Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

kontrola logu, děkuji

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
tx3rf
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 03 led 2010 12:52

kontrola logu, děkuji

#1 Příspěvek od tx3rf »

Zdravím, mám problém s tím, že moje icq číslo rozesílá spam na ostatní v dobu, kdy nejsem vůbec připojený, kamarád mě na vás odkázal :)

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-01-03 12:50:38
Microsoft Windows XP Professional Service Pack 3
System drive C: has 73 GB (47%) free of 157 GB
Total RAM: 2047 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:50:42, on 03/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20978)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Cyberlink\Shared Files\brs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Zoner\Photo Studio 12\Program\Zps.exe
C:\Program Files\Creative\Creative ZEN V Series\ZEN V Media Explorer\CTPlyLsU.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Desktop\QIP Infium PafoPack\inf.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\hijackthis.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\RSIT.exe
C:\Documents and Settings\Administrator\My Documents\Downloads\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 cmicnfg3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 11861 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-362288127-682003330-500Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-362288127-682003330-500UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F364306-AA45-47B5-9F9D-39A8B94E7EF1}]
FG2CatchUrl - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll [2008-08-19 104016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
XfireXO Toolbar - C:\Program Files\XfireXO\tbXfir.dll [2009-11-09 2331672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-27 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-27 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-16 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-16 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - XfireXO Toolbar - C:\Program Files\XfireXO\tbXfir.dll [2009-11-09 2331672]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-27 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-14 208952]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-14 455168]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-09-27 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-09-27 13918208]
"CmPCIaudio"=RunDll32 cmicnfg3.cpl,CMICtrlWnd []
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2009-11-16 949376]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-16 149280]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"RemoteControl9"=C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [2009-02-16 87336]
"PDVD9LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [2008-10-13 50472]
"BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2009-02-28 75048]
"FlashGet"=C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe [2008-08-19 1795656]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-11-15 135664]
"CTSyncU.exe"=C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe [2006-04-28 692224]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-12-18 39408]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-02-13 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-02-13 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Miranda pack by sssugi\miranda32.exe"="C:\Program Files\Miranda pack by sssugi\miranda32.exe:*:Enabled:Miranda IM"
"C:\Documents and Settings\Administrator\Desktop\Miranda IM\miranda32.exe"="C:\Documents and Settings\Administrator\Desktop\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Documents and Settings\Administrator\Desktop\Miranda_Cult_Pack_1.5\miranda32.exe"="C:\Documents and Settings\Administrator\Desktop\Miranda_Cult_Pack_1.5\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\Program Files\Codemasters\DiRT\DiRT.exe"="C:\Program Files\Codemasters\DiRT\DiRT.exe:*:Enabled:DiRT Executable"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe"="C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate"
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe"="C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx"
"C:\Program Files\Codemasters\DiRT2\dirt2_game.exe"="C:\Program Files\Codemasters\DiRT2\dirt2_game.exe:*:Enabled:DiRT2"
"C:\Documents and Settings\Administrator\Desktop\QIP Infium PafoPack\inf.exe"="C:\Documents and Settings\Administrator\Desktop\QIP Infium PafoPack\inf.exe:*:Enabled:QIP Infium"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-01-03 12:50:38 ----D---- C:\rsit
2009-12-28 16:05:56 ----D---- C:\Documents and Settings\Administrator\Application Data\FastStone
2009-12-28 16:03:49 ----D---- C:\Program Files\FastStone Image Viewer
2009-12-18 15:25:02 ----D---- C:\Documents and Settings\Administrator\Application Data\Google
2009-12-16 17:22:46 ----D---- C:\Documents and Settings\All Users\Application Data\Codemasters
2009-12-16 17:19:31 ----A---- C:\WINDOWS\system32\mkl_vml_p4.dll
2009-12-16 17:19:31 ----A---- C:\WINDOWS\system32\mkl_vml_p3.dll
2009-12-16 17:19:31 ----A---- C:\WINDOWS\system32\mkl_vml_def.dll
2009-12-16 17:19:31 ----A---- C:\WINDOWS\system32\mkl_p4.dll
2009-12-16 17:19:30 ----A---- C:\WINDOWS\system32\rapture3d_oal.dll
2009-12-16 17:19:30 ----A---- C:\WINDOWS\system32\mkl_p3.dll
2009-12-16 17:19:30 ----A---- C:\WINDOWS\system32\mkl_lapack64.dll
2009-12-16 17:19:30 ----A---- C:\WINDOWS\system32\mkl_lapack32.dll
2009-12-16 17:19:30 ----A---- C:\WINDOWS\system32\mkl_def.dll
2009-12-16 17:19:30 ----A---- C:\WINDOWS\system32\libguide40.dll
2009-12-16 17:19:29 ----D---- C:\Program Files\BRS
2009-12-16 17:18:32 ----D---- C:\WINDOWS\system32\XPSViewer
2009-12-16 17:18:25 ----D---- C:\Program Files\Reference Assemblies
2009-12-16 17:17:54 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-12-16 17:17:54 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-12-16 17:16:10 ----SHD---- C:\Config.Msi
2009-12-16 17:14:20 ----D---- C:\WINDOWS\system32\xlive
2009-12-16 17:14:20 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2009-12-16 17:14:06 ----RA---- C:\WINDOWS\system32\tmp538D.tmp
2009-12-16 17:14:06 ----RA---- C:\WINDOWS\system32\tmp538B.tmp
2009-12-16 17:14:06 ----D---- C:\Program Files\OpenAL
2009-12-16 17:14:03 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2009-12-16 17:14:02 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2009-12-16 17:14:00 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2009-12-16 17:13:59 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2009-12-16 17:13:58 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2009-12-16 17:13:56 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2009-12-16 17:13:55 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2009-12-16 17:13:53 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-12-16 17:13:53 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-12-16 17:13:52 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-12-16 17:13:50 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-12-16 17:13:50 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-12-16 17:13:49 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-12-16 17:13:48 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-12-14 19:55:49 ----D---- C:\Program Files\EA GAMES
2009-12-14 19:54:57 ----D---- C:\Program Files\Common Files\EasyInfo
2009-12-13 09:33:12 ----D---- C:\Program Files\Common Files\DirectX
2009-12-13 09:18:12 ----D---- C:\Program Files\7-Zip
2009-12-12 23:04:09 ----D---- C:\Downloads
2009-12-12 23:02:40 ----D---- C:\Documents and Settings\Administrator\Application Data\BITS
2009-12-12 23:02:32 ----D---- C:\profiles
2009-12-12 23:02:31 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2009-12-12 23:02:21 ----D---- C:\Program Files\Google
2009-12-12 23:02:14 ----D---- C:\Program Files\FlashGet Network
2009-12-12 16:33:54 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-12-10 12:44:15 ----D---- C:\Program Files\Caesar III
2009-12-09 09:47:53 ----D---- C:\Documents and Settings\Administrator\Application Data\CyberLink
2009-12-09 09:47:39 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2009-12-09 09:47:23 ----D---- C:\Program Files\Common Files\CyberLink
2009-12-09 09:45:53 ----D---- C:\Program Files\CyberLink
2009-12-09 09:45:27 ----A---- C:\WINDOWS\system32\msxml3a.dll

