Prosím o kontrolu logu.Neustálé padání explorer.exe , také vymazání záložek mozzile.
Logfile of HijackThis v1.99.1
Scan saved at 11:43:34, on 11.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Stardock\SDMCP.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Trust\MI-2500X OPTICAL MOUSE\Mouse32a.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\Microsoft ActiveSync\WCESMgr.exe
C:\Documents and Settings\Honza\Plocha\My Mobile\MyMobiler\MyMobiler.exe
C:\Documents and Settings\Honza\Plocha\Udrzba\hijackthis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - (no file)
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Spb Wallet - {2913D3DD-9363-4C21-B205-C19A584A0674} - C:\Program Files\Spb Wallet\SpbWalletToolbar.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Trust\MI-2500X OPTICAL MOUSE\Mouse32a.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - Startup: Kopie - Total Commander.lnk = C:\Program Files\totalcmd\TOTALCMD.EXE
O4 - Global Startup: Down2Home.lnk = C:\Program Files\Down2Home\Down2Home.exe
O8 - Extra context menu item: Download with &FileFactory Turbo - C:\Program Files\FileFactory Turbo\Plugins\IE\FileFactoryIE.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 - Extra context menu item: Stáhnout pomocí Download &Express - C:\Program Files\Download Express\Add_Url.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll
O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dll
O20 - Winlogon Notify: WBSrv - D:\NAINST~1\WINDOW~1\wbsrv.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
O23 - Service: GFI LANguard N.S.S. 7.0 Attendant Service - Unknown owner - C:\Program Files\GFI\LANguard Network Security Scanner 7.0\lnssatt.exe" -service (file missing)
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: wampapache - Unknown owner - c:\wamp\apache2\bin\httpd.exe" -k runservice (file missing)
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
PROSÍM o kontrolu
PROSÍM o kontrolu
Nachystejte uzenáče , na snídani jsem zpátky.
Dobrý den.
Udělejte toto:
Udělejte toto:
Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem klávesy 1
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah do svého threadu na forum
ComboFix 07-08-09.3 - "Honza" 2007-08-12 7:55:07.1 - FAT32x86
Syst‚m Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.367 [GMT 2:00]
* Created a new restore point
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\taskmgr.com
((((((((((((((((((((((((( Files Created from 2007-07-12 to 2007-08-12 )))))))))))))))))))))))))))))))
2007-08-12 07:54 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-11 12:35 <DIR> d--hs---- C:\FOUND.005
2007-08-11 12:35 <DIR> d-------- C:\Program Files\msn gaming zone
2007-08-11 10:59 <DIR> d-------- C:\Program Files\HTC Camera 4.11
2007-08-11 08:24 <DIR> d-------- C:\Program Files\Omega One
2007-08-10 17:24 <DIR> d-------- C:\Program Files\CoreCodec
2007-08-10 15:33 <DIR> d-------- C:\Program Files\TRANiS
2007-08-10 14:14 <DIR> d--hs---- C:\FOUND.004
2007-08-09 10:28 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-08-08 17:39 <DIR> d--hs---- C:\FOUND.003
2007-08-08 14:15 <DIR> d-------- C:\Program Files\SBSH
2007-08-08 11:49 <DIR> d-------- C:\Program Files\FileFactory Turbo
2007-08-08 11:49 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\FileFactory Turbo
2007-08-08 11:30 262,144 --ah----- C:\DOCUME~1\LNSS_M~1\NTUSER.DAT
2007-08-08 11:30 <DIR> dr-h----- C:\DOCUME~1\LNSS_M~1\Data aplikacˇ
2007-08-08 11:30 <DIR> dr------- C:\DOCUME~1\LNSS_M~1\Nabˇdka Start
2007-08-08 11:30 <DIR> d--h----- C:\DOCUME~1\LNSS_M~1\ćablony
2007-08-08 11:30 <DIR> d--h----- C:\DOCUME~1\LNSS_M~1\Okolnˇ tisk rny
2007-08-08 11:30 <DIR> d--h----- C:\DOCUME~1\LNSS_M~1\Okolnˇ sˇś
2007-08-08 11:30 <DIR> d-------- C:\DOCUME~1\LNSS_M~1\Plocha
2007-08-08 11:30 <DIR> d-------- C:\DOCUME~1\LNSS_M~1\Oblˇben‚ polo§ky
2007-08-08 11:30 <DIR> d-------- C:\DOCUME~1\LNSS_M~1\Dokumenty
2007-08-08 11:30 <DIR> d-------- C:\DOCUME~1\LNSS_M~1\DATAAP~1\MetaProducts
2007-08-08 11:29 <DIR> d-------- C:\Program Files\GFI
2007-08-06 15:24 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Lavasoft
2007-08-06 15:23 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-06 11:22 <DIR> d-------- C:\Program Files\PPCInstallBuilder Lite
2007-08-06 11:22 <DIR> d-------- C:\Program Files\CABviaActiveSync
2007-08-06 11:07 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
2007-08-06 11:07 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
2007-08-06 11:07 26,064 --a------ C:\WINDOWS\system32\xmlinst.exe
2007-08-06 11:07 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-08-06 11:07 <DIR> d-------- C:\Program Files\Ubi Soft
2007-08-05 22:51 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Ilium Software
2007-08-05 13:59 <DIR> d-------- C:\Program Files\SKTools
2007-08-05 13:55 <DIR> d-------- C:\Program Files\Anton Tomov
2007-08-04 12:02 <DIR> d-------- C:\DOCUME~1\Rodinka\DATAAP~1\MEGAUPLOADTOOLBAR
2007-08-03 22:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Spybot - Search & Destroy
2007-08-03 22:19 <DIR> d-------- C:\Program Files\AxBx
2007-08-01 22:29 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\Desktop Sidebar
