niekedy mi firefox otvori okno zo strankou adultfriendfinder.com
a PC sa mi zda mierne spomaleny
precistil som uz CCLEANEROM aj ADVANCED SYSTEM CARE
LOG s RSIT:
Logfile of random's system information tool 1.06 (written by random/random)
Run by uzivatel at 2010-01-03 15:11:19
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (24%) free of 30 GB
Total RAM: 2047 MB (63% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:11:23, on 3.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\WINDOWS\system32\ASWL2K.exe
C:\WINDOWS\System32\svchost.exe
D:\Program\NetLimiter 2 Pro\nlsvc.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
D:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\TeamViewer\Version5\TeamViewer.exe
C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\vsnp2std.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\Program\iTunes\iTunesHelper.exe
D:\Program\RocketDock\RocketDock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
D:\Program\QIP\qip.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\uzivatel\Local Settings\Temporary Internet Files\Content.IE5\NDJ3G98F\RSIT[1].exe
D:\Program\HijackThis\uzivatel.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: GamingHarbor Toolbar - {5617ECA9-488D-4BA2-8562-9710B9AB78D2} - (no file)
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKCU\..\Run: [RocketDock] "D:\Program\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Program\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [braviax] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.sk/s/v/56.11/uploader2.cab
O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/39.24/uploader2.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.2.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se1140.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 7608138187
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: eBoostr Service (EBOOSTRSVC) - eBoostr.com - C:\Program Files\eBoostr\EBstrSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c9906acf8ade4c) (gupdate1c9906acf8ade4c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\nero\Nero\Nero8\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\nero\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - D:\nero\Nero\Nero8\InCD\NBHRegInCDSrv.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - D:\Program\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
--
End of file - 10635 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{45D1BA51-D05A-4ABE-959B-41BCC0C6128C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5617ECA9-488D-4BA2-8562-9710B9AB78D2} - []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-04-30 13750272]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-04-30 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-04-10 17879552]
"snp2std"=C:\WINDOWS\vsnp2std.exe [2006-09-15 675840]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
"QuickTime Task"=D:\Program\QuickTime\qttask.exe [2009-09-05 417792]
"iTunesHelper"=D:\Program\iTunes\iTunesHelper.exe [2009-09-21 305440]
"PinnacleDriverCheck"=C:\WINDOWS\system32\PSDrvCheck.exe [2004-03-11 406016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=D:\Program\RocketDock\RocketDock.exe [2007-09-02 495616]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AlcoholAutomount"=D:\Program\Alcohol Soft\Alcohol 120\axcmd.exe [2007-08-01 222592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
D:\Program\IObit\Advanced SystemCare 3\AWC.exe [2009-11-04 2334856]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe [2007-09-13 380928]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Control Center]
D:\Program\ASUS\WLAN Card Utilities\Center.exe [2006-08-15 1696256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLSDeviceControlPanel]
C:\WINDOWS\system32\FLSDEVCP.EXE [2009-12-10 91696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
D:\Program\Picasa2\PicasaMediaDetector.exe [2008-08-21 443968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Program\QuickTime\qttask.exe [2009-09-05 417792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SteamUp]
