Pretazenie CPU
Napsal: čtv 27. pro 2007, 19:58
Dobry,
momentalne som v koncoch co sa tyka CPU.
Totizto aj ked nic nerobim, CPU vyskakuje na 50-60.
Nemyslim si ze by to bol nejaky virus, kedze som pouzil uz vsetko mozne.
Docital som sa, ze by to mohol by t aj Spyware terminator po update, no odinstaloval som, a Cpu pretazene stale.
Ak by niekto vedel pomoct, posielam log z Combofix.
Este nieco, vsimol som si v Spravcovi(procesy), ze firefox tiez vela konzumuje, no nemyslim si ze by to bol prave on, prosim o radu.
Posielam log.......
ComboFix 07-12-21.4 - Cristian 2007-12-27 16:32:25.1 - NTFSx86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.1174 [GMT 1:00]
Running from: D:\Stiahnute z Mozilly\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2007-11-27 to 2007-12-27 )))))))))))))))))))))))))))))))
.
2007-12-27 03:25 . 2004-08-04 00:56 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-12-27 03:25 . 2004-08-04 00:56 53,760 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2007-12-27 03:25 . 2004-08-04 00:56 20,992 --a------ C:\WINDOWS\system32\dshowext.ax
2007-12-27 03:25 . 2004-08-04 00:56 20,992 --a--c--- C:\WINDOWS\system32\dllcache\dshowext.ax
2007-12-27 03:19 . 2007-12-27 03:19 <DIR> d-------- C:\Program Files\JL2005A
2007-12-27 00:53 . 2007-12-27 00:53 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\dvdcss
2007-12-27 00:38 . 2005-11-21 06:48 16,512 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS
2007-12-27 00:37 . 2007-12-27 00:37 <DIR> d-------- C:\Program Files\ImTOO
2007-12-27 00:15 . 2007-12-27 00:15 <DIR> d-------- C:\Program Files\Any Video Converter
2007-12-26 20:44 . 2007-12-26 20:44 <DIR> d-------- C:\Program Files\PowerQuest
2007-12-26 18:50 . 2007-02-03 05:56 4,239,360 --a------ C:\WINDOWS\system32\qtp-mt334.dll
2007-12-26 18:50 . 2005-11-21 06:48 45,056 --a------ C:\WINDOWS\system32\wnaspi32.dll
2007-12-26 18:50 . 2007-02-03 05:56 30,808 --a------ C:\WINDOWS\system32\drivers\hotcore2.sys
2007-12-26 00:45 . 2007-12-26 00:45 43 --a------ C:\WINDOWS\gswin32.ini
2007-12-26 00:44 . 2007-12-26 00:45 <DIR> d-------- C:\Program Files\gs
2007-12-26 00:42 . 2005-05-07 14:14 90,112 --a------ C:\WINDOWS\system32\custmon2k.dll
2007-12-26 00:42 . 2004-06-06 20:17 53,248 --a------ C:\WINDOWS\system32\uninstpw.exe
2007-12-26 00:41 . 2007-12-26 00:41 <DIR> d-------- C:\Program Files\PlotSoft
2007-12-26 00:41 . 2005-05-07 14:15 24,576 --a------ C:\WINDOWS\system32\custsave.exe
2007-12-25 17:50 . 1997-06-02 12:32 314,880 --a------ C:\WINDOWS\IsUninst.exe
2007-12-25 16:58 . 2007-12-25 17:00 148 --a------ C:\WINDOWS\cdplayer.ini
2007-12-25 16:06 . 2007-12-25 16:06 <DIR> d-------- C:\WINDOWS\Sun
2007-12-25 07:16 . 2007-12-25 07:16 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\CyberLink
2007-12-25 06:48 . 2007-12-25 06:48 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\DivX
2007-12-25 06:48 . 2007-12-27 00:30 116 --a------ C:\WINDOWS\NeroDigital.ini
2007-12-25 06:23 . 2007-12-25 06:23 <DIR> d-------- C:\Program Files\Common Files\xing shared
2007-12-25 06:17 . 2007-12-25 22:11 <DIR> d-------- C:\Program Files\Real
2007-12-25 06:17 . 2007-12-25 06:21 <DIR> d-------- C:\Program Files\Common Files\Real
2007-12-25 04:53 . 2007-12-25 04:53 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\ICQ Toolbar
2007-12-25 04:03 . 2007-12-25 04:03 <DIR> d-------- C:\Program Files\BSP Multimedia
2007-12-25 04:03 . 2007-12-25 04:03 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-25 04:03 . 1994-12-06 00:00 12,800 --a------ C:\WINDOWS\system32\WING32.DLL
2007-12-25 04:03 . 2007-12-25 04:03 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-25 04:01 . 2007-12-25 04:01 <DIR> d-------- C:\Program Files\Elaborate Bytes