2007-08-01 22:28 <DIR> d-------- C:\Program Files\Desktop Sidebar
2007-08-01 21:57 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\Thinstall
2007-08-01 21:29 <DIR> d-------- C:\Program Files\JockerSoft
2007-07-31 22:23 <DIR> d-------- C:\Program Files\Skype
2007-07-31 22:23 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-07-31 22:23 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\Skype
2007-07-31 22:23 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Skype
2007-07-31 12:07 <DIR> d-------- C:\Program Files\DaemonTools_WhenUSave_Installer
2007-07-31 12:06 <DIR> d-------- C:\Program Files\DAEMON Tools
2007-07-31 12:00 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-07-31 11:30 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll
2007-07-31 10:18 <DIR> d-------- C:\Program Files\XDAtools
2007-07-30 16:40 <DIR> d-------- C:\Program Files\BitComet
2007-07-29 12:43 <DIR> d-------- C:\Program Files\RADVideo
2007-07-27 22:27 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\SmartFTP
2007-07-27 22:26 <DIR> d-------- C:\Program Files\SmartFTP Client
2007-07-27 22:20 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
2007-07-27 22:20 7,552 --a------ C:\WINDOWS\system32\dllcache\sonypvu1.sys
2007-07-27 21:35 <DIR> d-------- C:\Program Files\GlobalSCAPE
2007-07-27 21:35 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\GlobalSCAPE
2007-07-27 21:35 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\GlobalSCAPE
2007-07-27 12:37 <DIR> d-------- C:\Program Files\SourceTec
2007-07-27 12:37 <DIR> d-------- C:\Program Files\Common Files\SourceTec
2007-07-27 12:24 <DIR> d-------- C:\Program Files\Flash Effect Maker
2007-07-27 12:08 <DIR> d-------- C:\Program Files\MegauploadToolbar
2007-07-27 12:08 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\MegauploadToolbar
2007-07-27 00:11 <DIR> d-------- C:\wamp
2007-07-27 00:05 <DIR> d-------- C:\Program Files\Trust
2007-07-27 00:05 <DIR> d-------- C:\download
2007-07-26 23:54 <DIR> d-------- C:\WINDOWS\vbSkinner
2007-07-26 22:37 <DIR> d-------- C:\Program Files\Teksoft
2007-07-26 11:40 <DIR> d-------- C:\My Media Files
2007-07-25 12:44 <DIR> d-------- C:\Program Files\softworkz
2007-07-23 23:34 79 --a------ C:\WINDOWS\presun.bat
2007-07-23 22:01 <DIR> d-------- C:\WINDOWS\system32\oodag
2007-07-23 21:46 <DIR> d-------- C:\Program Files\Radmin Viewer 3.0
2007-07-23 21:46 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\Radmin
2007-07-23 20:55 <DIR> d-------- C:\Program Files\OO Software
2007-07-22 20:25 4,608 --a------ C:\WINDOWS\system32\bbchlp.dll
2007-07-22 20:25 27,776 --a------ C:\WINDOWS\system32\bbcap.dll
2007-07-22 20:25 2,944 --a------ C:\WINDOWS\system32\drivers\bbcap.sys
2007-07-22 20:25 <DIR> d-------- C:\Program Files\Common Files\Blueberry Software
2007-07-22 20:25 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\Blueberry
2007-07-22 20:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Blueberry
2007-07-22 20:24 <DIR> d-------- C:\Program Files\Blueberry Software
2007-07-21 12:48 <DIR> d-------- C:\Program Files\ImTOO
2007-07-21 12:48 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\dvdcss
2007-07-21 12:47 <DIR> d--h----- C:\WINDOWS\PIF
2007-07-21 11:50 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\CyberLink
2007-07-21 11:40 5,600 --a------ C:\WINDOWS\system\WINASPI.DLL
2007-07-21 11:40 45,056 --a------ C:\WINDOWS\system32\WNASPI32.DLL
2007-07-21 11:40 4,672 --a------ C:\WINDOWS\system\WOWPOST.EXE
2007-07-21 11:40 16,512 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS
2007-07-21 11:40 <DIR> d-------- C:\Program Files\Aurora Media Workshop
2007-07-19 22:27 <DIR> d-------- C:\Program Files\PocketRAR
2007-07-14 18:28 737,280 --a------ C:\WINDOWS\iun6002.exe
2007-07-14 18:28 <DIR> d-------- C:\WINDOWS\system32\languages
2007-07-14 18:28 <DIR> d-------- C:\Program Files\Codec Pack - All In 1
2007-07-14 16:58 <DIR> d-------- C:\Program Files\CCleaner
2007-07-14 16:27 147,968 --a------ C:\WINDOWS\R.COM
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-11 13:30 593920 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2007-08-11 13:30 447520 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-08-11 13:30 2354972 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-08-11 13:30 12 --a------ C:\WINDOWS\bthservsdp.dat
2007-08-11 13:30 116645888 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-07-30 19:28 359808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2007-07-30 19:28 359808 --a------ C:\WINDOWS\system32\dllcache\tcpip.sys
2007-07-25 14:45 231 --a------ C:\WINDOWS\FlashSaver.dat
2007-07-14 08:05 83420 --a------ C:\WINDOWS\system32\perfc005.dat
2007-07-14 08:05 437976 --a------ C:\WINDOWS\system32\perfh005.dat
2007-07-11 21:54 2793472 --a------ C:\WINDOWS\system32\logonuiX.exe
2007-07-11 21:42 --------- d-------- C:\Program Files\WinCustomize
2007-07-11 09:47 --------- d-------- C:\Program Files\VIA
2007-07-11 08:45 --------- d-------- C:\Program Files\totalcmd
2007-07-11 08:36 --------- d-------- C:\Program Files\Total Video Converter
