ComboFix 08-06-12.2 - admin 2008-06-14 13:24:01.1 - NTFSx86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.182 [GMT 2:00]
Running from: C:\Documents and Settings\admin\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\admin\Application Data\inst.exe
C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Program Files\NetProject
C:\Program Files\NetProject\ot.ico
C:\Program Files\NetProject\ts.ico
C:\WINDOWS\Fonts\CALIBRIB.TTF
C:\WINDOWS\system32\8_exception.nls
C:\WINDOWS\system32\afinding.exe
C:\WINDOWS\system32\andt.sys
C:\WINDOWS\system32\comsa32.sys
C:\WINDOWS\system32\drmgs.sys
C:\WINDOWS\system32\tmp0_133469520260.bk
C:\WINDOWS\system32\tmp0_136919203322.bk
C:\WINDOWS\system32\tmp0_189226834660.bk
C:\WINDOWS\system32\tmp0_191083364212.bk
C:\WINDOWS\system32\tmp0_227370267045.bk
C:\WINDOWS\system32\tmp0_253780439940.bk
C:\WINDOWS\system32\tmp0_28083795974.bk
C:\WINDOWS\system32\tmp0_290195801920.bk
C:\WINDOWS\system32\tmp0_315996458263.bk
C:\WINDOWS\system32\tmp0_354229188494.bk
C:\WINDOWS\system32\tmp0_36142010955.bk
C:\WINDOWS\system32\tmp0_461932535588.bk
C:\WINDOWS\system32\tmp0_47266989159.bk
C:\WINDOWS\system32\tmp0_548753448308.bk
C:\WINDOWS\system32\tmp0_61337210783.bk
C:\WINDOWS\system32\tmp0_622017579359.bk
C:\WINDOWS\system32\tmp0_661833594819.bk
C:\WINDOWS\system32\tmp0_688049724874.bk
C:\WINDOWS\system32\tmp0_694729346467.bk
C:\WINDOWS\system32\tmp0_724521389108.bk
C:\WINDOWS\system32\tmp0_744178289857.bk
C:\WINDOWS\system32\tmp0_814132695351.bk
C:\WINDOWS\system32\tmp0_855069665239.bk
C:\WINDOWS\system32\tmp0_860298894712.bk
C:\WINDOWS\system32\tmp0_880636856687.bk
C:\WINDOWS\system32\tmp1_108775566822.bk
C:\WINDOWS\system32\tmp1_261799546046.bk
C:\WINDOWS\system32\tmp1_438559285763.bk
C:\WINDOWS\system32\tmp1_507546721486.bk
C:\WINDOWS\system32\tmp1_523662275691.bk
C:\WINDOWS\system32\tmp1_5383912752.bk
C:\WINDOWS\system32\tmp1_753945799666.bk
C:\WINDOWS\system32\tmp1_84958075884.bk
C:\WINDOWS\system32\tmp3_113840121703.bk
C:\WINDOWS\system32\tmp3_168522895100.bk
C:\WINDOWS\system32\tmp3_170673177196.bk
C:\WINDOWS\system32\tmp3_196162793526.bk
C:\WINDOWS\system32\tmp3_205395555884.bk
C:\WINDOWS\system32\tmp3_239447320743.bk
C:\WINDOWS\system32\tmp3_24828964758.bk
C:\WINDOWS\system32\tmp3_290933742976.bk
C:\WINDOWS\system32\tmp3_292636371602.bk
C:\WINDOWS\system32\tmp3_320258701837.bk
C:\WINDOWS\system32\tmp3_35643663307.bk
C:\WINDOWS\system32\tmp3_430652492632.bk
C:\WINDOWS\system32\tmp3_502468197456.bk
C:\WINDOWS\system32\tmp3_54978191003.bk
C:\WINDOWS\system32\tmp3_58061946728.bk
C:\WINDOWS\system32\tmp3_665997300569.bk
C:\WINDOWS\system32\tmp3_691079796996.bk
C:\WINDOWS\system32\tmp3_766902461912.bk
C:\WINDOWS\system32\tmp3_77703642289.bk
C:\WINDOWS\system32\tmp3_803798565547.bk
C:\WINDOWS\system32\tmp3_804172282053.bk
C:\WINDOWS\system32\tmp3_834754322197.bk
C:\WINDOWS\system32\tmp3_83969349080.bk
C:\WINDOWS\system32\tmp3_871951664783.bk
C:\WINDOWS\system32\tmp3_898556167872.bk
C:\WINDOWS\system32\tmp4_147863200004.bk
C:\WINDOWS\system32\tmp4_150856583749.bk
C:\WINDOWS\system32\tmp4_162711535356.bk
C:\WINDOWS\system32\tmp4_169615754146.bk
C:\WINDOWS\system32\tmp4_175322691275.bk
C:\WINDOWS\system32\tmp4_29471368555.bk
C:\WINDOWS\system32\tmp4_442562473814.bk
C:\WINDOWS\system32\tmp4_458320105509.bk
C:\WINDOWS\system32\tmp4_482796692571.bk
C:\WINDOWS\system32\tmp4_52428172531.bk
