Win32:Rootkit-gen [Rtk] w pliku AutoRun.exe

koliberr · 17 Sierpień 2008 12:16

Win32:Rootkit-gen [Rtk] w pliku AutoRun.exe

Bardzo proszę o pomoc w usunięciu tego robaka, ja kompletnie na tym się nie znam, od czego zacząć ???

ComboFix 08-08-16.01 - Basia 2008-08-17 12:36:48.1 - NTFSx86

Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.613 [GMT 1:00]

Running from: C:\Documents and Settings\Basia\Desktop\ComboFix.exe

* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\Documents and Settings\Basia\Application Data\Microsoft\SystemCertificates\My

C:\Documents and Settings\LocalService\Application Data\Microsoft\SystemCertificates\My

C:\Documents and Settings\NetworkService\Application Data\Microsoft\SystemCertificates\My

.

((((((((((((((((((((((((( Files Created from 2008-07-17 to 2008-08-17 )))))))))))))))))))))))))))))))

.

2008-08-17 11:17 . 2008-08-17 11:17

2008-08-17 11:17 . 2008-08-17 11:19

2008-08-14 13:54 . 2008-08-14 13:57

2008-08-13 11:45 . 2008-05-01 15:30 331,776 --------- C:\WINDOWS\system32\dllcache\msadce.dll

2008-08-12 19:21 . 2004-08-04 00:56 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll

2008-08-12 19:21 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys

2008-08-12 19:21 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\dllcache\usbscan.sys

2008-08-12 19:21 . 2001-08-17 22:36 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll

2008-08-02 12:26 . 2008-08-02 12:40

2008-08-02 12:20 . 2008-08-02 12:40

2008-08-02 12:20 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll

2008-08-02 12:20 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\unrar3.dll

2008-08-02 12:20 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll

2008-08-02 12:20 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll

2008-08-02 12:20 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2008-08-16 17:25 --------- d-----w C:\Documents and Settings\Basia\Application Data\Skype

2008-07-21 19:36 --------- d-----w C:\Program Files\Gadu-Gadu

2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll

2008-07-07 20:32 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll

2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll

2008-06-24 16:23 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll

2008-06-23 16:12 667,136 ----a-w C:\WINDOWS\system32\wininet.dll

2008-06-23 16:12 667,136 ------w C:\WINDOWS\system32\dllcache\wininet.dll

2008-06-23 16:12 618,496 ------w C:\WINDOWS\system32\dllcache\urlmon.dll

2008-06-23 16:12 532,480 ------w C:\WINDOWS\system32\dllcache\mstime.dll

2008-06-23 16:12 474,112 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll

2008-06-23 16:12 449,024 ------w C:\WINDOWS\system32\dllcache\mshtmled.dll

2008-06-23 16:12 39,424 ------w C:\WINDOWS\system32\dllcache\pngfilt.dll

2008-06-23 16:12 146,432 ------w C:\WINDOWS\system32\dllcache\msrating.dll

2008-06-23 16:12 1,499,136 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll

2008-06-23 16:11 96,256 ------w C:\WINDOWS\system32\dllcache\inseng.dll

2008-06-23 16:11 55,808 ------w C:\WINDOWS\system32\dllcache\extmgr.dll

2008-06-23 16:11 357,888 ------w C:\WINDOWS\system32\dllcache\dxtmsft.dll

2008-06-23 16:11 3,067,392 ------w C:\WINDOWS\system32\dllcache\mshtml.dll

2008-06-23 16:11 251,904 ------w C:\WINDOWS\system32\dllcache\iepeers.dll

2008-06-23 16:11 205,312 ------w C:\WINDOWS\system32\dllcache\dxtrans.dll

2008-06-23 16:11 16,384 ------w C:\WINDOWS\system32\dllcache\jsproxy.dll

2008-06-23 16:11 151,040 ------w C:\WINDOWS\system32\dllcache\cdfview.dll

2008-06-23 16:11 1,054,208 ------w C:\WINDOWS\system32\dllcache\danim.dll

2008-06-23 16:11 1,024,000 ------w C:\WINDOWS\system32\dllcache\browseui.dll

2008-06-23 09:53 18,432 ------w C:\WINDOWS\system32\dllcache\iedw.exe

2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll

2008-06-20 17:41 245,248 ------w C:\WINDOWS\system32\dllcache\mswsock.dll

2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll

2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys

2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys

2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys

2008-06-20 10:44 138,368 ------w C:\WINDOWS\system32\dllcache\afd.sys

2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys

2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys

2008-06-13 13:10 272,128 ------w C:\WINDOWS\system32\dllcache\bthport.sys

2007-09-24 20:26 1,050 ----a-w C:\Documents and Settings\Basia\Application Data\wklnhst.dat