2007-07-11 08:16 --------- d-------- C:\Program Files\Wise Disk Cleaner
2007-07-11 08:16 --------- d-------- C:\Program Files\RegCleaner
2007-07-10 18:09 --------- d-------- C:\Program Files\Driver-Soft
2007-07-10 08:41 --------- d-------- C:\Program Files\FDRLab
2007-07-09 11:40 --------- d-------- C:\Program Files\Spb Wallet
2007-07-08 12:56 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Hamachi
2007-07-08 12:55 17480 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2007-07-08 12:55 --------- d-------- C:\Program Files\Hamachi
2007-07-07 22:37 --------- d-------- C:\Program Files\Web Publish
2007-07-07 22:28 --------- d-------- C:\Program Files\Spb Software House
2007-07-07 17:55 --------- d-------- C:\Program Files\Wizcode
2007-07-05 12:25 --------- d-------- C:\Program Files\Winamp
2007-07-05 11:58 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\COWON
2007-07-05 11:56 --------- d-------- C:\Program Files\Music Label 2006
2007-07-04 20:56 --------- d-------- C:\Program Files\LogMeIn
2007-07-04 15:04 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\AdobeUM
2007-07-04 13:12 --------- d-------- C:\Program Files\CursorXP
2007-07-03 23:09 --------- d-------- C:\Program Files\Socket Communications, Inc
2007-07-03 22:29 --------- d-------- C:\Program Files\Ilium Software
2007-07-03 22:29 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Ilium Software
2007-07-03 22:23 --------- d-------- C:\Program Files\Resco
2007-07-03 20:19 --------- d-------- C:\Program Files\Microsoft ActiveSync
2007-07-03 14:08 --------- d-------- C:\Program Files\eMule
2007-07-03 12:35 --------- d-------- C:\Program Files\Azureus
2007-07-03 12:35 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Azureus
2007-07-02 23:50 --------- d-------- C:\Program Files\GetRight
2007-07-02 22:11 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\LimeWire
2007-07-02 21:31 --------- d-------- C:\Program Files\LimeWire
2007-07-02 21:19 --------- d-------- C:\Program Files\Stardock
2007-07-02 21:19 --------- d-------- C:\Program Files\Common Files\Stardock
2007-07-02 20:39 --------- d-------- C:\Program Files\Pcsx2
2007-07-02 20:24 --------- d-------- C:\Program Files\Download Express
2007-07-02 20:24 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\MetaProducts
2007-07-02 19:44 --------- d-------- C:\Program Files\rapget132
2007-07-02 12:47 --------- d-------- C:\Program Files\Nvu
2007-07-02 12:47 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Nvu
2007-07-01 20:42 --------- d-------- C:\Program Files\Down2Home
2007-07-01 19:51 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Crystal Art Software
2007-07-01 15:48 --------- d-------- C:\Program Files\MSXML 6.0
2007-06-30 15:36 --------- d-------- C:\Program Files\nLite
2007-06-30 15:15 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Thunderbird
2007-06-30 14:41 --------- d-------- C:\Program Files\Mozilla Thunderbird
2007-06-27 19:02 1156 --a------ C:\WINDOWS\mozver.dat
2007-06-27 19:02 --------- d-------- C:\Program Files\SP23455
2007-06-27 18:51 --------- d-------- C:\Program Files\Realtek AC97
2007-06-27 16:58 --------- d-------- C:\Program Files\GTA Vice City CZ
2007-06-27 16:39 --------- d-------- C:\Program Files\Elaborate Bytes
2007-06-27 16:25 --------- d-------- C:\Program Files\Kaspersky Lab
2007-06-27 16:17 --------- d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-06-27 15:43 --------- d-------- C:\Program Files\Reference Assemblies
2007-06-27 15:40 --------- d-------- C:\Program Files\Windows Media Connect 2
2007-06-27 15:10 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Help
2007-06-27 14:49 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\InstallShield Installation Information
2007-06-27 14:43 --------- d-------- C:\Program Files\Lavasoft
2007-06-27 14:43 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Lavasoft
2007-06-27 13:59 --------- d-------- C:\Program Files\ICQ6
2007-06-27 13:59 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\ICQ
2007-06-27 13:54 --------- d-------- C:\Program Files\DreamCom
2007-06-27 13:49 --------- d-------- C:\Program Files\audiograbber
2007-06-27 13:48 --------- d-------- C:\Program Files\MSBuild
2007-06-27 13:48 --------- d-------- C:\Program Files\Microsoft Works
2007-06-27 13:48 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\SlySoft
2007-06-27 13:47 --------- d-------- C:\Program Files\SlySoft
2007-06-27 13:16 0 --a------ C:\WINDOWS\nsreg.dat
2007-06-27 13:16 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Talkback
2007-06-27 12:45 --------- d-------- C:\Program Files\Symantec
2007-06-27 12:44 --------- d-------- C:\Program Files\UltraISO
2007-06-27 12:44 --------- d-------- C:\Program Files\Common Files\EZB Systems
2007-05-25 15:22 83552 --a------ C:\WINDOWS\system32\LMIRfsClientNP.dll
2007-05-25 15:22 63040 --a------ C:\WINDOWS\system32\LMIinit.dll
2007-05-25 15:22 26176 --a------ C:\WINDOWS\system32\LMIport.dll
2007-05-25 15:22 24000 --a------ C:\WINDOWS\system32\lmimirr.dll
2007-05-25 15:22 10304 --a------ C:\WINDOWS\system32\lmimirr2.dll
2007-05-24 07:00 545 --a------ C:\WINDOWS\UC.PIF
2007-05-24 07:00 545 --a------ C:\WINDOWS\RAR.PIF