C:\WINDOWS\system32\tmp4_560132409731.bk
C:\WINDOWS\system32\tmp4_564661775369.bk
C:\WINDOWS\system32\tmp4_569562289150.bk
C:\WINDOWS\system32\tmp4_60640728018.bk
C:\WINDOWS\system32\tmp4_662707776290.bk
C:\WINDOWS\system32\tmp4_6992689937.bk
C:\WINDOWS\system32\tmp4_764043172152.bk
C:\WINDOWS\system32\tmp4_78465120890.bk
C:\WINDOWS\system32\tmp4_789582777787.bk
C:\WINDOWS\system32\tmp4_835160430982.bk
C:\WINDOWS\system32\tmp4_860070674815.bk
C:\WINDOWS\system32\tmp4_863650560582.bk
C:\WINDOWS\system32\tmp4_876253461336.bk
C:\WINDOWS\system32\tmp4_892876467280.bk
C:\WINDOWS\system32\WServing.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_AFINDING
-------\Legacy_PERFMONS
-------\Legacy_ROUTING
-------\Legacy_RUNTIME
-------\Legacy_RUNTIME2
-------\Legacy_WSERVING
-------\Service_AFinding
-------\Service_perfmons
-------\Service_WServing
((((((((((((((((((((((((( Files Created from 2008-05-14 to 2008-06-14 )))))))))))))))))))))))))))))))
.
2008-06-14 13:01 . 2008-06-14 13:01 <DIR> d-------- C:\Program Files\Avira
2008-06-13 21:12 . 2008-06-14 12:06 <DIR> d-------- C:\Program Files\WinClamAVShield
2008-06-13 21:10 . 2008-06-14 13:21 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-06-13 21:10 . 2008-06-14 12:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-06-13 21:10 . 2008-06-14 13:21 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Spyware Terminator
2008-06-13 21:10 . 2008-06-13 21:10 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-06-13 15:51 . 2008-06-13 15:51 <DIR> d-------- C:\WINDOWS\system32\PAV
2008-06-13 15:51 . 2008-06-13 15:51 <DIR> d-------- C:\WINDOWS\LastGood.Tmp
2008-06-13 13:47 . 2008-06-13 13:47 146,156 --a------ C:\WINDOWS\system32\drivers\APPFCONT.DAT
2008-06-13 13:47 . 2008-06-13 13:47 1,092 --a------ C:\WINDOWS\system32\drivers\APPFLTR.CFG
2008-06-13 13:46 . 2006-08-04 11:58 140,416 --a------ C:\WINDOWS\system32\drivers\netflt.sys
2008-06-13 13:46 . 2006-05-11 22:26 103,936 --a------ C:\WINDOWS\system32\drivers\netfltdi.sys
2008-06-13 13:46 . 2006-08-03 16:37 44,544 --a------ C:\WINDOWS\system32\drivers\APPFLT.SYS
2008-06-13 13:46 . 2006-08-02 14:15 23,296 --a------ C:\WINDOWS\system32\drivers\smsflt.sys
2008-06-13 13:46 . 2006-08-02 14:17 16,000 --a------ C:\WINDOWS\system32\drivers\wnmflt.sys
2008-06-13 13:44 . 2006-07-10 11:50 245,760 --a------ C:\WINDOWS\system32\PavSHook.dll
2008-06-13 13:44 . 2006-07-21 14:35 139,264 --a------ C:\WINDOWS\system32\TpUtil.dll
2008-06-13 13:44 . 2006-06-27 19:36 101,888 --a------ C:\WINDOWS\system32\SYSTOOLS.DLL
2008-06-13 13:44 . 2006-06-16 14:44 57,344 --a------ C:\WINDOWS\system32\pavipc.dll
2008-06-13 13:44 . 2005-09-27 12:13 45,056 --a------ C:\WINDOWS\system32\avldr.dll
2008-06-13 13:44 . 2005-08-12 14:36 16,640 --a------ C:\WINDOWS\system32\drivers\cpoint.sys
2008-06-13 13:40 . 2008-06-13 13:40 <DIR> d-------- C:\Program Files\Panda Software
2008-06-13 13:39 . 2008-06-13 13:39 <DIR> d-------- C:\Program Files\Common Files\Panda Software
2008-06-13 13:39 . 2006-04-25 19:02 165,120 --a------ C:\WINDOWS\system32\drivers\PavProc.sys
2008-06-13 13:36 . 2006-02-22 12:43 71,552 --a------ C:\WINDOWS\system32\drivers\pavdrv51.sys
2008-06-10 16:50 . 2007-07-19 02:39 1,278,104 -ra------ C:\WINDOWS\system32\drivers\LV302V32.SYS
2008-06-10 15:38 . 2008-06-10 15:39 <DIR> d-------- C:\Program Files\ABBYY FineReader 6.0 Sprint