2007-12-25 01:08 . 2007-12-25 01:08 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\12Voip
2007-12-24 20:10 . 2007-12-24 20:10 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\iolo
2007-12-24 20:10 . 2007-12-24 20:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\iolo
2007-12-24 19:04 . 2007-12-24 19:04 <DIR> d-------- C:\Program Files\12Voip.com
2007-12-24 19:03 . 2007-12-25 08:10 14,400 --a------ C:\WINDOWS\SLEX99.BMS
2007-12-24 19:03 . 2007-12-25 08:10 62 --a------ C:\WINDOWS\SLEX99.INI
2007-12-24 19:03 . 2007-12-24 19:03 4 --a------ C:\WINDOWS\SLEX99.ANS
2007-12-24 19:01 . 2007-12-24 19:01 <DIR> d-------- C:\Documents and Settings\Cristian\LimeWire Shared
2007-12-24 19:00 . 2007-12-26 01:17 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\LimeWire
2007-12-24 18:59 . 2007-12-24 18:59 <DIR> d-------- C:\Program Files\LimeWire
2007-12-24 02:41 . 2007-12-24 02:41 1,167 --a------ C:\WINDOWS\mozver.dat
2007-12-24 01:55 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2007-12-24 01:55 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2007-12-24 01:55 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2007-12-24 01:55 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2007-12-24 01:55 . 2003-02-28 16:38 113 --a------ C:\WINDOWS\system32\zonedon.reg
2007-12-24 01:55 . 2003-02-28 16:38 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2007-12-24 01:52 . 2006-08-21 10:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2007-12-24 01:52 . 2006-08-21 10:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2007-12-24 01:52 . 2006-08-21 13:21 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2007-12-24 01:19 . 2006-10-04 15:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2007-12-24 01:19 . 2006-10-04 15:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2007-12-24 01:19 . 2006-10-04 15:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2007-12-24 01:18 . 2007-12-24 01:18 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-12-24 01:18 . 2004-08-04 00:56 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-12-24 01:16 . 2007-12-24 01:16 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-12-24 01:16 . 2007-12-24 01:17 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-12-24 00:45 . 2007-07-09 14:09 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-12-24 00:28 . 2007-12-24 00:28 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\AdobeUM
2007-12-24 00:21 . 2007-12-25 22:39 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-12-24 00:15 . 2007-03-21 20:39 1,060,864 --a------ C:\WINDOWS\system32\MFC71.DL1
2007-12-24 00:15 . 2007-03-21 20:33 503,808 --a------ C:\WINDOWS\system32\MSVCP71.DL1
2007-12-24 00:15 . 2007-03-21 20:33 348,160 --a------ C:\WINDOWS\system32\MSVCR71.DL1
2007-12-24 00:12 . 2007-12-24 00:12 16 --a------ C:\WINDOWS\system32\coh.cache
2007-12-24 00:11 . 2007-12-24 00:11 384 --a------ C:\WINDOWS\ODBC.INI
2007-12-24 00:08 . 2007-12-24 00:09 <DIR> d-------- C:\WINDOWS\ShellNew
2007-12-23 23:57 . 2007-12-23 23:57 <DIR> d-------- C:\Program Files\Synaptics
2007-12-23 23:57 . 2006-01-27 04:25 191,936 --a------ C:\WINDOWS\system32\drivers\SynTP.sys
2007-12-23 23:57 . 2006-01-27 04:29 114,688 --a------ C:\WINDOWS\system32\SynCtrl.dll
2007-12-23 23:57 . 2006-01-27 04:29 94,298 --a------ C:\WINDOWS\system32\SynTPAPI.dll
2007-12-23 23:57 . 2006-01-27 04:29 82,013 --a------ C:\WINDOWS\system32\SynCOM.dll
2007-12-23 23:57 . 2006-01-27 04:56 81,920 --a------ C:\WINDOWS\system32\SynTPCo2.dll
2007-12-23 23:57 . 2006-01-27 04:52 69,722 --a------ C:\WINDOWS\system32\SynTPFcs.dll
2007-12-23 23:45 . 2007-12-24 00:14 <DIR> d-------- C:\Program Files\Norton AntiVirus
