Tady to je....
ComboFix 09-06-04.09 - OKA 05.06.2009 15:57.6 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1029.18.3068.1897 [GMT 2:00]
Spuštěný z: c:\users\OKA\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\OKA\Desktop\CFScript.txt
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: ZoneAlarm Anti-Spyware *enabled* (Outdated) {F245A209-1085-48B4-B927-35D56015EC60}
* Vytvořen nový Bod Obnovení
FILE ::
"c:\programdata\ezsidmv.dat"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\ezsidmv.dat
c:\programdata\Norton
c:\programdata\Norton\symdata.xml
c:\programdata\NortonInstaller
c:\programdata\NortonInstaller\Logs\
06-04-2009-20h39m15s\SymNRT-06-04-2009-20h39m15s.log
c:\programdata\NortonInstaller\Logs\
06-04-2009-20h39m15s\SymNRT.1.mft.7z
c:\programdata\NortonInstaller\Logs\1-18-2009-01h08m46s\NortonInstall-1-18-2009-01h08m46s.log
c:\programdata\NortonInstaller\Logs\1-18-2009-01h45m53s\Install.1.mft
c:\programdata\NortonInstaller\Logs\1-18-2009-01h45m53s\NortonInstall-1-18-2009-01h45m53s.log
c:\programdata\NortonInstaller\Logs\11-17-2008-14h11m34s\Install.1.mft.7z
c:\programdata\NortonInstaller\Logs\11-17-2008-14h11m34s\NortonInstall-11-17-2008-14h11m34s.log
c:\programdata\NortonInstaller\Logs\11-17-2008-14h23m42s\Install.1.mft
c:\programdata\NortonInstaller\Logs\11-17-2008-14h23m42s\NortonInstall-11-17-2008-14h23m42s.log
c:\programdata\NortonInstaller\Logs\11-17-2008-15h51m29s\Install.1.mft
c:\programdata\NortonInstaller\Logs\11-17-2008-15h51m29s\NortonInstall-11-17-2008-15h51m29s.log
c:\programdata\NortonInstaller\Logs\5-26-2009-21h03m58s\Install.1.mft
c:\programdata\NortonInstaller\Logs\5-26-2009-21h03m58s\NortonInstall-5-26-2009-21h03m58s.log
c:\programdata\NortonInstaller\Logs\5-26-2009-23h32m24s\Install.1.mft
c:\programdata\NortonInstaller\Logs\5-26-2009-23h32m24s\NortonInstall-5-26-2009-23h32m24s.log
c:\programdata\NortonInstaller\Logs\5-27-2009-07h56m31s\Install.1.mft
c:\programdata\NortonInstaller\Logs\5-27-2009-07h56m31s\NortonInstall-5-27-2009-07h56m31s.log
c:\programdata\NortonInstaller\Logs\5-27-2009-07h59m54s\Install.1.mft
c:\programdata\NortonInstaller\Logs\5-27-2009-07h59m54s\InstStub-16.0.0.125-2009-05-27-08-00-15-288-2676.dmp
c:\programdata\NortonInstaller\Logs\5-27-2009-07h59m54s\NortonInstall-5-27-2009-07h59m54s.log
c:\programdata\NortonInstaller\Logs\5-27-2009-10h39m09s\BHCA-0x0C98.log
c:\programdata\NortonInstaller\Logs\5-27-2009-10h39m09s\Install.1.mft
c:\programdata\NortonInstaller\Logs\5-27-2009-10h39m09s\NortonInstall-5-27-2009-10h39m09s.log
c:\programdata\NortonInstaller\Logs\5-27-2009-10h39m09s\OCSCtl-0x0D58.log
c:\programdata\NortonInstaller\Logs\5-27-2009-10h39m09s\SymIMexe-0x1178.log
c:\programdata\NortonInstaller\Logs\5-27-2009-10h39m09s\WFPUninstexe-0x0CE0.log
c:\programdata\NortonInstaller\Logs\5-27-2009-10h54m44s\NortonInstall-5-27-2009-10h54m44s.log
c:\programdata\NortonInstaller\Logs\5-27-2009-10h55m19s\NortonInstall-5-27-2009-10h55m19s.log
c:\programdata\NortonInstaller\Logs\5-27-2009-20h30m33s\NortonInstall-5-27-2009-20h30m33s.log
c:\programdata\NortonInstaller\Logs\5-27-2009-20h31m37s\NortonInstall-5-27-2009-20h31m37s.log
c:\programdata\NortonInstaller\Logs\5-27-2009-20h32m10s\NortonInstall-5-27-2009-20h32m10s.log
c:\programdata\NortonInstaller\Logs\5-27-2009-20h40m05s\NortonInstall-5-27-2009-20h40m05s.log
c:\programdata\NortonInstaller\Logs\5-27-2009-20h41m59s\NortonInstall-5-27-2009-20h41m59s.log
c:\programdata\NortonInstaller\Logs\5-27-2009-20h42m11s\NortonInstall-5-27-2009-20h42m11s.log
c:\programdata\NortonInstaller\Logs\5-27-2009-20h46m04s\NortonInstall-5-27-2009-20h46m04s.log
c:\programdata\NortonInstaller\Logs\5-27-2009-20h46m22s\NortonInstall-5-27-2009-20h46m22s.log
