
Zkus vypnout ZA, případně odinstalovat, jestli se start nezrychlí. Devítková verze má v tomhle bug. Ale pokud Ti to nevadí, tak to tak necháme.
Odinstaluj combofix přes
Start >> Spustit zkopíruj do okénka:
ComboFix /Uninstall
stiskni Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
Stáhni T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
-Spusť,pro potvrzení volby mačkej klávesu A, Enter
-po použití prográmek vymaž.Pozor,antiviry ho mohou falešně označit za vir
************************
Vlož nový log ze Rsitu
Odinstaluj combofix přes
Start >> Spustit zkopíruj do okénka:
ComboFix /Uninstall
stiskni Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.
Stáhni T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe
-Spusť,pro potvrzení volby mačkej klávesu A, Enter
-po použití prográmek vymaž.Pozor,antiviry ho mohou falešně označit za vir
************************
Vlož nový log ze Rsitu
-
martin.efres
- Level 2
- Příspěvky: 204
- Registrován: prosinec 09
- Pohlaví:
- Stav:
Offline
Re: Prosim o preventivní kontrolu
Logfile of random's system information tool 1.06 (written by random/random)
Run by Butterfly at 2010-07-04 12:28:51
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 73 GB (73%) free of 100 GB
Total RAM: 1022 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:29:13, on 2010-07-04
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Program Files\IObit\Game Booster\gbtray.exe
c:\program files\steam\steamapps\cleverboy\counter-strike\hl.exe
C:\Program Files\Steam\GameOverlayUI.exe
C:\WINDOWS\system32\ctfmon.exe
D:\My Folder\My !\PC\Malware\RSIT.exe
C:\Program Files\trend micro\Butterfly.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6781085453
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 6407 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Automatic maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-796845957-879983540-682003330-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-879983540-682003330-1003.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-26 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-06-08 19552872]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-06-07 13902440]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
"NoResolveSearch"=
"NoResolveTrack"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Documents and Settings\Butterfly\Dokumenty\My DAP Downloads\TeamViewerPortable_en\TeamViewer.exe"="C:\Documents and Settings\Butterfly\Dokumenty\My DAP Downloads\TeamViewerPortable_en\TeamViewer.exe:*:Enabled:TeamViewer"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\Steam\steamapps\cleverboy\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\cleverboy\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Valve\hltv.exe"="C:\Program Files\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Program Files\Flow\Flow.exe"="C:\Program Files\Flow\Flow.exe:*:Enabled:Flow"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Steam\steamapps\cleverboy\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\cleverboy\counter-strike\hl.exe:*:Enabled:Counter-Strike"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-07-04 12:28:51 ----D---- C:\rsit
2010-07-04 11:14:09 ----D---- C:\WINDOWS\Internet Logs
2010-07-03 22:12:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-03 17:13:22 ----SHD---- C:\RECYCLER
2010-07-02 23:42:18 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Mirillis
2010-07-02 23:42:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mirillis
2010-07-02 23:41:56 ----D---- C:\Program Files\Mirillis
2010-07-02 22:08:29 ----D---- C:\Program Files\FreeTime
2010-07-02 21:39:23 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Avira
2010-07-02 21:38:09 ----D---- C:\Program Files\Avira
2010-07-02 21:38:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2010-07-01 12:25:55 ----D---- C:\Program Files\Trend Micro
2010-07-01 11:17:54 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\PCF-VLC
2010-07-01 11:11:58 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Participatory Culture Foundation
2010-07-01 11:01:03 ----D---- C:\Program Files\QuickTime
2010-06-30 10:34:50 ----A---- C:\WINDOWS\avisplitter.ini
2010-06-30 10:34:48 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2010-06-30 10:34:47 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-06-30 10:34:47 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-06-30 10:34:45 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-06-30 10:34:45 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-06-30 10:33:16 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-06-30 10:29:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2010-06-30 10:29:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-06-30 10:29:11 ----D---- C:\Program Files\NortonInstaller
2010-06-30 10:29:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2010-06-28 19:12:14 ----A---- C:\log.txt
2010-06-28 14:18:57 ----D---- C:\Program Files\Crawler
2010-06-28 14:18:51 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Spyware Terminator
2010-06-28 14:18:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-06-28 14:18:40 ----D---- C:\Program Files\Spyware Terminator
2010-06-27 18:39:43 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Media Player Classic
2010-06-26 23:47:02 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\vlc
2010-06-26 23:46:09 ----D---- C:\Program Files\Common Files\Java
2010-06-26 23:44:35 ----A---- C:\WINDOWS\system32\javaws.exe
2010-06-26 23:44:35 ----A---- C:\WINDOWS\system32\javaw.exe
2010-06-26 23:44:35 ----A---- C:\WINDOWS\system32\java.exe
2010-06-26 22:51:38 ----D---- C:\Program Files\NetLimiter
2010-06-26 22:51:31 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\LockTime
2010-06-26 18:23:56 ----D---- C:\Program Files\Ultimate Process Manager
2010-06-26 17:12:31 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Sunbelt
2010-06-26 17:12:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sunbelt
2010-06-26 10:53:43 ----D---- C:\Program Files\Hide My IP
2010-06-23 21:30:20 ----D---- C:\Program Files\XP TCPIP Repair
2010-06-23 21:08:47 ----D---- C:\Program Files\VS Revo Group
2010-06-23 14:09:18 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-06-21 09:53:45 ----D---- C:\Program Files\Driver Checker
2010-06-17 19:46:31 ----D---- C:\Program Files\DAEMON Tools Pro
2010-06-17 19:46:11 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\DAEMON Tools Pro
2010-06-17 19:46:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Pro
2010-06-17 16:05:40 ----D---- C:\Program Files\Opera 10.60 Beta
2010-06-17 15:59:13 ----HDC---- C:\WINDOWS\ie8
2010-06-17 07:45:57 ----SHD---- C:\Documents and Settings\Butterfly\Data aplikací\wyUpdate AU
2010-06-17 07:43:01 ----D---- C:\Program Files\Flow
2010-06-17 07:43:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Vitesse Digital
2010-06-13 11:04:11 ----D---- C:\Program Files\Safari
2010-06-12 11:26:13 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-11 10:29:49 ----HD---- C:\WINDOWS\msdownld.tmp
2010-06-11 09:17:07 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2010-06-10 23:43:10 ----D---- C:\Program Files\DVBViewerTE
2010-06-10 07:39:28 ----A---- C:\WINDOWS\ALCMTR.EXE
2010-06-09 12:55:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-06-09 11:15:56 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Panda Security
2010-06-09 11:14:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Panda Security
2010-06-09 10:25:31 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Simply Super Software
2010-06-09 10:19:26 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-07 20:39:41 ----A---- C:\WINDOWS\system32\wbhelp2.dll
2010-06-07 20:39:41 ----A---- C:\WINDOWS\system32\W95INF32.DLL
2010-06-07 20:39:41 ----A---- C:\WINDOWS\system32\W95INF16.DLL
2010-06-07 20:39:41 ----A---- C:\WINDOWS\system32\anim.dll
2010-06-07 20:39:37 ----D---- C:\Program Files\WinUtilities
2010-06-07 17:35:38 ----A---- C:\WINDOWS\system32\nvwddi.dll
2010-06-07 17:35:30 ----A---- C:\WINDOWS\system32\nvrsth.dll
2010-06-07 17:35:30 ----A---- C:\WINDOWS\system32\nvrseng.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrszht.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrshe.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsel.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsda.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrstr.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrssv.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrssl.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrssk.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsru.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrspt.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrspl.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsno.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsko.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsja.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsit.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrshu.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrses.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsde.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrscs.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsar.dll
2010-06-07 17:35:24 ----A---- C:\WINDOWS\system32\nvmctray.dll
2010-06-07 17:35:24 ----A---- C:\WINDOWS\system32\nvmccs.dll
2010-06-07 17:35:22 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2010-06-07 17:35:22 ----A---- C:\WINDOWS\system32\nvcpl.dll
2010-06-07 17:35:22 ----A---- C:\WINDOWS\system32\nvcolor.exe
2010-06-06 09:45:54 ----D---- C:\Program Files\Defraggler
2010-06-05 10:04:28 ----D---- C:\Program Files\ScreenCamera
======List of files/folders modified in the last 1 months======
2010-07-04 11:20:29 ----D---- C:\Program Files\Steam
2010-07-04 11:20:19 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-04 11:17:48 ----SHD---- C:\WINDOWS\Installer
2010-07-04 11:17:05 ----D---- C:\WINDOWS\Prefetch
2010-07-04 11:14:30 ----D---- C:\WINDOWS\temp
2010-07-04 11:14:09 ----D---- C:\WINDOWS
2010-07-04 11:13:27 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-07-04 11:13:10 ----D---- C:\WINDOWS\system32
2010-07-04 11:13:09 ----D---- C:\Program Files
2010-07-04 11:08:17 ----SHD---- C:\System Volume Information
2010-07-04 11:08:17 ----D---- C:\WINDOWS\system32\Restore
2010-07-04 11:07:18 ----D---- C:\WINDOWS\Minidump
2010-07-04 11:02:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-04 11:02:06 ----ASH---- C:\boot.ini
2010-07-04 11:02:06 ----A---- C:\WINDOWS\win.ini
2010-07-04 11:02:06 ----A---- C:\WINDOWS\system.ini
2010-07-04 10:36:05 ----D---- C:\WINDOWS\Debug
2010-07-04 00:28:21 ----D---- C:\Program Files\Valve
2010-07-03 17:02:56 ----D---- C:\WINDOWS\system32\drivers
2010-07-03 16:55:42 ----D---- C:\WINDOWS\system32\config
2010-07-03 16:55:04 ----SD---- C:\WINDOWS\Tasks
2010-07-03 16:52:51 ----D---- C:\WINDOWS\AppPatch
2010-07-03 16:52:48 ----D---- C:\Program Files\Common Files
2010-07-02 22:29:29 ----D---- C:\Program Files\ScreenShots
2010-07-02 21:42:24 ----D---- C:\WINDOWS\system32\NtmsData
2010-07-02 21:41:37 ----D---- C:\WINDOWS\Registration
2010-07-01 22:14:45 ----A---- C:\Documents and Settings\Butterfly\Data aplikací\burnaware.ini
2010-07-01 13:57:02 ----D---- C:\Program Files\Google
2010-07-01 10:49:49 ----D---- C:\Program Files\MSECache
2010-07-01 10:41:02 ----D---- C:\Program Files\Opera
2010-06-30 15:04:40 ----D---- C:\Program Files\Mozilla Firefox
2010-06-30 10:35:03 ----D---- C:\Program Files\K-Lite Codec Pack
2010-06-29 17:21:17 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\ICQ
2010-06-28 19:57:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-06-28 14:10:37 ----HD---- C:\WINDOWS\inf
2010-06-27 19:03:52 ----A---- C:\resetlog.txt
2010-06-27 18:56:01 ----D---- C:\Documents and Settings