D:\Call of Duty Modern Warfare 2\Cracked Steam\steam.exe [2009-12-08 1217808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-09-25 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2009-07-20 813584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^uzivatel^Start Menu^Programs^Startup^Adobe Gamma.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-09-25 113664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^uzivatel^Start Menu^Programs^Startup^Registration .LNK]
[]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 72208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=
"NoDrives"=
"NoDriveAutoRun"=
"NoResolveSearch"=
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program\TeamViewer3\TeamViewer.exe"="D:\Program\TeamViewer3\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"D:\Program\TmNationsForever\TmForever.exe"="D:\Program\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\ASUS\GamerOSD\GamerOSD.exe"="C:\Program Files\ASUS\GamerOSD\GamerOSD.exe:*:Enabled:ASUS GamerOSD"
"D:\Program\Namo\WebEditor 2006\bin\WebEditor.exe"="D:\Program\Namo\WebEditor 2006\bin\WebEditor.exe:*:Enabled:Namo WebEditor 2006"
"D:\VAL\Counter-Strike Source\hl2.exe"="D:\VAL\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"D:\Program\Hamachi\hamachi.exe"="D:\Program\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\WINDOWS\system32\winver.exe"="C:\WINDOWS\system32\winver.exe:*:Enabled:winver"
"D:\FlatOut\FlatOut2\FlatOut2.exe"="D:\FlatOut\FlatOut2\FlatOut2.exe:*:Enabled:FlatOut2"
"D:\Program\HLSW\hlsw.exe"="D:\Program\HLSW\hlsw.exe:*:Enabled:HLSW Application"
"D:\Program\Opera\opera.exe"="D:\Program\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\Age of Empires II\empires2.exe"="D:\Age of Empires II\empires2.exe:*:Enabled:Age of Empires II"
"D:\Program\phpDesigner 2008\phpDesigner2008.exe"="D:\Program\phpDesigner 2008\phpDesigner2008.exe:*:Enabled:phpDesigner2008"
"C:\Program Files\ASUS\GamerOSD\SBS.exe"="C:\Program Files\ASUS\GamerOSD\SBS.exe:*:Enabled:ASUS SBS Application"
"E:\Need for Speed Underground 2\speed2.exe"="E:\Need for Speed Underground 2\speed2.exe:*:Enabled:speed2"
"D:\Program\Pinnacle\Studio 12\Programs\RM.exe"="D:\Program\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"D:\Program\Pinnacle\Studio 12\Programs\Studio.exe"="D:\Program\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"D:\Program\Pinnacle\Studio 12\Programs\umi.exe"="D:\Program\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"E:\Crysis\Bin32\Crysis.exe"="E:\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"E:\Crysis\Bin32\CrysisDedicatedServer.exe"="E:\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"D:\Battlefield 2142 Demo\BF2142.exe"="D:\Battlefield 2142 Demo\BF2142.exe:*:Enabled:BF2142"
"C:\WINDOWS\system32\java.exe"="C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\EA SPORTS\FIFA 08\Crack FIFA 08\FIFA08.exe"="D:\EA SPORTS\FIFA 08\Crack FIFA 08\FIFA08.exe:*:Enabled:FIFA08"
"D:\Program\QIP Infium\infium.exe"="D:\Program\QIP Infium\infium.exe:*:Enabled:QIP Infium"
"D:\FlatOut\FlatOut\flatout.exe"="D:\FlatOut\FlatOut\flatout.exe:*:Disabled:flatout"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe"="E:\GTA 4\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"E:\GTA 4\Grand Theft Auto IV\LaunchGTAIV.exe"="E:\GTA 4\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"E:\Call of Duty - World at War\CoDWaWmp.exe"="E:\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"E:\Call of Duty - World at War\CoDWaW.exe"="E:\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"D:\Program\ICQ6.5\ICQ.exe"="D:\Program\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\Program\Opera 10 Preview\opera.exe"="D:\Program\Opera 10 Preview\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="E:\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"E:\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="E:\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"E:\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="E:\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\Program\Opera-unite\opera.exe"="D:\Program\Opera-unite\opera.exe:*:Enabled:Opera Internet Browser"