2007-05-24 07:00 545 --a------ C:\WINDOWS\PKZIP.PIF
2007-05-24 07:00 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2007-05-24 07:00 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2007-05-24 07:00 545 --a------ C:\WINDOWS\LHA.PIF
2007-05-24 07:00 545 --a------ C:\WINDOWS\ARJ.PIF
2007-05-19 22:08 86016 --a------ C:\WINDOWS\system32\ElbyCDIO.dll
2007-05-16 17:18 86528 --a------ C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:18 85504 --a------ C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:18 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:18 683520 --a------ C:\WINDOWS\system32\dllcache\inetcomm.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" []
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-20 19:57]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-20 19:57]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-18 05:00 C:\WINDOWS\system32\bthprops.cpl]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-18 05:00]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 05:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-18 05:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-18 05:00]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-02-07 08:39]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-02-07 08:36]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-02-07 08:40]
"kis"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [2006-03-24 19:09]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"SoundMan"="SOUNDMAN.EXE" [2006-08-03 05:12 C:\WINDOWS\soundman.exe]
"LogonStudio"="C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 18:38]
"FLMOFFICE4DMOUSE"="C:\Program Files\Trust\MI-2500X OPTICAL MOUSE\Mouse32a.exe" [2007-07-27 00:05]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-18 05:00]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-09-10 20:46]
"CursorXP"="C:\Program Files\CursorXP\CursorXP.exe" [2005-01-19 16:44]
C:\Documents and Settings\Honza\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Kopie - Total Commander.lnk - C:\Program Files\totalcmd\TOTALCMD.EXE [2007-07-11 08:45:15]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Down2Home.lnk - C:\Program Files\Down2Home\Down2Home.exe [2003-03-11 22:26:22]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 2007-05-25 15:22 63040 C:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
C:\Program Files\Common Files\Stardock\mcpstub.dll 2005-01-31 14:13 49152 C:\Program Files\Common Files\Stardock\MCPStub.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
D:\NAINST~1\WINDOW~1\wbsrv.dll 2005-12-20 22:57 176128 D:\NAINST~1\WINDOW~1\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^LNSS Status Monitor.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\LNSS Status Monitor.lnk
backup=C:\WINDOWS\pss\LNSS Status Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Honza^Nabídka Start^Programy^Po spuštění^Mozilla Thunderbird.lnk]
path=C:\Documents and Settings\Honza\Nabídka Start\Programy\Po spuštění\Mozilla Thunderbird.lnk
backup=C:\WINDOWS\pss\Mozilla Thunderbird.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Honza^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=C:\Documents and Settings\Honza\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=C:\WINDOWS\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
"C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
R1 bbcap;bbcap;C:\WINDOWS\system32\DRIVERS\bbcap.sys
R1 ISODrive;ISO CD-ROM Device Driver;\??\C:\Program Files\UltraISO\drivers\ISODrive.sys
R1 PQNTDrv;PQNTDrv;C:\WINDOWS\system32\drivers\PQNTDrv.sys
R1 SMBHC;Microsoft SM Bus Host Controller Driver;C:\WINDOWS\system32\DRIVERS\SMBHC.sys
R2 LMIInfo;LogMeIn Kernel Information Provider;\??\C:\Program Files\LogMeIn\x86\RaInfo.sys
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
R3 CAMCAUD;Conexant AMC Audio;C:\WINDOWS\system32\drivers\camcaud.sys
R3 CAMCHALA;CAMCHALA;C:\WINDOWS\system32\drivers\camchal.sys
R3 HSFHWICH;HSFHWICH;C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
R3 IPN2220;INPROCOMM IPN2220 Wireless LAN Card Driver;C:\WINDOWS\system32\DRIVERS\i2220ntx.sys
R3 lmimirr;lmimirr;C:\WINDOWS\system32\DRIVERS\lmimirr.sys
R3 NTIDrvr;Upper Class Filter Driver;C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys
R3 SMBBATT;Microsoft Smart Battery Driver;C:\WINDOWS\system32\DRIVERS\SMBBATT.sys
S3 idsvc;Windows CardSpace;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI);C:\WINDOWS\system32\DRIVERS\rfcomm.sys
S3 tifm21;tifm21;C:\WINDOWS\system32\drivers\tifm21.sys
S3 usb_rndisx;USB RNDIS Adapter;C:\WINDOWS\system32\DRIVERS\usb8023x.sys
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 w29n51;Intel(R) PRO/Wireless 2915ABG Network Connection Driver for Windows XP;C:\WINDOWS\system32\DRIVERS\w29n51.sys
S3 wampapache;wampapache;"c:\wamp\apache2\bin\httpd.exe" -k runservice
S3 wampmysqld;wampmysqld;c:\wamp\mysql\bin\mysqld-nt.exe --defaults-file=c:\wamp\mysql\my.ini wampmysqld
S3 wceusbsh;Windows CE USB Serial Host Driver;C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-12 07:58:49
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-12 8:00:33