c:\programdata\NortonInstaller\Logs\Url.txt
c:\programdata\NortonInstaller\Settings\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}.7z
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-05-05 do 2009-06-05 )))))))))))))))))))))))))))))))
.
2009-06-05 14:03 . 2009-06-05 14:03 -------- d-sh--w- \$RECYCLE.BIN
2009-06-05 13:56 . 2009-06-05 14:03 -------- d-s---w- \ComboFix
2009-06-04 18:52 . 2009-06-05 14:03 -------- d-----w- c:\users\OKA\AppData\Local\temp
2009-06-04 15:22 . 2009-06-05 13:57 -------- d-----w- \Qoobox
2009-06-04 08:43 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-04 08:43 . 2009-06-04 08:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-04 08:43 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-03 16:50 . 2009-06-03 16:50 -------- d-----w- c:\users\OKA\AppData\Local\DOSBox
2009-06-03 16:49 . 2009-06-03 16:49 -------- d-----w- c:\program files\DOSBox-0.73
2009-06-03 05:02 . 2009-06-05 14:02 3218296832 --sha-w- \hiberfil.sys
2009-06-02 21:29 . 2009-03-19 12:03 1907712 ----a-w- c:\windows\system32\BootMan.exe
2009-06-02 21:29 . 2009-02-25 18:22 9728 ----a-w- c:\windows\system32\epmntdrv.sys
2009-06-02 21:29 . 2009-02-25 18:22 86408 ----a-w- c:\windows\system32\setupempdrv03.exe
2009-06-02 21:29 . 2009-02-25 18:22 3072 ----a-w- c:\windows\system32\EuGdiDrv.sys
2009-06-02 21:29 . 2009-02-25 18:21 14848 ----a-w- c:\windows\system32\EuEpmGdi.dll
2009-06-02 21:29 . 2009-06-02 21:29 -------- d-----w- c:\program files\EASEUS
2009-06-02 19:37 . 2009-06-02 19:37 -------- d-----w- c:\users\OKA\AppData\Local\Opera
2009-06-02 19:37 . 2009-06-02 19:37 -------- d-----w- c:\program files\Opera
2009-05-28 11:54 . 2009-05-28 11:54 -------- d-----w- c:\users\OKA\AppData\Roaming\IrfanView
2009-05-28 11:54 . 2009-05-28 11:54 -------- d-----w- c:\program files\IrfanView
2009-05-28 10:09 . 2009-05-27 19:20 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-05-28 06:45 . 2008-11-10 09:41 32656 ----a-w- c:\windows\system32\msonpmon.dll
2009-05-28 06:41 . 2009-05-28 06:41 -------- d-----w- c:\windows\PCHEALTH
2009-05-28 06:41 . 2009-05-28 06:41 -------- d-----w- c:\program files\Microsoft.NET
2009-05-28 06:38 . 2009-05-28 06:38 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-05-28 06:38 . 2009-06-03 13:43 -------- d-----w- c:\users\OKA\AppData\Local\Microsoft Help
2009-05-28 06:37 . 2009-05-29 05:34 -------- d-----w- c:\programdata\Microsoft Help
2009-05-28 06:34 . 2009-05-28 06:34 -------- d--h--r- C:\MSOCache
2009-05-28 06:34 . 2009-05-28 06:34 -------- d--h--r- \MSOCache
2009-05-27 21:19 . 2009-06-02 16:54 -------- d-----w- c:\users\OKA\AppData\Roaming\Nokia
2009-05-27 21:19 . 2009-05-27 21:21 -------- d-----w- c:\users\OKA\AppData\Roaming\PC Suite
2009-05-27 21:19 . 2009-05-27 21:21 -------- d-----w- c:\programdata\PC Suite
2009-05-27 21:15 . 2009-05-27 21:15 -------- d-----w- c:\program files\Common Files\PCSuite
2009-05-27 21:15 . 2009-05-27 21:15 -------- d-----w- c:\program files\Common Files\Nokia
2009-05-27 21:14 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2009-05-27 21:12 . 2009-05-27 21:13 -------- d-----w- c:\program files\PC Connectivity Solution
2009-05-27 21:06 . 2009-02-09 05:37 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-05-27 21:06 . 2009-05-27 21:15 -------- d-----w- c:\program files\Nokia
2009-05-27 21:05 . 2009-05-27 21:03 34658864 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_cze.exe
2009-05-27 21:05 . 2009-05-27 21:05 8192 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstCCD.exe