2007-12-23 23:45 . 2007-12-24 00:04 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-12-23 23:45 . 2007-12-24 00:04 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-12-23 23:45 . 2007-12-24 00:04 10,740 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-12-23 23:45 . 2007-12-24 00:04 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-12-23 23:44 . 2007-12-24 00:14 <DIR> d-------- C:\Program Files\Symantec
2007-12-23 23:44 . 2007-12-24 00:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-12-23 23:43 . 2007-12-25 08:35 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2007-12-23 23:41 . 2006-10-30 20:19 88,960 --a------ C:\WINDOWS\system32\drivers\ewusbmdm.sys
2007-12-23 23:40 . 2007-12-23 23:40 <DIR> d-------- C:\Program Files\Huawei technologies
2007-12-23 23:37 . 2007-12-27 09:06 30,648 --a------ C:\WINDOWS\system32\oodbs.lor
2007-12-23 23:27 . 2007-12-23 23:29 <DIR> d-------- C:\Program Files\Alcohol 120
2007-12-23 23:25 . 2007-12-24 21:42 <DIR> d-------- C:\Program Files\Winamp
2007-12-23 23:24 . 2007-12-27 08:08 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\Skype
2007-12-23 23:23 . 2007-12-23 23:23 <DIR> d-------- C:\Program Files\Skype
2007-12-23 23:23 . 2007-12-23 23:23 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-12-23 23:23 . 2007-12-23 23:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2007-12-23 23:22 . 2007-12-23 23:22 <DIR> d-------- C:\Program Files\QuickTime
2007-12-23 23:22 . 2007-12-23 23:22 <DIR> d-------- C:\Program Files\Apple Software Update
2007-12-23 23:22 . 2007-12-23 23:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-12-23 23:21 . 2007-12-23 23:21 <DIR> d-------- C:\Program Files\Paper Notes
2007-12-23 23:20 . 2007-12-23 23:20 <DIR> d-------- C:\Program Files\Java
2007-12-23 23:20 . 2007-12-23 23:20 <DIR> d-------- C:\Program Files\Common Files\Java
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-26 19:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-26 18:17 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-25 01:30 --------- d-----w C:\Program Files\Common Files\LightScribe
2007-12-23 04:40 --------- d-----w C:\Program Files\Direct X 9c
2007-12-23 04:36 --------- d-----w C:\Program Files\Ahead
2007-12-23 04:33 --------- d-----w C:\Program Files\Common Files\Nero
2007-12-23 04:32 --------- d-----w C:\Program Files\Common Files\Ahead
2007-12-23 04:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2007-12-23 04:24 --------- d-----w C:\Program Files\ASUS
2007-12-23 04:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2007-12-23 04:22 --------- d-----w C:\Program Files\Realtek
2007-12-23 04:21 --------- d-----w C:\Program Files\Motorola
2007-12-23 04:19 --------- d-----w C:\Program Files\Common Files\ATI Technologies
2007-12-23 04:19 --------- d-----w C:\Program Files\ATI Technologies
2007-12-23 03:51 --------- d-----w C:\Program Files\microsoft frontpage
2007-12-23 03:50 558,142 ----a-w C:\WINDOWS\java\Packages\OXBB717V.ZIP
2007-12-23 03:50 155,995 ----a-w C:\WINDOWS\java\Packages\C9JRNH3V.ZIP
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-30 18:55 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll
2007-10-30 18:55 39,856 ----a-w C:\WINDOWS\system32\drivers\symids.sys
2007-10-30 18:55 37,936 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
2007-10-30 18:55 35,120 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
2007-10-30 18:55 27,696 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
2007-10-30 18:55 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll
2007-10-30 18:55 191,536 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
2007-10-30 18:55 145,968 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
