Kód: Vybrat vše
ComboFix 08-04-27.2 - Lukáš Sedláček 2008-04-28 14:45:50.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.449 [GMT 2:00]
Running from: C:\Documents and Settings\Lukáš Sedláček\Plocha\ComboFix.exe
* Created a new restore point
* Resident AV is active
[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Nabídka Start\Online Security Guide.url
C:\Documents and Settings\All Users\Nabídka Start\Security Troubleshooting.url
C:\Documents and Settings\Lukáš Sedláček\Oblíbené položky\Online Security Test.url
.
((((((((((((((((((((((((( Files Created from 2008-03-28 to 2008-04-28 )))))))))))))))))))))))))))))))
.
2008-04-27 21:17 . 2008-04-27 21:17 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-04-27 20:50 . 2008-04-27 20:50 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-04-27 20:07 . 2008-04-27 20:07 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Nokia
2008-04-27 20:05 . 2008-04-27 20:05 <DIR> d-------- C:\Program Files\MSXML 6.0
2008-04-27 19:53 . 2004-08-03 23:08 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-04-27 19:53 . 2008-04-27 19:53 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-04-27 19:53 . 2008-04-27 19:53 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-04-27 19:53 . 2008-04-27 19:53 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2008-04-27 19:52 . 2008-04-27 19:52 <DIR> d-------- C:\Program Files\DIFX
2008-04-27 19:52 . 2008-04-27 20:50 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-04-27 19:52 . 2008-04-27 19:53 <DIR> d-------- C:\Documents and Settings\Lukáš Sedláček\Data aplikací\PC Suite
2008-04-27 19:52 . 2008-04-27 19:52 <DIR> d-------- C:\Documents and Settings\Lukáš Sedláček\Data aplikací\Nokia
2008-04-27 19:52 . 2008-04-27 19:53 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2008-04-27 19:52 . 2007-09-17 15:53 21,632 --a------ C:\WINDOWS\system32\drivers\pccsmcfd.sys
2008-04-27 19:51 . 2008-04-27 20:48 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-04-27 19:51 . 2008-04-27 19:51 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-04-27 19:51 . 2008-04-27 20:50 <DIR> d-------- C:\Program Files\Nokia
2008-04-27 19:51 . 2008-04-27 20:05 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Installations
2008-04-27 19:51 . 2007-11-29 10:33 1,419,232 --a------ C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-04-27 19:51 . 2007-11-29 10:39 95,744 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-04-27 19:51 . 2008-02-01 15:17 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-04-27 19:51 . 2007-11-29 10:39 19,328 --a------ C:\WINDOWS\system32\drivers\ccdcmbo.sys
2008-04-27 19:51 . 2007-11-29 10:39 16,896 --a------ C:\WINDOWS\system32\drivers\ccdcmb.sys
2008-04-27 19:51 . 2007-11-29 10:39 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2008-04-27 19:51 . 2007-11-29 10:39 8,064 --a------ C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2008-04-24 16:24 . 2008-04-24 16:24 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Grisoft
2008-04-23 21:45 . 2006-09-05 18:03 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-04-21 13:58 . 2008-04-21 13:58 <DIR> d-------- C:\Program Files\QIP
2008-04-16 21:02 . 2008-04-16 21:02 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2008-04-16 21:02 . 2005-10-21 03:47 30,592 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-16 21:02 . 2005-10-21 03:47 12,800 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-16 06:55 . 2008-04-16 06:55 <DIR> d--hs---- C:\found.000
2008-04-13 21:33 . 2008-04-13 21:33 <DIR> d-------- C:\Program Files\AnvSoft Mobile Video Converter
2008-04-13 21:07 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2008-04-13 21:07 . 2004-08-03 23:10 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2008-04-13 21:07 . 2004-08-17 15:49 16,384 --a------ C:\WINDOWS\system32\ipsink.ax