2009-05-27 21:05 . 2009-05-27 21:05 61440 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-05-27 21:05 . 2009-05-27 21:05 10240 ----a-w- c:\programdata\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\UninstPCS.exe
2009-05-27 21:02 . 2009-05-27 21:05 -------- d-----w- c:\programdata\Installations
2009-05-27 20:19 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-27 20:19 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-05-27 20:19 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-05-27 20:19 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2009-05-27 20:19 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-05-27 20:19 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-05-27 20:19 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-05-27 20:13 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-05-27 20:13 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-05-27 20:13 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-05-27 20:13 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-05-27 20:13 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2009-05-27 19:43 . 2008-10-22 01:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-05-27 19:40 . 2008-11-01 03:44 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-05-27 19:40 . 2008-11-01 01:21 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-05-27 19:39 . 2008-06-06 03:27 38912 ----a-w- c:\windows\system32\xolehlp.dll
2009-05-27 19:39 . 2008-06-06 03:27 562176 ----a-w- c:\windows\system32\msdtcprx.dll
2009-05-27 19:38 . 2008-08-27 01:05 212480 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-05-27 19:37 . 2008-10-21 05:25 296960 ----a-w- c:\windows\system32\gdi32.dll
2009-05-27 19:37 . 2008-12-06 04:42 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-05-27 19:37 . 2008-09-05 05:14 1191936 ----a-w- c:\windows\system32\msxml3.dll
2009-05-27 19:24 . 2008-12-16 05:31 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-05-27 19:24 . 2008-12-16 05:31 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-05-27 19:24 . 2008-12-16 03:29 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-05-27 19:19 . 2009-03-12 08:17 2902048 -c--a-w- c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
2009-05-27 19:18 . 2009-05-27 19:18 -------- d-----w- c:\program files\CCleaner
2009-05-27 19:17 . 2009-02-13 08:49 1255936 ----a-w- c:\windows\system32\lsasrv.dll
2009-05-27 19:17 . 2009-03-17 03:38 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-05-27 19:17 . 2009-03-17 03:38 24064 ----a-w- c:\windows\system32\amxread.dll
2009-05-27 19:17 . 2009-02-13 08:49 72704 ----a-w- c:\windows\system32\secur32.dll
2009-05-27 19:16 . 2008-08-12 03:39 443392 ----a-w- c:\windows\system32\win32spl.dll
2009-05-27 19:16 . 2008-12-16 02:42 288768 ----a-w- c:\windows\system32\drivers\srv.sys
2009-05-27 19:16 . 2008-11-27 04:43 268288 ----a-w- c:\windows\system32\schannel.dll
2009-05-27 19:16 . 2008-06-23 01:59 2868736 ----a-w- c:\windows\system32\mf.dll
2009-05-27 19:16 . 2008-06-23 01:59 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2009-05-27 19:16 . 2008-06-23 01:58 94720 ----a-w- c:\windows\system32\logagent.exe
2009-05-27 19:15 . 2009-05-27 19:18 -------- d-----w- c:\program files\ICQ6.5
2009-05-27 19:12 . 2009-05-27 19:12 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-05-27 19:12 . 2009-05-27 19:12 -------- d-----w- c:\windows\system32\IOSUBSYS
2009-05-27 19:10 . 2009-05-27 19:10 -------- d-----w- c:\program files\Common Files\Skype
2009-05-27 19:07 . 2008-08-08 05:04 545 ----a-w- c:\windows\UC.PIF
2009-05-27 19:07 . 2008-08-08 05:04 545 ----a-w- c:\windows\RAR.PIF
2009-05-27 19:07 . 2008-08-08 05:04 545 ----a-w- c:\windows\PKZIP.PIF
2009-05-27 19:07 . 2008-08-08 05:04 545 ----a-w- c:\windows\PKUNZIP.PIF