2007-10-30 18:55 12,848 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
2007-10-30 18:24 12,963 ----a-w C:\WINDOWS\system32\drivers\SymRedir.cat
2007-10-30 18:24 1,358 ----a-w C:\WINDOWS\system32\drivers\SymRedir.inf
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe" [2006-12-20 17:47]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-04-17 10:24]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-04-27 08:57]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 08:34 C:\WINDOWS\RTHDCPL.exe]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2003-10-02 02:20]
"OODefragTray"="C:\WINDOWS\system32\oodtray.exe" [2007-05-11 02:08]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 06:59]
"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [2007-01-14 08:11]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-12-25 06:18]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:56]
C:\Documents and Settings\Cristian\Start Menu\Programs\Startup\
Paper Notes.lnk - C:\Program Files\Paper Notes\pnotes.exe [2003-12-01 22:17:30]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\12Voip]
C:\Program Files\12Voip.com\12Voip\12Voip.exe -nosplash -minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 16:40 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2005-01-12 03:01 32768 --a------ C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2006-06-01 06:57 573440 --a------ C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2006-01-27 04:51 761946 --a------ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemGuardAlerter]
2006-12-20 17:47 386048 --a------ C:\Program Files\iolo\System Mechanic Professional 6\SystemGuardAlerter.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2007-12-20 16:16 37376 --a------ C:\Program Files\Winamp\winampa.exe
R0 pnpshark;pnpshark;C:\WINDOWS\system32\DRIVERS\pnpshark.sys [2003-10-02 03:16]
R0 st3shark;st3shark;C:\WINDOWS\system32\DRIVERS\st3shark.sys [2003-09-27 14:37]
S3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\System32\ASNDIS5.SYS [2002-09-09 19:54]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial;C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2006-10-30 20:19]
S3 JL2005;JL2005A Toy Camera;C:\WINDOWS\system32\Drivers\toywdm.sys [2004-06-04 13:21]
S3 PSched;QoS Packet Scheduler;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
S3 ZD1211BU(ASUS);ASUS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ASUS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-06-14 18:16]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\Shell\AutoRun\command - H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{097d30b6-b1a8-11dc-945a-0018f395b7c0}]
\Shell\AutoRun\command - H:\AutoRun.exe
*Newly Created Service* - CATCHME
*Newly Created Service* - PARPORT
.
Contents of the 'Scheduled Tasks' folder
"2007-12-23 22:22:17 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-12-24 18:21:06 C:\WINDOWS\Tasks\Low Battery Alarm Program.job"
"2007-12-24 20:45:59 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Cristian.job"
- C:\Program Files\Norton AntiVirus\Navw32.exeh/TASK:
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-27 16:35:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-27 16:37:20
.
2007-12-25 21:33:48 --- E O F ---
momentalne som v koncoch co sa tyka CPU.
Totizto aj ked nic nerobim, CPU vyskakuje na 50-60.
Nemyslim si ze by to bol nejaky virus, kedze som pouzil uz vsetko mozne.
Docital som sa, ze by to mohol by t aj Spyware terminator po update, no odinstaloval som, a Cpu pretazene stale.
Ak by niekto vedel pomoct, posielam log z Combofix.
Este nieco, vsimol som si v Spravcovi(procesy), ze firefox tiez vela konzumuje, no nemyslim si ze by to bol prave on, prosim o radu.
Posielam log.......