2010-06-27 10:09:11 ----D---- C:\WINDOWS\system32\CatRoot
2010-06-27 10:00:43 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\DMCache
2010-06-27 09:44:33 ----D---- C:\Program Files\IObit
2010-06-26 23:52:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-06-26 23:43:30 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-06-26 11:18:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-06-26 10:02:48 ----D---- C:\Program Files\PKR
2010-06-23 20:25:20 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-23 20:25:17 ----RSD---- C:\WINDOWS\assembly
2010-06-23 14:09:36 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-06-23 13:47:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-23 13:46:46 ----D---- C:\WINDOWS\WinSxS
2010-06-22 20:42:59 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Skype
2010-06-21 10:22:17 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-06-21 10:10:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-21 10:10:18 ----D---- C:\Program Files\Realtek
2010-06-20 15:34:55 ----D---- C:\Program Files\ICQ6.5
2010-06-20 13:11:07 ----A---- C:\WINDOWS\system32\resetlog.txt
2010-06-20 09:43:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-06-17 20:19:17 ----D---- C:\Program Files\Internet Explorer
2010-06-17 20:16:09 ----D---- C:\WINDOWS\Help
2010-06-17 20:15:05 ----D---- C:\Program Files\NVIDIA Corporation
2010-06-17 20:02:19 ----D---- C:\Program Files\BurnAware Free
2010-06-17 16:06:07 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Opera
2010-06-17 15:59:13 ----D---- C:\WINDOWS\system32\cs-cz
2010-06-17 07:46:59 ----SD---- C:\Documents and Settings\Butterfly\Data aplikací\Microsoft
2010-06-17 07:42:24 ----D---- C:\WINDOWS\ie8updates
2010-06-16 16:07:13 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\HLSW
2010-06-16 14:57:25 ----DC---- C:\WINDOWS\ie7
2010-06-14 16:45:28 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2010-06-13 22:52:02 ----HD---- C:\WINDOWS\ShellNew
2010-06-13 17:46:08 ----D---- C:\WINDOWS\system32\RTCOM
2010-06-13 11:03:49 ----D---- C:\Program Files\Bonjour
2010-06-12 17:47:40 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-06-12 11:26:41 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-06-12 11:08:29 ----D---- C:\Program Files\DivX
2010-06-12 11:07:59 ----D---- C:\Program Files\Common Files\DivX Shared
2010-06-12 11:06:00 ----RD---- C:\Program Files\Skype
2010-06-12 11:01:53 ----D---- C:\Program Files\Adobe
2010-06-12 11:01:49 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-06-11 10:28:23 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-11 10:08:40 ----RSD---- C:\WINDOWS\Fonts
2010-06-11 10:08:40 ----D---- C:\WINDOWS\Media
2010-06-11 10:08:40 ----D---- C:\WINDOWS\Cursors
2010-06-11 10:08:40 ----D---- C:\Program Files\Outlook Express
2010-06-11 10:08:40 ----D---- C:\Program Files\Movie Maker
2010-06-11 10:08:39 ----D---- C:\WINDOWS\system32\usmt
2010-06-11 09:18:56 ----A---- C:\WINDOWS\BricoPackUninst.txt
2010-06-11 09:18:56 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2010-06-11 09:13:10 ----D---- C:\WINDOWS\BricoPacks
2010-06-09 12:55:58 ----D---- C:\Program Files\Alwil Software
2010-06-09 11:11:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-06-08 18:58:25 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-06-08 17:16:38 ----A---- C:\WINDOWS\vncutil.exe
2010-06-08 17:16:38 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2010-06-08 17:16:38 ----A---- C:\WINDOWS\SkyTel.exe
2010-06-08 17:16:32 ----A---- C:\WINDOWS\RtlUpd.exe
2010-06-08 17:16:32 ----A---- C:\WINDOWS\RTLCPL.EXE
2010-06-08 17:16:20 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2010-06-08 17:16:20 ----A---- C:\WINDOWS\RtkAudioService.exe
2010-06-08 17:16:20 ----A---- C:\WINDOWS\RTHDCPL.EXE
2010-06-08 17:16:14 ----A---- C:\WINDOWS\MicCal.exe
2010-06-08 17:16:08 ----A---- C:\WINDOWS\ALCWZRD.EXE
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcodins.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcod.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-06-07 20:50:39 ----D---- C:\HLITE
2010-06-07 20:20:44 ----D---- C:\Program Files\The KMPlayer
2010-06-06 19:14:41 ----D---- C:\WINDOWS\network diagnostic
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 BIOS;BIOS; \??\C:\WINDOWS\system32\drivers\BIOS.sys []
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-04-07 55232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-04-07 134488]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2009-06-16 46592]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2009-03-06 18944]
R3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2009-03-04 11520]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-06-08 6056040]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-06-08 10531200]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-05 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2010-04-03 223128]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-01-09 42496]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 msloop;Microsoft Loopback Adapter Driver; C:\WINDOWS\system32\DRIVERS\loop.sys [2001-08-17 4992]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2010-03-19 19072]
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2008-02-22 87936]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2008-02-22 14976]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2008-02-22 114304]
S3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-06-17 697328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-06-26 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-06-28 488960]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-06-14 1051976]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-21 136176]
S2 HDDlife HDD Access service;HDDlife HDD Access service; C:\Program Files\Common Files\BinarySense\hldasvc.exe [2009-08-19 822936]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-05-31 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-06-23 435016]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Butterfly at 2010-07-04 12:28:51
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 73 GB (73%) free of 100 GB
Total RAM: 1022 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:29:13, on 2010-07-04
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Ventrilo\Ventrilo.exe
C:\Program Files\IObit\Game Booster\gbtray.exe
c:\program files\steam\steamapps\cleverboy\counter-strike\hl.exe
C:\Program Files\Steam\GameOverlayUI.exe
C:\WINDOWS\system32\ctfmon.exe
D:\My Folder\My !\PC\Malware\RSIT.exe
C:\Program Files\trend micro\Butterfly.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6781085453
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 6407 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Automatic maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-796845957-879983540-682003330-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-879983540-682003330-1003.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-06-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-06-26 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-06-08 19552872]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-06-07 13902440]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
"HonorAutoRunSetting"=
"NoResolveSearch"=
"NoResolveTrack"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HLSW\hlsw.exe"="C:\Program Files\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"C:\Documents and Settings\Butterfly\Dokumenty\My DAP Downloads\TeamViewerPortable_en\TeamViewer.exe"="C:\Documents and Settings\Butterfly\Dokumenty\My DAP Downloads\TeamViewerPortable_en\TeamViewer.exe:*:Enabled:TeamViewer"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ"
"C:\Program Files\Steam\steamapps\cleverboy\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\cleverboy\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Valve\hltv.exe"="C:\Program Files\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Program Files\Flow\Flow.exe"="C:\Program Files\Flow\Flow.exe:*:Enabled:Flow"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Steam\steamapps\cleverboy\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\cleverboy\counter-strike\hl.exe:*:Enabled:Counter-Strike"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2010-07-04 12:28:51 ----D---- C:\rsit
2010-07-04 11:14:09 ----D---- C:\WINDOWS\Internet Logs
2010-07-03 22:12:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-03 17:13:22 ----SHD---- C:\RECYCLER
2010-07-02 23:42:18 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Mirillis
2010-07-02 23:42:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mirillis
2010-07-02 23:41:56 ----D---- C:\Program Files\Mirillis
2010-07-02 22:08:29 ----D---- C:\Program Files\FreeTime
2010-07-02 21:39:23 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Avira
2010-07-02 21:38:09 ----D---- C:\Program Files\Avira
2010-07-02 21:38:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2010-07-01 12:25:55 ----D---- C:\Program Files\Trend Micro
2010-07-01 11:17:54 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\PCF-VLC
2010-07-01 11:11:58 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Participatory Culture Foundation
2010-07-01 11:01:03 ----D---- C:\Program Files\QuickTime
2010-06-30 10:34:50 ----A---- C:\WINDOWS\avisplitter.ini
2010-06-30 10:34:48 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2010-06-30 10:34:47 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2010-06-30 10:34:47 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-06-30 10:34:45 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-06-30 10:34:45 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-06-30 10:33:16 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-06-30 10:29:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2010-06-30 10:29:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2010-06-30 10:29:11 ----D---- C:\Program Files\NortonInstaller
2010-06-30 10:29:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2010-06-28 19:12:14 ----A---- C:\log.txt
2010-06-28 14:18:57 ----D---- C:\Program Files\Crawler
2010-06-28 14:18:51 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Spyware Terminator
2010-06-28 14:18:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-06-28 14:18:40 ----D---- C:\Program Files\Spyware Terminator
2010-06-27 18:39:43 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Media Player Classic
2010-06-26 23:47:02 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\vlc
2010-06-26 23:46:09 ----D---- C:\Program Files\Common Files\Java
2010-06-26 23:44:35 ----A---- C:\WINDOWS\system32\javaws.exe
2010-06-26 23:44:35 ----A---- C:\WINDOWS\system32\javaw.exe
2010-06-26 23:44:35 ----A---- C:\WINDOWS\system32\java.exe
2010-06-26 22:51:38 ----D---- C:\Program Files\NetLimiter
2010-06-26 22:51:31 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\LockTime
2010-06-26 18:23:56 ----D---- C:\Program Files\Ultimate Process Manager
2010-06-26 17:12:31 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Sunbelt
2010-06-26 17:12:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sunbelt
2010-06-26 10:53:43 ----D---- C:\Program Files\Hide My IP
2010-06-23 21:30:20 ----D---- C:\Program Files\XP TCPIP Repair
2010-06-23 21:08:47 ----D---- C:\Program Files\VS Revo Group
2010-06-23 14:09:18 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2010-06-21 09:53:45 ----D---- C:\Program Files\Driver Checker
2010-06-17 19:46:31 ----D---- C:\Program Files\DAEMON Tools Pro
2010-06-17 19:46:11 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\DAEMON Tools Pro
2010-06-17 19:46:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Pro
2010-06-17 16:05:40 ----D---- C:\Program Files\Opera 10.60 Beta
2010-06-17 15:59:13 ----HDC---- C:\WINDOWS\ie8