2007-09-05 18:55 24,192 ----a-w C:\Documents and Settings\Basia\usbsermptxp.sys

2007-09-05 18:55 22,768 ----a-w C:\Documents and Settings\Basia\usbsermpt.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“ctfmon.exe”=“C:\WINDOWS\system32\ctfmon.exe” [2004-08-04 05:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

“Dell QuickSet”=“C:\Program Files\Dell\QuickSet\Quickset.exe” [2007-02-20 12:29 1191936]

“avast!”=“C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe” [2008-07-19 15:38 78008]

“HPDJ Taskbar Utility”=“C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe” [2003-03-11 09:08 172032]

“HP Software Update”=“C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe” [2002-12-17 11:40 49152]

“DeviceDiscovery”=“C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe” [2002-12-02 20:56 40960]

“NeroFilterCheck”=“C:\WINDOWS\system32\NeroCheck.exe” [2001-07-09 11:50 155648]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-06-16 19:47:46 113664]

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 20:05:56 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

“vidc.avrn”= E:\instalki\kodeki\ACEMEG~1\SystemS\AVIDAV~1.DLL

“vidc.advj”= E:\instalki\kodeki\ACEMEG~1\SystemS\AVIDAV~1.DLL

“vidc.mszh”= E:\instalki\kodeki\ACEMEG~1\SystemS\avimszh.dll

“vidc.zlib”= E:\instalki\kodeki\ACEMEG~1\SystemS\avizlib.dll

“vidc.cscd”= E:\instalki\kodeki\ACEMEG~1\SystemS\camcodec.dll

“vidc.cvid”= E:\instalki\kodeki\ACEMEG~1\SystemS\iccvid.dll

“msacm.trspch”= E:\instalki\kodeki\ACEMEG~1\SystemS\tssoft32.acm

“vidc.em2v”= E:\instalki\kodeki\ACEMEG~1\SystemS\etxcodec.dll

“vidc.mkvc”= E:\instalki\kodeki\ACEMEG~1\SystemS\kmvidc32.dll

“vidc.hfyu”= E:\instalki\kodeki\ACEMEG~1\SystemS\huffyuv.dll

“msacm.lameacm”= E:\instalki\kodeki\ACEMEG~1\SystemS\lameacm.acm

“msacm.lhacm”= E:\instalki\kodeki\ACEMEG~1\SystemS\lhacm.acm

“msacm.l3acm”= E:\instalki\kodeki\ACEMEG~1\SystemS\l3codecp.acm

“vidc.sjpg”= E:\instalki\kodeki\ACEMEG~1\SystemS\pmjpeg32.dll

“vidc.dmb2”= E:\instalki\kodeki\ACEMEG~1\SystemS\pmjpeg32.dll

“vidc.gepj”= E:\instalki\kodeki\ACEMEG~1\SystemS\pmjpeg32.dll

“vidc.qpeg”= E:\instalki\kodeki\ACEMEG~1\SystemS\Qpeg32.dll

“vidc.q1.0”= E:\instalki\kodeki\ACEMEG~1\SystemS\Qpeg32.dll

“vidc.tscc”= E:\instalki\kodeki\ACEMEG~1\SystemS\tsccvid.dll

“vidc.vifp”= E:\instalki\kodeki\ACEMEG~1\SystemS\vfcodec.dll

“vidc.wrpr”= E:\instalki\kodeki\ACEMEG~1\SystemS\aviwrap.dll

“vidc.wnv1”= E:\instalki\kodeki\ACEMEG~1\SystemS\wnvplay1.dll

“vidc.advs”= E:\instalki\kodeki\ACEMEG~1\SystemS\Adaptec\Dvc.dll

“vidc.aflc”= E:\instalki\kodeki\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL

“vidc.afli”= E:\instalki\kodeki\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL

“vidc.aasc”= E:\instalki\kodeki\ACEMEG~1\SystemS\Autodesk\Aasc32.dll

“vidc.aas4”= E:\instalki\kodeki\ACEMEG~1\SystemS\Autodesk\Aasc32.dll

“vidc.asv1”= E:\instalki\kodeki\ACEMEG~1\SystemS\ASUS\asusasv1.dll

“vidc.asv2”= E:\instalki\kodeki\ACEMEG~1\SystemS\ASUS\asusasv2.dll

“vidc.asvx”= E:\instalki\kodeki\ACEMEG~1\SystemS\ASUS\asusasv2.dll

“vidc.vcr1”= E:\instalki\kodeki\ACEMEG~1\SystemS\ATI\ativcr1.dll

“vidc.vcr2”= E:\instalki\kodeki\ACEMEG~1\SystemS\ATI\ativcr2.dll

“vidc.yv12”= E:\instalki\kodeki\ACEMEG~1\SystemS\ATI\atiyuv12.DLL

“vidc.mwv1”= E:\instalki\kodeki\ACEMEG~1\SystemS\Aware\icmw_32.dll

“vidc.bt20”= E:\instalki\kodeki\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv

“vidc.y41p”= E:\instalki\kodeki\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv

“msacm.pcdv”= E:\instalki\kodeki\ACEMEG~1\SystemS\Canopus\pcdv.acm

“vidc.cdvc”= E:\instalki\kodeki\ACEMEG~1\SystemS\Canopus\CSCCDVC.DLL

“vidc.ddvc”= E:\instalki\kodeki\ACEMEG~1\SystemS\Canopus\CSCdvsd.DLL

“vidc.png1”= E:\instalki\kodeki\ACEMEG~1\SystemS\Core\COREPN~1.DLL

“msacm.CoreFLAC_ACM”= E:\instalki\kodeki\ACEMEG~1\SystemS\Core\COREFL~1.ACM

“vidc.davc”= E:\instalki\kodeki\ACEMEG~1\SystemS\dicas\davcvfw.dll

“vidc.div3”= E:\instalki\kodeki\ACEMEG~1\SystemS\DivX\DivXc32.dll

“vidc.div5”= E:\instalki\kodeki\ACEMEG~1\SystemS\DivX\DivXc32.dll

“vidc.mpg3”= E:\instalki\kodeki\ACEMEG~1\SystemS\DivX\DivXc32.dll

“vidc.div4”= E:\instalki\kodeki\ACEMEG~1\SystemS\DivX\DivXc32f.dll

“vidc.div6”= E:\instalki\kodeki\ACEMEG~1\SystemS\DivX\DivXc32f.dll

“vidc.ap41”= E:\instalki\kodeki\ACEMEG~1\SystemS\DivX\DivXc32f.dll

“vidc.dvx4”= E:\instalki\kodeki\ACEMEG~1\SystemS\DivX\divx4.dll

“vidc.divx”= E:\instalki\kodeki\ACEMEG~1\SystemS\DivX\DivX520.dll

“msacm.divxa32”= E:\instalki\kodeki\ACEMEG~1\SystemS\DivX\divxa32.acm

“vidc.frwd”= E:\instalki\kodeki\ACEMEG~1\SystemS\Forward\frwd.dll

“vidc.frwt”= E:\instalki\kodeki\ACEMEG~1\SystemS\Forward\frwd.dll

“vidc.frwa”= E:\instalki\kodeki\ACEMEG~1\SystemS\Forward\frwt.dll

“vidc.frwu”= E:\instalki\kodeki\ACEMEG~1\SystemS\Forward\frwu.dll

“vidc.glzw”= E:\instalki\kodeki\ACEMEG~1\SystemS\Gabest\GLZW.dll

“vidc.gpeg”= E:\instalki\kodeki\ACEMEG~1\SystemS\Gabest\GPEG.dll

“vidc.i263”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\i263_32.drv

“vidc.iv30”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir32_32.dll

“vidc.iv31”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir32_32.dll

“vidc.iv32”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir32_32.dll

“vidc.iv33”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir32_32.dll

“vidc.iv34”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir32_32.dll

“vidc.iv35”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir32_32.dll

“vidc.iv36”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir32_32.dll

“vidc.iv37”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir32_32.dll

“vidc.iv38”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir32_32.dll

“vidc.iv39”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir32_32.dll

“vidc.iv40”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir41_32.dll

“vidc.iv41”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir41_32.dll

“vidc.iv42”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir41_32.dll

“vidc.iv43”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir41_32.dll

“vidc.iv44”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir41_32.dll

“vidc.iv45”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir41_32.dll

“vidc.iv46”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir41_32.dll

“vidc.iv47”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir41_32.dll

“vidc.iv48”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir41_32.dll

“vidc.iv49”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir41_32.dll

“vidc.iv50”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\ir50_32.dll

“vidc.ir21”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\IR21_R.DLL

“vidc.rt21”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\IR21_R.DLL

“msacm.imc”= E:\instalki\kodeki\ACEMEG~1\SystemS\Intel\IMC32.ACM

“vidc.lead”= E:\instalki\kodeki\ACEMEG~1\SystemS\LEAD\LCODCCMP.DLL

“vidc.dvsd”= E:\instalki\kodeki\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL

“vidc.dvc”= E:\instalki\kodeki\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL

“vidc.dvcs”= E:\instalki\kodeki\ACEMEG~1\SystemS\MAINCO~1\MCDVD_32.DLL

“vidc.dcmj”= E:\instalki\kodeki\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL

“vidc.avi1”= E:\instalki\kodeki\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL

“vidc.avi2”= E:\instalki\kodeki\ACEMEG~1\SystemS\MAINCO~1\MCMJPG32.DLL

“vidc.dv25”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“vidc.dv50”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“vidc.msmc”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“vidc.mmjp”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“vidc.mtx1”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“vidc.mtx2”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“vidc.mtx3”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“vidc.mtx4”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“vidc.mtx5”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“vidc.mtx6”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“vidc.mtx7”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“vidc.mtx8”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“vidc.mtx9”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“vidc.mmes”= E:\instalki\kodeki\ACEMEG~1\SystemS\Matrox\DigiVCap.dll

“msacm.msadpcm”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\msadp32.acm

“msacm.imaadpcm”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\imaadp32.acm

“msacm.msg711”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\msg711.acm

“msacm.msg723”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\msg723.acm

“msacm.msgsm610”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\msgsm32.acm