2008-04-13 21:07 . 2004-08-03 23:10 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2008-04-13 21:07 . 2004-08-03 23:10 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2008-04-13 21:07 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2008-04-13 21:07 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2008-04-13 21:06 . 2004-08-17 15:49 91,136 --a------ C:\WINDOWS\system32\kswdmcap.ax
2008-04-13 21:06 . 2004-08-17 15:49 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax
2008-04-13 21:06 . 2004-08-17 15:49 54,272 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2008-04-13 21:06 . 2004-08-03 23:10 51,328 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2008-04-13 21:06 . 2004-08-17 15:49 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax
2008-04-13 21:06 . 2004-08-17 15:49 28,672 --a------ C:\WINDOWS\system32\vidcap.ax
2008-04-13 21:06 . 2004-08-03 23:10 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2008-04-13 21:00 . 2004-08-03 23:10 38,912 --a------ C:\WINDOWS\system32\drivers\avc.sys
2008-04-13 20:59 . 2004-08-03 23:10 48,128 --a------ C:\WINDOWS\system32\drivers\61883.sys
2008-04-13 20:13 . 2008-04-13 20:13 <DIR> d-------- C:\Drivers
2008-04-13 20:13 . 2001-11-05 09:23 299,923 --a------ C:\WINDOWS\system32\drivers\sonyhcs.sys
2008-04-13 20:13 . 2002-10-15 22:41 102,220 --a------ C:\WINDOWS\system32\drivers\sonypvs1.sys
2008-04-13 20:13 . 2001-07-03 20:33 53,248 --a------ C:\WINDOWS\system32\SONYHCY.DLL
2008-04-13 20:13 . 2001-11-05 09:23 38,739 --a------ C:\WINDOWS\system32\drivers\sonyhcc.sys
2008-04-13 20:13 . 2001-11-05 09:23 6,097 --a------ C:\WINDOWS\system32\drivers\sonyhcb.sys
2008-04-13 20:13 . 2001-07-03 20:39 3,654 --a------ C:\WINDOWS\system32\drivers\Sonyhcp.dll
2008-04-13 20:12 . 1998-06-18 00:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-04-13 20:12 . 2003-12-03 17:44 13,566 --------- C:\WINDOWS\system32\drivers\cdrbsvsd.sys
2008-04-13 18:32 . 2004-08-03 23:10 61,056 --a------ C:\WINDOWS\system32\drivers\ohci1394.sys
2008-04-13 18:32 . 2004-08-03 23:10 53,248 --a------ C:\WINDOWS\system32\drivers\1394bus.sys
2008-04-13 18:32 . 2001-08-17 21:46 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2008-04-10 20:53 . 2008-04-27 20:48 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-10 20:53 . 2008-04-10 20:53 1,409 --a------ C:\WINDOWS\QTFont.for
2008-04-09 21:32 . 2008-04-09 21:32 394 --a------ C:\WINDOWS\capture.ini
2008-04-09 15:49 . 2008-04-09 15:49 <DIR> d-------- C:\Documents and Settings\Luk Sedlek
2008-04-09 15:48 . 2008-04-09 15:48 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Adobe Systems
2008-04-09 15:35 . 2008-04-09 15:35 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-04-08 15:34 . 2008-04-08 15:34 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\GlobalSCAPE
2008-04-06 18:43 . 2008-04-06 18:43 <DIR> d-------- C:\Temp
2008-04-01 21:07 . 2008-04-01 21:07 <DIR> d-------- C:\Documents and Settings\Lukáš Sedláček\Data aplikací\NCH Software
2008-04-01 17:17 . 2008-04-09 15:36 <DIR> d-------- C:\Program Files\Common Files\Adobe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-27 16:38 --------- d-----w C:\Program Files\ICQToolbar
2008-04-21 15:23 --------- d-----w C:\Program Files\Spyware Terminator
2008-04-21 15:23 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-04-20 15:32 --------- d-----w C:\Program Files\ICQLite
2008-04-13 19:47 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-09 06:55 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2008-04-03 20:21 --------- d-----w C:\Documents and Settings\Lukáš Sedláček\Data aplikací\Skype
2008-04-03 17:21 --------- d-----w C:\Documents and Settings\Lukáš Sedláček\Data aplikací\skypePM
2008-03-23 21:45 --------- d-----w C:\Documents and Settings\Lukáš Sedláček\Data aplikací\Media Player Classic
2008-03-23 19:08 --------- d---a-w C:\Documents and Settings\All Users\Data aplikací\TEMP
2008-03-20 11:49 --------- d-----w C:\Program Files\Track Mania