2010-06-17 07:45:57 ----SHD---- C:\Documents and Settings\Butterfly\Data aplikací\wyUpdate AU
2010-06-17 07:43:01 ----D---- C:\Program Files\Flow
2010-06-17 07:43:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Vitesse Digital
2010-06-13 11:04:11 ----D---- C:\Program Files\Safari
2010-06-12 11:26:13 ----D---- C:\Program Files\Microsoft Silverlight
2010-06-11 10:29:49 ----HD---- C:\WINDOWS\msdownld.tmp
2010-06-11 09:17:07 ----A---- C:\WINDOWS\BricoPackFoldersDelete.cmd
2010-06-10 23:43:10 ----D---- C:\Program Files\DVBViewerTE
2010-06-10 07:39:28 ----A---- C:\WINDOWS\ALCMTR.EXE
2010-06-09 12:55:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-06-09 11:15:56 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Panda Security
2010-06-09 11:14:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Panda Security
2010-06-09 10:25:31 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Simply Super Software
2010-06-09 10:19:26 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-07 20:39:41 ----A---- C:\WINDOWS\system32\wbhelp2.dll
2010-06-07 20:39:41 ----A---- C:\WINDOWS\system32\W95INF32.DLL
2010-06-07 20:39:41 ----A---- C:\WINDOWS\system32\W95INF16.DLL
2010-06-07 20:39:41 ----A---- C:\WINDOWS\system32\anim.dll
2010-06-07 20:39:37 ----D---- C:\Program Files\WinUtilities
2010-06-07 17:35:38 ----A---- C:\WINDOWS\system32\nvwddi.dll
2010-06-07 17:35:30 ----A---- C:\WINDOWS\system32\nvrsth.dll
2010-06-07 17:35:30 ----A---- C:\WINDOWS\system32\nvrseng.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrszht.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrshe.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsel.dll
2010-06-07 17:35:28 ----A---- C:\WINDOWS\system32\nvrsda.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrstr.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrssv.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrssl.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrssk.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsru.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrspt.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrspl.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsno.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsko.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsja.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsit.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrshu.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrses.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsde.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrscs.dll
2010-06-07 17:35:26 ----A---- C:\WINDOWS\system32\nvrsar.dll
2010-06-07 17:35:24 ----A---- C:\WINDOWS\system32\nvmctray.dll
2010-06-07 17:35:24 ----A---- C:\WINDOWS\system32\nvmccs.dll
2010-06-07 17:35:22 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2010-06-07 17:35:22 ----A---- C:\WINDOWS\system32\nvcpl.dll
2010-06-07 17:35:22 ----A---- C:\WINDOWS\system32\nvcolor.exe
2010-06-06 09:45:54 ----D---- C:\Program Files\Defraggler
2010-06-05 10:04:28 ----D---- C:\Program Files\ScreenCamera
======List of files/folders modified in the last 1 months======
2010-07-04 11:20:29 ----D---- C:\Program Files\Steam
2010-07-04 11:20:19 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-04 11:17:48 ----SHD---- C:\WINDOWS\Installer
2010-07-04 11:17:05 ----D---- C:\WINDOWS\Prefetch
2010-07-04 11:14:30 ----D---- C:\WINDOWS\temp
2010-07-04 11:14:09 ----D---- C:\WINDOWS
2010-07-04 11:13:27 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-07-04 11:13:10 ----D---- C:\WINDOWS\system32
2010-07-04 11:13:09 ----D---- C:\Program Files
2010-07-04 11:08:17 ----SHD---- C:\System Volume Information
2010-07-04 11:08:17 ----D---- C:\WINDOWS\system32\Restore
2010-07-04 11:07:18 ----D---- C:\WINDOWS\Minidump
2010-07-04 11:02:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-04 11:02:06 ----ASH---- C:\boot.ini
2010-07-04 11:02:06 ----A---- C:\WINDOWS\win.ini
2010-07-04 11:02:06 ----A---- C:\WINDOWS\system.ini
2010-07-04 10:36:05 ----D---- C:\WINDOWS\Debug
2010-07-04 00:28:21 ----D---- C:\Program Files\Valve
2010-07-03 17:02:56 ----D---- C:\WINDOWS\system32\drivers
2010-07-03 16:55:42 ----D---- C:\WINDOWS\system32\config
2010-07-03 16:55:04 ----SD---- C:\WINDOWS\Tasks
2010-07-03 16:52:51 ----D---- C:\WINDOWS\AppPatch
2010-07-03 16:52:48 ----D---- C:\Program Files\Common Files
2010-07-02 22:29:29 ----D---- C:\Program Files\ScreenShots
2010-07-02 21:42:24 ----D---- C:\WINDOWS\system32\NtmsData
2010-07-02 21:41:37 ----D---- C:\WINDOWS\Registration
2010-07-01 22:14:45 ----A---- C:\Documents and Settings\Butterfly\Data aplikací\burnaware.ini
2010-07-01 13:57:02 ----D---- C:\Program Files\Google
2010-07-01 10:49:49 ----D---- C:\Program Files\MSECache
2010-07-01 10:41:02 ----D---- C:\Program Files\Opera
2010-06-30 15:04:40 ----D---- C:\Program Files\Mozilla Firefox
2010-06-30 10:35:03 ----D---- C:\Program Files\K-Lite Codec Pack
2010-06-29 17:21:17 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\ICQ
2010-06-28 19:57:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-06-28 14:10:37 ----HD---- C:\WINDOWS\inf
2010-06-27 19:03:52 ----A---- C:\resetlog.txt
2010-06-27 18:56:01 ----D---- C:\Documents and Settings
2010-06-27 10:09:11 ----D---- C:\WINDOWS\system32\CatRoot
2010-06-27 10:00:43 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\DMCache
2010-06-27 09:44:33 ----D---- C:\Program Files\IObit
2010-06-26 23:52:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-06-26 23:43:30 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-06-26 11:18:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-06-26 10:02:48 ----D---- C:\Program Files\PKR
2010-06-23 20:25:20 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-23 20:25:17 ----RSD---- C:\WINDOWS\assembly
2010-06-23 14:09:36 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-06-23 13:47:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-23 13:46:46 ----D---- C:\WINDOWS\WinSxS
2010-06-22 20:42:59 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Skype
2010-06-21 10:22:17 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-06-21 10:10:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-21 10:10:18 ----D---- C:\Program Files\Realtek
2010-06-20 15:34:55 ----D---- C:\Program Files\ICQ6.5
2010-06-20 13:11:07 ----A---- C:\WINDOWS\system32\resetlog.txt
2010-06-20 09:43:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-06-17 20:19:17 ----D---- C:\Program Files\Internet Explorer
2010-06-17 20:16:09 ----D---- C:\WINDOWS\Help
2010-06-17 20:15:05 ----D---- C:\Program Files\NVIDIA Corporation
2010-06-17 20:02:19 ----D---- C:\Program Files\BurnAware Free
2010-06-17 16:06:07 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\Opera
2010-06-17 15:59:13 ----D---- C:\WINDOWS\system32\cs-cz
2010-06-17 07:46:59 ----SD---- C:\Documents and Settings\Butterfly\Data aplikací\Microsoft
2010-06-17 07:42:24 ----D---- C:\WINDOWS\ie8updates
2010-06-16 16:07:13 ----D---- C:\Documents and Settings\Butterfly\Data aplikací\HLSW
2010-06-16 14:57:25 ----DC---- C:\WINDOWS\ie7
2010-06-14 16:45:28 ----A---- C:\WINDOWS\system32\TURegOpt.exe
2010-06-13 22:52:02 ----HD---- C:\WINDOWS\ShellNew
2010-06-13 17:46:08 ----D---- C:\WINDOWS\system32\RTCOM
2010-06-13 11:03:49 ----D---- C:\Program Files\Bonjour
2010-06-12 17:47:40 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-06-12 11:26:41 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-06-12 11:08:29 ----D---- C:\Program Files\DivX
2010-06-12 11:07:59 ----D---- C:\Program Files\Common Files\DivX Shared
2010-06-12 11:06:00 ----RD---- C:\Program Files\Skype
2010-06-12 11:01:53 ----D---- C:\Program Files\Adobe
2010-06-12 11:01:49 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-06-11 10:28:23 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-11 10:08:40 ----RSD---- C:\WINDOWS\Fonts
2010-06-11 10:08:40 ----D---- C:\WINDOWS\Media
2010-06-11 10:08:40 ----D---- C:\WINDOWS\Cursors
2010-06-11 10:08:40 ----D---- C:\Program Files\Outlook Express
2010-06-11 10:08:40 ----D---- C:\Program Files\Movie Maker
2010-06-11 10:08:39 ----D---- C:\WINDOWS\system32\usmt
2010-06-11 09:18:56 ----A---- C:\WINDOWS\BricoPackUninst.txt
2010-06-11 09:18:56 ----A---- C:\WINDOWS\BricoPackUninst.cmd
2010-06-11 09:13:10 ----D---- C:\WINDOWS\BricoPacks
2010-06-09 12:55:58 ----D---- C:\Program Files\Alwil Software
2010-06-09 11:11:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-06-08 18:58:25 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-06-08 17:16:38 ----A---- C:\WINDOWS\vncutil.exe
2010-06-08 17:16:38 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2010-06-08 17:16:38 ----A---- C:\WINDOWS\SkyTel.exe
2010-06-08 17:16:32 ----A---- C:\WINDOWS\RtlUpd.exe
2010-06-08 17:16:32 ----A---- C:\WINDOWS\RTLCPL.EXE
2010-06-08 17:16:20 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2010-06-08 17:16:20 ----A---- C:\WINDOWS\RtkAudioService.exe
2010-06-08 17:16:20 ----A---- C:\WINDOWS\RTHDCPL.EXE
2010-06-08 17:16:14 ----A---- C:\WINDOWS\MicCal.exe
2010-06-08 17:16:08 ----A---- C:\WINDOWS\ALCWZRD.EXE
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\OpenCL.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcodins.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvcod.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2010-06-08 01:57:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-06-07 20:50:39 ----D---- C:\HLITE
2010-06-07 20:20:44 ----D---- C:\Program Files\The KMPlayer
2010-06-06 19:14:41 ----D---- C:\WINDOWS\network diagnostic
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 BIOS;BIOS; \??\C:\WINDOWS\system32\drivers\BIOS.sys []
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-04-07 55232]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-04-07 134488]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2009-06-16 46592]
R3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2009-03-06 18944]
R3 gMouUsb;USB Mouse Device Drv; C:\WINDOWS\system32\DRIVERS\gMouUsb.sys [2009-03-04 11520]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-06-08 6056040]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-06-08 10531200]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-05 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-06-06 11264]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2010-04-03 223128]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-01-09 42496]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 msloop;Microsoft Loopback Adapter Driver; C:\WINDOWS\system32\DRIVERS\loop.sys [2001-08-17 4992]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2010-03-19 19072]
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2008-02-22 87936]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2008-02-22 14976]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2008-02-22 114304]
S3 tap0901_2gm;VPN Anonymizer Adapter; C:\WINDOWS\system32\DRIVERS\tap0901_2gm.sys [2007-06-21 30720]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-06-17 697328]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-06-26 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-06-07 154728]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-06-28 488960]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-06-14 1051976]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-21 136176]
S2 HDDlife HDD Access service;HDDlife HDD Access service; C:\Program Files\Common Files\BinarySense\hldasvc.exe [2009-08-19 822936]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-05-31 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-06-23 435016]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43296
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosim o preventivní kontrolu
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna , ale nespouštěj ho!!
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna , ale nespouštěj ho!!