======List of files/folders modified in the last 1 months======

2010-01-03 12:44:05 ----D---- C:\WINDOWS\Prefetch
2010-01-03 12:30:09 ----D---- C:\WINDOWS\Temp
2010-01-03 12:24:13 ----D---- C:\Documents and Settings\Administrator\Application Data\Xfire
2010-01-03 11:35:09 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-01-02 23:46:37 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-02 18:14:56 ----D---- C:\Program Files\Flickr Uploadr
2010-01-02 09:55:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-01 18:42:09 ----A---- C:\WINDOWS\win.ini
2010-01-01 03:01:49 ----D---- C:\Program Files\ESET
2009-12-30 08:25:45 ----D---- C:\Program Files\ICQ6.5
2009-12-28 23:00:05 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-12-28 16:03:49 ----RD---- C:\Program Files
2009-12-27 13:16:16 ----SHD---- C:\WINDOWS\Installer
2009-12-22 12:04:15 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2009-12-20 15:27:45 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2009-12-19 17:22:24 ----D---- C:\WINDOWS\system32
2009-12-19 00:15:45 ----D---- C:\WINDOWS
2009-12-18 16:53:46 ----D---- C:\Program Files\Xfire
2009-12-17 12:35:16 ----RSD---- C:\WINDOWS\Fonts
2009-12-16 22:08:58 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-16 22:08:55 ----RSD---- C:\WINDOWS\assembly
2009-12-16 18:42:49 ----HD---- C:\WINDOWS\inf
2009-12-16 17:19:35 ----D---- C:\WINDOWS\WinSxS
2009-12-16 17:18:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-16 17:18:30 ----D---- C:\WINDOWS\system32\en-US
2009-12-16 17:18:30 ----D---- C:\Program Files\MSBuild
2009-12-16 17:18:06 ----D---- C:\WINDOWS\system32\dllcache
2009-12-16 17:14:29 ----D---- C:\WINDOWS\system32\DirectX
2009-12-16 17:14:20 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-12-16 17:14:06 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2009-12-16 17:14:06 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2009-12-16 16:55:35 ----D---- C:\Program Files\Codemasters
2009-12-16 16:55:33 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-14 19:54:57 ----D---- C:\Program Files\Common Files
2009-12-12 16:34:08 ----D---- C:\WINDOWS\system32\drivers
2009-12-10 22:41:30 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-12-09 12:39:14 ----D---- C:\Documents and Settings\Administrator\Application Data\Sony
2009-12-09 12:39:00 ----D---- C:\Program Files\Sony
2009-12-09 12:38:45 ----D---- C:\Program Files\Sony Setup
2009-12-09 12:23:34 ----A---- C:\WINDOWS\game.ini
2009-12-09 12:22:01 ----D---- C:\Program Files\Activision