2008-06-09 20:36 . 2008-06-13 15:51 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Spy Emergency
2008-06-09 20:35 . 2008-06-09 20:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NETGATE
2008-06-09 20:35 . 2008-03-01 17:09 23,096 --a------ C:\WINDOWS\system32\sremcon.exe
2008-06-09 20:35 . 2008-02-05 12:10 14,392 --a------ C:\WINDOWS\system32\drivers\spyemrg_guard.sys
2008-06-09 20:35 . 2008-02-05 12:10 12,344 --a------ C:\WINDOWS\system32\drivers\spyemrg.sys
2008-06-09 16:34 . 2008-06-09 16:37 6,300,672 --a--c--- C:\JoinVideo.avi
2008-06-08 11:25 . 2008-06-08 11:26 <DIR> d----c--- C:\Documents and Settings\admin\avidemux
2008-06-07 21:26 . 2004-10-12 14:40 2,255,360 --a------ C:\WINDOWS\system32\libavcodec.dll
2008-06-07 21:26 . 2004-10-12 14:46 1,761,280 --a------ C:\WINDOWS\system32\ffdshow.ax
2008-06-07 21:26 . 2004-10-05 16:16 395,776 --a------ C:\WINDOWS\system32\libmplayer.dll
2008-06-07 21:26 . 2004-10-12 14:42 262,144 --a------ C:\WINDOWS\system32\TomsMoComp_ff.dll
2008-06-07 21:26 . 2004-10-04 01:50 112,640 --a------ C:\WINDOWS\system32\libmpeg2_ff.dll
2008-06-07 18:45 . 1999-05-18 19:29 808,700 --a------ C:\WINDOWS\system32\Win.tlb
2008-06-07 18:45 . 1998-04-24 00:00 368,912 --a------ C:\WINDOWS\system32\vbar332.dll
2008-06-07 18:45 . 2002-07-05 18:13 45,056 --a------ C:\WINDOWS\system32\CxxProgressBar.ocx
2008-06-07 16:18 . 2008-06-09 18:27 <DIR> d-------- C:\Program Files\vso
2008-06-07 11:49 . 2008-06-07 11:49 <DIR> d----c--- C:\VideoOutput
2008-06-07 10:48 . 2008-06-07 10:48 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Ulead Systems
2008-06-06 20:19 . 2008-06-06 20:19 <DIR> d-------- C:\Program Files\Common Files\InterVideo
2008-06-06 20:10 . 2008-06-06 20:10 <DIR> d-------- C:\Program Files\Windows Media Components
2008-06-06 20:07 . 2008-06-07 11:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-06-06 14:54 . 2007-04-03 14:59 99,080 -ra------ C:\WINDOWS\system32\drivers\s616unic.sys
2008-06-06 14:54 . 2007-04-03 14:59 23,176 -ra------ C:\WINDOWS\system32\drivers\s616nd5.sys
2008-06-06 14:54 . 2007-04-03 14:59 11,016 -ra------ C:\WINDOWS\system32\drivers\s616cr.sys
2008-06-03 18:14 . 2007-08-15 12:09 417,792 --a------ C:\WINDOWS\system32\vbalCmdBar6.ocx
2008-06-03 18:14 . 2007-08-15 12:09 262,144 --a------ C:\WINDOWS\system32\lst_v.ocx
2008-06-03 18:14 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-06-03 18:14 . 2007-08-15 12:09 167,683 --a------ C:\WINDOWS\system32\COMCT232.OCX
2008-06-03 18:14 . 2007-08-15 12:09 159,744 --a------ C:\WINDOWS\system32\wt_menu.dll
2008-06-03 18:14 . 2007-08-15 12:09 94,208 --a------ C:\WINDOWS\system32\img_lst.ocx
2008-06-03 18:14 . 2007-08-15 12:09 40,960 --a------ C:\WINDOWS\system32\ssubtmr6.dll
2008-06-03 16:31 . 2008-06-03 18:29 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Hide IP NG
2008-06-03 15:53 . 2008-06-03 16:15 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Smart PC Solutions
2008-06-03 15:52 . 2008-06-13 13:41 <DIR> d-------- C:\Program Files\Smart_PC
2008-06-03 14:53 . 2008-06-14 13:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-06-02 17:23 . 2008-06-13 20:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-06-01 20:05 . 2008-06-01 20:05 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-05-31 17:02 . 2008-06-01 19:43 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\BitDefender