C:\ComboFix-quarantined-files.txt ... 2007-08-12 08:00
--- E O F ---
Syst‚m Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.367 [GMT 2:00]
* Created a new restore point
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\regedit.com
C:\WINDOWS\system32\taskmgr.com
((((((((((((((((((((((((( Files Created from 2007-07-12 to 2007-08-12 )))))))))))))))))))))))))))))))
2007-08-12 07:54 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-11 12:35 <DIR> d--hs---- C:\FOUND.005
2007-08-11 12:35 <DIR> d-------- C:\Program Files\msn gaming zone
2007-08-11 10:59 <DIR> d-------- C:\Program Files\HTC Camera 4.11
2007-08-11 08:24 <DIR> d-------- C:\Program Files\Omega One
2007-08-10 17:24 <DIR> d-------- C:\Program Files\CoreCodec
2007-08-10 15:33 <DIR> d-------- C:\Program Files\TRANiS
2007-08-10 14:14 <DIR> d--hs---- C:\FOUND.004
2007-08-09 10:28 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-08-08 17:39 <DIR> d--hs---- C:\FOUND.003
2007-08-08 14:15 <DIR> d-------- C:\Program Files\SBSH
2007-08-08 11:49 <DIR> d-------- C:\Program Files\FileFactory Turbo
2007-08-08 11:49 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\FileFactory Turbo
2007-08-08 11:30 262,144 --ah----- C:\DOCUME~1\LNSS_M~1\NTUSER.DAT
2007-08-08 11:30 <DIR> dr-h----- C:\DOCUME~1\LNSS_M~1\Data aplikacˇ
2007-08-08 11:30 <DIR> dr------- C:\DOCUME~1\LNSS_M~1\Nabˇdka Start
2007-08-08 11:30 <DIR> d--h----- C:\DOCUME~1\LNSS_M~1\ćablony
2007-08-08 11:30 <DIR> d--h----- C:\DOCUME~1\LNSS_M~1\Okolnˇ tisk rny
2007-08-08 11:30 <DIR> d--h----- C:\DOCUME~1\LNSS_M~1\Okolnˇ sˇś
2007-08-08 11:30 <DIR> d-------- C:\DOCUME~1\LNSS_M~1\Plocha
2007-08-08 11:30 <DIR> d-------- C:\DOCUME~1\LNSS_M~1\Oblˇben‚ polo§ky
2007-08-08 11:30 <DIR> d-------- C:\DOCUME~1\LNSS_M~1\Dokumenty
2007-08-08 11:30 <DIR> d-------- C:\DOCUME~1\LNSS_M~1\DATAAP~1\MetaProducts
2007-08-08 11:29 <DIR> d-------- C:\Program Files\GFI
2007-08-06 15:24 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Lavasoft
2007-08-06 15:23 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-06 11:22 <DIR> d-------- C:\Program Files\PPCInstallBuilder Lite
2007-08-06 11:22 <DIR> d-------- C:\Program Files\CABviaActiveSync
2007-08-06 11:07 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
2007-08-06 11:07 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
2007-08-06 11:07 26,064 --a------ C:\WINDOWS\system32\xmlinst.exe
2007-08-06 11:07 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-08-06 11:07 <DIR> d-------- C:\Program Files\Ubi Soft
2007-08-05 22:51 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Ilium Software
2007-08-05 13:59 <DIR> d-------- C:\Program Files\SKTools
2007-08-05 13:55 <DIR> d-------- C:\Program Files\Anton Tomov
2007-08-04 12:02 <DIR> d-------- C:\DOCUME~1\Rodinka\DATAAP~1\MEGAUPLOADTOOLBAR
2007-08-03 22:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Spybot - Search & Destroy
2007-08-03 22:19 <DIR> d-------- C:\Program Files\AxBx
2007-08-01 22:29 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\Desktop Sidebar
2007-08-01 22:28 <DIR> d-------- C:\Program Files\Desktop Sidebar
2007-08-01 21:57 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\Thinstall
2007-08-01 21:29 <DIR> d-------- C:\Program Files\JockerSoft
2007-07-31 22:23 <DIR> d-------- C:\Program Files\Skype
2007-07-31 22:23 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-07-31 22:23 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\Skype
2007-07-31 22:23 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Skype
2007-07-31 12:07 <DIR> d-------- C:\Program Files\DaemonTools_WhenUSave_Installer
2007-07-31 12:06 <DIR> d-------- C:\Program Files\DAEMON Tools
2007-07-31 12:00 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-07-31 11:30 442,368 -ra------ C:\WINDOWS\system32\vp6vfw.dll
2007-07-31 10:18 <DIR> d-------- C:\Program Files\XDAtools
2007-07-30 16:40 <DIR> d-------- C:\Program Files\BitComet
2007-07-29 12:43 <DIR> d-------- C:\Program Files\RADVideo
2007-07-27 22:27 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\SmartFTP
2007-07-27 22:26 <DIR> d-------- C:\Program Files\SmartFTP Client
2007-07-27 22:20 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
2007-07-27 22:20 7,552 --a------ C:\WINDOWS\system32\dllcache\sonypvu1.sys
2007-07-27 21:35 <DIR> d-------- C:\Program Files\GlobalSCAPE
2007-07-27 21:35 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\GlobalSCAPE
2007-07-27 21:35 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\GlobalSCAPE
2007-07-27 12:37 <DIR> d-------- C:\Program Files\SourceTec
2007-07-27 12:37 <DIR> d-------- C:\Program Files\Common Files\SourceTec
2007-07-27 12:24 <DIR> d-------- C:\Program Files\Flash Effect Maker
2007-07-27 12:08 <DIR> d-------- C:\Program Files\MegauploadToolbar
2007-07-27 12:08 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\MegauploadToolbar
2007-07-27 00:11 <DIR> d-------- C:\wamp
2007-07-27 00:05 <DIR> d-------- C:\Program Files\Trust
2007-07-27 00:05 <DIR> d-------- C:\download
2007-07-26 23:54 <DIR> d-------- C:\WINDOWS\vbSkinner
2007-07-26 22:37 <DIR> d-------- C:\Program Files\Teksoft
2007-07-26 11:40 <DIR> d-------- C:\My Media Files