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2009-11-16 15424]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/09 09:47:38]; \??\C:\Program Files\CyberLink\PowerDVD9\000.fcl []
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2009-11-16 512096]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2009-02-13 62848]
R3 cmuda3;TerraTec Aureon 5.1 Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2007-04-12 1399680]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-27 7655872]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-31 117888]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2009-02-13 32384]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-02-13 30336]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-02-13 38528]
R3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-02-13 82944]
S3 ay64x0ek;ay64x0ek; C:\WINDOWS\system32\drivers\ay64x0ek.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2009-02-13 133632]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-16 153376]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2009-11-16 552064]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-09-27 172100]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-17 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-01-03 215104]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-11-16 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-11-18 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-18 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-13 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: kontrola logu, děkuji

#2 Příspěvek od Unlimited_Killer »

Na logu se pracuje. :bye:
inactive
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: kontrola logu, děkuji

#3 Příspěvek od Unlimited_Killer »

Jdeme na to.

~~~

Stáhněte OTM na Plochu. Spusťte ho dvojklikem na OTMoveIt3.exe, pokud máte Vistu, pravým tlačítkem na soubor -> Run as Administrator [spustit jako administrátor].
Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:

Kód: Vybrat vše

:processes
Explorer.EXE

:reg
[HKCU\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://seznam.cz"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"=-
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"=-
"{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}"=-
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"Adobe Reader Speed Launcher"=-
"RemoteControl9"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=-
"swg"=-

:files
C:\Program Files\Winamp Toolbar
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-362288127-682003330-500Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-362288127-682003330-500UA.job
C:\Program Files\DAEMON Tools Toolbar

:services
JavaQuickStarterService

:commands
[emptytemp]
[reboot]
Poté klikněte na červené tlačítko 'MoveIt!'.
V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra. Pokud se zobrazí hláška k restartování, klikněte na Yes. Po restartu log najdete v C:\_OTM\MovedFiles

~~~

Stáhněte MBAM a postupujte podle popisu. Zatím nic nemažte, MBAM má občas falešné detekce.
Potom mi sem vložte log.
inactive
Nahoru
tx3rf
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 03 led 2010 12:52

Re: kontrola logu, děkuji

#4 Příspěvek od tx3rf »

log otd

All processes killed
========== PROCESSES ==========
No active process named Explorer.EXE was found!
========== REGISTRY ==========
HKCU\Software\Microsoft\Internet Explorer\Main\\"Start Page"|"http://seznam.cz" /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl9 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
========== FILES ==========
C:\Program Files\Winamp Toolbar folder moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-362288127-682003330-500Core.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1343024091-362288127-682003330-500UA.job moved successfully.
C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 3069304127 bytes
->Temporary Internet Files folder emptied: 3327953 bytes
->Java cache emptied: 30409298 bytes
->Google Chrome cache emptied: 390797736 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 6025679 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2386262 bytes
%systemroot%\System32 .tmp files removed: 1621697 bytes
Windows Temp folder emptied: 242897 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 56614201 bytes

Total Files Cleaned = 3,396.00 mb


OTM by OldTimer - Version 3.1.4.0 log created on 01032010_135056

Files moved on Reboot...

Registry entries deleted on Reboot...
Nahoru
tx3rf
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 03 led 2010 12:52

Re: kontrola logu, děkuji

#5 Příspěvek od tx3rf »

a Mbam

Malwarebytes' Anti-Malware 1.43
Verze databáze: 3486
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

03/01/2010 14:05:53
mbam-log-2010-01-03 (14-05-53).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 109249
Uplynulý èas: 3 minute(s), 16 second(s)

Infikované procesy v pamìti: 0
Infikované moduly v pamìti: 0
Infikované klíèe registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáøe: 0
Infikované soubory: 0

Infikované procesy v pamìti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v pamìti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíèe registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáøe:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)




/// nechápu proč teda rozesílám ty spam zprávy po icq..
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: kontrola logu, děkuji

#6 Příspěvek od Unlimited_Killer »