2008-05-31 16:59 . 2008-06-01 19:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-05-31 16:27 . 2008-05-31 20:04 121 --a------ C:\WINDOWS\bdagent.INI
2008-05-31 16:06 . 2008-06-01 19:43 <DIR> d-------- C:\Program Files\Common Files\BitDefender
2008-05-30 19:06 . 2007-04-03 14:57 100,488 -ra------ C:\WINDOWS\system32\drivers\s116mgmt.sys
2008-05-30 19:06 . 2007-04-03 14:57 99,080 -ra------ C:\WINDOWS\system32\drivers\s116unic.sys
2008-05-30 19:06 . 2007-04-03 14:57 98,696 -ra------ C:\WINDOWS\system32\drivers\s116obex.sys
2008-05-30 19:06 . 2007-04-03 14:57 23,176 -ra------ C:\WINDOWS\system32\drivers\s116nd5.sys
2008-05-30 19:06 . 2007-04-03 14:57 11,016 -ra------ C:\WINDOWS\system32\drivers\s116cr.sys
2008-05-30 19:05 . 2007-04-03 14:57 108,680 -ra------ C:\WINDOWS\system32\drivers\s116mdm.sys
2008-05-30 19:05 . 2007-04-03 14:57 15,112 -ra------ C:\WINDOWS\system32\drivers\s116mdfl.sys
2008-05-30 19:05 . 2007-04-03 14:57 12,424 -ra------ C:\WINDOWS\system32\drivers\s116cmnt.sys
2008-05-30 19:05 . 2007-04-03 14:57 12,424 -ra------ C:\WINDOWS\system32\drivers\s116cm.sys
2008-05-30 16:18 . 2007-04-03 14:57 83,336 -ra------ C:\WINDOWS\system32\drivers\s116bus.sys
2008-05-30 16:18 . 2007-04-03 14:57 12,424 -ra------ C:\WINDOWS\system32\drivers\s116whnt.sys
2008-05-30 16:18 . 2007-04-03 14:57 12,424 -ra------ C:\WINDOWS\system32\drivers\s116wh.sys
2008-05-29 23:42 . 2008-05-29 23:42 295,936 --a------ C:\WINDOWS\system32\ndt2.sys
2008-05-29 21:54 . 2008-06-01 19:41 <DIR> d-------- C:\Program Files\mTC
2008-05-29 18:10 . 2008-05-29 18:10 31 --a------ C:\WINDOWS\idc.ini
2008-05-29 18:10 . 2008-05-29 18:10 18 --a------ C:\WINDOWS\usdthank.ini
2008-05-28 17:31 . 2007-04-03 14:59 108,680 -ra------ C:\WINDOWS\system32\drivers\s616mdm.sys
2008-05-28 17:31 . 2007-04-03 14:59 100,360 -ra------ C:\WINDOWS\system32\drivers\s616mgmt.sys
2008-05-28 17:31 . 2007-04-03 14:59 98,568 -ra------ C:\WINDOWS\system32\drivers\s616obex.sys
2008-05-28 17:31 . 2007-04-03 14:59 83,208 -ra------ C:\WINDOWS\system32\drivers\s616bus.sys
2008-05-28 17:31 . 2007-04-03 14:59 15,112 -ra------ C:\WINDOWS\system32\drivers\s616mdfl.sys
2008-05-28 17:31 . 2007-04-03 14:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616whnt.sys
2008-05-28 17:31 . 2007-04-03 14:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616wh.sys
2008-05-28 17:31 . 2007-04-03 14:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616cmnt.sys
2008-05-28 17:31 . 2007-04-03 14:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616cm.sys
2008-05-26 15:36 . 2006-03-13 19:52 96,224 -ra------ C:\WINDOWS\system32\drivers\w800mdm.sys
2008-05-26 15:36 . 2006-03-13 19:52 87,792 -ra------ C:\WINDOWS\system32\drivers\w800mgmt.sys
2008-05-26 15:36 . 2006-03-13 19:52 85,664 -ra------ C:\WINDOWS\system32\drivers\w800obex.sys
2008-05-26 15:36 . 2006-03-13 19:52 60,768 -ra------ C:\WINDOWS\system32\drivers\w800bus.sys
2008-05-26 15:36 . 2006-03-13 19:52 9,264 -ra------ C:\WINDOWS\system32\drivers\w800mdfl.sys
2008-05-26 15:36 . 2006-03-13 19:52 6,144 -ra------ C:\WINDOWS\system32\drivers\w800cmnt.sys
2008-05-26 15:36 . 2006-03-13 19:52 6,144 -ra------ C:\WINDOWS\system32\drivers\w800cm.sys
2008-05-26 15:36 . 2006-03-13 19:52 5,744 -ra------ C:\WINDOWS\system32\drivers\w800whnt.sys
2008-05-26 15:36 . 2006-03-13 19:52 5,744 -ra------ C:\WINDOWS\system32\drivers\w800wh.sys