"E:\Far Cry 2\bin\FarCry2.exe"="E:\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"E:\Far Cry 2\bin\FC2Launcher.exe"="E:\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"E:\Far Cry 2\bin\FC2Editor.exe"="E:\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"D:\Program\iTunes\iTunes.exe"="D:\Program\iTunes\iTunes.exe:*:Enabled:iTunes"
"K:\Hry\Call of Duty 4 - Modern Warfare\iw3mp.exe"="K:\Hry\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"D:\Battlefield 2142\BF2142.exe"="D:\Battlefield 2142\BF2142.exe:*:Enabled:Battlefield 2"
"D:\Program\Pinnacle\Studio 10\programs\RM.exe"="D:\Program\Pinnacle\Studio 10\programs\RM.exe:*:Enabled:Render Manager"
"D:\Program\Pinnacle\Studio 10\programs\Studio.exe"="D:\Program\Pinnacle\Studio 10\programs\Studio.exe:*:Enabled:Studio"
"D:\Program\Pinnacle\Studio 10\programs\PMSRegisterFile.exe"="D:\Program\Pinnacle\Studio 10\programs\PMSRegisterFile.exe:*:Enabled:PMSRegisterFile"
"D:\Program\Pinnacle\Studio 10\programs\umi.exe"="D:\Program\Pinnacle\Studio 10\programs\umi.exe:*:Enabled:umi"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
======List of files/folders created in the last 1 months======
2010-01-03 15:11:19 ----D---- C:\rsit
2010-01-03 14:48:20 ----A---- C:\WINDOWS\system32\dk2vdd.dll
2010-01-03 14:48:20 ----A---- C:\WINDOWS\system32\DK2UInst.exe
2010-01-03 14:48:20 ----A---- C:\WINDOWS\system32\dk2cp32.dll
2010-01-01 11:54:24 ----D---- C:\Documents and Settings\uzivatel\Application Data\Audacity
2009-12-31 14:27:16 ----D---- C:\Program Files\MSECache
2009-12-29 11:06:52 ----D---- C:\Documents and Settings\All Users\Application Data\AMMYY
2009-12-27 11:45:11 ----D---- C:\Documents and Settings\uzivatel\Application Data\Miranda
2009-12-18 22:11:28 ----A---- C:\WINDOWS\system32\vbzlib1.dll
2009-12-18 22:11:27 ----D---- C:\Program Files\DsNET Corp
2009-12-10 12:42:05 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2009-12-10 12:42:05 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2009-12-10 12:38:16 ----A---- C:\WINDOWS\system32\FLSINSTU.INI
2009-12-10 11:07:17 ----A---- C:\WINDOWS\system32\flsinst.ini
2009-12-10 11:07:17 ----A---- C:\WINDOWS\system32\FLSDEVCP.EXE
2009-12-10 11:07:17 ----A---- C:\WINDOWS\system32\flscoins.dll
2009-12-10 11:07:17 ----A---- C:\WINDOWS\FLS1.INI
2009-12-10 11:07:16 ----A---- C:\WINDOWS\system32\FLSINST.DLL
2009-12-10 11:07:16 ----A---- C:\WINDOWS\system32\FLS5FL32.DLL
2009-12-10 11:07:16 ----A---- C:\WINDOWS\system32\fls1wn32.dll
2009-12-10 11:07:16 ----A---- C:\WINDOWS\system32\fls1wn16.dll
2009-12-10 11:07:16 ----A---- C:\WINDOWS\system32\fle5wn32.dll
2009-12-10 11:07:16 ----A---- C:\WINDOWS\system32\fle5wn16.dll
2009-12-10 11:06:30 ----A---- C:\WINDOWS\system32\vercp32.dll
2009-12-10 11:06:30 ----A---- C:\WINDOWS\system32\DNCP32.DLL
2009-12-10 11:06:30 ----A---- C:\WINDOWS\system32\DNClnt32.dll
2009-12-10 11:06:30 ----A---- C:\WINDOWS\system32\dkcpanel.exe
2009-12-10 11:06:30 ----A---- C:\WINDOWS\system32\DKCLINST.DLL
2009-12-10 11:06:30 ----A---- C:\WINDOWS\system32\dk2win16.dll
2009-12-10 11:06:29 ----D---- C:\Program Files\Common Files\DESkey
2009-12-10 11:06:28 ----A---- C:\WINDOWS\system32\DK2INST.DLL
2009-12-10 11:05:23 ----D---- C:\Program Files\MSXML 6.0
2009-12-09 13:24:10 ----D---- C:\Documents and Settings\uzivatel\Application Data\Thunderbird
2009-12-09 07:34:19 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-09 07:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-09 07:32:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-09 07:32:43 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-09 07:32:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
======List of files/folders modified in the last 1 months======
2010-01-03 15:11:11 ----D---- C:\WINDOWS\temp
2010-01-03 15:03:42 ----SHD---- C:\WINDOWS\Installer
2010-01-03 15:03:42 ----HD---- C:\Config.Msi
2010-01-03 14:59:24 ----D---- C:\WINDOWS
2010-01-03 14:58:54 ----RD---- C:\Program Files