Ještě můžeme zkusit ComboFix.
Jinak to ani nemusí být havětí - občas za to můžou (zvláště když používáte QIP - což není Váš případ) soudruzi z Ruska :)

~~~

Vložte sem log z ComboFix.

Stáhněte a uložte na Plochu ComboFix, poté ho spusťte s administrátorským oprávněním.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'. Budete také dotázán na instalaci konzole pro zotavení, klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat. Váš PC bude pravděpodobně restartován, tak se toho neděste. Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu na Vás vypadne log, který vkopírujete sem.
inactive
Nahoru
tx3rf
Návštěvník
Návštěvník
Příspěvky: 4
Registrován: 03 led 2010 12:52

Re: kontrola logu, děkuji

#7 Příspěvek od tx3rf »

ComboFix 10-01-02.05 - Administrator 03/01/2010 15:23:21.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1626 [GMT 1:00]
Running from: c:\documents and settings\Administrator\My Documents\Downloads\ComboFix.exe
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Administrator\Application Data\BITS
c:\documents and settings\Administrator\Application Data\BITS\BITS.ini
c:\documents and settings\Administrator\Application Data\BITS\DHTTable.dat
c:\documents and settings\Administrator\Application Data\BITS\ProxyList.ini
c:\documents and settings\Administrator\Application Data\BITS\UPnP.ini
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet universal\btcore.dll
c:\program files\FlashGet Network\FlashGet universal\btwrap.dll
c:\program files\FlashGet Network\FlashGet universal\BugReport.dll
c:\program files\FlashGet Network\FlashGet universal\BugReport.exe
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
c:\program files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhocfg.ini
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
c:\program files\FlashGet Network\FlashGet universal\ComDlls\ComDlls.ini
c:\program files\FlashGet Network\FlashGet universal\ComDlls\flashget.xpi
c:\program files\FlashGet Network\FlashGet universal\ComDlls\FlashgetXpi.dll
c:\program files\FlashGet Network\FlashGet universal\ComDlls\IFlashgetXpi.xpt
c:\program files\FlashGet Network\FlashGet universal\dbghelp.dll
c:\program files\FlashGet Network\FlashGet universal\DBTrans.dll
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose - 2009.12.15 23.31.26.log
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
c:\program files\FlashGet Network\FlashGet universal\DBTransC.exe
c:\program files\FlashGet Network\FlashGet universal\ed2kwrap.dll
c:\program files\FlashGet Network\FlashGet universal\explorerbar.dll
c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
c:\program files\FlashGet Network\FlashGet universal\FGVer.dll
c:\program files\FlashGet Network\FlashGet universal\flashget.exe
c:\program files\FlashGet Network\FlashGet universal\gt.exe
c:\program files\FlashGet Network\FlashGet universal\hashgen.dll
c:\program files\FlashGet Network\FlashGet universal\Help\license.txt
c:\program files\FlashGet Network\FlashGet universal\Help\Readme.txt
c:\program files\FlashGet Network\FlashGet universal\Help\WHATSNEW.TXT
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBatchLinksDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBTTask.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Added.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddEMTask.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddHpFpLink.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlgEx.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksModern.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BrowserPlugins.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BTOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CategoryView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ComfirmWhenExitDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CommonDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ConfirmInvalidLinks.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ContextMenu.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DefaultDownloadsDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DeleteFilesDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DetailStatus.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMServers.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExplorerPane.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExtensionRuleDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FG2SearchTopPlugin.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileListCtrl.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileRemovedDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FindTaskDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashgetAbout.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashGetDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FSUStatusBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageLoginDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HotResource.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HpFpOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Info.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\LogsOutput.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MACReader.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainMenu.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainToolbar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MonitorOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NormalOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NotifyOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Option.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\P4PPluginMain.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ProxySetting.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SearchBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Security.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityScan.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityToolbar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Shutdown.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\StatusBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskDefOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskListView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskNotify.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\UserListCtrl.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\XpEnhance.ini
c:\program files\FlashGet Network\FlashGet universal\libupnp.dll