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
File::
c:\windows\system32\mlfcache.dat
c:\windows\Internet Logs\fwpktlog.txt
c:\windows\ALCMTR.EXE
c:\windows\system32\d3d9caps.dat
c:\windows\system32\ezsidmv.dat
Folder::
c:\program files\Common Files\Symantec Shared
c:\windows\system32\drivers\NSS
c:\program files\NortonInstaller
c:\windows\Internet Logs
c:\windows\msdownld.tmp
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=-
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
martin.efres
- Level 2
- Příspěvky: 204
- Registrován: prosinec 09
- Pohlaví:
- Stav:
Offline
Re: Prosim o preventivní kontrolu
ComboFix 10-07-03.06 - Butterfly 2010-07-04 16:12:57.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.1022.499 [GMT 2:00]
Spuštěný z: c:\documents and settings\Butterfly\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Butterfly\Plocha\CFScript.txt.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FILE ::
"c:\windows\ALCMTR.EXE"
"c:\windows\Internet Logs\fwpktlog.txt"
"c:\windows\system32\d3d9caps.dat"
"c:\windows\system32\ezsidmv.dat"
"c:\windows\system32\mlfcache.dat"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Common Files\Symantec Shared
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\catalog.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\cceraser.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ecmsvr32.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\eeCtrl.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ERASER.grd
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ERASER.sig
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ERASER.spm
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ERASER.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ESRDEF.BIN
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\HH
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\naveng.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\naveng32.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\navex15.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\navex32a.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ncsacert.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\scrauth.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\symaveng.cat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\symaveng.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\SymErase.cat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\SymErase.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TCDEFS.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TCSCAN7.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TCSCAN8.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TCSCAN9.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\technote.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TINF.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\tinfidx.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TINFL.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TSCAN1.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\tscan1hd.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\V.GRD
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\V.SIG
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN.INF
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN1.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN2.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN3.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN4.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN5.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN6.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN7.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN8.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN9.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\virscant.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\WHATSNEW.TXT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\zdone.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\catalog.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\cceraser.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\ecmsvr32.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\eeCtrl.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\ERASER.grd
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\ERASER.sig
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\ERASER.spm
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\ERASER.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\esrdef.bin
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\hh
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\naveng.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\naveng32.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\navex15.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\navex32a.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\ncsacert.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\scrauth.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\symaveng.cat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\symaveng.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\SymErase.cat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\SymErase.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tcdefs.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tcscan7.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tcscan8.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tcscan9.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\technote.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tinf.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tinfidx.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tinfl.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tscan1.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tscan1hd.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\v.grd
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\v.sig
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan1.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan2.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan3.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan4.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan5.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan6.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan7.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan8.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan9.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\whatsnew.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\zdone.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\definfo.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\cur.scr
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\ESRDEF.999
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\HH.998
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TCDEFS.997
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TCSCAN7.996
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TCSCAN8.995
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TCSCAN9.994
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TINF.993
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TINFL.992
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TSCAN1.991
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\V.989
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\V.990
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN.988
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN1.987
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN2.986
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN3.985
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN4.984
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN5.983
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN6.982
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN7.981
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN8.980
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN9.979
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCANT.978
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\WHATSNEW.977
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\catalog.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\cceraser.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ecmsvr32.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\eeCtrl.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ERASER.grd
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ERASER.sig
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ERASER.spm
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ERASER.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ESRDEF.BIN
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\HH
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\naveng.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\naveng32.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\navex15.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\navex32a.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ncsacert.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\scrauth.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\symaveng.cat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\symaveng.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\SymErase.cat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\SymErase.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TCDEFS.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TCSCAN7.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TCSCAN8.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TCSCAN9.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\technote.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TINF.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\tinfidx.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TINFL.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TSCAN1.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\tscan1hd.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\V.GRD
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\V.SIG
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN.INF
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN1.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN2.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN3.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN4.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN5.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN6.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN7.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN8.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN9.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\WHATSNEW.TXT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\zdone.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\usage.dat
c:\windows\ALCMTR.EXE
c:\windows\Internet Logs
c:\windows\Internet Logs\tvDebug.log
c:\windows\msdownld.tmp
c:\windows\system32\d3d9caps.dat
c:\windows\system32\ezsidmv.dat
c:\windows\system32\mlfcache.dat
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-04 do 2010-07-04 )))))))))))))))))))))))))))))))
.
2010-07-04 13:15 . 2010-07-04 13:18 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-07-04 12:42 . 2010-04-27 18:40 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-07-04 12:42 . 2010-04-27 18:40 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-07-04 12:42 . 2010-04-27 18:40 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2010-07-04 12:42 . 2010-04-27 18:40 133616 ------w- c:\windows\system32\pxafs.dll
2010-07-04 12:33 . 2010-07-04 12:33 -------- d-----w- c:\program files\Common Files\Skype
2010-07-04 12:33 . 2010-07-04 12:33 -------- d-----r- c:\program files\Skype
2010-07-04 12:24 . 2010-07-04 12:24 -------- d-----w- c:\program files\FileHippo.com
2010-07-04 10:28 . 2010-07-04 10:29 -------- d-----w- C:\rsit
2010-07-02 21:41 . 2010-07-02 21:41 -------- d-----w- c:\program files\Mirillis
2010-07-02 20:08 . 2010-07-02 20:08 -------- d-----w- c:\program files\FreeTime
2010-07-02 19:38 . 2010-07-02 19:38 -------- d-----w- c:\program files\Avira
2010-07-02 19:38 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-07-02 19:38 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-07-02 19:38 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-07-02 19:38 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-07-01 10:25 . 2010-07-04 10:29 -------- d-----w- c:\program files\Trend Micro
2010-07-01 09:01 . 2010-07-01 09:02 -------- d-----w- c:\program files\QuickTime
2010-07-01 07:58 . 2010-07-01 07:58 -------- d-----w- c:\documents and settings\Butterfly\KBCertifikat
2010-06-30 08:34 . 2004-01-24 22:00 70656 ----a-w- c:\windows\system32\yv12vfw.dll
2010-06-30 08:34 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-06-30 08:34 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-06-30 08:34 . 2010-06-28 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-06-28 12:18 . 2010-06-28 17:37 -------- d-----w- c:\program files\Crawler
2010-06-28 12:18 . 2010-06-28 12:18 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-06-28 12:18 . 2010-06-29 16:03 -------- d-----w- c:\program files\Spyware Terminator
2010-06-26 21:46 . 2010-06-26 21:46 -------- d-----w- c:\program files\Common Files\Java
2010-06-26 20:51 . 2010-07-02 20:43 -------- d-----w- c:\program files\NetLimiter
2010-06-26 16:23 . 2010-06-26 16:25 -------- d-----w- c:\program files\Ultimate Process Manager
2010-06-26 15:21 . 2010-06-26 15:21 -------- d-s---w- c:\documents and settings\LocalService\Oblíbené položky
2010-06-26 08:53 . 2010-06-26 08:55 -------- d-----w- c:\program files\Hide My IP
2010-06-23 19:30 . 2010-06-23 19:30 -------- d-----w- c:\program files\XP TCPIP Repair
2010-06-23 19:08 . 2010-06-23 19:08 -------- d-----w- c:\program files\VS Revo Group
2010-06-23 12:09 . 2010-06-14 14:39 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-06-21 08:05 . 2006-08-14 19:09 82816 ----a-w- c:\windows\system32\drivers\Rtnic.sys
2010-06-21 08:05 . 2006-08-14 19:09 82816 ----a-w- c:\windows\system32\drivers\Rtenic.sys
2010-06-21 07:53 . 2010-06-22 17:17 -------- d-----w- c:\program files\Driver Checker
2010-06-17 18:14 . 2010-06-25 12:41 217260 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-06-17 18:14 . 2010-06-25 12:41 217260 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-06-17 18:14 . 2010-06-25 12:41 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-06-17 14:05 . 2010-07-01 08:39 -------- d-----w- c:\program files\Opera 10.60 Beta
2010-06-17 13:59 . 2010-06-17 14:01 -------- dc-h--w- c:\windows\ie8
2010-06-17 05:46 . 2010-06-17 05:46 -------- d-sh--w- c:\documents and settings\Butterfly\wc
2010-06-17 05:43 . 2010-06-17 05:43 -------- d-----w- c:\program files\Flow
2010-06-13 21:07 . 2010-06-13 21:07 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2010-06-13 09:04 . 2010-06-13 09:04 -------- d-----w- c:\program files\Safari