2010-01-03 14:55:33 ----D---- C:\Program Files\Windows Desktop Search
2010-01-03 14:54:31 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-01-03 14:54:08 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-03 14:54:07 ----HD---- C:\WINDOWS\inf
2010-01-03 14:54:07 ----D---- C:\WINDOWS\system32\wbem
2010-01-03 14:54:07 ----D---- C:\WINDOWS\system32
2010-01-03 14:53:28 ----D---- C:\Program Files\Common Files
2010-01-03 14:52:34 ----HD---- C:\Program Files\Uninstall Information
2010-01-03 14:52:26 ----A---- C:\WINDOWS\system.ini
2010-01-03 14:48:20 ----D---- C:\WINDOWS\system32\drivers
2010-01-03 14:46:47 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-03 14:40:13 ----D---- C:\WINDOWS\Prefetch
2010-01-03 14:19:35 ----A---- C:\WINDOWS\VFO.INI
2010-01-03 13:24:32 ----D---- C:\Documents and Settings\All Users\Application Data\TrackMania
2010-01-02 16:22:15 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-01 22:36:50 ----D---- C:\Documents and Settings\uzivatel\Application Data\Skype
2010-01-01 20:15:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-01 16:27:19 ----D---- C:\Documents and Settings\uzivatel\Application Data\Vso
2010-01-01 16:03:40 ----D---- C:\Documents and Settings\uzivatel\Application Data\skypePM
2010-01-01 15:27:16 ----A---- C:\WINDOWS\wincmd.ini
2010-01-01 14:10:41 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-01-01 13:28:56 ----D---- C:\Documents and Settings\uzivatel\Application Data\AbsoluteTelnet
2010-01-01 12:18:50 ----D---- C:\Documents and Settings\uzivatel\Application Data\Hamachi
2009-12-31 15:27:59 ----SD---- C:\Documents and Settings\uzivatel\Application Data\Microsoft
2009-12-31 14:27:31 ----RSD---- C:\WINDOWS\Fonts
2009-12-31 14:27:27 ----D---- C:\Program Files\Microsoft Office
2009-12-31 14:27:26 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-12-25 13:32:28 ----D---- C:\Program Files\Google
2009-12-21 15:54:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-17 18:25:38 ----D---- C:\Documents and Settings\uzivatel\Application Data\HLSW
2009-12-12 13:36:20 ----D---- C:\WINDOWS\Debug
2009-12-10 12:42:23 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2009-12-10 12:42:19 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-10 12:41:58 ----D---- C:\Program Files\Nokia
2009-12-10 12:41:10 ----D---- C:\Program Files\Common Files\Nokia
2009-12-10 12:40:12 ----D---- C:\WINDOWS\WinSxS
2009-12-09 16:34:29 ----D---- C:\WINDOWS\system32\Restore
2009-12-09 07:33:02 ----D---- C:\Program Files\Internet Explorer
2009-12-09 07:32:56 ----D---- C:\WINDOWS\ie8updates
2009-12-09 07:32:54 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-06 17:25:30 ----A---- C:\WINDOWS\win.ini
2009-12-06 16:59:58 ----D---- C:\Documents and Settings\uzivatel\Application Data\Azureus
2009-12-05 11:21:33 ----D---- C:\Program Files\TeamViewer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2007-09-13 11136]
R1 dk2drv;DK2 WindowsNT Driver; \??\C:\WINDOWS\SYSTEM32\Drivers\dk2drv.sys []
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-05-14 55768]
R1 InCDPass;Nero InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2008-06-10 38952]
R1 incdrm;Nero InCD MRW Remapper; C:\WINDOWS\system32\drivers\InCDRm.sys [2008-06-10 40488]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 VBoxDrv;VirtualBox Service; C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys [2009-09-09 115856]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [2009-09-09 41424]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-01-23 20747]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-02-28 279712]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-05-14 133000]
R2 FLE5WNNT;FLE-5 WindowsNT Driver; \??\C:\WINDOWS\System32\Drivers\fle5wnnt.sys []
R2 FLSIFACE;FLSIface; \??\C:\WINDOWS\System32\Drivers\flsiface.sys []
R2 FLSPAR;FLSPar; \??\C:\WINDOWS\System32\Drivers\flspar.sys []
R2 FLSSER;FLSSer; \??\C:\WINDOWS\System32\Drivers\flsser.sys []
R2 FLSVCOM;FLSVCom; \??\C:\WINDOWS\System32\Drivers\flsvcom.sys []
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-02-28 25888]
R2 PARLDR2K;ParLdr2k; \??\C:\WINDOWS\system32\drivers\parldr2k.sys []