2009-05-27 19:07 . 2008-08-08 05:04 545 ----a-w- c:\windows\NOCLOSE.PIF
2009-05-27 19:07 . 2008-08-08 05:04 545 ----a-w- c:\windows\LHA.PIF
2009-05-27 19:07 . 2008-08-08 05:04 545 ----a-w- c:\windows\ARJ.PIF
2009-05-27 18:58 . 2008-10-16 21:13 1809944 ----a-w- c:\windows\system32\wuaueng.dll
2009-05-27 18:58 . 2008-10-16 21:09 51224 ----a-w- c:\windows\system32\wuauclt.exe
2009-05-27 18:58 . 2008-10-16 21:09 43544 ----a-w- c:\windows\system32\wups2.dll
2009-05-27 18:58 . 2008-10-16 20:56 1524736 ----a-w- c:\windows\system32\wucltux.dll
2009-05-27 18:58 . 2008-10-16 21:08 34328 ----a-w- c:\windows\system32\wups.dll
2009-05-27 18:58 . 2008-10-16 20:55 83456 ----a-w- c:\windows\system32\wudriver.dll
2009-05-27 18:58 . 2008-10-16 21:12 561688 ----a-w- c:\windows\system32\wuapi.dll
2009-05-27 18:58 . 2008-10-16 12:08 162064 ----a-w- c:\windows\system32\wuwebv.dll
2009-05-27 18:58 . 2008-10-16 11:56 31232 ----a-w- c:\windows\system32\wuapp.exe
2009-05-27 18:52 . 2009-05-27 18:52 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-05-27 18:52 . 2009-05-27 18:52 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-05-27 18:52 . 2009-05-27 18:52 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-05-27 18:52 . 2009-06-05 07:40 -------- d-----w- c:\windows\system32\drivers\Avg
2009-05-27 18:52 . 2009-05-27 18:52 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-05-27 18:36 . 2008-02-23 04:38 170496 ----a-w- c:\windows\system32\tcpipcfg.dll
2009-05-27 18:36 . 2008-02-23 02:41 22528 ----a-w- c:\windows\system32\netiougc.exe
2009-05-27 18:35 . 2009-02-15 22:10 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2009-05-27 18:35 . 2009-02-15 22:10 69000 ----a-w- c:\windows\system32\zlcomm.dll
2009-05-27 18:35 . 2009-02-15 22:10 1221512 ----a-w- c:\windows\system32\zpeng25.dll
2009-05-27 18:35 . 2009-05-27 18:35 -------- d-----w- c:\program files\Zone Labs
2009-05-27 18:34 . 2009-05-27 18:35 -------- d-----w- c:\windows\system32\ZoneLabs
2009-05-27 18:34 . 2009-02-15 22:11 293528 ----a-w- c:\windows\system32\drivers\vsdatant.sys
2009-05-27 18:34 . 2009-05-27 18:34 -------- d-----w- c:\programdata\CheckPoint
2009-05-27 18:33 . 2009-06-05 13:46 -------- d-----w- c:\windows\Internet Logs
2009-05-27 16:41 . 2009-05-27 16:41 -------- d-----w- c:\users\OKA\AppData\Roaming\Malwarebytes
2009-05-27 16:41 . 2009-05-27 16:41 -------- d-----w- c:\programdata\Malwarebytes
2009-05-27 14:32 . 2009-05-27 19:08 -------- d-----w- c:\program files\totalcmd
2009-05-27 12:21 . 2009-05-27 14:20 -------- d-----w- c:\users\OKA\AppData\Local\GHISLER
2009-05-27 11:59 . 2009-05-27 11:59 -------- d-----w- c:\program files\MSXML 4.0
2009-05-27 11:49 . 2009-05-27 19:04 -------- d-----w- c:\program files\IZArc
2009-05-27 11:25 . 2009-05-27 11:25 -------- d-----w- c:\program files\ICQ6Toolbar
2009-05-27 11:25 . 2009-05-27 11:25 -------- d-----w- c:\programdata\ICQ
2009-05-27 11:25 . 2009-05-27 14:39 -------- d-----w- c:\users\OKA\AppData\Roaming\ICQ
2009-05-27 10:21 . 2009-05-27 19:19 -------- dc-h--w- c:\programdata\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-27 10:20 . 2009-05-27 10:22 -------- d-----w- c:\programdata\Lavasoft
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-05 14:02 . 2009-05-27 18:34 350192 ---ha-w- c:\windows\system32\drivers\vsconfig.xml
2009-06-05 14:02 . 2009-06-03 05:02 3218296832 --sha-w- \hiberfil.sys
2009-06-05 14:02 . 2009-01-18 00:02 3532079104 --sha-w- \pagefile.sys
2009-06-05 13:32 . 2008-11-17 21:13 598832 ----a-w- c:\windows\system32\perfh005.dat
2009-06-05 13:32 . 2008-11-17 21:13 114992 ----a-w- c:\windows\system32\perfc005.dat