2010-06-12 09:26 . 2010-06-12 09:26 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-11 07:17 . 2010-06-11 07:18 94 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-06-10 21:43 . 2010-06-10 21:45 -------- d-----w- c:\program files\DVBViewerTE
2010-06-09 07:25 . 2010-05-06 10:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-07 18:39 . 2007-08-31 10:52 56496 ----a-w- c:\windows\system32\wbhelp2.dll
2010-06-07 18:39 . 2007-08-31 10:52 33968 ----a-w- c:\windows\system32\anim.dll
2010-06-07 18:39 . 1999-11-22 13:50 4608 ----a-w- c:\windows\system32\W95INF32.DLL
2010-06-07 18:39 . 1999-11-22 13:50 2272 ----a-w- c:\windows\system32\W95INF16.DLL
2010-06-07 18:39 . 2010-07-02 20:25 -------- d-----w- c:\program files\WinUtilities
2010-06-06 07:45 . 2010-06-23 18:41 -------- d-----w- c:\program files\Defraggler
2010-06-05 08:04 . 2010-06-07 18:15 -------- d-----w- c:\program files\ScreenCamera
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-04 13:15 . 2010-02-28 21:24 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-07-04 13:01 . 2010-02-16 20:34 -------- d-----w- c:\program files\7-Zip
2010-07-04 12:47 . 2010-04-24 08:05 -------- d-----w- c:\program files\DivX
2010-07-04 12:45 . 2010-02-19 15:16 -------- d-----w- c:\program files\AIMP2
2010-07-04 12:40 . 2010-02-20 09:19 -------- d-----w- c:\program files\Windows Media Connect 2
2010-07-04 12:39 . 2010-03-08 11:38 -------- d-----w- c:\program files\Steam
2010-07-04 12:36 . 2010-02-12 21:12 -------- d-----w- c:\program files\Google
2010-07-04 12:32 . 2010-02-10 22:42 -------- d-----w- c:\program files\CCleaner
2010-07-03 22:28 . 2010-04-12 18:53 -------- d-----w- c:\program files\Valve
2010-07-02 20:29 . 2010-05-20 20:13 -------- d-----w- c:\program files\ScreenShots
2010-07-01 08:49 . 2010-02-12 13:43 -------- d-----w- c:\program files\MSECache
2010-07-01 08:41 . 2010-02-12 04:39 -------- d-----w- c:\program files\Opera
2010-06-30 08:35 . 2010-03-03 21:53 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-06-28 17:25 . 2010-02-24 16:13 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-06-27 07:44 . 2010-03-20 11:58 -------- d-----w- c:\program files\IObit
2010-06-26 21:43 . 2010-04-24 08:02 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-26 08:02 . 2010-02-28 20:04 -------- d-----w- c:\program files\PKR
2010-06-23 12:09 . 2010-02-27 09:18 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-06-23 11:47 . 2001-10-25 14:00 79424 ----a-w- c:\windows\system32\perfc005.dat
2010-06-23 11:47 . 2001-10-25 14:00 432386 ----a-w- c:\windows\system32\perfh005.dat
2010-06-21 08:10 . 2010-03-28 13:00 -------- d-----w- c:\program files\Realtek
2010-06-21 08:10 . 2010-02-09 21:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-20 13:34 . 2010-04-05 19:11 -------- d-----w- c:\program files\ICQ6.5
2010-06-20 07:43 . 2010-02-14 16:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-17 18:15 . 2010-02-16 20:52 -------- d-----w- c:\program files\NVIDIA Corporation
2010-06-17 18:02 . 2010-05-08 08:47 -------- d-----w- c:\program files\BurnAware Free
2010-06-14 14:45 . 2010-02-27 09:19 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-06-13 09:03 . 2010-05-31 19:58 -------- d-----w- c:\program files\Bonjour
2010-06-12 09:07 . 2010-04-24 08:27 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-06-12 09:01 . 2010-04-03 08:58 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-06-11 07:18 . 2010-02-17 18:37 133836 ----a-w- c:\windows\BricoPackUninst.cmd
2010-06-09 10:55 . 2010-02-16 21:52 -------- d-----w- c:\program files\Alwil Software
2010-06-08 15:16 . 2010-03-29 18:56 84584 ----a-w- c:\windows\SOUNDMAN.EXE
2010-06-08 15:16 . 2010-03-29 18:56 359016 ----a-w- c:\windows\vncutil.exe
2010-06-08 15:16 . 2010-03-29 18:56 1833576 ----a-w- c:\windows\SkyTel.exe
2010-06-08 15:16 . 2010-03-29 18:56 1489512 ----a-w- c:\windows\RtlUpd.exe
2010-06-08 15:16 . 2010-03-29 18:56 9721960 ----a-w- c:\windows\RTLCPL.EXE
2010-06-08 15:16 . 2010-03-29 18:56 6056040 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-06-08 15:16 . 2010-03-29 18:56 129640 ----a-w- c:\windows\RtkAudioService.exe
2010-06-08 15:16 . 2010-03-29 18:56 19552872 ----a-w- c:\windows\RTHDCPL.EXE
2010-06-08 15:16 . 2010-02-14 08:00 52840 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-06-08 15:16 . 2010-03-29 18:56 2180712 ----a-w- c:\windows\MicCal.exe
2010-06-08 15:16 . 2010-03-29 18:56 2815592 ----a-w- c:\windows\ALCWZRD.EXE
2010-06-07 23:57 . 2010-02-10 18:46 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-06-07 23:57 . 2010-02-10 18:46 10531200 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-06-07 23:57 . 2010-02-10 18:46 4554752 ----a-w- c:\windows\system32\nvcuda.dll
2010-06-07 23:57 . 2010-02-10 18:46 2632296 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-06-07 23:57 . 2010-02-10 18:46 232040 ----a-w- c:\windows\system32\nvcodins.dll
2010-06-07 23:57 . 2010-02-10 18:46 232040 ----a-w- c:\windows\system32\nvcod.dll
2010-06-07 23:57 . 2010-02-10 18:46 2165352 ----a-w- c:\windows\system32\nvcuvid.dll
2010-06-07 23:57 . 2010-02-10 18:46 15192064 ----a-w- c:\windows\system32\nvoglnt.dll
2010-06-07 23:57 . 2010-02-10 18:46 1359872 ----a-w- c:\windows\system32\nvapi.dll
2010-06-07 23:57 . 2010-02-10 18:46 10256384 ----a-w- c:\windows\system32\nvcompiler.dll
2010-06-07 23:57 . 2010-02-10 18:46 6300544 ----a-w- c:\windows\system32\nv4_disp.dll
2010-06-07 23:57 . 2010-02-10 18:46 2186342 ----a-w- c:\windows\system32\nvdata.bin
2010-06-07 18:20 . 2010-03-08 18:33 -------- d-----w- c:\program files\The KMPlayer
2010-06-04 11:58 . 2010-03-09 09:17 -------- d-----w- c:\program files\SlySoft
2010-05-31 20:00 . 2010-02-18 21:38 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-31 19:44 . 2010-05-31 19:44 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-05-27 16:53 . 2010-05-27 17:23 -------- d-----w- c:\program files\AviSynth 2.5
2010-05-26 10:52 . 2010-05-26 10:46 -------- d-----w- c:\program files\VPN Anonymizer
2010-05-23 20:27 . 2010-05-22 08:13 -------- d-----w- c:\program files\VideoLAN
2010-05-23 20:11 . 2010-05-21 13:30 -------- d--h--w- c:\program files\Process Lasso
2010-05-22 07:58 . 2010-03-07 14:26 -------- d-----w- c:\program files\Microsoft Games
2010-05-20 15:56 . 2010-05-20 15:56 -------- d-----w- c:\program files\Microsoft Research
2010-05-20 15:52 . 2010-05-20 15:52 -------- d-----w- c:\program files\Common Files\Windows Live
2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-12 19:03 . 2010-02-12 16:23 -------- d-----w- c:\program files\CyberLink
2010-05-12 16:41 . 2010-03-27 20:28 -------- d-----w- c:\program files\Trillian
2010-05-11 14:23 . 2010-02-12 21:17 -------- d-----w- c:\program files\Common Files\CyberLink
2010-05-11 14:20 . 2010-02-12 21:17 29480 ----a-w- c:\windows\system32\msxml3a.dll
2010-05-11 14:20 . 2010-02-12 16:23 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-05-11 14:20 . 2010-02-12 16:23 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-05-08 18:47 . 2010-05-08 18:47 -------- d-----w- c:\program files\LIUtilities
2010-05-06 10:35 . 2004-08-17 13:49 907264 ----a-w- c:\windows\system32\wininet.dll
2010-05-05 19:51 . 2010-02-12 21:53 -------- d-----w- c:\program files\QIP
2010-05-05 17:25 . 2010-02-11 19:56 -------- d-----w- c:\program files\Common Files\BinarySense
2010-05-02 08:09 . 2010-03-21 11:47 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 13:39 . 2010-02-25 20:28 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2010-02-25 20:28 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-28 16:45 . 2010-02-18 14:35 1251872 ----a-w- c:\windows\RtlExUpd.dll
2010-04-27 18:40 . 2010-04-24 08:30 126448 ------w- c:\windows\system32\pxinsi64.exe
2010-04-27 18:40 . 2010-04-24 08:30 123888 ------w- c:\windows\system32\pxcpyi64.exe
2010-04-24 08:32 . 2010-03-19 16:35 8030 ----a-w- c:\program files\Common Files\unins000.dat
2010-04-24 08:31 . 2010-03-19 16:35 728858 ----a-w- c:\program files\Common Files\unins000.exe
2010-04-20 05:32 . 2004-08-17 13:48 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-17 15:46 . 2004-08-17 13:49 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-04-13 17:17 . 2010-02-09 21:16 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-13 17:17 . 2010-02-09 21:16 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-04-07 19:08 . 2010-04-07 19:08 55232 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2010-04-07 19:08 . 2010-04-07 19:08 32584 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-04-07 19:08 . 2010-04-07 19:08 134488 ----a-w- c:\windows\system32\drivers\epfw.sys
2010-03-09 20:31 . 2010-03-09 20:31 480 ----a-w- c:\program files\keys.dat
2010-03-09 20:31 . 2010-03-09 20:31 813976 ----a-w- c:\program files\normal.vs
2010-03-09 20:31 . 2010-03-09 20:31 61495 ----a-w- c:\program files\ssimages.vs
2010-03-09 20:31 . 2010-03-09 20:31 102400 ----a-w- c:\program files\HXAudioDeviceHook.dll
2010-03-09 20:31 . 2010-03-09 20:31 112168 ----a-w- c:\program files\rdsf3260.dll
2010-03-09 20:31 . 2010-03-09 20:31 86016 ----a-w- c:\program files\rpplugprot.dll
2010-03-09 20:31 . 2010-03-09 20:31 63016 ----a-w- c:\program files\rpshell.dll
.
------- Sigcheck -------
[-] 2009-08-06 . A089AB141D4E25E543EEC2230CB50BD6 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . A089AB141D4E25E543EEC2230CB50BD6 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[-] 2010-05-06 . 05379DF185A4199865D8B1AA169C3FD3 . 6224896 . . [8.00.6001.18928] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2010-05-06 . 05379DF185A4199865D8B1AA169C3FD3 . 6224896 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll
[7] 2010-05-06 . 06B941C7749A9F071444B4C7563F36B5 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2010-05-06 . 3F88F981AA7BC20744E0D2C699F500EF . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[7] 2010-02-26 . 23CB63CC448E14C4069E9CE40483E987 . 3094528 . . [6.00.2900.5945] . . c:\windows\$hf_mig$\KB980182\SP3QFE\mshtml.dll
[7] 2010-02-25 . AC93856CC1D10E74986EA4E70D90748F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[7] 2010-01-05 . 5DA02EE50F8FC661964857F21A2AE606 . 3602944 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll
[7] 2009-12-22 . 25B289964AE031D4ECF189B8CD50F306 . 3092480 . . [6.00.2900.3660] . . c:\windows\$hf_mig$\KB978207\SP2QFE\mshtml.dll
[7] 2009-12-22 . 41A55A865F00CE20284132E8FDE1FFB3 . 3092480 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\mshtml.dll
[7] 2009-12-22 . BD2EE2BDF5954172F509A16EBEA06D85 . 3094528 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll
[7] 2009-12-21 . BD424F12E808F3AA345C4816F7124F7C . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 . 00EC3DE6B7C581CC2675CCD549B692D7 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[7] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[7] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB978207-IE7\mshtml.dll
[-] 2010-05-06 . C9C1E562FE51D92193AD5F19AB5F9E36 . 907264 . . [8.00.6001.18923] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2010-05-06 . C9C1E562FE51D92193AD5F19AB5F9E36 . 907264 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll
[7] 2010-05-06 . B7ECEF0CCF63119356E174A78C185171 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll
[7] 2010-05-06 . 72064DA077E9D6912F39438D97CC0C60 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[7] 2010-02-26 . FD0F4E4BC28B18715BC1323ACD48E1A6 . 669696 . . [6.00.2900.5945] . . c:\windows\$hf_mig$\KB980182\SP3QFE\wininet.dll
[7] 2010-02-25 . 2E6504E28C7E0F753F68731861A94214 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[7] 2010-01-05 . 0D90D150ED0DD4C673C627C52D3F7149 . 841216 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll
[7] 2009-12-22 . A0C158A24DA9F9C48B5B067948B31AA4 . 669696 . . [6.00.2900.3660] . . c:\windows\$hf_mig$\KB978207\SP2QFE\wininet.dll
[7] 2009-12-22 . 50C587017A3F2FB5B1B1B4267CB2EA91 . 668160 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\wininet.dll
[7] 2009-12-22 . 5F072B7F1CF448D6ED5FF79511890E60 . 669696 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll
[7] 2009-12-21 . 9256DA4AEE5E2C20FC6C126BDBC11997 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 . F651D2A69B7037D6063BC697CF296D8C . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[7] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[7] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB978207-IE7\wininet.dll
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2009-01-30 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-06-08 19552872]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-07 13902440]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Documents and Settings\\Butterfly\\Dokumenty\\My DAP Downloads\\TeamViewerPortable_en\\TeamViewer.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\condition zero\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Program Files\\Flow\\Flow.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\counter-strike\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2010-02-21 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2010-02-21 52224]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2010-02-09 13696]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-06-28 142592]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-07-02 135336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-06-14 1051976]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [2010-03-17 18944]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [2010-03-17 11520]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-03-29 1691480]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-06-13 23456]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-02-25 38224]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [2007-06-21 30720]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-02-28 691696]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-07-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-06-25 c:\windows\Tasks\Automatic maintenance.job
- c:\program files\TuneUp Utilities 2010\OneClickStarter.exe [2010-06-14 14:48]
2010-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 20:33]
2010-07-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-879983540-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
2010-06-25 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-879983540-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.cz/
IE: &Download with &DAP
IE: Download &all with DAP
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Zobrazit originál
FF - ProfilePath - c:\documents and settings\Butterfly\Data aplikací\Mozilla\Firefox\Profiles\s8h2coht.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-04 16:23
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-796845957-879983540-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(2504)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\RTHDCPL.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wscntfy.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Windows Media Player\WMPNetwk.exe
.