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2005-02-23 11264]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\system32\ASNDIS5.SYS []
R3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\WINDOWS\system32\drivers\asusgsb.sys [2007-09-13 12416]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-05-14 33096]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-08-05 26056]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-04-14 5069312]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-12-18 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-12-18 28816]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-06-02 171008]
R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys [2008-07-29 116736]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-04-30 8055584]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2005-11-02 10368]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-07-28 143360]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-11-08 12006784]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2009-08-05 91472]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [2009-09-09 100368]
R3 Video3D;ASUS Video3D Service; C:\WINDOWS\System32\Drivers\Video3D32.sys [2007-09-13 10752]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
R4 InCDfs;Nero InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2008-06-10 128424]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 Uim_IM;UIM Drive Backup Image Plugin; C:\WINDOWS\System32\Drivers\Uim_IM.sys []
S1 UimBus;Universal Image Mounter Controller; C:\WINDOWS\system32\DRIVERS\UimBus.sys []
S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-14 48128]
S3 afj6jiff;afj6jiff; C:\WINDOWS\system32\drivers\afj6jiff.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2008-08-05 1684736]
S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-14 38912]
S3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Bluetooth Modem Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-07 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-07 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-07 21568]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-12-18 63248]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-12-18 79248]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2006-01-04 1389056]
S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2004-07-09 52096]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 PRODIGY;PRODIGY; C:\WINDOWS\System32\Drivers\PRODIGY.SYS [2006-08-29 32377]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 RT73;ASUS USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2008-01-15 459520]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 VBoxUSB;VirtualBox USB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [2009-09-09 32016]
S3 WimFltr;WimFltr; C:\WINDOWS\system32\DRIVERS\wimfltr.sys [2008-01-18 131000]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 ASWLSVC;ASWLSVC; C:\WINDOWS\system32\ASWLSVC.exe [2004-05-06 496640]
R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2007-09-13 258560]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 MSSQL$PINNACLESYS;MSSQL$PINNACLESYS; D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [2008-12-18 9158656]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nlsvc;NetLimiter; D:\Program\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-04-30 168004]
R2 PinnacleSys.MediaServer;Pinnacle Systems Media Service; C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe [2006-01-19 49152]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-11-12 66872]
R2 StarWindServiceAE;StarWind AE Service; D:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2009-11-27 185640]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-21 545568]
S1 InCDRec;Nero InCD File System Recognizer; C:\WINDOWS\system32\drivers\InCDRec.sys [2008-06-10 18088]