ComboFix 07-12-21.4 - Cristian 2007-12-27 16:32:25.1 - NTFSx86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.1174 [GMT 1:00]
Running from: D:\Stiahnute z Mozilly\ComboFix.exe
.
((((((((((((((((((((((((( Files Created from 2007-11-27 to 2007-12-27 )))))))))))))))))))))))))))))))
.
2007-12-27 03:25 . 2004-08-04 00:56 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-12-27 03:25 . 2004-08-04 00:56 53,760 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2007-12-27 03:25 . 2004-08-04 00:56 20,992 --a------ C:\WINDOWS\system32\dshowext.ax
2007-12-27 03:25 . 2004-08-04 00:56 20,992 --a--c--- C:\WINDOWS\system32\dllcache\dshowext.ax
2007-12-27 03:19 . 2007-12-27 03:19 <DIR> d-------- C:\Program Files\JL2005A
2007-12-27 00:53 . 2007-12-27 00:53 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\dvdcss
2007-12-27 00:38 . 2005-11-21 06:48 16,512 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS
2007-12-27 00:37 . 2007-12-27 00:37 <DIR> d-------- C:\Program Files\ImTOO
2007-12-27 00:15 . 2007-12-27 00:15 <DIR> d-------- C:\Program Files\Any Video Converter
2007-12-26 20:44 . 2007-12-26 20:44 <DIR> d-------- C:\Program Files\PowerQuest
2007-12-26 18:50 . 2007-02-03 05:56 4,239,360 --a------ C:\WINDOWS\system32\qtp-mt334.dll
2007-12-26 18:50 . 2005-11-21 06:48 45,056 --a------ C:\WINDOWS\system32\wnaspi32.dll
2007-12-26 18:50 . 2007-02-03 05:56 30,808 --a------ C:\WINDOWS\system32\drivers\hotcore2.sys
2007-12-26 00:45 . 2007-12-26 00:45 43 --a------ C:\WINDOWS\gswin32.ini
2007-12-26 00:44 . 2007-12-26 00:45 <DIR> d-------- C:\Program Files\gs
2007-12-26 00:42 . 2005-05-07 14:14 90,112 --a------ C:\WINDOWS\system32\custmon2k.dll
2007-12-26 00:42 . 2004-06-06 20:17 53,248 --a------ C:\WINDOWS\system32\uninstpw.exe
2007-12-26 00:41 . 2007-12-26 00:41 <DIR> d-------- C:\Program Files\PlotSoft
2007-12-26 00:41 . 2005-05-07 14:15 24,576 --a------ C:\WINDOWS\system32\custsave.exe
2007-12-25 17:50 . 1997-06-02 12:32 314,880 --a------ C:\WINDOWS\IsUninst.exe
2007-12-25 16:58 . 2007-12-25 17:00 148 --a------ C:\WINDOWS\cdplayer.ini
2007-12-25 16:06 . 2007-12-25 16:06 <DIR> d-------- C:\WINDOWS\Sun
2007-12-25 07:16 . 2007-12-25 07:16 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\CyberLink
2007-12-25 06:48 . 2007-12-25 06:48 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\DivX
2007-12-25 06:48 . 2007-12-27 00:30 116 --a------ C:\WINDOWS\NeroDigital.ini
2007-12-25 06:23 . 2007-12-25 06:23 <DIR> d-------- C:\Program Files\Common Files\xing shared
2007-12-25 06:17 . 2007-12-25 22:11 <DIR> d-------- C:\Program Files\Real
2007-12-25 06:17 . 2007-12-25 06:21 <DIR> d-------- C:\Program Files\Common Files\Real
2007-12-25 04:53 . 2007-12-25 04:53 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\ICQ Toolbar
2007-12-25 04:03 . 2007-12-25 04:03 <DIR> d-------- C:\Program Files\BSP Multimedia
2007-12-25 04:03 . 2007-12-25 04:03 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-25 04:03 . 1994-12-06 00:00 12,800 --a------ C:\WINDOWS\system32\WING32.DLL
2007-12-25 04:03 . 2007-12-25 04:03 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-25 04:01 . 2007-12-25 04:01 <DIR> d-------- C:\Program Files\Elaborate Bytes
2007-12-25 01:08 . 2007-12-25 01:08 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\12Voip
2007-12-24 20:10 . 2007-12-24 20:10 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\iolo
2007-12-24 20:10 . 2007-12-24 20:10 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\iolo