2009-06-03 14:13 . 2009-06-01 05:33 1136635 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2009-05-28 07:37 . 2008-11-17 13:47 -------- d-----w- c:\programdata\CyberLink
2009-05-28 07:36 . 2009-01-18 00:51 36864 ----a-w- c:\programdata\Temp\{67626E09-5366-4480-8F1E-93FADF50CA15}\PostBuild.exe
2009-05-28 06:43 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
2009-05-27 19:18 . 2008-11-17 14:49 -------- d-----w- c:\program files\SMINST
2009-05-27 18:34 . 2009-05-27 18:34 -------- d-----w- c:\programdata\CheckPoint
2009-05-27 15:14 . 2009-05-27 12:37 31681 ----a-w- c:\programdata\nvModes.dat
2009-05-26 19:04 . 2009-05-26 19:04 0 ------w- c:\windows\system32\drivers\103C_HP_cNB_Pavilion dv5 Notebook PC_Y5335KV_0U_QCNF9030526_E506288-222_4A_I3603_SQuanta_V02.20_F.11_T081029_WV3-1_L405_M3069_J320_7Intel_867A_92.00_#090118_N10EC8168;14E44315_(NG305EA#AKB)_XMOBILE_CN10_Z_2F.11.MRK
2009-05-26 19:03 . 2009-05-26 19:03 -------- d-sh--we c:\programdata\Plocha
2009-05-26 19:03 . 2009-05-26 19:03 -------- d-sh--we c:\programdata\Oblíbené položky
2009-05-26 19:03 . 2009-05-26 19:03 -------- d-sh--we c:\programdata\Šablony
2009-05-26 19:03 . 2009-05-26 19:03 -------- d-sh--we c:\programdata\Nabídka Start
2009-05-26 19:03 . 2009-05-26 19:03 -------- d-sh--we c:\programdata\Dokumenty
2009-05-26 19:03 . 2009-05-26 19:03 -------- d-sh--we c:\programdata\Data aplikací
2009-05-01 18:30 . 2009-05-01 18:30 3366912 ----a-w- c:\windows\system32\GPhotos.scr
2008-11-17 21:32 . 2008-11-17 21:17 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((( SnapShot@2009-06-04_15.30.14 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2009-06-05 06:29 59052 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-06-05 13:29 98880 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2009-01-18 00:06 . 2009-06-04 15:29 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-01-18 00:06 . 2009-06-05 14:02 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-01-18 00:06 . 2009-06-05 14:02 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-01-18 00:06 . 2009-06-04 15:29 49152 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-01-18 00:06 . 2009-06-05 14:02 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-01-18 00:06 . 2009-06-04 15:29 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-05-26 19:05 . 2009-06-05 13:29 9956 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-629533665-3982478092-2245085183-1000_UserData.bin
+ 2009-05-26 21:29 . 2009-06-05 12:21 319486 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 10:33 . 2009-06-05 13:32 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-06-04 08:44 587178 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-06-04 08:44 101250 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-06-05 13:32 101250 c:\windows\System32\perfc009.dat
+ 2009-01-18 01:03 . 2009-06-05 14:01 224312 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-01-18 01:03 . 2009-06-04 15:28 224312 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-04-21 24264488]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-03-01 172792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-13 13584928]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-13 92704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-20 1316136]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-09-11 446556]
"DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-09-26 1148200]
"TSMAgent"="c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-09-25 1152296]
"CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-09-25 189736]