S2 gupdate1c9906acf8ade4c;Služba Google Update (gupdate1c9906acf8ade4c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-16 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-11-18 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EBOOSTRSVC;eBoostr Service; C:\Program Files\eBoostr\EBstrSvc.exe [2009-01-28 634488]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-02-13 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 InCDsrv;InCD Helper; D:\nero\Nero\Nero8\InCD\InCDsrv.exe [2008-06-10 1442088]
S3 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-10-20 152984]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; D:\nero\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S3 NeroRegInCDSrv;Nero Registry InCD Service; D:\nero\Nero\Nero8\InCD\NBHRegInCDSrv.exe [2008-06-10 53032]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-25 537896]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 SQLAgent$PINNACLESYS;SQLAgent$PINNACLESYS; D:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE [2005-05-03 323584]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-19 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
spomaleny pc + automaticke otvaranie nevyziadanej stranky
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spomaleny pc + automaticke otvaranie nevyziadanej stranky
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Dvdrw
- 3. Stupeň Varování
- Příspěvky: 29
- Registrován: 13 srp 2008 07:36
- Bydliště: Slovakia :-D
- Kontaktovat uživatele:
Re: spomaleny pc + automaticke otvaranie nevyziadanej stranky
tu je log z CF
ComboFix 10-01-02.05 - uzivatel 03.01.2010 15:33:03.11.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2047.1512 [GMT 1:00]
Running from: e:\lubos\virus\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\uboqaje.vbs
c:\documents and settings\All Users\Documents\jahoq.reg
c:\documents and settings\All Users\Documents\ogiloxuby.vbs
c:\documents and settings\LocalService\Application Data\emife.reg
c:\documents and settings\LocalService\Application Data\fazewuj.inf
c:\documents and settings\LocalService\Cookies\agudagysu.sys
c:\documents and settings\LocalService\Cookies\bovaha.bin
c:\documents and settings\LocalService\Cookies\usenopu.scr
c:\documents and settings\LocalService\Local Settings\Application Data\gyfory.reg
c:\documents and settings\LocalService\Local Settings\Temporary Internet Files\ecasajive.dl
c:\documents and settings\LocalService\Local Settings\Temporary Internet Files\idyt._dl
c:\documents and settings\LocalService\Local Settings\Temporary Internet Files\onifohopuk.bin
c:\documents and settings\LocalService\Local Settings\Temporary Internet Files\uciqi.com
c:\documents and settings\LocalService\Local Settings\Temporary Internet Files\vosoqinyw.exe
c:\documents and settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\uzivatel\Local Settings\Application Data\DoubleD
c:\documents and settings\uzivatel\My Documents\BackupRegistry(20090726).reg
c:\documents and settings\uzivatel\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.4.0.4340\adwpx.exe
c:\program files\Internet Saving Optimizer\3.4.0.4340\Data\config.md
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPIEaddon.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.dat
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
c:\program files\Media Access Startup
c:\program files\Media Access Startup\1.5.0.850\Data\config.md
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome.manifest
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.5.0.850\FF\install.rdf
c:\program files\Media Access Startup\1.5.0.850\HPCommon.dll
c:\program files\Media Access Startup\1.5.0.850\HPIEaddon.dll
c:\program files\Media Access Startup\1.5.0.850\hppx.exe
c:\program files\Media Access Startup\1.5.0.850\MAHelper.exe
c:\program files\Media Access Startup\1.5.0.850\unins000.dat
c:\program files\Media Access Startup\1.5.0.850\unins000.exe
c:\windows\ivequryq.bat
c:\windows\ivusabyh.reg
c:\windows\izytabun.bat
c:\windows\nyhaqul.dll
c:\windows\patyb.inf
c:\windows\system32\AutoRun.inf
c:\windows\system32\vbzlib1.dll
c:\windows\uqyduny.bat
c:\windows\ycyh.dll
.
((((((((((((((((((((((((( Files Created from 2009-12-03 to 2010-01-03 )))))))))))))))))))))))))))))))
.