“vidc.m261”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\msh261.drv

“vidc.m263”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\msh263.drv

“vidc.mrle”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\msrle32.dll

“vidc.msvc”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\msvidc32.dll

“vidc.cram”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\msvidc32.dll

“vidc.mpg4”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

“vidc.mp41”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

“vidc.mp42”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

“vidc.mp43”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

“vidc.mp4s”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

“vidc.mp4v”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\mpg4c32.dll

“vidc.wmv3”= E:\instalki\kodeki\ACEMEG~1\SystemS\MICROS~1\WMV9VCM.dll

“vidc.vixl”= E:\instalki\kodeki\ACEMEG~1\SystemS\Miro\miroxl32.dll

“vidc.nt00”= E:\instalki\kodeki\ACEMEG~1\SystemS\Newtek\ntcodec.dll

“msacm.vorbis”= E:\instalki\kodeki\ACEMEG~1\SystemS\OGG\vorbis.acm

“vidc.vp30”= E:\instalki\kodeki\ACEMEG~1\SystemS\ON2TEC~1\vp31vfw.dll

“vidc.vp31”= E:\instalki\kodeki\ACEMEG~1\SystemS\ON2TEC~1\vp31vfw.dll

“vidc.vp60”= E:\instalki\kodeki\ACEMEG~1\SystemS\ON2TEC~1\vp6vfw.dll

“vidc.vp61”= E:\instalki\kodeki\ACEMEG~1\SystemS\ON2TEC~1\vp6vfw.dll

“vidc.pdvc”= E:\instalki\kodeki\ACEMEG~1\SystemS\PANASO~1\idvcodec.dll

“vidc.ipdv”= E:\instalki\kodeki\ACEMEG~1\SystemS\PANASO~1\idvcodec.dll

“vidc.pvw2”= E:\instalki\kodeki\ACEMEG~1\SystemS\Pegasus\pvwv220.dll

“vidc.pimj”= E:\instalki\kodeki\ACEMEG~1\SystemS\Pegasus\pvljpg20.dll

“vidc.mjpx”= E:\instalki\kodeki\ACEMEG~1\SystemS\Pegasus\pvmjpg21.dll

“vidc.miro”= E:\instalki\kodeki\ACEMEG~1\SystemS\Pinnacle\MIRODV~1.DLL

“vidc.dcap”= E:\instalki\kodeki\ACEMEG~1\SystemS\Pinnacle\MIRODV~1.DLL

“vidc.mjpa”= E:\instalki\kodeki\ACEMEG~1\SystemS\Pinnacle\RTMJPG~1.DLL

“vidc.gpjm”= E:\instalki\kodeki\ACEMEG~1\SystemS\Pinnacle\RTMJPG~1.DLL

“vidc.pim1”= E:\instalki\kodeki\ACEMEG~1\SystemS\Pinnacle\pclepim1.dll

“msacm.qmpeg”= E:\instalki\kodeki\ACEMEG~1\SystemS\QDesign\qmpeg.acm

“vidc.rmp4”= E:\instalki\kodeki\ACEMEG~1\SystemS\REALMA~1\rmp4.dll

“vidc.rud0”= E:\instalki\kodeki\ACEMEG~1\SystemS\Rududu\rududu.dll

“msacm.at3”= E:\instalki\kodeki\ACEMEG~1\SystemS\SONY\atrac3.acm

“vidc.sony”= E:\instalki\kodeki\ACEMEG~1\SystemS\SONY\sonydv.dll

“vidc.dvcp”= E:\instalki\kodeki\ACEMEG~1\SystemS\SONY\sonydv.dll

“vidc.s422”= E:\instalki\kodeki\ACEMEG~1\SystemS\Tekram\tekyuv.dll

“vidc.t420”= E:\instalki\kodeki\ACEMEG~1\SystemS\Toshiba\tsbyuv.dll

“vidc.y411”= E:\instalki\kodeki\ACEMEG~1\SystemS\Toshiba\tsbyuv.dll

“vidc.vssv”= E:\instalki\kodeki\ACEMEG~1\SystemS\VANGUA~1\vsscodec.dll

“msacm.voxacm160”= E:\instalki\kodeki\ACEMEG~1\SystemS\VoxWare\vct3216.acm

“vidc.xvid”= E:\instalki\kodeki\ACEMEG~1\SystemS\XviD\xvidvfw.dll

[HKLM~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk

backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]

path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk

backup=C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]

–a------ 2006-10-31 21:48 1392640 C:\WINDOWS\system32\WLTRAY.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSVolFE.exe]

--------- 2005-02-23 15:57 57344 C:\Program Files\Creative\Mixer\CTSVolFE.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]

–a------ 2007-02-20 12:29 1191936 C:\Program Files\Dell\QuickSet\quickset.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]

–a------ 2005-12-13 16:41 77824 C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

–a------ 2005-12-13 16:45 118784 C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]

–a------ 2005-12-13 16:44 98304 C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]

–a------ 2006-10-03 11:35 221184 C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

–a------ 2006-10-03 11:37 81920 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]

--------- 2007-05-02 18:16 184320 C:\Program Files\Dell\MediaDirect\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

–a------ 2005-11-10 13:03 36975 C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

–a------ 2006-03-08 11:48 761947 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]

–a------ 2006-03-24 16:30 282624 C:\WINDOWS\stsystra.exe

[HKLM~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

“%windir%\system32\sessmgr.exe”=

“C:\Program Files\Dell\MediaDirect\PCMService.exe”=

“C:\Program Files\Gadu-Gadu\gg.exe”=

“E:\instalki\ss\Soulseek-Test\slsk.exe”=

“C:\Program Files\Skype\Phone\Skype.exe”=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 15:35]

R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 15:37]

S3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-03 23:45]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{01f1fdd0-5a42-11dc-a57b-001c23893656}]