"UCam_Menu"="c:\program files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-09-23 912688]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-09-26 210216]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-15 981384]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-27 1947928]
"TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-02-09 206120]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli DPPWDFLT
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{085FBF0D-DD75-49A1-ABA8-C2D108CBD81E}"= c:\program files\CyberLink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{57B2C6A9-6223-46DE-8D5D-F8A6D435D460}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe:HP TouchSmart Music
"{A3DD1B00-77AF-4A94-BD2C-2AD15B18799E}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe:HP TouchSmart Photo
"{022F3EB8-B0D4-4862-8DCF-19D95F2BB613}"= c:\program files\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe:HP TouchSmart Video
"{07136986-723F-4459-8B67-FD878680465A}"= c:\program files\Hewlett-Packard\Media\DVD\TSMAgent.exe:HP TouchSmart Media Resident Program
"{05612F38-FC2C-48E7-AA0A-6396BD337505}"= c:\program files\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe:CyberLink Media Service
"{05C1565C-F2BC-4C52-B956-4A4DDD8AF671}"= c:\program files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe:HP MediaSmart DVD
"{6994B109-B1A5-4784-80D2-0FC6550AE78E}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe:HP TouchSmart Music
"{7C8BC870-98E0-403D-8435-C5828C6C0FB8}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe:HP TouchSmart Photo
"{91FFDE08-3989-4B52-9219-6C1AFE97615C}"= c:\program files\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe:HP TouchSmart Video
"{601B15E1-CBC5-42AC-BF65-C263E83BD329}"= c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe:HP TouchSmart Media Resident Program
"{0745FA5C-D5F9-415F-BD01-BA4B7A4DCF66}"= c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe:CyberLink Media Service
"{5B76FC48-4D02-4FB7-BBBF-1C1747C5907E}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{DE7CEF1A-A78A-488F-808D-F5B7CF9BDEB5}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"{BA5D95AE-76E9-4B05-A0E0-C4FCF59F2618}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{29DCC43B-0F85-4324-9651-3343828B42E6}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{57C06485-E3F0-471C-8FC4-3F803D379DFF}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{41A42EF5-C70D-4979-BE06-9460DF920FEF}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{9090CF09-1DAF-484F-94F2-16C211AA3584}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{11382365-8DF7-4EC3-90C2-2DA6CD2C83ED}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{D9C8AD87-EB08-4C45-95B4-3256C65E6D9D}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{F8F005B0-F454-43A8-9373-E9BAF9C15352}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4557B072-96CD-4275-90D8-072A1AA6BD0A}"= c:\program files\Hewlett-Packard\Media\TV\QP.exe:Quick Play
"{BAC10C4E-74D7-419F-B2E8-9F0E47DE221E}"= c:\program files\Hewlett-Packard\Media\TV\QPService.exe:Quick Play Resident Program
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [27.5.2009 21:20 64160]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [27.5.2009 20:52 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [27.5.2009 20:52 108552]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};c:\program files\Hewlett-Packard\Media\DVD\
000.fcl [26.9.2008 3:36 59376]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\AEstSrv.exe [18.1.2009 2:13 77824]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [27.5.2009 20:52 908568]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [27.5.2009 20:52 298776]