2010-01-03 14:18 . 2010-01-03 14:17 389120 ----a-w- c:\windows\system32\CF16376.exe
2010-01-03 14:11 . 2010-01-03 14:11 -------- d-----w- C:\rsit
2010-01-03 13:48 . 2010-01-03 13:48 76600 ----a-w- c:\windows\system32\dk2cp32.dll
2010-01-03 13:48 . 2010-01-03 13:48 49720 ----a-w- c:\windows\system32\drivers\dk2drv.sys
2010-01-03 13:48 . 2010-01-03 13:48 30520 ----a-w- c:\windows\system32\DK2UInst.exe
2010-01-03 13:48 . 2010-01-03 13:48 24488 ----a-w- c:\windows\system32\dk2vdd.dll
2010-01-03 13:48 . 2010-01-03 13:48 18360 ----a-w- c:\windows\system32\drivers\DK2USB.sys
2010-01-02 07:47 . 2010-01-02 07:47 -------- d-----w- c:\documents and settings\Elenka\Local Settings\Application Data\HP
2010-01-01 19:15 . 2008-04-13 23:16 38912 -c--a-w- c:\windows\system32\dllcache\avc.sys
2010-01-01 19:15 . 2008-04-13 23:16 38912 ----a-w- c:\windows\system32\drivers\avc.sys
2010-01-01 19:15 . 2008-04-13 23:16 48128 -c--a-w- c:\windows\system32\dllcache\61883.sys
2010-01-01 19:15 . 2008-04-13 23:16 48128 ----a-w- c:\windows\system32\drivers\61883.sys
2010-01-01 10:54 . 2010-01-02 15:21 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Audacity
2009-12-31 13:27 . 2009-12-31 13:27 -------- d-----w- c:\program files\MSECache
2009-12-29 10:06 . 2009-12-29 17:56 -------- d-----w- c:\documents and settings\All Users\Application Data\AMMYY
2009-12-27 10:45 . 2009-12-27 10:45 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Miranda
2009-12-18 21:11 . 2009-12-18 21:11 -------- d-----w- c:\program files\DsNET Corp
2009-12-10 13:32 . 2006-08-29 14:56 32377 ----a-w- c:\windows\system32\drivers\prodigy.sys
2009-12-10 11:42 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-12-10 11:42 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-12-10 11:42 . 2009-10-06 10:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-12-10 11:42 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-12-10 11:42 . 2009-10-06 10:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-12-10 11:42 . 2009-10-06 10:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-12-10 10:06 . 2009-12-10 10:06 92984 ----a-w- c:\windows\system32\DNClnt32.dll
2009-12-10 10:06 . 2009-12-10 10:06 92984 ----a-w- c:\windows\system32\dkcpanel.exe
2009-12-10 10:06 . 2009-12-10 10:06 89400 ----a-w- c:\windows\system32\DNCP32.DLL
2009-12-10 10:06 . 2009-12-10 10:06 64312 ----a-w- c:\windows\system32\vercp32.dll
2009-12-10 10:06 . 2009-12-10 10:06 32208 ----a-w- c:\windows\system32\dk2win16.dll
2009-12-10 10:06 . 2009-12-10 10:06 14856 ----a-w- c:\windows\system32\drivers\dkpccard.sys
2009-12-10 10:06 . 2009-12-10 10:06 11576 ----a-w- c:\windows\system32\DKCLINST.DLL
2009-12-10 10:06 . 2009-12-10 10:06 -------- d-----w- c:\program files\Common Files\DESkey
2009-12-10 10:06 . 2009-12-10 10:06 2325304 ----a-w- c:\windows\system32\DK2INST.DLL
2009-12-10 10:05 . 2009-12-10 10:05 -------- d-----w- c:\program files\MSXML 6.0
2009-12-09 12:24 . 2009-12-09 12:24 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Thunderbird
2009-12-05 12:25 . 2009-12-25 12:30 -------- d-----w- c:\documents and settings\uzivatel\Local Settings\Application Data\Temp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-03 14:39 . 2009-05-05 18:45 12 ----a-w- c:\windows\bthservsdp.dat
2010-01-03 13:55 . 2008-08-01 17:15 -------- d-----w- c:\program files\Windows Desktop Search
2010-01-03 13:46 . 2008-07-30 03:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-03 13:19 . 2008-08-05 15:53 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2010-01-03 12:24 . 2008-08-03 15:40 -------- d-----w- c:\documents and settings\All Users\Application Data\TrackMania