2007-12-24 19:04 . 2007-12-24 19:04 <DIR> d-------- C:\Program Files\12Voip.com
2007-12-24 19:03 . 2007-12-25 08:10 14,400 --a------ C:\WINDOWS\SLEX99.BMS
2007-12-24 19:03 . 2007-12-25 08:10 62 --a------ C:\WINDOWS\SLEX99.INI
2007-12-24 19:03 . 2007-12-24 19:03 4 --a------ C:\WINDOWS\SLEX99.ANS
2007-12-24 19:01 . 2007-12-24 19:01 <DIR> d-------- C:\Documents and Settings\Cristian\LimeWire Shared
2007-12-24 19:00 . 2007-12-26 01:17 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\LimeWire
2007-12-24 18:59 . 2007-12-24 18:59 <DIR> d-------- C:\Program Files\LimeWire
2007-12-24 02:41 . 2007-12-24 02:41 1,167 --a------ C:\WINDOWS\mozver.dat
2007-12-24 01:55 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2007-12-24 01:55 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2007-12-24 01:55 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2007-12-24 01:55 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2007-12-24 01:55 . 2003-02-28 16:38 113 --a------ C:\WINDOWS\system32\zonedon.reg
2007-12-24 01:55 . 2003-02-28 16:38 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2007-12-24 01:52 . 2006-08-21 10:14 128,896 -----c--- C:\WINDOWS\system32\dllcache\fltmgr.sys
2007-12-24 01:52 . 2006-08-21 10:14 23,040 -----c--- C:\WINDOWS\system32\dllcache\fltmc.exe
2007-12-24 01:52 . 2006-08-21 13:21 16,896 -----c--- C:\WINDOWS\system32\dllcache\fltlib.dll
2007-12-24 01:19 . 2006-10-04 15:06 1,197,294 -----c--- C:\WINDOWS\system32\dllcache\sysmain.sdb
2007-12-24 01:19 . 2006-10-04 15:06 764,868 -----c--- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2007-12-24 01:19 . 2006-10-04 15:06 217,118 -----c--- C:\WINDOWS\system32\dllcache\apphelp.sdb
2007-12-24 01:18 . 2007-12-24 01:18 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-12-24 01:18 . 2004-08-04 00:56 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-12-24 01:16 . 2007-12-24 01:16 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-12-24 01:16 . 2007-12-24 01:17 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-12-24 00:45 . 2007-07-09 14:09 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-12-24 00:28 . 2007-12-24 00:28 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\AdobeUM
2007-12-24 00:21 . 2007-12-25 22:39 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-12-24 00:15 . 2007-03-21 20:39 1,060,864 --a------ C:\WINDOWS\system32\MFC71.DL1
2007-12-24 00:15 . 2007-03-21 20:33 503,808 --a------ C:\WINDOWS\system32\MSVCP71.DL1
2007-12-24 00:15 . 2007-03-21 20:33 348,160 --a------ C:\WINDOWS\system32\MSVCR71.DL1
2007-12-24 00:12 . 2007-12-24 00:12 16 --a------ C:\WINDOWS\system32\coh.cache
2007-12-24 00:11 . 2007-12-24 00:11 384 --a------ C:\WINDOWS\ODBC.INI
2007-12-24 00:08 . 2007-12-24 00:09 <DIR> d-------- C:\WINDOWS\ShellNew
2007-12-23 23:57 . 2007-12-23 23:57 <DIR> d-------- C:\Program Files\Synaptics
2007-12-23 23:57 . 2006-01-27 04:25 191,936 --a------ C:\WINDOWS\system32\drivers\SynTP.sys
2007-12-23 23:57 . 2006-01-27 04:29 114,688 --a------ C:\WINDOWS\system32\SynCtrl.dll
2007-12-23 23:57 . 2006-01-27 04:29 94,298 --a------ C:\WINDOWS\system32\SynTPAPI.dll
2007-12-23 23:57 . 2006-01-27 04:29 82,013 --a------ C:\WINDOWS\system32\SynCOM.dll
2007-12-23 23:57 . 2006-01-27 04:56 81,920 --a------ C:\WINDOWS\system32\SynTPCo2.dll
2007-12-23 23:57 . 2006-01-27 04:52 69,722 --a------ C:\WINDOWS\system32\SynTPFcs.dll
2007-12-23 23:45 . 2007-12-24 00:14 <DIR> d-------- C:\Program Files\Norton AntiVirus
