ComboFix 08-03-22.3 - máca 2008-03-23 17:31:18.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.1421 [GMT 1:00]
Running from: C:\Documents and Settings\máca.DOMA\Plocha\ComboFix.exe
* Created a new restore point
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
-- Other TimeOuts --
VFind -td "C:\WINDOWS\system32\baiso*"
CF29804.exe /c " VFind.exe -ltf -s-1300000 -d+2007-12-23 C:\WINDOWS\* >Windir.dat"
VFind.exe -ltf -s-1300000 -d+2007-12-23 C:\WINDOWS\*
CF29804.exe /c " VFind.exe -ltf -s-1000000 -d+2007-12-23 "C:\Program Files\*" >progfile.dat"
VFind.exe -ltf -s-1000000 -d+2007-12-23 "C:\Program Files\*"
CF29804.exe /c " dir /a/s/b C:\_desktop.ini C:\desktop_.ini C:\cnsmin* C:\_install.exe >DirRoot"
Findstr -MIF:/ "\\TTC\.pdb InsertAdvertisement"
GREP -i "C:\\Program Files\\[^\\]*\\[^\\]*$"
VFind -tf -s282624 "C:\Program Files\????????*[0-9].dll"
CF29804.exe /c " VFind.exe -ltf -s-1000000 -d+2007-12-23 "C:\Program Files\*" >progfile.dat"
VFind.exe -ltf -s-1000000 -d+2007-12-23 "C:\Program Files\*"
CF29804.exe /c " dir /a/s/b C:\_desktop.ini C:\desktop_.ini C:\cnsmin* C:\_install.exe >DirRoot"
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\kikina\Nabídka Start\Programy\Po spuštění\Deewoo.lnk
C:\Documents and Settings\kikina\Nabídka Start\Programy\Po spuštění\DW_Start.lnk
C:\Documents and Settings\máca.DOMA\Nabídka Start\Programy\Po spuštění\Deewoo.lnk
C:\Documents and Settings\máca.DOMA\Nabídka Start\Programy\Po spuštění\DW_Start.lnk
C:\WINDOWS\system32\msnav32.ax
C:\WINDOWS\system32\winpfz37.sys
C:\WINDOWS\system32\zxdnt3d.cfg
.
((((((((((((((((((((((((( Files Created from 2008-02-23 to 2008-03-23 )))))))))))))))))))))))))))))))
.
2008-03-23 16:00 . 2008-03-23 16:00 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TEMP
2008-03-23 16:00 . 2003-03-19 14:20 1,060,864 --a------ C:\WINDOWS\system32\mfc71.dll
2008-03-23 16:00 . 2003-03-19 11:14 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-03-23 09:04 . 2008-03-23 09:03 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2008-03-23 09:04 . 2008-03-23 09:03 298,104 --a------ C:\WINDOWS\system32\imon.dll
2008-03-23 09:04 . 2008-03-23 09:03 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2008-03-21 23:19 . 2008-03-23 16:55 0 --a------ C:\WINDOWS\XXLGSC
2008-03-21 23:09 . 2008-03-21 23:09 491,520 --a------ C:\WINDOWS\WebIE.dll
2008-03-21 23:09 . 2008-03-21 23:09 356,352 --a------ C:\WINDOWS\TrnOutl.dll
2008-03-21 23:09 . 2008-03-21 23:09 294,912 --a------ C:\WINDOWS\TrnWord.dll
2008-03-21 23:09 . 2008-03-21 23:09 200,704 --a------ C:\WINDOWS\TRNOET.DLL
2008-03-21 23:09 . 2008-03-21 23:09 45,056 --a------ C:\WINDOWS\TRNOEH.DLL
2008-03-21 23:09 . 2008-03-21 23:09 26,624 --a------ C:\WINDOWS\OETRN.EXE
2008-03-21 23:09 . 2008-03-21 23:09 33 --a------ C:\WINDOWS\WTRDCTM.INI
2008-03-21 23:08 . 2008-03-22 12:24 <DIR> d-------- C:\TRANSLAT
2008-03-21 23:08 . 2008-03-21 23:08 516,096 --a------ C:\WINDOWS\UN32.EXE
2008-03-21 23:08 . 2008-03-23 16:55 4,479 --a------ C:\WINDOWS\WTRAN32.INI
2008-03-21 23:08 . 2008-03-21 23:08 2,753 --a------ C:\WINDOWS\UN32P.INI
2008-03-21 23:08 . 2008-03-21 23:09 2,476 --a------ C:\WINDOWS\TRNCOM.INI
2008-03-21 23:08 . 2008-03-23 17:29 1,678 --a------ C:\WINDOWS\MAILTRAN.INI
2008-03-21 23:08 . 2008-03-21 23:08 1,581 --a------ C:\WINDOWS\WDICT32.INI
2008-03-16 16:23 . 2008-03-16 16:23 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-03-16 15:09 . 2008-03-16 15:09 <DIR> d-------- C:\Program Files\Blender Foundation
2008-03-15 14:28 . 2008-03-15 14:28 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared
2008-03-15 12:22 . 2008-03-15 14:30 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\Autodesk
2008-03-15 12:22 . 2008-03-15 14:30 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\Autodesk
2008-03-15 12:22 . 2008-03-15 14:30 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\Autodesk
2008-03-15 09:50 . 2008-03-15 09:50 <DIR> d-------- C:\Program Files\PowerISO
2008-03-14 23:37 . 2008-03-14 23:37 <DIR> d-------- C:\Program Files\NeroInstall.bak
2008-03-14 23:35 . 2008-03-14 23:36 <DIR> d-------- C:\Program Files\Common Files\Nero
2008-03-14 23:24 . 2008-03-14 23:24 49,156 --a------ C:\WINDOWS\system32\rwwnw64d.exe