2007-07-25 12:44 <DIR> d-------- C:\Program Files\softworkz
2007-07-23 23:34 79 --a------ C:\WINDOWS\presun.bat
2007-07-23 22:01 <DIR> d-------- C:\WINDOWS\system32\oodag
2007-07-23 21:46 <DIR> d-------- C:\Program Files\Radmin Viewer 3.0
2007-07-23 21:46 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\Radmin
2007-07-23 20:55 <DIR> d-------- C:\Program Files\OO Software
2007-07-22 20:25 4,608 --a------ C:\WINDOWS\system32\bbchlp.dll
2007-07-22 20:25 27,776 --a------ C:\WINDOWS\system32\bbcap.dll
2007-07-22 20:25 2,944 --a------ C:\WINDOWS\system32\drivers\bbcap.sys
2007-07-22 20:25 <DIR> d-------- C:\Program Files\Common Files\Blueberry Software
2007-07-22 20:25 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\Blueberry
2007-07-22 20:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Blueberry
2007-07-22 20:24 <DIR> d-------- C:\Program Files\Blueberry Software
2007-07-21 12:48 <DIR> d-------- C:\Program Files\ImTOO
2007-07-21 12:48 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\dvdcss
2007-07-21 12:47 <DIR> d--h----- C:\WINDOWS\PIF
2007-07-21 11:50 <DIR> d-------- C:\DOCUME~1\Honza\DATAAP~1\CyberLink
2007-07-21 11:40 5,600 --a------ C:\WINDOWS\system\WINASPI.DLL
2007-07-21 11:40 45,056 --a------ C:\WINDOWS\system32\WNASPI32.DLL
2007-07-21 11:40 4,672 --a------ C:\WINDOWS\system\WOWPOST.EXE
2007-07-21 11:40 16,512 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS
2007-07-21 11:40 <DIR> d-------- C:\Program Files\Aurora Media Workshop
2007-07-19 22:27 <DIR> d-------- C:\Program Files\PocketRAR
2007-07-14 18:28 737,280 --a------ C:\WINDOWS\iun6002.exe
2007-07-14 18:28 <DIR> d-------- C:\WINDOWS\system32\languages
2007-07-14 18:28 <DIR> d-------- C:\Program Files\Codec Pack - All In 1
2007-07-14 16:58 <DIR> d-------- C:\Program Files\CCleaner
2007-07-14 16:27 147,968 --a------ C:\WINDOWS\R.COM
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-11 13:30 593920 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2007-08-11 13:30 447520 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-08-11 13:30 2354972 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-08-11 13:30 12 --a------ C:\WINDOWS\bthservsdp.dat
2007-08-11 13:30 116645888 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-07-30 19:28 359808 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2007-07-30 19:28 359808 --a------ C:\WINDOWS\system32\dllcache\tcpip.sys
2007-07-25 14:45 231 --a------ C:\WINDOWS\FlashSaver.dat
2007-07-14 08:05 83420 --a------ C:\WINDOWS\system32\perfc005.dat
2007-07-14 08:05 437976 --a------ C:\WINDOWS\system32\perfh005.dat
2007-07-11 21:54 2793472 --a------ C:\WINDOWS\system32\logonuiX.exe
2007-07-11 21:42 --------- d-------- C:\Program Files\WinCustomize
2007-07-11 09:47 --------- d-------- C:\Program Files\VIA
2007-07-11 08:45 --------- d-------- C:\Program Files\totalcmd
2007-07-11 08:36 --------- d-------- C:\Program Files\Total Video Converter
2007-07-11 08:16 --------- d-------- C:\Program Files\Wise Disk Cleaner
2007-07-11 08:16 --------- d-------- C:\Program Files\RegCleaner
2007-07-10 18:09 --------- d-------- C:\Program Files\Driver-Soft
2007-07-10 08:41 --------- d-------- C:\Program Files\FDRLab
2007-07-09 11:40 --------- d-------- C:\Program Files\Spb Wallet
2007-07-08 12:56 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Hamachi
2007-07-08 12:55 17480 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2007-07-08 12:55 --------- d-------- C:\Program Files\Hamachi
2007-07-07 22:37 --------- d-------- C:\Program Files\Web Publish
2007-07-07 22:28 --------- d-------- C:\Program Files\Spb Software House
2007-07-07 17:55 --------- d-------- C:\Program Files\Wizcode
2007-07-05 12:25 --------- d-------- C:\Program Files\Winamp
2007-07-05 11:58 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\COWON
2007-07-05 11:56 --------- d-------- C:\Program Files\Music Label 2006
2007-07-04 20:56 --------- d-------- C:\Program Files\LogMeIn
2007-07-04 15:04 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\AdobeUM
2007-07-04 13:12 --------- d-------- C:\Program Files\CursorXP
2007-07-03 23:09 --------- d-------- C:\Program Files\Socket Communications, Inc
2007-07-03 22:29 --------- d-------- C:\Program Files\Ilium Software
2007-07-03 22:29 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Ilium Software
2007-07-03 22:23 --------- d-------- C:\Program Files\Resco
2007-07-03 20:19 --------- d-------- C:\Program Files\Microsoft ActiveSync
2007-07-03 14:08 --------- d-------- C:\Program Files\eMule
2007-07-03 12:35 --------- d-------- C:\Program Files\Azureus
2007-07-03 12:35 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Azureus
2007-07-02 23:50 --------- d-------- C:\Program Files\GetRight
2007-07-02 22:11 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\LimeWire
2007-07-02 21:31 --------- d-------- C:\Program Files\LimeWire
2007-07-02 21:19 --------- d-------- C:\Program Files\Stardock
2007-07-02 21:19 --------- d-------- C:\Program Files\Common Files\Stardock
2007-07-02 20:39 --------- d-------- C:\Program Files\Pcsx2
2007-07-02 20:24 --------- d-------- C:\Program Files\Download Express