c:\program files\FlashGet Network\FlashGet universal\LiveUpdateUI.dll
c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\ComHelper.dll
c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Downstat.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\P4pclient.dll
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\iexplorer.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.xml
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\search.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\subscribe.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\SearchTop.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Security\FunctionalRepair.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Scanning.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\SECURITY.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.xml
c:\program files\FlashGet Network\FlashGet universal\modules\Security\SystemFix.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SamplerCli.dll
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SnapShot.dll
c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\tasknotifier.dll
c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet universal\P2PCore.dll
c:\program files\FlashGet Network\FlashGet universal\p2pprot.dll
c:\program files\FlashGet Network\FlashGet universal\p2snetio.dll
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.dll
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\p2sprot.dll
c:\program files\FlashGet Network\FlashGet universal\p2spwrap.dll
c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
c:\program files\FlashGet Network\FlashGet universal\Skins\close_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\close_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\close_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\notify.wav
c:\program files\FlashGet Network\FlashGet universal\Skins\notify_board.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\notify_icon.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Back.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Backward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\BrowserBarCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\FlashgetResource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Forward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Home.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Backward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\BrowserBarDisableCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Forward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Home.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Available.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\CategoryTreeCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloaded.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloading.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Favorite.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Flashget.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Release.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Rubbish.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Search.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\Expbar.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\garage.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\transfer.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\BT.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\EM.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\GlobalOptionCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\HpFp.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Monitor.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Normal.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Notify.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Proxy.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\TaskDef.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Info.ini
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MainMenuCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveDownTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveUpTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\MainToolbarCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\MainToolbarDisableCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\InfoBkg.Bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\MonitorBkg.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Down.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Error.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Normal.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\OutpuLogCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Up.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\All.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Book.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Bt.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Game.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Movie.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Music.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Phone.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Picture.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\SobarIconCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Software.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Error.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\hashing.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\OK.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pause.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pin.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Schedule.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Start.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\TaskListCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Upload.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Wait.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\storage.dll
c:\program files\FlashGet Network\FlashGet universal\SysOpt.exe
c:\program files\FlashGet Network\FlashGet universal\transaction - 2009.12.15 23.31.26.log
c:\program files\FlashGet Network\FlashGet universal\transaction.log
c:\program files\FlashGet Network\FlashGet universal\uninst.exe
c:\program files\FlashGet Network\FlashGet universal\zlib.dll
c:\program files\ICQ6.5\ICQLRun.exe

.
((((((((((((((((((((((((( Files Created from 2009-12-03 to 2010-01-03 )))))))))))))))))))))))))))))))
.