2008-03-14 06:26 . 2006-11-07 09:42 61,504 -ra------ C:\WINDOWS\system32\drivers\w200bus.sys
2008-03-14 06:26 . 2006-11-07 09:42 5,840 -ra------ C:\WINDOWS\system32\drivers\w200whnt.sys
2008-03-14 06:26 . 2006-11-07 09:42 5,840 -ra------ C:\WINDOWS\system32\drivers\w200wh.sys
2008-03-13 17:06 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-03-13 17:06 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-03-13 16:52 . 2008-03-13 16:52 <DIR> d-------- C:\Documents and Settings\kikina\Data aplikací\InstallShield
2008-03-12 22:51 . 2008-03-12 22:51 <DIR> d-------- C:\Program Files\Codec Pack - All In 1
2008-03-12 22:46 . 2008-03-12 22:46 <DIR> d-------- C:\Program Files\K-Lite Codec Pack
2008-03-10 17:04 . 2008-03-10 17:05 <DIR> d-------- C:\Program Files\Mv2Player
2008-03-09 09:21 . 2008-03-09 09:21 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ATI
2008-03-07 18:41 . 2008-03-07 18:41 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\Ubisoft
2008-03-07 18:41 . 2008-03-07 18:41 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\Ubisoft
2008-03-07 18:41 . 2008-03-07 18:41 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\Ubisoft
2008-03-07 18:41 . 2008-03-07 18:41 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Ubisoft
2008-03-07 18:15 . 2008-03-07 18:15 <DIR> d-------- C:\Program Files\uTorrent
2008-03-07 18:15 . 2008-03-23 14:43 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\uTorrent
2008-03-07 18:15 . 2008-03-23 14:43 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\uTorrent
2008-03-07 18:15 . 2008-03-23 14:43 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\uTorrent
2008-03-07 18:08 . 2007-10-12 15:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
2008-03-07 17:58 . 2008-03-07 17:58 <DIR> d-------- C:\Program Files\Ubisoft
2008-03-04 06:40 . 2008-03-04 06:40 <DIR> d--hs---- C:\found.006
2008-03-03 18:03 . 2008-03-23 09:08 120,038 --a------ C:\WINDOWS\system32\oodbs.lor
2008-03-03 16:07 . 2008-03-03 16:07 <DIR> d-------- C:\Program Files\OO Software
2008-03-02 15:20 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-03-01 15:50 . 2008-03-01 15:50 <DIR> d-------- C:\WINDOWS\WinAVI Video Converter 9.0
2008-02-28 17:38 . 2008-02-28 17:38 972,072 --a------ C:\WINDOWS\UNNeroMediaHome.exe
2008-02-28 08:21 . 2008-02-28 08:21 0 --a------ C:\WINDOWS\oodcnt.INI
2008-02-26 19:48 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2008-02-26 19:47 . 2008-02-26 19:47 <DIR> d-------- C:\Program Files\MSBuild
2008-02-26 19:45 . 2008-02-26 19:45 <DIR> d-------- C:\Program Files\Microsoft Visual Studio 8
2008-02-26 19:44 . 2008-02-26 19:44 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-02-26 19:43 . 2008-02-26 19:43 <DIR> dr-h----- C:\MSOCache
2008-02-26 19:43 . 2008-03-12 20:08 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft Help
2008-02-26 19:40 . 2008-02-26 19:40 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-02-26 19:40 . 2008-02-26 19:40 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\DAEMON Tools
2008-02-26 19:40 . 2008-02-26 19:40 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\DAEMON Tools
2008-02-26 19:40 . 2008-02-26 19:40 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\DAEMON Tools
2008-02-26 19:38 . 2008-02-26 19:38 715,248 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-02-26 16:41 . 2008-02-26 16:41 <DIR> d-------- C:\Documents and Settings\kikina\Data aplikací\Media Player Classic
2008-02-26 16:14 . 2008-02-26 16:14 972,072 --a------ C:\WINDOWS\UNRecode.exe
2008-02-23 20:15 . 2008-02-23 20:15 <DIR> d-------- C:\Documents and Settings\máca.DOMA\kbpki
2008-02-23 20:15 . 2008-02-23 20:15 <DIR> d-------- C:\Documents and Settings\máca.DOMA\kbpki
2008-02-23 16:10 . 2008-02-23 16:10 <DIR> d-------- C:\Program Files\OpenOffice.org 2.3
2008-02-23 12:40 . 2008-02-23 12:40 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\Media Player Classic
2008-02-23 12:40 . 2008-02-23 12:40 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\Media Player Classic
2008-02-23 12:40 . 2008-02-23 12:40 <DIR> d-------- C:\Documents and Settings\máca.DOMA\Data aplikací\Media Player Classic