2008-03-20 08:09 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 20:56 --------- d-----w C:\Program Files\Java
2008-03-19 11:17 --------- d-----w C:\Program Files\Apple Software Update
2008-03-19 11:17 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Apple
2008-03-18 19:50 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Test Drive Unlimited
2008-03-18 10:49 --------- d-----w C:\Program Files\Crawler
2008-03-13 18:32 --------- d-----w C:\Program Files\K-Lite Codec Pack
2008-03-12 19:01 --------- d-----w C:\Documents and Settings\Lukáš Sedláček\Data aplikací\ICQLite
2008-03-12 14:54 --------- d-----w C:\Documents and Settings\Lukáš Sedláček\Data aplikací\Azureus
2008-03-11 17:56 --------- d-----w C:\Program Files\MagicISO
2008-03-11 15:53 32 ----a-w C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
2008-03-11 15:53 --------- d-----w C:\Program Files\Skype
2008-03-11 15:53 --------- d-----w C:\Program Files\Common Files\Skype
2008-03-11 15:53 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Skype
2008-03-10 18:56 --------- d-----w C:\Program Files\ATI Technologies
2008-03-10 18:24 86,016 ----a-w C:\WINDOWS\system32\OpenAL32.dll
2008-03-10 18:24 262,144 ----a-w C:\WINDOWS\system32\wrap_oal.dll
2008-03-09 20:27 --------- d-----w C:\Documents and Settings\Lukáš Sedláček\Data aplikací\Apple Computer
2008-03-09 20:26 --------- d-----w C:\Program Files\QuickTime
2008-03-09 20:26 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2008-03-06 09:14 831,048 ----a-w C:\WINDOWS\system32\WudfUpdate_01005.dll
2008-03-04 16:34 2,138,496 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-03-04 16:34 2,015,744 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-03-04 16:34 --------- d-----w C:\Program Files\YzShadow
2008-03-04 16:34 --------- d-----w C:\Program Files\WinRoll
2008-03-04 16:34 --------- d-----w C:\Program Files\UberIcon
2008-03-04 16:34 --------- d-----w C:\Program Files\Tiger System Preferences v2
2008-03-04 16:34 --------- d-----w C:\Program Files\RK Launcher
2008-03-04 16:34 --------- d-----w C:\Program Files\ObjectDock
2008-03-04 16:34 --------- d-----w C:\Program Files\iColorFolder
2008-03-04 16:32 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-03-03 17:54 --------- d-----w C:\Program Files\Common Files\DVDVideoSoft
2008-03-01 13:02 803,840 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-28 16:15 --------- d-----w C:\Program Files\Opera
2008-02-26 03:12 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2008-02-26 03:10 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2008-02-26 03:10 299,520 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-02-26 03:02 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2008-02-26 03:02 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2008-02-26 03:01 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2008-02-26 03:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2008-02-26 03:01 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-02-26 03:00 520,192 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2008-02-26 02:59 9,797,632 ----a-w C:\WINDOWS\system32\atioglx2.dll
2008-02-26 02:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2008-02-26 02:49 3,176,480 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-02-26 02:41 1,755,264 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-02-26 02:29 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2008-02-26 02:25 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
2008-02-26 02:23 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2008-02-26 02:19 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2008-02-26 02:16 520,192 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-02-25 20:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:38 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-01-31 14:59 298,104 ----a-w C:\WINDOWS\system32\imon.dll
.