2010-01-03 13:22 . 2010-01-03 13:22 0 ----a-w- c:\windows\nsreg.dat
2010-01-03 13:22 . 2010-01-03 13:22 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
2010-01-03 13:01 . 2010-01-03 13:01 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-01-03 13:01 . 2009-12-30 13:55 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-03 13:01 . 2010-01-03 13:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-03 13:01 . 2010-01-03 13:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-03 13:01 . 2009-12-30 13:54 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-03 12:50 . 2010-01-03 12:50 -------- d-----w- C:\_OTM
2010-01-03 11:50 . 2010-01-03 11:50 -------- d-----w- C:\rsit
2009-12-28 15:05 . 2009-12-28 15:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\FastStone
2009-12-28 15:03 . 2009-12-28 15:04 -------- d-----w- c:\program files\FastStone Image Viewer
2009-12-16 16:22 . 2009-12-16 16:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Codemasters
2009-12-16 16:19 . 2009-07-13 18:04 839680 ----a-w- c:\windows\system32\mkl_vml_p4.dll
2009-12-16 16:19 . 2009-07-13 18:04 532480 ----a-w- c:\windows\system32\mkl_vml_p3.dll
2009-12-16 16:19 . 2009-07-13 18:04 512000 ----a-w- c:\windows\system32\mkl_vml_def.dll
2009-12-16 16:19 . 2009-07-13 18:04 3485696 ----a-w- c:\windows\system32\mkl_p4.dll
2009-12-16 16:19 . 2009-10-16 10:19 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll
2009-12-16 16:19 . 2009-07-13 18:04 2793472 ----a-w- c:\windows\system32\mkl_p3.dll
2009-12-16 16:19 . 2009-07-13 18:04 2441216 ----a-w- c:\windows\system32\mkl_def.dll
2009-12-16 16:19 . 2009-07-13 18:04 2174976 ----a-w- c:\windows\system32\mkl_lapack32.dll
2009-12-16 16:19 . 2009-07-13 18:04 2125824 ----a-w- c:\windows\system32\mkl_lapack64.dll
2009-12-16 16:19 . 2009-07-13 18:04 184320 ----a-w- c:\windows\system32\libguide40.dll
2009-12-16 16:19 . 2009-12-16 16:19 -------- d-----w- c:\program files\BRS
2009-12-16 16:18 . 2009-12-16 16:18 215760 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-12-16 16:18 . 2009-12-16 16:18 -------- d-----w- c:\windows\system32\XPSViewer
2009-12-16 16:18 . 2009-12-16 16:18 -------- d-----w- c:\program files\Reference Assemblies
2009-12-16 16:18 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-12-16 16:17 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-12-16 16:17 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-12-16 16:17 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-12-16 16:17 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-12-16 16:17 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-12-16 16:17 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2009-12-16 16:17 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-12-16 16:14 . 2009-12-16 16:14 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2009-12-16 16:14 . 2009-12-16 16:14 -------- d-----w- c:\windows\system32\xlive
2009-12-16 16:14 . 2009-12-16 16:14 -------- d-----w- c:\program files\OpenAL
2009-12-16 16:14 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2009-12-16 16:14 . 2009-09-04 16:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2009-12-16 16:14 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2009-12-16 16:13 . 2009-09-04 16:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2009-12-16 16:13 . 2009-09-04 16:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2009-12-16 16:13 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2009-12-16 16:13 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2009-12-16 16:13 . 2009-03-09 14:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-12-16 16:13 . 2009-03-09 14:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2009-12-16 16:13 . 2009-03-09 14:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-12-16 16:13 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-12-16 16:13 . 2009-03-16 13:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-12-16 16:13 . 2009-03-16 13:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-12-16 16:13 . 2009-03-16 13:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2009-12-14 18:55 . 2009-12-14 18:55 -------- d-----w- c:\program files\EA GAMES
2009-12-14 18:54 . 2009-12-14 18:54 -------- d-----w- c:\program files\Common Files\EasyInfo
2009-12-13 08:33 . 2009-12-15 18:21 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\NFS Underground 2
2009-12-13 08:33 . 2009-12-13 08:33 -------- d-----w- c:\program files\Common Files\DirectX
2009-12-13 08:18 . 2009-12-13 08:18 -------- d-----w- c:\program files\7-Zip
2009-12-12 22:04 . 2009-12-19 09:41 -------- d-----w- C:\Downloads
2009-12-12 22:02 . 2009-12-12 22:02 -------- d-----w- C:\profiles
2009-12-12 22:02 . 2009-12-18 15:08 -------- d-----w- c:\program files\Google
2009-12-10 11:44 . 2009-12-10 12:28 -------- d-----w- c:\program files\Caesar III
2009-12-09 08:47 . 2009-12-09 08:47 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\PowerDVDCox
2009-12-09 08:47 . 2009-12-09 08:47 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\PowerDVDCinema
2009-12-09 08:47 . 2009-12-09 08:47 -------- d-----w- c:\documents and settings\Administrator\Application Data\CyberLink
2009-12-09 08:47 . 2009-12-09 08:47 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-12-09 08:47 . 2009-12-09 08:47 -------- d-----w- c:\program files\Common Files\CyberLink
2009-12-09 08:45 . 2009-12-09 08:47 -------- d-----w- c:\program files\CyberLink
2009-12-09 08:45 . 2009-12-09 08:45 29480 ----a-w- c:\windows\system32\msxml3a.dll
2009-12-09 08:45 . 2009-12-09 08:45 53319 ----a-w- c:\documents and settings\All Users\Application Data\TEMP\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe
2009-12-08 18:25 . 2009-12-08 18:25 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Winamp Toolbar

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-03 14:26 . 2009-12-01 18:19 -------- d-----w- c:\program files\ICQ6.5
2010-01-03 14:04 . 2009-11-17 11:14 215104 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-03 13:47 . 2009-11-17 11:14 138576 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-03 13:46 . 2009-11-15 22:05 -------- d-----w- c:\documents and settings\Administrator\Application Data\Xfire
2010-01-02 17:14 . 2009-11-22 21:19 -------- d-----w- c:\program files\Flickr Uploadr
2010-01-01 18:00 . 2009-11-15 15:08 10 ----a-w- c:\windows\popcinfo.dat
2010-01-01 02:01 . 2009-11-16 07:56 -------- d-----w- c:\program files\ESET