2008-05-26 11:43 . 2008-05-26 11:43 33,824 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2008-05-26 11:07 . 2006-03-01 10:25 8,704 --a------ C:\WINDOWS\system32\drivers\ggsemc.sys
2008-05-24 17:33 . 2008-05-24 17:42 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Off Road
2008-05-24 17:30 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-05-24 17:30 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2008-05-23 13:10 . 2008-05-23 13:10 <DIR> d----c--- C:\Program Files (x86)
2008-05-22 15:47 . 2008-05-22 17:37 <DIR> d-------- C:\Program Files\EA SPORTS
2008-05-20 17:36 . 2008-06-08 18:35 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\gtk-2.0
2008-05-20 17:36 . 2008-05-20 17:36 <DIR> d----c--- C:\Documents and Settings\admin\.thumbnails
2008-05-20 17:31 . 2008-05-22 15:26 <DIR> d----c--- C:\Documents and Settings\admin\.gimp-2.4
2008-05-20 17:31 . 2008-05-20 17:31 <DIR> d----c--- C:\Documents and Settings\admin\.fontconfig
2008-05-20 17:26 . 2008-05-20 17:26 <DIR> d-------- C:\Program Files\GIMP-2.0
2008-05-15 18:44 . 2008-05-15 18:56 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Winamp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-14 11:13 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-14 10:02 --------- d-----w C:\Program Files\Crawler
2008-06-13 11:49 139,096,864 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-13 11:47 5,081,120 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-13 11:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-13 11:42 --------- d-----w C:\Program Files\Winamp
2008-06-13 11:42 --------- d-----w C:\Program Files\Common Files\Teleca Shared
2008-06-13 11:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\LangSoft
2008-06-13 11:41 --------- d-----w C:\Program Files\Reganam
2008-06-13 11:41 --------- d-----w C:\Program Files\Opera
2008-06-13 11:41 --------- d-----w C:\Program Files\ICQLite
2008-06-13 11:41 --------- d-----w C:\Program Files\Common Files\Sony Ericsson Shared
2008-06-13 11:41 --------- d-----w C:\Program Files\Common Files\602PHS
2008-06-13 11:41 --------- d-----w C:\Program Files\Bonjour
2008-06-13 11:41 --------- d-----w C:\Program Files\7-Zip
2008-06-13 11:12 --------- dc----w C:\Documents and Settings\admin\Application Data\Skype
2008-06-13 10:52 --------- dc----w C:\Documents and Settings\admin\Application Data\MegauploadToolbar
2008-06-13 10:13 --------- dc----w C:\Documents and Settings\admin\Application Data\skypePM
2008-06-13 07:07 478,268 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-06-13 07:07 1,864,124 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-12 10:35 --------- d-----w C:\Program Files\AskTBar
2008-06-10 13:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\UDL
2008-06-10 13:37 --------- d-----w C:\Program Files\epson
2008-06-09 16:26 47,360 -c--a-w C:\Documents and Settings\admin\Application Data\pcouffin.sys
2008-06-09 16:26 --------- dc----w C:\Documents and Settings\admin\Application Data\Vso
2008-06-09 15:58 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
2008-06-08 15:26 --------- dc----w C:\Documents and Settings\admin\Application Data\XnView
2008-06-07 09:25 --------- d-----w C:\Program Files\Google
2008-06-05 17:14 --------- dc----w C:\Documents and Settings\admin\Application Data\BearShare
2008-06-02 13:04 --------- d-----w C:\Program Files\totalcmd
2008-06-02 13:04 --------- d-----w C:\Program Files\FDN