2007-12-23 23:45 . 2007-12-24 00:04 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-12-23 23:45 . 2007-12-24 00:04 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-12-23 23:45 . 2007-12-24 00:04 10,740 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-12-23 23:45 . 2007-12-24 00:04 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-12-23 23:44 . 2007-12-24 00:14 <DIR> d-------- C:\Program Files\Symantec
2007-12-23 23:44 . 2007-12-24 00:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-12-23 23:43 . 2007-12-25 08:35 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2007-12-23 23:41 . 2006-10-30 20:19 88,960 --a------ C:\WINDOWS\system32\drivers\ewusbmdm.sys
2007-12-23 23:40 . 2007-12-23 23:40 <DIR> d-------- C:\Program Files\Huawei technologies
2007-12-23 23:37 . 2007-12-27 09:06 30,648 --a------ C:\WINDOWS\system32\oodbs.lor
2007-12-23 23:27 . 2007-12-23 23:29 <DIR> d-------- C:\Program Files\Alcohol 120
2007-12-23 23:25 . 2007-12-24 21:42 <DIR> d-------- C:\Program Files\Winamp
2007-12-23 23:24 . 2007-12-27 08:08 <DIR> d-------- C:\Documents and Settings\Cristian\Application Data\Skype
2007-12-23 23:23 . 2007-12-23 23:23 <DIR> d-------- C:\Program Files\Skype
2007-12-23 23:23 . 2007-12-23 23:23 <DIR> d-------- C:\Program Files\Common Files\Skype
2007-12-23 23:23 . 2007-12-23 23:23 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2007-12-23 23:22 . 2007-12-23 23:22 <DIR> d-------- C:\Program Files\QuickTime
2007-12-23 23:22 . 2007-12-23 23:22 <DIR> d-------- C:\Program Files\Apple Software Update
2007-12-23 23:22 . 2007-12-23 23:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-12-23 23:21 . 2007-12-23 23:21 <DIR> d-------- C:\Program Files\Paper Notes
2007-12-23 23:20 . 2007-12-23 23:20 <DIR> d-------- C:\Program Files\Java
2007-12-23 23:20 . 2007-12-23 23:20 <DIR> d-------- C:\Program Files\Common Files\Java
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-26 19:39 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-26 18:17 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-12-25 01:30 --------- d-----w C:\Program Files\Common Files\LightScribe
2007-12-23 04:40 --------- d-----w C:\Program Files\Direct X 9c
2007-12-23 04:36 --------- d-----w C:\Program Files\Ahead
2007-12-23 04:33 --------- d-----w C:\Program Files\Common Files\Nero
2007-12-23 04:32 --------- d-----w C:\Program Files\Common Files\Ahead
2007-12-23 04:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ahead
2007-12-23 04:24 --------- d-----w C:\Program Files\ASUS
2007-12-23 04:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2007-12-23 04:22 --------- d-----w C:\Program Files\Realtek
2007-12-23 04:21 --------- d-----w C:\Program Files\Motorola
2007-12-23 04:19 --------- d-----w C:\Program Files\Common Files\ATI Technologies
2007-12-23 04:19 --------- d-----w C:\Program Files\ATI Technologies
2007-12-23 03:51 --------- d-----w C:\Program Files\microsoft frontpage
2007-12-23 03:50 558,142 ----a-w C:\WINDOWS\java\Packages\OXBB717V.ZIP
2007-12-23 03:50 155,995 ----a-w C:\WINDOWS\java\Packages\C9JRNH3V.ZIP
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-30 18:55 625,032 ----a-w C:\WINDOWS\system32\SymNeti.dll
2007-10-30 18:55 39,856 ----a-w C:\WINDOWS\system32\drivers\symids.sys
2007-10-30 18:55 37,936 ----a-w C:\WINDOWS\system32\drivers\symndisv.sys
2007-10-30 18:55 35,120 ----a-w C:\WINDOWS\system32\drivers\symndis.sys
2007-10-30 18:55 27,696 ----a-w C:\WINDOWS\system32\drivers\symredrv.sys
2007-10-30 18:55 242,056 ----a-w C:\WINDOWS\system32\SymRedir.dll