2009-12-28 22:00 . 2009-11-25 15:52 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-18 15:53 . 2009-11-15 22:05 -------- d-----w- c:\program files\Xfire
2009-12-17 17:07 . 2009-11-15 08:37 91576 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-16 16:18 . 2009-11-17 21:58 -------- d-----w- c:\program files\MSBuild
2009-12-16 16:14 . 2009-11-15 07:55 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-16 16:14 . 2009-11-15 07:55 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-16 15:55 . 2009-11-29 13:05 -------- d-----w- c:\program files\Codemasters
2009-12-16 15:55 . 2009-11-17 11:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-12 15:34 . 2009-12-12 15:34 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01005.Wdf
2009-12-12 15:34 . 2009-12-12 15:34 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-12-10 21:41 . 2009-11-17 21:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-12-09 11:39 . 2009-11-15 08:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\Sony
2009-12-09 11:39 . 2009-11-15 08:36 -------- d-----w- c:\program files\Sony
2009-12-09 11:38 . 2009-11-15 08:26 -------- d-----w- c:\program files\Sony Setup
2009-12-09 11:22 . 2009-11-17 11:11 -------- d-----w- c:\program files\Activision
2009-12-01 18:20 . 2009-12-01 18:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\ICQ
2009-12-01 18:20 . 2009-12-01 18:20 -------- d-----w- c:\documents and settings\All Users\Application Data\ICQ
2009-11-30 19:33 . 2009-11-30 19:33 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-11-28 13:02 . 2009-11-17 11:14 22328 ----a-w- c:\documents and settings\Administrator\Application Data\PnkBstrK.sys
2009-11-28 13:02 . 2009-11-17 11:14 22328 ----a-w- c:\documents and settings\Administrator\Application Data\PnkBstrK.sys
2009-11-28 13:01 . 2009-11-28 13:01 682280 ----a-w- c:\windows\system32\pbsvc.exe
2009-11-25 15:52 . 2009-11-25 15:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\NetMedia Providers
2009-11-25 11:04 . 2009-11-25 11:04 -------- d-----w- c:\program files\Microsoft Games
2009-11-25 11:03 . 2009-11-23 20:50 -------- d-----w- c:\program files\Common Files\InstallShield
2009-11-25 10:54 . 2009-11-25 10:50 -------- d-----w- c:\documents and settings\Administrator\Application Data\DAEMON Tools Lite
2009-11-25 10:50 . 2009-11-25 10:50 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-11-25 10:50 . 2009-11-25 10:50 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-25 10:50 . 2009-11-25 10:50 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-11-25 07:03 . 2009-11-15 08:22 -------- d-----w- c:\program files\Opera
2009-11-23 20:56 . 2009-11-23 20:56 -------- d-----w- c:\documents and settings\Administrator\Application Data\Creative
2009-11-23 20:54 . 2009-11-23 20:50 -------- d-----w- c:\program files\Creative
2009-11-23 20:53 . 2009-11-23 20:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Creative
2009-11-23 18:17 . 2009-11-23 18:17 -------- d-----w- c:\documents and settings\Administrator\Application Data\Ahead
2009-11-23 15:28 . 2009-11-23 15:28 -------- d-----w- c:\program files\Ahead
2009-11-23 15:28 . 2009-11-23 15:28 -------- d-----w- c:\program files\Common Files\Ahead
2009-11-22 21:26 . 2009-11-22 21:26 -------- d-----w- c:\documents and settings\Administrator\Application Data\Flickr
2009-11-22 15:09 . 2009-11-16 19:59 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-22 14:35 . 2009-11-22 13:09 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent
2009-11-22 14:33 . 2009-11-19 21:31 -------- d-----w- c:\documents and settings\Administrator\Application Data\Zoner
2009-11-22 14:24 . 2009-11-22 14:24 -------- d-----w- c:\program files\Zoner
2009-11-22 13:09 . 2009-11-22 13:09 -------- d-----w- c:\program files\uTorrent
2009-11-21 21:07 . 2009-11-21 17:21 -------- d-----w- c:\documents and settings\Administrator\Application Data\Winamp
2009-11-21 17:24 . 2009-11-15 08:40 183 ----a-w- c:\documents and settings\All Users\Application Data\Last.fm\Client\uninst2.bat
2009-11-21 17:24 . 2009-11-21 17:24 683801 ----a-w- c:\documents and settings\All Users\Application Data\Last.fm\Client\UninstWA\unins000.exe
2009-11-21 17:22 . 2009-11-21 17:21 -------- d-----w- c:\program files\Winamp
2009-11-21 17:21 . 2009-11-21 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Winamp Toolbar
2009-11-21 11:18 . 2009-11-18 16:41 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-11-20 22:38 . 2009-11-15 08:40 683801 ----a-w- c:\documents and settings\All Users\Application Data\Last.fm\Client\UninstWMP\unins000.exe
2009-11-20 22:37 . 2009-11-15 08:30 -------- d-----w- c:\program files\Last.fm
2009-11-18 16:01 . 2009-11-18 16:01 -------- d-----w- c:\program files\Adobe Media Player
2009-11-18 15:59 . 2009-11-18 15:59 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-11-18 15:56 . 2009-11-18 15:56 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-11-18 15:53 . 2009-11-18 15:53 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Xfire
2009-11-17 23:07 . 2009-11-17 23:07 -------- d-----w- c:\documents and settings\LocalService\Application Data\Xfire
2009-11-17 22:40 . 2009-11-17 22:40 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ
2009-11-17 22:40 . 2009-11-17 22:40 -------- d--h--w- c:\program files\CanonBJ
2009-11-17 21:58 . 2009-11-17 21:58 -------- d-----w- c:\program files\Microsoft Works
2009-11-17 21:57 . 2009-11-17 21:57 -------- d-----w- c:\program files\Microsoft.NET
2009-11-17 21:55 . 2009-11-17 21:55 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-11-17 20:43 . 2009-11-17 20:43 -------- d-----w- c:\program files\IrfanView
2009-11-17 18:38 . 2009-11-17 18:38 128682 ----a-w- c:\documents and settings\Administrator\Application Data\Yamb\Uninstall.exe
2009-11-17 18:38 . 2009-11-17 18:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\Yamb
2009-11-17 16:26 . 2009-11-15 10:16 -------- d-----w- c:\program files\Mv2Player
2009-11-17 15:00 . 2009-11-17 11:16 -------- d-----w- c:\program files\megui
2009-11-17 12:22 . 2009-11-17 12:22 -------- d-----w- c:\program files\NuGardt Software
2009-11-17 12:06 . 2009-11-17 11:14 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-17 11:12 . 2009-11-17 11:12 -------- d-----w- c:\program files\AviSynth 2.5
2009-11-16 20:03 . 2009-11-16 20:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Adobe Systems
2009-11-16 20:03 . 2009-11-16 20:03 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2009-11-16 12:43 . 2009-11-16 12:43 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-16 12:43 . 2009-11-16 12:43 -------- d-----w- c:\program files\Java