2008-02-23 09:09 . 2008-03-12 22:51 737,280 --a------ C:\WINDOWS\iun6002.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-23 16:12 --------- d-----w C:\Program Files\Mozilla Firefox 3 Beta 3
2008-03-23 08:09 --------- d-----w C:\Program Files\ESET
2008-03-21 12:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-14 22:35 --------- d-----w C:\Program Files\Nero
2008-03-14 22:35 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Nero
2008-03-14 22:23 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-03-14 22:22 306,432 ----a-w C:\WINDOWS\system32\TuneUpDefragService.exe
2008-03-09 08:18 --------- d-----w C:\Program Files\ATI Technologies
2008-03-04 06:08 --------- d-----w C:\Program Files\ICQ6
2008-02-26 18:47 --------- d-----w C:\Program Files\Microsoft Works
2008-02-26 05:51 2,863,616 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-02-26 03:12 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-02-26 03:10 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-02-26 03:10 299,520 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-02-26 03:02 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-02-26 03:02 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-02-26 03:01 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-02-26 03:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-02-26 03:01 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-02-26 03:00 520,192 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-02-26 02:59 9,797,632 ----a-w C:\WINDOWS\system32\atioglx2.dll
2008-02-26 02:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-02-26 02:49 3,176,480 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-02-26 02:41 1,755,264 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-02-26 02:29 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-02-26 02:25 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-02-26 02:23 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-02-26 02:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2008-02-26 02:21 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll
2008-02-26 02:19 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-02-26 02:16 520,192 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-02-25 20:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
2008-02-25 19:16 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\OpenOffice.org2
2008-02-25 19:16 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\OpenOffice.org2
2008-02-25 19:16 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\OpenOffice.org2
2008-02-25 12:31 --------- d-----w C:\Documents and Settings\kikina\Data aplikací\ICQ
2008-02-22 21:53 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\ICQ
2008-02-22 21:53 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\ICQ
2008-02-22 21:53 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\ICQ
2008-02-22 21:11 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\InstallShield
2008-02-22 21:11 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\InstallShield
2008-02-22 21:11 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\InstallShield
2008-02-22 20:33 --------- d-----w C:\Program Files\MSXML 4.0
2008-02-22 05:13 --------- d-----w C:\Documents and Settings\kikina\Data aplikací\DivX
2008-02-22 05:12 --------- d-----w C:\Documents and Settings\kikina\Data aplikací\Nero
2008-02-21 19:56 2,277,376 ----a-w C:\WINDOWS\system32\TUKernel.exe
2008-02-21 19:31 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\Ventrilo
2008-02-21 19:31 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\Ventrilo
2008-02-21 19:31 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\Ventrilo
2008-02-21 19:30 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\Nero
2008-02-21 19:30 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\Nero
2008-02-21 19:30 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\Nero
2008-02-21 05:35 --------- d-----w C:\Program Files\Java
2008-02-20 20:27 --------- d-----w C:\Documents and Settings\kikina\Data aplikací\ATI
2008-02-20 17:58 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Data aplikací\TuneUp Software
2008-02-20 17:57 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-02-20 17:38 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\ATI