R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [18.3.2008 17:24 19456]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [17.11.2008 16:49 365952]
R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [9.2.2009 18:14 296320]
R2 TVSched;TV Task Scheduler (TVTS);c:\program files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [9.2.2009 18:14 116096]
R2 vfsFPService;Validity Fingerprint Service;c:\windows\System32\vfsFPService.exe [16.9.2008 11:33 599344]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [17.11.2008 15:25 193840]
R3 enecir;ENE CIR Receiver;c:\windows\System32\drivers\enecir.sys [4.9.2008 19:47 54784]
R3 JMCR;JMCR;c:\windows\System32\drivers\jmcr.sys [7.8.2008 19:01 97536]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [6.8.2008 5:29 44576]
R3 vfs101x;vfs101x;c:\windows\System32\drivers\vfs101x.sys [16.9.2008 11:33 40752]
S3 epmntdrv;epmntdrv;c:\windows\System32\epmntdrv.sys [2.6.2009 23:29 9728]
S3 EuGdiDrv;EuGdiDrv;c:\windows\System32\EuGdiDrv.sys [2.6.2009 23:29 3072]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9.3.2009 21:06 1005904]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Obsah adresáře 'Naplánované úlohy'
2009-06-03 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 19:20]
2009-05-27 c:\windows\Tasks\HPCeeScheduleForOKA.job
- c:\program files\Hewlett-Packard\SDP\ceement\HPCEE.exe [2008-11-17 07:02]
.
.
------- Doplňkový sken -------
.
uStart Page =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnbmStart Page =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnbIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\OKA\AppData\Roaming\Mozilla\Firefox\Profiles\grgxh3ku.default\
FF - component: c:\program files\DigitalPersona\Bin\firefoxext\components\dpffcli.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-06-05 16:03
Windows 6.0.6001 Service Pack 1 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files\Hewlett-Packard\Media\DVD\
000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\
0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'lsass.exe'(608)
c:\windows\system32\DPPWDFLT.dll
- - - - - - - > 'Explorer.exe'(4476)
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\stacsv.exe
c:\windows\System32\audiodg.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\ZoneLabs\vsmon.exe
c:\windows\System32\wlanext.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\progra~1\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\System32\conime.exe
c:\windows\System32\rundll32.exe
c:\program files\AVG\AVG8\avgtray.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
c:\program files\Hewlett-Packard\Shared\HpqToaster.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\System32\ZoneLabs\updclient.exe
.
**************************************************************************
.
Celkový čas: 2009-06-05 16:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-06-05 14:07
ComboFix2.txt 2009-06-05 06:32
ComboFix3.txt 2009-06-04 19:36
ComboFix4.txt 2009-06-04 18:59
ComboFix5.txt 2009-06-05 13:56
Před spuštěním: Volných bajtů: 129 912 815 616
Po spuštění: Volných bajtů: 129 821 933 568
Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
427 --- E O F --- 2009-06-05 01:20
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:23:11, on 5.6.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\OKA\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnbR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnbR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O8 - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\aestsrv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_805f33de\STacSV.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
--
End of file - 10598 bytes