2007-07-02 20:24 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\MetaProducts
2007-07-02 19:44 --------- d-------- C:\Program Files\rapget132
2007-07-02 12:47 --------- d-------- C:\Program Files\Nvu
2007-07-02 12:47 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Nvu
2007-07-01 20:42 --------- d-------- C:\Program Files\Down2Home
2007-07-01 19:51 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Crystal Art Software
2007-07-01 15:48 --------- d-------- C:\Program Files\MSXML 6.0
2007-06-30 15:36 --------- d-------- C:\Program Files\nLite
2007-06-30 15:15 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Thunderbird
2007-06-30 14:41 --------- d-------- C:\Program Files\Mozilla Thunderbird
2007-06-27 19:02 1156 --a------ C:\WINDOWS\mozver.dat
2007-06-27 19:02 --------- d-------- C:\Program Files\SP23455
2007-06-27 18:51 --------- d-------- C:\Program Files\Realtek AC97
2007-06-27 16:58 --------- d-------- C:\Program Files\GTA Vice City CZ
2007-06-27 16:39 --------- d-------- C:\Program Files\Elaborate Bytes
2007-06-27 16:25 --------- d-------- C:\Program Files\Kaspersky Lab
2007-06-27 16:17 --------- d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-06-27 15:43 --------- d-------- C:\Program Files\Reference Assemblies
2007-06-27 15:40 --------- d-------- C:\Program Files\Windows Media Connect 2
2007-06-27 15:10 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Help
2007-06-27 14:49 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\InstallShield Installation Information
2007-06-27 14:43 --------- d-------- C:\Program Files\Lavasoft
2007-06-27 14:43 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Lavasoft
2007-06-27 13:59 --------- d-------- C:\Program Files\ICQ6
2007-06-27 13:59 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\ICQ
2007-06-27 13:54 --------- d-------- C:\Program Files\DreamCom
2007-06-27 13:49 --------- d-------- C:\Program Files\audiograbber
2007-06-27 13:48 --------- d-------- C:\Program Files\MSBuild
2007-06-27 13:48 --------- d-------- C:\Program Files\Microsoft Works
2007-06-27 13:48 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\SlySoft
2007-06-27 13:47 --------- d-------- C:\Program Files\SlySoft
2007-06-27 13:16 0 --a------ C:\WINDOWS\nsreg.dat
2007-06-27 13:16 --------- d-------- C:\DOCUME~1\Honza\DATAAP~1\Talkback
2007-06-27 12:45 --------- d-------- C:\Program Files\Symantec
2007-06-27 12:44 --------- d-------- C:\Program Files\UltraISO
2007-06-27 12:44 --------- d-------- C:\Program Files\Common Files\EZB Systems
2007-05-25 15:22 83552 --a------ C:\WINDOWS\system32\LMIRfsClientNP.dll
2007-05-25 15:22 63040 --a------ C:\WINDOWS\system32\LMIinit.dll
2007-05-25 15:22 26176 --a------ C:\WINDOWS\system32\LMIport.dll
2007-05-25 15:22 24000 --a------ C:\WINDOWS\system32\lmimirr.dll
2007-05-25 15:22 10304 --a------ C:\WINDOWS\system32\lmimirr2.dll
2007-05-24 07:00 545 --a------ C:\WINDOWS\UC.PIF
2007-05-24 07:00 545 --a------ C:\WINDOWS\RAR.PIF
2007-05-24 07:00 545 --a------ C:\WINDOWS\PKZIP.PIF
2007-05-24 07:00 545 --a------ C:\WINDOWS\PKUNZIP.PIF
2007-05-24 07:00 545 --a------ C:\WINDOWS\NOCLOSE.PIF
2007-05-24 07:00 545 --a------ C:\WINDOWS\LHA.PIF
2007-05-24 07:00 545 --a------ C:\WINDOWS\ARJ.PIF
2007-05-19 22:08 86016 --a------ C:\WINDOWS\system32\ElbyCDIO.dll
2007-05-16 17:18 86528 --a------ C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 17:18 85504 --a------ C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 17:18 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 17:18 683520 --a------ C:\WINDOWS\system32\dllcache\inetcomm.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" []
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-05-20 19:57]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-05-20 19:57]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-18 05:00 C:\WINDOWS\system32\bthprops.cpl]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-18 05:00]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 05:00]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-18 05:00]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-18 05:00]
"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-02-07 08:39]
"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-02-07 08:36]
"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-02-07 08:40]
"kis"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" [2006-03-24 19:09]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"SoundMan"="SOUNDMAN.EXE" [2006-08-03 05:12 C:\WINDOWS\soundman.exe]
"LogonStudio"="C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" [2002-09-03 18:38]
"FLMOFFICE4DMOUSE"="C:\Program Files\Trust\MI-2500X OPTICAL MOUSE\Mouse32a.exe" [2007-07-27 00:05]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-18 05:00]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-09-10 20:46]
"CursorXP"="C:\Program Files\CursorXP\CursorXP.exe" [2005-01-19 16:44]