------- Sigcheck -------
2005-03-02 20:21 577024 3ef380290ce2ca8598e475ceac4adb13 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
2007-03-08 17:51 578048 5393076fdcd6daeb82814688dde3e9a2 C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
2006-03-02 14:00 577024 1b4ccc59980da34e75f20e42b283b027 C:\WINDOWS\$NtUninstallKB890859$\user32.dll
2005-03-02 20:18 577024 9267bc598e271bc3fa69f36cf1c8bd36 C:\WINDOWS\$NtUninstallKB925902$\user32.dll
2007-03-08 17:38 577536 43240b12d220f30c7c75ea69b2e806b0 C:\WINDOWS\FlyakiteOSX\Backup\user32.dll
2006-03-02 14:00 577024 1b4ccc59980da34e75f20e42b283b027 C:\WINDOWS\SoftwareDistribution\Download\[u]0[/u]53a8d720f751c64c56fbe8b6600daef\backup\sp2gdr\user32.dll
2006-03-02 14:00 577024 1b4ccc59980da34e75f20e42b283b027 C:\WINDOWS\SoftwareDistribution\Download\[u]0[/u]53a8d720f751c64c56fbe8b6600daef\backup\sp2qfe\user32.dll
2006-03-02 14:00 577024 1b4ccc59980da34e75f20e42b283b027 C:\WINDOWS\SoftwareDistribution\Download\29ef1050760378dde1308339cd54188f\backup\sp2gdr\user32.dll
2006-03-02 14:00 577024 1b4ccc59980da34e75f20e42b283b027 C:\WINDOWS\SoftwareDistribution\Download\29ef1050760378dde1308339cd54188f\backup\sp2qfe\user32.dll
2007-03-08 17:38 577024 371331934ed7d5e1687a438db0669822 C:\WINDOWS\system32\user32.dll
2007-03-08 17:38 577024 371331934ed7d5e1687a438db0669822 C:\WINDOWS\system32\dllcache\user32.dll
2007-10-11 01:41 825344 3c48d8efa3ffa68f7aeaaaffab6b9cb3 C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
2007-12-07 03:59 825344 32cc73f851f377b035a5b8216cac63ce C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
2008-03-01 14:35 827392 46a1a52eb6c86344c6ebf65b17404c90 C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
2008-03-01 15:02 826368 4b0d8a282e0bef3e52b8b6449d8473dd C:\WINDOWS\FlyakiteOSX\Backup\wininet.dll
2006-03-02 14:00 657408 50d263e3454e8357d13bb598129185ad C:\WINDOWS\ie7\wininet.dll
2006-11-07 22:03 818688 92995334f993e6e49c25c6d02ec04401 C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
2007-10-11 01:50 824832 c543cc3d7a05fb0d23107c89115811a0 C:\WINDOWS\ie7updates\KB944533-IE7\wininet.dll
2007-12-07 04:14 802304 a2b21644a9d317c9de04cdbf83c4afc6 C:\WINDOWS\ie7updates\KB947864-IE7\wininet.dll
2008-03-01 15:02 803840 71ba5f36c9f5b989ece61f4fd53fbb69 C:\WINDOWS\system32\wininet.dll
2008-03-01 15:02 803840 71ba5f36c9f5b989ece61f4fd53fbb69 C:\WINDOWS\system32\dllcache\wininet.dll
2005-03-02 20:14 2059008 9355304dd565e23f8ee294720b2c03e5 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
2007-02-28 18:09 2061568 a873ff1754e2a81cb1a34588cab363d6 C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe
2006-03-02 14:00 2059008 e86dd06f2b8f919ddf23f78a3bf2aa23 C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe
2005-03-02 20:08 2059008 e32780e8939338b80edff39e2314c223 C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe
2007-02-28 18:05 2059776 c80bca19aa7d4dc37857e9f8250756da C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe
2007-02-28 18:05 2059776 c80bca19aa7d4dc37857e9f8250756da C:\WINDOWS\FlyakiteOSX\Backup\ntkrnlpa.exe
2006-03-02 14:00 2059008 e86dd06f2b8f919ddf23f78a3bf2aa23 C:\WINDOWS\SoftwareDistribution\Download\29ef1050760378dde1308339cd54188f\backup\sp2gdr\ntkrnlpa.exe
2004-08-17 16:45 2059008 e86dd06f2b8f919ddf23f78a3bf2aa23 C:\WINDOWS\SoftwareDistribution\Download\29ef1050760378dde1308339cd54188f\backup\sp2qfe\ntkrnlpa.exe
2008-03-04 18:34 2015744 cf46faaf70830d24390a10d2ea93e14b C:\WINDOWS\system32\ntkrnlpa.exe
2007-02-28 18:05 2015744 268c1e0edfd6e791dcb817382a5964fd C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2005-03-02 20:14 2181632 7fabe135eac02a4bc8094b831adc0cc3 C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
2007-02-28 18:09 2184320 d40b4f66d877802ec5e655b91b5490fa C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe
2006-03-02 14:00 2183168 12c80e46dcec9b82473d1b1b9da1f16b C:\WINDOWS\$NtUninstallKB890859$\ntoskrnl.exe
2005-03-02 20:09 2181504 b0dae70164cc79d1289ef3530a3646f1 C:\WINDOWS\$NtUninstallKB931784$\ntoskrnl.exe
2007-02-28 18:05 2182528 c09ca7faffc40bbfaceeb9f0f429f673 C:\WINDOWS\Driver Cache\i386\ntoskrnl.exe
2007-02-28 18:05 2182528 c09ca7faffc40bbfaceeb9f0f429f673 C:\WINDOWS\FlyakiteOSX\Backup\ntoskrnl.exe
2006-03-02 14:00 2183168 12c80e46dcec9b82473d1b1b9da1f16b C:\WINDOWS\SoftwareDistribution\Download\29ef1050760378dde1308339cd54188f\backup\sp2gdr\ntoskrnl.exe