2008-05-28 22:08 --------- d-----w C:\Program Files\Kaspersky Lab
2008-05-27 17:18 --------- dc----w C:\Documents and Settings\admin\Application Data\AdobeUM
2008-05-14 17:39 --------- dc----w C:\Documents and Settings\admin\Application Data\LangSoft
2008-05-11 18:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania
2008-05-10 20:25 --------- dc----w C:\Documents and Settings\admin\Application Data\vlc
2008-05-07 07:56 --------- d-----w C:\Program Files\GSpot
2008-05-01 17:17 --------- d-----w C:\Program Files\Logitech
2008-05-01 17:13 --------- d-----w C:\Program Files\Common Files\LogiShrd
2008-05-01 17:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logitech
2008-05-01 17:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-04-29 08:39 --------- dc----w C:\Documents and Settings\admin\Application Data\Talkback
2008-04-29 08:38 --------- d-----w C:\Program Files\Common Files\xing shared
2008-04-29 08:38 --------- d-----w C:\Program Files\Common Files\Real
2008-04-29 08:37 --------- d-----w C:\Program Files\Real
2008-04-28 07:05 --------- d-----w C:\Program Files\Trend Micro
2008-04-27 19:52 --------- d-----w C:\Program Files\CyberLink DVD Solution
2008-04-26 18:05 --------- d-----w C:\Program Files\WMV9_VCM
2008-04-24 14:09 --------- dc----w C:\Documents and Settings\admin\Application Data\DAEMON Tools
2008-04-24 14:02 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-04-22 14:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-04-18 18:50 --------- d-----w C:\Program Files\BitComet
2008-04-18 18:05 --------- d-----w C:\Program Files\QIP
2008-04-17 18:29 --------- d-----w C:\Program Files\Keyboard Layout Manager 32 bit
2008-04-17 17:59 --------- d-----w C:\Program Files\Clock Tray Skins
2008-04-17 07:16 --------- dc----w C:\Documents and Settings\admin\Application Data\fltk.org
2008-04-16 19:00 --------- d-----w C:\Program Files\Pcsx2
2008-04-16 10:58 --------- d-----w C:\Program Files\videofixer
2008-04-16 10:14 --------- d-----w C:\Program Files\thriXXX
2008-04-16 07:14 --------- d-----w C:\Program Files\Juiced
2008-04-16 07:09 --------- d-----w C:\Program Files\SDClock
2008-03-04 17:25 21,160 -c--a-w C:\Documents and Settings\admin\Application Data\GDIPFONTCACHEV1.DAT
2008-02-07 08:57 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
2007-09-14 19:02 1,094 -csha-r C:\WINDOWS\system32\stanby.reg
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7B7F5ACA-0A87-4214-B867-7D9BC8F7EBF5}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]
2008-04-03 10:40 1523736 --a------ C:\Program Files\Reganam\tbRega.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e3aaf71e-b295-4156-ae11-777237a1db3c}]
2008-05-21 00:43 1526296 --a------ C:\Program Files\Smart_PC\tbSma0.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{DB9D7A78-A76C-4BF2-97C6-258925EE1542}"= "C:\Program Files\Reganam\tbRega.dll" [2008-04-03 10:40 1523736]
"{E3AAF71E-B295-4156-AE11-777237A1DB3C}"= "C:\Program Files\Smart_PC\tbSma0.dll" [2008-05-21 00:43 1526296]
[HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]
[HKEY_CLASSES_ROOT\clsid\{e3aaf71e-b295-4156-ae11-777237a1db3c}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{DB9D7A78-A76C-4BF2-97C6-258925EE1542}"= C:\Program Files\Reganam\tbRega.dll [2008-04-03 10:40 1523736]
"{E3AAF71E-B295-4156-AE11-777237A1DB3C}"= C:\Program Files\Smart_PC\tbSma0.dll [2008-05-21 00:43 1526296]
[HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]
[HKEY_CLASSES_ROOT\clsid\{e3aaf71e-b295-4156-ae11-777237a1db3c}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-09-13 12:12 139264]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-21 19:34 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 01:06 1667584]
"BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-11-07 17:06 1881400]
"OEXPRESS"="C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE" [2008-05-14 19:40 26624]
"DAEMON Tools Lite"="D:\Dokumenty\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]
"PowerBar"="C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" [2004-04-21 10:26 86016]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-27 20:12 3142236]
"SpywareTerminatorScan"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe" [2008-05-01 03:41 9260392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-10-10 15:49 7286784]
"nwiz"="nwiz.exe" [2005-10-10 15:49 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-10-10 15:49 86016]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-14 11:01 16010752 C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [2005-05-03 12:43 69632 C:\WINDOWS\Alcmtr.exe]
"TV Card Remote Control Device Monitor"="C:\WINDOWS\713xRMTMon.exe" [2005-07-20 06:00 352256]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 15:07 49263]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2006-11-08 18:28 155751]
"@"="" []
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-27 20:12 3142236]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 07:28 36352]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 11:14 528384]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40 155648]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 01:47 31016]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 06:03 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 06:03 81920]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-29 10:37 185896]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 16:02 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06 2027792]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 00:56 158208]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"combofix"="C:\WINDOWS\system32\CF24278.exe" [2004-08-04 00:56 388608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"combofix"="C:\WINDOWS\system32\CF24278.exe" [2004-08-04 00:56 388608]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [ ]
C:\Documents and Settings\admin\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 21:24:54 98632]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Scheduler for OEM.lnk - C:\Program Files\honestech\honestech TVR\scheduleTV.exe [2007-08-27 09:29:06 307200]
SDNotify.lnk - C:\Program Files\SDClock\SDNotify.exe [2008-04-16 09:09:47 28672]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 2005-09-27 12:13 45056 C:\WINDOWS\system32\avldr.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 2006-10-09 12:40 225280 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll
"LoadAppInit_DLLs"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.HFYU"= huffyuv.dll
"msacm.avis"= ff_acm.acm
"vidc.i263"= C:\WINDOWS\system32\i263_32.drv
"msacm.imc"= C:\WINDOWS\system32\imc32.acm