2007-10-30 18:55 191,536 ----a-w C:\WINDOWS\system32\drivers\symtdi.sys
2007-10-30 18:55 145,968 ----a-w C:\WINDOWS\system32\drivers\symfw.sys
2007-10-30 18:55 12,848 ----a-w C:\WINDOWS\system32\drivers\symdns.sys
2007-10-30 18:24 12,963 ----a-w C:\WINDOWS\system32\drivers\SymRedir.cat
2007-10-30 18:24 1,358 ----a-w C:\WINDOWS\system32\drivers\SymRedir.inf
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\system32\quartz.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe" [2006-12-20 17:47]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-04-17 10:24]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-04-27 08:57]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 08:34 C:\WINDOWS\RTHDCPL.exe]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2003-10-02 02:20]
"OODefragTray"="C:\WINDOWS\system32\oodtray.exe" [2007-05-11 02:08]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-10 06:59]
"osCheck"="C:\Program Files\Norton AntiVirus\osCheck.exe" [2007-01-14 08:11]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-12-25 06:18]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 00:56]
C:\Documents and Settings\Cristian\Start Menu\Programs\Startup\
Paper Notes.lnk - C:\Program Files\Paper Notes\pnotes.exe [2003-12-01 22:17:30]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\12Voip]
C:\Program Files\12Voip.com\12Voip\12Voip.exe -nosplash -minimized
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 16:40 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2005-01-12 03:01 32768 --a------ C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2006-06-01 06:57 573440 --a------ C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2006-01-27 04:51 761946 --a------ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemGuardAlerter]
2006-12-20 17:47 386048 --a------ C:\Program Files\iolo\System Mechanic Professional 6\SystemGuardAlerter.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2007-12-20 16:16 37376 --a------ C:\Program Files\Winamp\winampa.exe
R0 pnpshark;pnpshark;C:\WINDOWS\system32\DRIVERS\pnpshark.sys [2003-10-02 03:16]
R0 st3shark;st3shark;C:\WINDOWS\system32\DRIVERS\st3shark.sys [2003-09-27 14:37]
S3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\System32\ASNDIS5.SYS [2002-09-09 19:54]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial;C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2006-10-30 20:19]
S3 JL2005;JL2005A Toy Camera;C:\WINDOWS\system32\Drivers\toywdm.sys [2004-06-04 13:21]
S3 PSched;QoS Packet Scheduler;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
S3 ZD1211BU(ASUS);ASUS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ASUS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2006-06-14 18:16]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\Shell\AutoRun\command - H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{097d30b6-b1a8-11dc-945a-0018f395b7c0}]
\Shell\AutoRun\command - H:\AutoRun.exe
*Newly Created Service* - CATCHME
*Newly Created Service* - PARPORT
.
Contents of the 'Scheduled Tasks' folder
"2007-12-23 22:22:17 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-12-24 18:21:06 C:\WINDOWS\Tasks\Low Battery Alarm Program.job"
"2007-12-24 20:45:59 C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - Cristian.job"
- C:\Program Files\Norton AntiVirus\Navw32.exeh/TASK:
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-27 16:35:48
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-27 16:37:20
.
2007-12-25 21:33:48 --- E O F ---