**************************************************************************
.
Celkový čas: 2010-07-04 16:25:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-04 14:25
Před spuštěním: Volných bajtů: 75,266,490,368
Po spuštění: Volných bajtů: 75,208,753,152
- - End Of File - - 31E3A60B6B12322F58080DC061217C01
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.1022.499 [GMT 2:00]
Spuštěný z: c:\documents and settings\Butterfly\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Butterfly\Plocha\CFScript.txt.txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FILE ::
"c:\windows\ALCMTR.EXE"
"c:\windows\Internet Logs\fwpktlog.txt"
"c:\windows\system32\d3d9caps.dat"
"c:\windows\system32\ezsidmv.dat"
"c:\windows\system32\mlfcache.dat"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Common Files\Symantec Shared
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\catalog.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\cceraser.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ecmsvr32.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\eeCtrl.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ERASER.grd
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ERASER.sig
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ERASER.spm
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ERASER.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ESRDEF.BIN
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\HH
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\naveng.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\naveng32.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\navex15.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\navex32a.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\ncsacert.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\scrauth.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\symaveng.cat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\symaveng.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\SymErase.cat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\SymErase.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TCDEFS.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TCSCAN7.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TCSCAN8.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TCSCAN9.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\technote.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TINF.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\tinfidx.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TINFL.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\TSCAN1.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\tscan1hd.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\V.GRD
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\V.SIG
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN.INF
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN1.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN2.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN3.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN4.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN5.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN6.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN7.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN8.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\VIRSCAN9.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\virscant.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\WHATSNEW.TXT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\20100630.004\zdone.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\catalog.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\cceraser.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\ecmsvr32.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\eeCtrl.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\ERASER.grd
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\ERASER.sig
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\ERASER.spm
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\ERASER.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\esrdef.bin
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\hh
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\naveng.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\naveng32.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\navex15.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\navex32a.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\ncsacert.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\scrauth.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\symaveng.cat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\symaveng.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\SymErase.cat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\SymErase.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tcdefs.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tcscan7.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tcscan8.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tcscan9.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\technote.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tinf.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tinfidx.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tinfl.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tscan1.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\tscan1hd.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\v.grd
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\v.sig
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan1.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan2.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan3.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan4.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan5.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan6.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan7.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan8.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\virscan9.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\whatsnew.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\BinHub\zdone.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\definfo.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\cur.scr
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\ESRDEF.999
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\HH.998
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TCDEFS.997
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TCSCAN7.996
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TCSCAN8.995
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TCSCAN9.994
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TINF.993
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TINFL.992
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\TSCAN1.991
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\V.989
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\V.990
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN.988
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN1.987
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN2.986
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN3.985
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN4.984
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN5.983
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN6.982
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN7.981
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN8.980
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCAN9.979
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\VIRSCANT.978
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4d18.tmp\WHATSNEW.977
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\catalog.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\cceraser.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ecmsvr32.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\eeCtrl.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ERASER.grd
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ERASER.sig
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ERASER.spm
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ERASER.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ESRDEF.BIN
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\HH
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\naveng.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\naveng32.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\navex15.sys
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\navex32a.dll
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\ncsacert.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\scrauth.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\symaveng.cat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\symaveng.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\SymErase.cat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\SymErase.inf
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TCDEFS.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TCSCAN7.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TCSCAN8.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TCSCAN9.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\technote.txt
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TINF.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\tinfidx.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TINFL.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\TSCAN1.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\tscan1hd.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\V.GRD
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\V.SIG
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN.INF
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN1.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN2.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN3.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN4.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN5.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN6.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN7.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN8.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\VIRSCAN9.DAT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\WHATSNEW.TXT
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\tmp4db8.tmp\zdone.dat
c:\program files\Common Files\Symantec Shared\SymcData\virusdefs-2.5-e\usage.dat
c:\windows\ALCMTR.EXE
c:\windows\Internet Logs
c:\windows\Internet Logs\tvDebug.log
c:\windows\msdownld.tmp
c:\windows\system32\d3d9caps.dat
c:\windows\system32\ezsidmv.dat
c:\windows\system32\mlfcache.dat
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-04 do 2010-07-04 )))))))))))))))))))))))))))))))
.
2010-07-04 13:15 . 2010-07-04 13:18 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-07-04 12:42 . 2010-04-27 18:40 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-07-04 12:42 . 2010-04-27 18:40 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-07-04 12:42 . 2010-04-27 18:40 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2010-07-04 12:42 . 2010-04-27 18:40 133616 ------w- c:\windows\system32\pxafs.dll
2010-07-04 12:33 . 2010-07-04 12:33 -------- d-----w- c:\program files\Common Files\Skype
2010-07-04 12:33 . 2010-07-04 12:33 -------- d-----r- c:\program files\Skype
2010-07-04 12:24 . 2010-07-04 12:24 -------- d-----w- c:\program files\FileHippo.com
2010-07-04 10:28 . 2010-07-04 10:29 -------- d-----w- C:\rsit
2010-07-02 21:41 . 2010-07-02 21:41 -------- d-----w- c:\program files\Mirillis
2010-07-02 20:08 . 2010-07-02 20:08 -------- d-----w- c:\program files\FreeTime
2010-07-02 19:38 . 2010-07-02 19:38 -------- d-----w- c:\program files\Avira