2009-11-16 12:42 . 2009-11-16 12:42 152576 ----a-w- c:\documents and settings\Administrator\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-16 10:44 . 2009-11-15 07:57 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-11-16 07:56 . 2009-11-16 07:56 512096 ----a-w- c:\windows\system32\drivers\amon.sys
2009-11-16 07:56 . 2009-11-16 07:56 298104 ----a-w- c:\windows\system32\imon.dll
2009-11-16 07:56 . 2009-11-16 07:56 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys
2009-11-15 22:05 . 2009-11-15 22:05 -------- d-----w- c:\program files\XfireXO
2009-11-15 22:05 . 2009-11-15 22:05 -------- d-----w- c:\program files\Conduit
2009-11-15 15:07 . 2009-11-15 15:07 -------- d-----w- c:\program files\GameHouse
2009-11-15 10:14 . 2009-11-15 10:14 -------- d-----w- c:\documents and settings\Administrator\Application Data\Media Player Classic
2009-11-15 10:03 . 2009-11-15 10:03 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-11-15 09:13 . 2009-11-15 09:13 -------- d-----w- c:\documents and settings\Administrator\Application Data\Publish Providers
2009-11-15 08:40 . 2009-11-15 08:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Last.fm
2009-11-15 08:37 . 2009-11-15 08:37 -------- d-----w- c:\program files\Microsoft SQL Server
2009-11-15 08:36 . 2009-11-15 08:36 -------- d-----w- c:\program files\Vstplugins
2009-11-15 08:36 . 2009-11-15 08:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony
2009-11-15 08:30 . 2009-11-15 08:27 23510720 ----a-w- c:\documents and settings\Administrator\Application Data\Sony Setup\09063B41-0916-4360-A80D-0C2A2B89D300\dotnetfx.exe
2009-11-15 08:27 . 2009-11-15 08:27 -------- d-----w- c:\documents and settings\Administrator\Application Data\Sony Setup
2009-11-15 08:16 . 2009-11-15 08:16 -------- d-----w- c:\program files\AGEIA Technologies
2009-11-15 08:16 . 2009-11-15 08:16 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-15 08:16 . 2009-11-15 08:16 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-11-15 08:15 . 2009-11-15 08:15 -------- d-----w- c:\program files\NVIDIA Corporation
2009-11-15 07:57 . 2009-11-15 07:57 -------- d-----w- c:\program files\Windows Media Connect 2
.

------- Sigcheck -------

[-] 2009-02-13 . BA8C046D98345129723E6BCAA1E8AB99 . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys


c:\windows\System32\wscntfy.exe ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-04-28 692224]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-18 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-09-27 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-09-27 13918208]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-11-16 949376]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2008-10-13 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-02-28 75048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-02-13 124928]

c:\documents and settings\Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2009-11-30 3181456]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Administrator\\Desktop\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Codemasters\\DiRT\\DiRT.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Codemasters\\DiRT2\\dirt2_game.exe"=
"c:\\Documents and Settings\\Administrator\\Desktop\\QIP Infium PafoPack\\inf.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [16/11/2009 08:56 15424]
R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/12/09 09:47];c:\program files\CyberLink\PowerDVD9\000.fcl [28/02/2009 19:40 87536]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [25/11/2009 11:50 691696]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://seznam.cz
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
LSP: c:\windows\system32\imon.dll
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\x8gmcjsk.default\
FF - plugin: c:\documents and settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - (no file)
HKLM-Run-nwiz - c:\program files\NVIDIA Corporation\nView\nwiz.exe
HKLM-Run-CmPCIaudio - cmicnfg3.cpl
HKLM-Run-FlashGet - c:\program files\FlashGet Network\FlashGet universal\FlashGet.exe
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-FlashGet 2.0 - c:\program files\FlashGet Network\FlashGet universal\uninst.exe
AddRemove-Fraps - d:\fraps\uninstall.exe
AddRemove-NVIDIA nView Desktop Manager - c:\program files\NVIDIA Corporation\nView\nViewSetup.exe
AddRemove-Winamp Toolbar - c:\program files\Winamp Toolbar\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-03 15:26
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(668)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'lsass.exe'(724)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
Completion time: 2010-01-03 15:27:51
ComboFix-quarantined-files.txt 2010-01-03 14:27

Pre-Run: 80,400,957,440 bytes free
Post-Run: 80,368,250,880 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 882A20C58F8324C7F3D4C197E9248AF6




/// jinak qip používám, ale nainstaloval sem ho jenom proto, že sem měl portable mirandu a spam chodil už z ní, doufal sem, že odstaněním mirandy a přechodem na jiný komunikátor se to vyřeší.. ale nevyřešilo
Nahoru
Uživatelský avatar
Unlimited_Killer
Přítel fóra
Přítel fóra
Příspěvky: 1969
Registrován: 24 srp 2009 16:18

Re: kontrola logu, děkuji

#8 Příspěvek od Unlimited_Killer »

Dobře. Omlouvám se za zpoždění - to víte, začala škola :)
Další pokyny.

~~~

Otevřete si Poznámkový blok a zkopírujte do něj

Kód: Vybrat vše

KillAll::

SRPeek::
c:\windows\System32\wscntfy.exe

Restore::
wscntfy.exe

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
uložte to na Plochu jako CFScript.txt Pak jej myší přetáhněte nad ComboFix (!musí být na Ploše!) a pusťte.

Obrázek

ComboFix vykoná příkazy ze skriptu, PC může být opět restartován.
Po skončení mi sem dejte log, který na Vás po dočistění vybafne.

~~~

Otestujte na VirusTotal soubory:

Kód: Vybrat vše

c:\windows\system32\drivers\tcpip.sys
Jednoduše tam vkopírujete cesty, co jsem napsal do code, když Vám to napíše, že soubor byl testován, dejte otestovat znovu. Poté jsem vložíte linky (odkazy) na jednotlivé testy.

~~~

Stáhněte SystemLook.
Dvojklikem spusťte soubor SystemLook.exe
Do bílého textového pole vkopírujte tento skript:

Kód: Vybrat vše

:filefind
tcpip.sys
Nyní klikněte na 'Look'.
Poté se Vám otevře Poznámkový blok, jehož obsah vkopírujte sem do tématu.
inactive
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“