"msacm.fraunhoferacm"= l3codecp.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\runtime2.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyEmergency]
D:\Dokumenty\Spy Emergency 2008\SpyEmergency.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"XCOMM"=2 (0x2)
"VSSERV"=2 (0x2)
"scan"=3 (0x3)
"LIVESRV"=2 (0x2)
"SamSs"=2 (0x2)
"PSIMSVC"=2 (0x2)
"PAVSRV"=2 (0x2)
"PAVFNSVR"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQLite\\ICQLite.exe"=
"C:\\Documents and Settings\\admin\\Desktop\\Nitro\\nitro.exe"=
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"C:\\WINDOWS\\system32\\msdnc0.exe"=
"C:\\Program Files\\Opera\\Opera.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\ImagingShop\\Agent.exe"=
"C:\\Program Files\\ImagingShop\\ImagingShop.exe"=
"C:\\Program Files\\Valve\\hl.exe"=
"C:\\Program Files\\LowRateVoip\\LowRateVoip.exe"=
"C:\\Games\\Paintball2\\paintball2.exe"=
"C:\\Program Files\\Xfire\\ua_lsp_inst.exe"=
"C:\\Program Files\\EA GAMES\\Medal of Honor Pacific Assault(tm)\\mohpa.exe"=
"C:\\Documents and Settings\\admin\\My Documents\\EA Games\\Medal of Honor Pacific Assault(tm)\\mohpa.exe"=
"D:\\Hry\\mohpa.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"C:\\Program Files\\Counter-Strike Source\\srcds.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"D:\\Dokumenty\\SRS - Street Racing Syndicate\\Bin\\SRS.exe"=
"D:\\Hry\\Live_For_Speed\\LFS.exe"=
"D:\\Hry\\Counter-Strike Source\\hl2.exe"=
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Juiced\\Juiced.exe"=
"C:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"D:\\Dokumenty\\BearShare.exe"=
"D:\\Hry\\hl.exe"=
"D:\\Dokumenty\\Hry\\CSS\\Counter-Strike Source\\hl2.exe"=
"C:\\Program Files\\BearShare applications\\BearShare\\BearShare.exe"=
"D:\\Dokumenty\\Spontania Video Collaboration\\dialcomwcs.exe"=
"D:\\Dokumenty\\Spontania Video Collaboration\\SpontaniaVideoCollaboration.exe"=
"C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"D:\\Dokumenty\\fifa\\fifa07.exe"=
"D:\\Dokumenty\\TmNationsForever\\TmForever.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"D:\\Dokumenty\\NHL 2008\\nhl2008.exe"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"22556:TCP"= 22556:TCP:BitComet 22556 TCP
"22556:UDP"= 22556:UDP:BitComet 22556 UDP
R0 netflt;Panda Net Driver [NDIS Layer];C:\WINDOWS\system32\Drivers\NETFLT.SYS [2006-08-04 11:58]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2006-05-11 22:26]
S1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2006-08-03 16:37]
S2 713xTVCard;SAA7135 TV Card;C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2006-05-20 22:00]
S2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\Drivers\cpoint.sys [2005-08-12 14:36]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
cb47356232
sb56124232
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2008-06-14 13:30:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
Completion time: 2008-06-14 13:42:31 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-14 11:41:28
Pre-Run: 7,882,682,368 bytes free
Post-Run: 7,893,688,320 bytes free
477
/ + novy z Hijackthis
)a určite má niečo s diskom (poškodené dáta). Treba skúsiť CHKDSK /F , či nevyhodí nejaké chyby. Pomalosť systému môže spôsobovať poškodený ovládač grafiky (miznutie plochy) asi najrozumnejšie je komplet reinstall.
nerad by som sratil tie data co mam v pc.Ale mam nainstalovani aj moj OS nedalo by sa tam dostat tie subory z 1 do 2 OS?