2004-08-17 16:45 2183168 12c80e46dcec9b82473d1b1b9da1f16b C:\WINDOWS\SoftwareDistribution\Download\29ef1050760378dde1308339cd54188f\backup\sp2qfe\ntoskrnl.exe
2008-03-04 18:34 2138496 504a8bdf615d102e538b5d86d462daea C:\WINDOWS\system32\ntoskrnl.exe
2007-02-28 18:05 2138496 17d5cf8dcebf978319a29a7577327902 C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2007-06-13 15:23 1366016 d1f9335dd852e6c2e729e4167f40ab43 C:\WINDOWS\explorer.exe
2007-06-13 15:11 1033728 9b32416bd5988c97b6397ce0b02caf97 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2006-03-02 14:00 1032704 53114d57ab73a406ac7f602227781a99 C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 15:23 1033728 ed7b460b142a32097b8a8f6ecc941815 C:\WINDOWS\FlyakiteOSX\Backup\explorer.exe
2007-06-13 15:23 1366016 d1f9335dd852e6c2e729e4167f40ab43 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C2A1C5CB-C0EF-4689-9436-F62CCA1C5383}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 14:00 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1686016]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 00:29 165784]
"RK Launcher"="C:\Program Files\RK Launcher\RKLauncher.exe" [2005-10-19 09:40 393216]
"Alt+Q Hotkey Tool"="C:\WINDOWS\Alt+Q Hotkey.exe" [2005-12-18 21:14 27648]
"UberIcon"="C:\Program Files\UberIcon\UberIcon Manager.exe" [2006-02-24 02:32 188416]
"WinRoll"="C:\Program Files\WinRoll\winroll.exe" [2006-01-02 00:27 15872]
"Yz Shadow"="C:\Program Files\YzShadow\YzShadow.exe" [2006-02-24 04:51 172032]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 16:50 1289000]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 18:41 1232896]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 12:53 1079808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 16:21 61952 C:\WINDOWS\system32\HdAShCut.exe]
"nTrayFw"="C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe" [2006-02-17 11:40 270336]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-01-31 16:59 949376]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 07:03 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-08-09 07:03 81920]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"System Files Updater"="C:\WINDOWS\FlyakiteOSX\Tools\System Files Updater.exe" [2006-02-26 01:41 118485]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 07:24 286720]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 13:35 90112]
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-11 12:06 3144800]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2008-04-23 22:50 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 14:00 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.YV12"= yv12vfw.dll
"VIDC.PIM1"= pclepim1.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Electronic Arts\\Crytek\\Crysis SP Demo\\Bin32\\Crysis.exe"=
"D:\\Program Files\\Trillian\\trillian.exe"=
"C:\\Program Files\\Java\\jre1.6.0_03\\bin\\javaw.exe"=
"D:\\Program Files\\Valve\\hl.exe"=
"C:\\Program Files\\Opera\\Opera.exe"=
"D:\\{D} Dokumenty\\Moje nešahat\\Hry\\Test Drive Umlimited\\[PC] Test Drive Unlimited [PROPER] [RIP] [dopeman]\\TDU\\TestDriveUnlimited.exe"=
"C:\\Program Files\\ICQLite\\ICQLite.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\QIP\\qip.exe"=
"C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4100:UDP"= 4100:UDP:uPNP Router Control Port
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-02-03 21:18]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2006-03-02 14:00]
S3 GPU-Z;GPU-Z;C:\DOCUME~1\LUKSED~1\LOCALS~1\Temp\GPU-Z.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver;C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 15:53]
S3 upperdev;upperdev;C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 10:39]
S3 UsbserFilt;UsbserFilt;C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 10:39]
*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-03-22 15:41:39 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-28 14:47:44
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\Eset\pr_imon.dll
.
Completion time: 2008-04-28 14:50:47
ComboFix-quarantined-files.txt 2008-04-28 12:49:54
Adresářů: 10, Volných bajtů: 11,258,617,856
Adresářů: 14, Volných bajtů: 12,045,832,192
295 --- E O F --- 2008-04-09 06:55:41