2008-02-20 17:38 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\ATI
2008-02-20 17:38 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\ATI
2008-02-20 16:27 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2008-02-20 16:27 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\TuneUp Software
2008-02-20 16:27 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\TuneUp Software
2008-02-20 16:27 --------- d-----w C:\Documents and Settings\máca.DOMA\Data aplikací\TuneUp Software
2008-02-20 14:51 558,142 ----a-w C:\WINDOWS\java\Packages\LNP3RNT7.ZIP
2008-02-20 14:51 155,995 ----a-w C:\WINDOWS\java\Packages\OELNZB5B.ZIP
2008-02-19 20:10 --------- d-----w C:\Documents and Settings\máca\Data aplikací\OpenOffice.org2
2008-02-18 15:21 132,904 ----a-w C:\WINDOWS\system32\drivers\imagesrv.sys
2008-02-18 15:21 11,304 ----a-w C:\WINDOWS\system32\drivers\imagedrv.sys
2008-02-18 15:04 95,600 ----a-w C:\WINDOWS\system32\NeroCo.dll
2008-02-17 06:58 --------- d-----w C:\Documents and Settings\kiki\Data aplikací\MEGAUPLOADTOOLBAR
2008-02-16 21:51 --------- d-----w C:\Program Files\AMD
2008-02-14 13:20 --------- d-----w C:\Documents and Settings\mamka\Data aplikací\ICQLite
2008-02-14 07:56 --------- d-----w C:\Documents and Settings\mamka\Data aplikací\OpenOffice.org2
2008-02-13 14:13 --------- d-----w C:\Program Files\ICQToolbar
2008-02-13 14:13 --------- d-----w C:\Documents and Settings\mamka\Data aplikací\MEGAUPLOADTOOLBAR
2008-02-10 21:29 --------- d-----w C:\Documents and Settings\máca\Data aplikací\MegauploadToolbar
2008-02-08 23:48 --------- d-----w C:\Program Files\HLSW
2008-02-05 10:16 --------- d-----w C:\Program Files\Trend Micro
2008-02-04 17:09 --------- d-----w C:\Program Files\HDD Regenerator
2008-02-02 17:44 --------- d-----w C:\Program Files\DivX
2008-02-02 12:43 --------- d-----w C:\Program Files\ZZZZZZZZZZZZZZZ
2008-01-30 08:18 --------- d-----w C:\Program Files\ICQLite
2008-01-29 01:53 612,864 ----a-w C:\WINDOWS\system32\x264vfw.dll
2008-01-10 12:16 159,839 ----a-w C:\WINDOWS\system32\xvidvfw.dll
2008-01-10 12:15 755,027 ----a-w C:\WINDOWS\system32\xvidcore.dll
2007-12-24 12:49 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll
2007-11-15 18:30 22,328 ----a-w C:\Documents and Settings\máca\Data aplikací\PnkBstrK.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49 15360]
"OEXPRESS"="C:\WINDOWS\OETRN.EXE" [2008-03-21 23:09 26624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 03:04 2879488 C:\WINDOWS\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 04:49 16269312 C:\WINDOWS\RTHDCPL.exe]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"{24-49-9C-C7-DW}"="C:\windows\system32\jpwnw64o.exe" [ ]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 16:29 2221352]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2008-02-28 09:59 570664]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2008-01-20 08:05 217088]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-03-23 09:03 949376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-17 15:49 15360]
C:\Documents and Settings\mamka\Nabˇdka Start\Programy\Po spuçtŘnˇ\
OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-11-14 17:32:04 393216]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\QIP\\qip.exe"=
"D:\\CesarFTP\\Server.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\ilussion422\\counter-strike\\hl.exe"=
"D:\\QIP Infium\\infium.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Gigabyte\\@BIOS\\gwflash.exe"=
"C:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
R2 UxTuneUp;TuneUp rozšíření vzhledu;C:\WINDOWS\System32\svchost.exe [2004-08-17 15:49]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2007-04-04 23:00]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-03-14 23:22]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 09:42]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-03-21 16:36:57 C:\WINDOWS\Tasks\1-Click Maintenance.job"
- C:\Program Files\TuneUp Utilities 2008\OneClick.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-03-23 17:36:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Eset\pr_imon.dll
.
Completion time: 2008-03-23 17:38:23
ComboFix-quarantined-files.txt 2008-03-23 16:37:19
.
2008-03-18 05:21:42 --- E O F ---