2010-07-02 19:38 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-07-02 19:38 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-07-02 19:38 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-07-02 19:38 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-07-01 10:25 . 2010-07-04 10:29 -------- d-----w- c:\program files\Trend Micro
2010-07-01 09:01 . 2010-07-01 09:02 -------- d-----w- c:\program files\QuickTime
2010-07-01 07:58 . 2010-07-01 07:58 -------- d-----w- c:\documents and settings\Butterfly\KBCertifikat
2010-06-30 08:34 . 2004-01-24 22:00 70656 ----a-w- c:\windows\system32\yv12vfw.dll
2010-06-30 08:34 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-06-30 08:34 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-06-30 08:34 . 2010-06-28 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-06-28 12:18 . 2010-06-28 17:37 -------- d-----w- c:\program files\Crawler
2010-06-28 12:18 . 2010-06-28 12:18 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-06-28 12:18 . 2010-06-29 16:03 -------- d-----w- c:\program files\Spyware Terminator
2010-06-26 21:46 . 2010-06-26 21:46 -------- d-----w- c:\program files\Common Files\Java
2010-06-26 20:51 . 2010-07-02 20:43 -------- d-----w- c:\program files\NetLimiter
2010-06-26 16:23 . 2010-06-26 16:25 -------- d-----w- c:\program files\Ultimate Process Manager
2010-06-26 15:21 . 2010-06-26 15:21 -------- d-s---w- c:\documents and settings\LocalService\Oblíbené položky
2010-06-26 08:53 . 2010-06-26 08:55 -------- d-----w- c:\program files\Hide My IP
2010-06-23 19:30 . 2010-06-23 19:30 -------- d-----w- c:\program files\XP TCPIP Repair
2010-06-23 19:08 . 2010-06-23 19:08 -------- d-----w- c:\program files\VS Revo Group
2010-06-23 12:09 . 2010-06-14 14:39 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-06-21 08:05 . 2006-08-14 19:09 82816 ----a-w- c:\windows\system32\drivers\Rtnic.sys
2010-06-21 08:05 . 2006-08-14 19:09 82816 ----a-w- c:\windows\system32\drivers\Rtenic.sys
2010-06-21 07:53 . 2010-06-22 17:17 -------- d-----w- c:\program files\Driver Checker
2010-06-17 18:14 . 2010-06-25 12:41 217260 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-06-17 18:14 . 2010-06-25 12:41 217260 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-06-17 18:14 . 2010-06-25 12:41 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-06-17 14:05 . 2010-07-01 08:39 -------- d-----w- c:\program files\Opera 10.60 Beta
2010-06-17 13:59 . 2010-06-17 14:01 -------- dc-h--w- c:\windows\ie8
2010-06-17 05:46 . 2010-06-17 05:46 -------- d-sh--w- c:\documents and settings\Butterfly\wc
2010-06-17 05:43 . 2010-06-17 05:43 -------- d-----w- c:\program files\Flow
2010-06-13 21:07 . 2010-06-13 21:07 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2010-06-13 09:04 . 2010-06-13 09:04 -------- d-----w- c:\program files\Safari
2010-06-12 09:26 . 2010-06-12 09:26 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-11 07:17 . 2010-06-11 07:18 94 ----a-w- c:\windows\BricoPackFoldersDelete.cmd
2010-06-10 21:43 . 2010-06-10 21:45 -------- d-----w- c:\program files\DVBViewerTE
2010-06-09 07:25 . 2010-05-06 10:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-07 18:39 . 2007-08-31 10:52 56496 ----a-w- c:\windows\system32\wbhelp2.dll
2010-06-07 18:39 . 2007-08-31 10:52 33968 ----a-w- c:\windows\system32\anim.dll
2010-06-07 18:39 . 1999-11-22 13:50 4608 ----a-w- c:\windows\system32\W95INF32.DLL
2010-06-07 18:39 . 1999-11-22 13:50 2272 ----a-w- c:\windows\system32\W95INF16.DLL
2010-06-07 18:39 . 2010-07-02 20:25 -------- d-----w- c:\program files\WinUtilities
2010-06-06 07:45 . 2010-06-23 18:41 -------- d-----w- c:\program files\Defraggler
2010-06-05 08:04 . 2010-06-07 18:15 -------- d-----w- c:\program files\ScreenCamera
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-04 13:15 . 2010-02-28 21:24 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-07-04 13:01 . 2010-02-16 20:34 -------- d-----w- c:\program files\7-Zip
2010-07-04 12:47 . 2010-04-24 08:05 -------- d-----w- c:\program files\DivX
2010-07-04 12:45 . 2010-02-19 15:16 -------- d-----w- c:\program files\AIMP2
2010-07-04 12:40 . 2010-02-20 09:19 -------- d-----w- c:\program files\Windows Media Connect 2
2010-07-04 12:39 . 2010-03-08 11:38 -------- d-----w- c:\program files\Steam
2010-07-04 12:36 . 2010-02-12 21:12 -------- d-----w- c:\program files\Google
2010-07-04 12:32 . 2010-02-10 22:42 -------- d-----w- c:\program files\CCleaner
2010-07-03 22:28 . 2010-04-12 18:53 -------- d-----w- c:\program files\Valve
2010-07-02 20:29 . 2010-05-20 20:13 -------- d-----w- c:\program files\ScreenShots
2010-07-01 08:49 . 2010-02-12 13:43 -------- d-----w- c:\program files\MSECache
2010-07-01 08:41 . 2010-02-12 04:39 -------- d-----w- c:\program files\Opera
2010-06-30 08:35 . 2010-03-03 21:53 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-06-28 17:25 . 2010-02-24 16:13 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-06-27 07:44 . 2010-03-20 11:58 -------- d-----w- c:\program files\IObit
2010-06-26 21:43 . 2010-04-24 08:02 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-26 08:02 . 2010-02-28 20:04 -------- d-----w- c:\program files\PKR
2010-06-23 12:09 . 2010-02-27 09:18 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-06-23 11:47 . 2001-10-25 14:00 79424 ----a-w- c:\windows\system32\perfc005.dat
2010-06-23 11:47 . 2001-10-25 14:00 432386 ----a-w- c:\windows\system32\perfh005.dat
2010-06-21 08:10 . 2010-03-28 13:00 -------- d-----w- c:\program files\Realtek
2010-06-21 08:10 . 2010-02-09 21:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-20 13:34 . 2010-04-05 19:11 -------- d-----w- c:\program files\ICQ6.5
2010-06-20 07:43 . 2010-02-14 16:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-17 18:15 . 2010-02-16 20:52 -------- d-----w- c:\program files\NVIDIA Corporation
2010-06-17 18:02 . 2010-05-08 08:47 -------- d-----w- c:\program files\BurnAware Free
2010-06-14 14:45 . 2010-02-27 09:19 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-06-13 09:03 . 2010-05-31 19:58 -------- d-----w- c:\program files\Bonjour
2010-06-12 09:07 . 2010-04-24 08:27 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-06-12 09:01 . 2010-04-03 08:58 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-06-11 07:18 . 2010-02-17 18:37 133836 ----a-w- c:\windows\BricoPackUninst.cmd
2010-06-09 10:55 . 2010-02-16 21:52 -------- d-----w- c:\program files\Alwil Software
2010-06-08 15:16 . 2010-03-29 18:56 84584 ----a-w- c:\windows\SOUNDMAN.EXE
2010-06-08 15:16 . 2010-03-29 18:56 359016 ----a-w- c:\windows\vncutil.exe
2010-06-08 15:16 . 2010-03-29 18:56 1833576 ----a-w- c:\windows\SkyTel.exe
2010-06-08 15:16 . 2010-03-29 18:56 1489512 ----a-w- c:\windows\RtlUpd.exe
2010-06-08 15:16 . 2010-03-29 18:56 9721960 ----a-w- c:\windows\RTLCPL.EXE
2010-06-08 15:16 . 2010-03-29 18:56 6056040 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-06-08 15:16 . 2010-03-29 18:56 129640 ----a-w- c:\windows\RtkAudioService.exe
2010-06-08 15:16 . 2010-03-29 18:56 19552872 ----a-w- c:\windows\RTHDCPL.EXE
2010-06-08 15:16 . 2010-02-14 08:00 52840 ----a-w- c:\windows\system32\RtkCoInstXP.dll
2010-06-08 15:16 . 2010-03-29 18:56 2180712 ----a-w- c:\windows\MicCal.exe
2010-06-08 15:16 . 2010-03-29 18:56 2815592 ----a-w- c:\windows\ALCWZRD.EXE
2010-06-07 23:57 . 2010-02-10 18:46 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-06-07 23:57 . 2010-02-10 18:46 10531200 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-06-07 23:57 . 2010-02-10 18:46 4554752 ----a-w- c:\windows\system32\nvcuda.dll
2010-06-07 23:57 . 2010-02-10 18:46 2632296 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-06-07 23:57 . 2010-02-10 18:46 232040 ----a-w- c:\windows\system32\nvcodins.dll
2010-06-07 23:57 . 2010-02-10 18:46 232040 ----a-w- c:\windows\system32\nvcod.dll
2010-06-07 23:57 . 2010-02-10 18:46 2165352 ----a-w- c:\windows\system32\nvcuvid.dll
2010-06-07 23:57 . 2010-02-10 18:46 15192064 ----a-w- c:\windows\system32\nvoglnt.dll
2010-06-07 23:57 . 2010-02-10 18:46 1359872 ----a-w- c:\windows\system32\nvapi.dll
2010-06-07 23:57 . 2010-02-10 18:46 10256384 ----a-w- c:\windows\system32\nvcompiler.dll
2010-06-07 23:57 . 2010-02-10 18:46 6300544 ----a-w- c:\windows\system32\nv4_disp.dll
2010-06-07 23:57 . 2010-02-10 18:46 2186342 ----a-w- c:\windows\system32\nvdata.bin
2010-06-07 18:20 . 2010-03-08 18:33 -------- d-----w- c:\program files\The KMPlayer
2010-06-04 11:58 . 2010-03-09 09:17 -------- d-----w- c:\program files\SlySoft
2010-05-31 20:00 . 2010-02-18 21:38 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-31 19:44 . 2010-05-31 19:44 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-05-27 16:53 . 2010-05-27 17:23 -------- d-----w- c:\program files\AviSynth 2.5
2010-05-26 10:52 . 2010-05-26 10:46 -------- d-----w- c:\program files\VPN Anonymizer
2010-05-23 20:27 . 2010-05-22 08:13 -------- d-----w- c:\program files\VideoLAN
2010-05-23 20:11 . 2010-05-21 13:30 -------- d--h--w- c:\program files\Process Lasso
2010-05-22 07:58 . 2010-03-07 14:26 -------- d-----w- c:\program files\Microsoft Games
2010-05-20 15:56 . 2010-05-20 15:56 -------- d-----w- c:\program files\Microsoft Research
2010-05-20 15:52 . 2010-05-20 15:52 -------- d-----w- c:\program files\Common Files\Windows Live
2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-12 19:03 . 2010-02-12 16:23 -------- d-----w- c:\program files\CyberLink
2010-05-12 16:41 . 2010-03-27 20:28 -------- d-----w- c:\program files\Trillian
2010-05-11 14:23 . 2010-02-12 21:17 -------- d-----w- c:\program files\Common Files\CyberLink
2010-05-11 14:20 . 2010-02-12 21:17 29480 ----a-w- c:\windows\system32\msxml3a.dll
2010-05-11 14:20 . 2010-02-12 16:23 353576 ----a-w- c:\windows\system32\msvcr71.dll
2010-05-11 14:20 . 2010-02-12 16:23 505128 ----a-w- c:\windows\system32\msvcp71.dll
2010-05-08 18:47 . 2010-05-08 18:47 -------- d-----w- c:\program files\LIUtilities
2010-05-06 10:35 . 2004-08-17 13:49 907264 ----a-w- c:\windows\system32\wininet.dll
2010-05-05 19:51 . 2010-02-12 21:53 -------- d-----w- c:\program files\QIP
2010-05-05 17:25 . 2010-02-11 19:56 -------- d-----w- c:\program files\Common Files\BinarySense
2010-05-02 08:09 . 2010-03-21 11:47 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 13:39 . 2010-02-25 20:28 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2010-02-25 20:28 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-28 16:45 . 2010-02-18 14:35 1251872 ----a-w- c:\windows\RtlExUpd.dll
2010-04-27 18:40 . 2010-04-24 08:30 126448 ------w- c:\windows\system32\pxinsi64.exe
2010-04-27 18:40 . 2010-04-24 08:30 123888 ------w- c:\windows\system32\pxcpyi64.exe
2010-04-24 08:32 . 2010-03-19 16:35 8030 ----a-w- c:\program files\Common Files\unins000.dat
2010-04-24 08:31 . 2010-03-19 16:35 728858 ----a-w- c:\program files\Common Files\unins000.exe
2010-04-20 05:32 . 2004-08-17 13:48 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-17 15:46 . 2004-08-17 13:49 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-04-13 17:17 . 2010-02-09 21:16 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-13 17:17 . 2010-02-09 21:16 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-04-07 19:08 . 2010-04-07 19:08 55232 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2010-04-07 19:08 . 2010-04-07 19:08 32584 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-04-07 19:08 . 2010-04-07 19:08 134488 ----a-w- c:\windows\system32\drivers\epfw.sys
2010-03-09 20:31 . 2010-03-09 20:31 480 ----a-w- c:\program files\keys.dat
2010-03-09 20:31 . 2010-03-09 20:31 813976 ----a-w- c:\program files\normal.vs
2010-03-09 20:31 . 2010-03-09 20:31 61495 ----a-w- c:\program files\ssimages.vs
2010-03-09 20:31 . 2010-03-09 20:31 102400 ----a-w- c:\program files\HXAudioDeviceHook.dll
2010-03-09 20:31 . 2010-03-09 20:31 112168 ----a-w- c:\program files\rdsf3260.dll
2010-03-09 20:31 . 2010-03-09 20:31 86016 ----a-w- c:\program files\rpplugprot.dll
2010-03-09 20:31 . 2010-03-09 20:31 63016 ----a-w- c:\program files\rpshell.dll
.