C:\Documents and Settings\Honza\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Kopie - Total Commander.lnk - C:\Program Files\totalcmd\TOTALCMD.EXE [2007-07-11 08:45:15]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Down2Home.lnk - C:\Program Files\Down2Home\Down2Home.exe [2003-03-11 22:26:22]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 2007-05-25 15:22 63040 C:\WINDOWS\system32\LMIinit.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
C:\Program Files\Common Files\Stardock\mcpstub.dll 2005-01-31 14:13 49152 C:\Program Files\Common Files\Stardock\MCPStub.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
D:\NAINST~1\WINDOW~1\wbsrv.dll 2005-12-20 22:57 176128 D:\NAINST~1\WINDOW~1\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=wbsys.dll,C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^LNSS Status Monitor.lnk]
path=C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\LNSS Status Monitor.lnk
backup=C:\WINDOWS\pss\LNSS Status Monitor.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Honza^Nabídka Start^Programy^Po spuštění^Mozilla Thunderbird.lnk]
path=C:\Documents and Settings\Honza\Nabídka Start\Programy\Po spuštění\Mozilla Thunderbird.lnk
backup=C:\WINDOWS\pss\Mozilla Thunderbird.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Honza^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=C:\Documents and Settings\Honza\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=C:\WINDOWS\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI]
"C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
R1 bbcap;bbcap;C:\WINDOWS\system32\DRIVERS\bbcap.sys
R1 ISODrive;ISO CD-ROM Device Driver;\??\C:\Program Files\UltraISO\drivers\ISODrive.sys
R1 PQNTDrv;PQNTDrv;C:\WINDOWS\system32\drivers\PQNTDrv.sys
R1 SMBHC;Microsoft SM Bus Host Controller Driver;C:\WINDOWS\system32\DRIVERS\SMBHC.sys
R2 LMIInfo;LogMeIn Kernel Information Provider;\??\C:\Program Files\LogMeIn\x86\RaInfo.sys
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
R3 CAMCAUD;Conexant AMC Audio;C:\WINDOWS\system32\drivers\camcaud.sys
R3 CAMCHALA;CAMCHALA;C:\WINDOWS\system32\drivers\camchal.sys
R3 HSFHWICH;HSFHWICH;C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
R3 IPN2220;INPROCOMM IPN2220 Wireless LAN Card Driver;C:\WINDOWS\system32\DRIVERS\i2220ntx.sys
R3 lmimirr;lmimirr;C:\WINDOWS\system32\DRIVERS\lmimirr.sys
R3 NTIDrvr;Upper Class Filter Driver;C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys
R3 SMBBATT;Microsoft Smart Battery Driver;C:\WINDOWS\system32\DRIVERS\SMBBATT.sys
S3 idsvc;Windows CardSpace;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI);C:\WINDOWS\system32\DRIVERS\rfcomm.sys
S3 tifm21;tifm21;C:\WINDOWS\system32\drivers\tifm21.sys
S3 usb_rndisx;USB RNDIS Adapter;C:\WINDOWS\system32\DRIVERS\usb8023x.sys
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 w29n51;Intel(R) PRO/Wireless 2915ABG Network Connection Driver for Windows XP;C:\WINDOWS\system32\DRIVERS\w29n51.sys
S3 wampapache;wampapache;"c:\wamp\apache2\bin\httpd.exe" -k runservice
S3 wampmysqld;wampmysqld;c:\wamp\mysql\bin\mysqld-nt.exe --defaults-file=c:\wamp\mysql\my.ini wampmysqld
S3 wceusbsh;Windows CE USB Serial Host Driver;C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs BthServ
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Schedule
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-12 07:58:49
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-12 8:00:33
C:\ComboFix-quarantined-files.txt ... 2007-08-12 08:00
--- E O F ---
Nachystejte uzenáče , na snídani jsem zpátky.
Proscanujte PC tímto:
CureIt: http://www.freedrweb.com/cureit/
SaS: http://www.superantispyware.com/superantispyware.html
Potom si stáhněte MWAV a proscanujte s ním. Log z MWAV sem potom vložte dle návodu.
MWAV: http://www.viry.cz/forum/viewtopic.php?t=4097
CureIt: http://www.freedrweb.com/cureit/
SaS: http://www.superantispyware.com/superantispyware.html
Potom si stáhněte MWAV a proscanujte s ním. Log z MWAV sem potom vložte dle návodu.
MWAV: http://www.viry.cz/forum/viewtopic.php?t=4097
to je for. 
Tak MWAV se mi seklo.Zatím z toho vypadlo toto:
Objekt "grokster Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "NULLBYTE Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "grokster Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "trojan-downloader.bat.ftp.ab Trojan-Downloader" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "trojan-downloader.bat.ftp.ab Trojan-Downloader" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "smitfraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "savenow Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "grokster Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "NULLBYTE Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "grokster Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "trojan-downloader.bat.ftp.ab Trojan-Downloader" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "trojan-downloader.bat.ftp.ab Trojan-Downloader" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "smitfraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "xrenoder Spyware/Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Objekt "savenow Adware" nalezen v souborovém systému! Provedené akce: Nic nebylo provedeno.
Nachystejte uzenáče , na snídani jsem zpátky.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 94 hostů