------- Sigcheck -------
[-] 2009-08-06 . A089AB141D4E25E543EEC2230CB50BD6 . 68832 . . [7.4.7600.226] . . c:\windows\ServicePackFiles\i386\wuauclt.exe
[-] 2009-08-06 . A089AB141D4E25E543EEC2230CB50BD6 . 68832 . . [7.4.7600.226] . . c:\windows\system32\wuauclt.exe
[-] 2009-08-06 . 0B6DABD6FFF1AD42A3CD65A1C7EE8F35 . 68832 . . [7.4.7600.226] . . c:\windows\system32\dllcache\wuauclt.exe
[-] 2010-05-06 . 05379DF185A4199865D8B1AA169C3FD3 . 6224896 . . [8.00.6001.18928] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2010-05-06 . 05379DF185A4199865D8B1AA169C3FD3 . 6224896 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll
[7] 2010-05-06 . 06B941C7749A9F071444B4C7563F36B5 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2010-05-06 . 3F88F981AA7BC20744E0D2C699F500EF . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[7] 2010-02-26 . 23CB63CC448E14C4069E9CE40483E987 . 3094528 . . [6.00.2900.5945] . . c:\windows\$hf_mig$\KB980182\SP3QFE\mshtml.dll
[7] 2010-02-25 . AC93856CC1D10E74986EA4E70D90748F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[7] 2010-01-05 . 5DA02EE50F8FC661964857F21A2AE606 . 3602944 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\mshtml.dll
[7] 2009-12-22 . 25B289964AE031D4ECF189B8CD50F306 . 3092480 . . [6.00.2900.3660] . . c:\windows\$hf_mig$\KB978207\SP2QFE\mshtml.dll
[7] 2009-12-22 . 41A55A865F00CE20284132E8FDE1FFB3 . 3092480 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\mshtml.dll
[7] 2009-12-22 . BD2EE2BDF5954172F509A16EBEA06D85 . 3094528 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll
[7] 2009-12-21 . BD424F12E808F3AA345C4816F7124F7C . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[7] 2009-10-29 . 00EC3DE6B7C581CC2675CCD549B692D7 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[7] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[7] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB978207-IE7\mshtml.dll
[-] 2010-05-06 . C9C1E562FE51D92193AD5F19AB5F9E36 . 907264 . . [8.00.6001.18923] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2010-05-06 . C9C1E562FE51D92193AD5F19AB5F9E36 . 907264 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll
[7] 2010-05-06 . B7ECEF0CCF63119356E174A78C185171 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll
[7] 2010-05-06 . 72064DA077E9D6912F39438D97CC0C60 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[7] 2010-02-26 . FD0F4E4BC28B18715BC1323ACD48E1A6 . 669696 . . [6.00.2900.5945] . . c:\windows\$hf_mig$\KB980182\SP3QFE\wininet.dll
[7] 2010-02-25 . 2E6504E28C7E0F753F68731861A94214 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[7] 2010-01-05 . 0D90D150ED0DD4C673C627C52D3F7149 . 841216 . . [7.00.6000.21183] . . c:\windows\$hf_mig$\KB978207-IE7\SP3QFE\wininet.dll
[7] 2009-12-22 . A0C158A24DA9F9C48B5B067948B31AA4 . 669696 . . [6.00.2900.3660] . . c:\windows\$hf_mig$\KB978207\SP2QFE\wininet.dll
[7] 2009-12-22 . 50C587017A3F2FB5B1B1B4267CB2EA91 . 668160 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\wininet.dll
[7] 2009-12-22 . 5F072B7F1CF448D6ED5FF79511890E60 . 669696 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll
[7] 2009-12-21 . 9256DA4AEE5E2C20FC6C126BDBC11997 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[7] 2009-10-29 . F651D2A69B7037D6063BC697CF296D8C . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[7] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[7] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB978207-IE7\wininet.dll
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 71C54FF181A2C03921A74DB4D9ADD20E . 976384 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2009-01-30 204288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-06-08 19552872]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-06-07 13902440]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Valve\\hl.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Documents and Settings\\Butterfly\\Dokumenty\\My DAP Downloads\\TeamViewerPortable_en\\TeamViewer.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\condition zero\\hl.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Valve\\hltv.exe"=
"c:\\Program Files\\Flow\\Flow.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Steam\\steamapps\\cleverboy\\counter-strike\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R0 ViBus;ViBus;c:\windows\system32\drivers\ViBus.sys [2010-02-21 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\system32\drivers\ViPrt.sys [2010-02-21 52224]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [2010-02-09 13696]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-06-28 142592]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-07-02 135336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-06-14 1051976]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [2010-03-17 18944]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\drivers\gMouUsb.sys [2010-03-17 11520]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 136176]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-03-29 1691480]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [2010-06-13 23456]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2010-02-25 38224]
S3 tap0901_2gm;VPN Anonymizer Adapter;c:\windows\system32\drivers\tap0901_2gm.sys [2007-06-21 30720]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2010-02-28 691696]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
2010-07-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2010-06-25 c:\windows\Tasks\Automatic maintenance.job
- c:\program files\TuneUp Utilities 2010\OneClickStarter.exe [2010-06-14 14:48]
2010-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-21 20:33]
2010-07-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-879983540-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
2010-06-25 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-879983540-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 21:09]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.cz/
IE: &Download with &DAP
IE: Download &all with DAP
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Zobrazit originál
FF - ProfilePath - c:\documents and settings\Butterfly\Data aplikací\Mozilla\Firefox\Profiles\s8h2coht.default\
FF - prefs.js: browser.search.selectedEngine - Seznam
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-04 16:23
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-796845957-879983540-682003330-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(2504)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\RTHDCPL.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Spyware Terminator\sp_rsser.exe
c:\windows\system32\wscntfy.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Windows Media Player\WMPNetwk.exe
.
**************************************************************************
.
Celkový čas: 2010-07-04 16:25:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-04 14:25
Před spuštěním: Volných bajtů: 75,266,490,368
Po spuštění: Volných bajtů: 75,208,753,152
- - End Of File - - 31E3A60B6B12322F58080DC061217C01
-
martin.efres
- Level 2
- Příspěvky: 204
- Registrován: prosinec 09
- Pohlaví:
- Stav:
Offline
Re: Prosim o preventivní kontrolu
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:26:46, on 2010-07-04
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6781085453
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 6727 bytes
Scan saved at 16:26:46, on 2010-07-04
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6781085453
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HDDlife HDD Access service - BinarySense, Inc. - C:\Program Files\Common Files\BinarySense\hldasvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 6727 bytes
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43296
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosim o preventivní kontrolu
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Pak napiš , jak se chová PC.
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Kód: Vybrat vše
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6781085453
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
Pak napiš , jak se chová PC.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
martin.efres
- Level 2
- Příspěvky: 204
- Registrován: prosinec 09
- Pohlaví:
- Stav:
Offline
Re: Prosim o preventivní kontrolu
PC JE OK ..jen start/vypinani je pomale..
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43296
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosim o preventivní kontrolu
takže PC je bez nákazy , ještě jsem tam našel 3 ovladače po ESET SMART SECURITY , mohly by to brzdit..
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Stáhni si program OTM (by OldTimer)
a ulož si ho na disk C a spusť ho.
- Do levého sloupce (Paste Instructions for Items to be Moved) zkopíruj tyto cesty:
Poznámka: Nepoužij k označení funkci VYBRAT VŠE
- Po zkopírování klikni na tlačítko MoveIt! a vlož sem následně celý obsah z pravého sloupce, jinak uložený ve složce C:\_OTMoveIt\MovedFiles\, který bude informovat o výsledcích
- Je možné, že pokud nebudou moci být soubory odstraněny, budeš dotázán na restart počítače, v tom případě restart potvrď.
Pak nový log z HJT.
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Kód: Vybrat vše
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6781085453
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
Stáhni si program OTM (by OldTimer)
a ulož si ho na disk C a spusť ho.
- Do levého sloupce (Paste Instructions for Items to be Moved) zkopíruj tyto cesty:
Poznámka: Nepoužij k označení funkci VYBRAT VŠE
Kód: Vybrat vše
:Processes
explorer.exe
:Services
epfwtdi
epfwndis
epfw
:Reg
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job
C:\*.tmp
c:\windows\system32\drivers\epfwtdi.sys
c:\windows\system32\drivers\epfwndis.sys
c:\windows\system32\drivers\epfw.sys
c:\program files\keys.dat
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[Reboot]
- Po zkopírování klikni na tlačítko MoveIt! a vlož sem následně celý obsah z pravého sloupce, jinak uložený ve složce C:\_OTMoveIt\MovedFiles\, který bude informovat o výsledcích
- Je možné, že pokud nebudou moci být soubory odstraněny, budeš dotázán na restart počítače, v tom případě restart potvrď.
Pak nový log z HJT.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
martin.efres
- Level 2
- Příspěvky: 204
- Registrován: prosinec 09
- Pohlaví:
- Stav:
Offline
Re: Prosim o preventivní kontrolu
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Error: Unable to stop service epfwtdi!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\epfwtdi deleted successfully.
Error: No service named epfwndis was found to stop!
Service\Driver key epfwndis not found.
Error: Unable to stop service epfw!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\epfw deleted successfully.
========== REGISTRY ==========
========== FILES ==========
File/Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\61D3AAE1D5214CD7939B37813DE8F955.TMP folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\AppleSoftwareUpdate.job moved successfully.
c:\windows\Tasks\Automatic maintenance.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-879983540-682003330-1003.job moved successfully.
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-879983540-682003330-1003.job moved successfully.
File/Folder C:\*.tmp not found.
c:\windows\system32\drivers\epfwtdi.sys moved successfully.
c:\windows\system32\drivers\epfwndis.sys moved successfully.
c:\windows\system32\drivers\epfw.sys moved successfully.
c:\program files\keys.dat moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 434 bytes
User: All Users
User: Butterfly
->Temp folder emptied: 14581839 bytes
->Temporary Internet Files folder emptied: 33253 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 32597156 bytes
->Google Chrome cache emptied: 34061710 bytes
->Apple Safari cache emptied: 46745083 bytes
->Flash cache emptied: 1899 bytes
User: Butty
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 589 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Google Chrome cache emptied: 6220253 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16867 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 128.00 mb
OTM by OldTimer - Version 3.1.12.2 log created on 07052010_200525
Files moved on Reboot...
Registry entries deleted on Reboot...
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Error: Unable to stop service epfwtdi!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\epfwtdi deleted successfully.
Error: No service named epfwndis was found to stop!
Service\Driver key epfwndis not found.
Error: Unable to stop service epfw!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\epfw deleted successfully.
========== REGISTRY ==========
========== FILES ==========
File/Folder C:\WINDOWS\System32\*.tmp not found.
C:\WINDOWS\61D3AAE1D5214CD7939B37813DE8F955.TMP folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\AppleSoftwareUpdate.job moved successfully.
c:\windows\Tasks\Automatic maintenance.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-796845957-879983540-682003330-1003.job moved successfully.
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-796845957-879983540-682003330-1003.job moved successfully.
File/Folder C:\*.tmp not found.
c:\windows\system32\drivers\epfwtdi.sys moved successfully.
c:\windows\system32\drivers\epfwndis.sys moved successfully.
c:\windows\system32\drivers\epfw.sys moved successfully.
c:\program files\keys.dat moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 434 bytes
User: All Users
User: Butterfly
->Temp folder emptied: 14581839 bytes
->Temporary Internet Files folder emptied: 33253 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 32597156 bytes
->Google Chrome cache emptied: 34061710 bytes
->Apple Safari cache emptied: 46745083 bytes
->Flash cache emptied: 1899 bytes
User: Butty
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 589 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Google Chrome cache emptied: 6220253 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16867 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 128.00 mb
OTM by OldTimer - Version 3.1.12.2 log created on 07052010_200525
Files moved on Reboot...
Registry entries deleted on Reboot...
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 117 hostů