2010-01-02 08:12 . 2008-08-09 16:50 111072 ----a-w- c:\documents and settings\Elenka\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-01 21:36 . 2008-08-23 15:36 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Skype
2010-01-01 15:27 . 2008-08-01 18:15 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Vso
2010-01-01 15:03 . 2008-07-31 19:02 -------- d-----w- c:\documents and settings\uzivatel\Application Data\skypePM
2010-01-01 12:28 . 2008-07-31 18:56 -------- d-----w- c:\documents and settings\uzivatel\Application Data\AbsoluteTelnet
2010-01-01 11:18 . 2008-08-05 18:21 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Hamachi
2009-12-31 16:15 . 2008-07-30 02:09 111072 ----a-w- c:\documents and settings\uzivatel\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-31 11:45 . 2008-08-01 20:02 62256 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-30 20:05 . 2008-09-17 19:01 -------- d-----w- c:\documents and settings\Elenka\Application Data\Skype
2009-12-30 20:03 . 2008-09-17 19:03 -------- d-----w- c:\documents and settings\Elenka\Application Data\skypePM
2009-12-25 12:32 . 2008-08-23 15:35 -------- d-----w- c:\program files\Google
2009-12-17 17:25 . 2008-08-15 00:55 -------- d-----w- c:\documents and settings\uzivatel\Application Data\HLSW
2009-12-17 05:33 . 2008-10-18 06:53 -------- d-----w- c:\documents and settings\Elenka\Application Data\Apple Computer
2009-12-10 11:42 . 2008-11-27 14:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-12-10 11:41 . 2008-08-01 15:32 -------- d-----w- c:\program files\Nokia
2009-12-10 11:41 . 2008-11-27 14:35 -------- d-----w- c:\program files\Common Files\Nokia
2009-12-10 11:39 . 2009-12-10 11:39 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{12D6E140-AEDB-4F78-9D4A-643786772120}\Installer\CommonCustomActions\msxml6Exec.exe
2009-12-10 11:39 . 2009-12-10 11:39 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{12D6E140-AEDB-4F78-9D4A-643786772120}\Installer\CommonCustomActions\Sleep.exe
2009-12-10 11:39 . 2009-12-10 11:39 3203453 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{12D6E140-AEDB-4F78-9D4A-643786772120}\Installer\CommonCustomActions\vcredistExec.exe
2009-12-10 10:06 . 2009-12-10 10:06 10134 ----a-r- c:\documents and settings\uzivatel\Application Data\Microsoft\Installer\{1684A7CA-EF86-455B-B52A-B54F3FEDB78A}\ARPPRODUCTICON.exe
2009-12-10 09:57 . 2009-12-10 11:40 24610416 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{12D6E140-AEDB-4F78-9D4A-643786772120}\NokiaSoftwareUpdaterSetup_sk.exe
2009-12-06 15:59 . 2009-02-03 10:40 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Azureus
2009-12-05 15:09 . 2009-11-15 20:30 1025536 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-12-05 10:21 . 2009-01-04 14:49 -------- d-----w- c:\program files\TeamViewer
2009-11-30 15:28 . 2009-02-03 10:40 -------- d-----w- c:\program files\Vuze
2009-11-24 15:23 . 2009-11-24 15:22 -------- d-----w- c:\documents and settings\uzivatel\Application Data\avidemux
2009-11-23 19:30 . 2009-11-23 19:30 -------- d-----w- c:\documents and settings\All Users\Application Data\hps
2009-11-23 16:08 . 2008-08-14 19:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Kodak
2009-11-23 13:24 . 2009-11-23 12:37 -------- d-----w- c:\program files\Kodak
2009-11-18 17:30 . 2009-11-18 17:28 -------- d-----w- c:\documents and settings\Elenka\Application Data\Vso
2009-11-12 20:48 . 2009-11-12 20:48 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-12 20:48 . 2009-11-12 20:48 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-11-12 20:48 . 2009-11-12 20:48 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-10 17:32 . 2008-08-15 00:55 -------- d-----w- c:\documents and settings\uzivatel\Application Data\TeamViewer Manager
2009-11-10 17:32 . 2008-07-31 19:04 -------- d-----w- c:\documents and settings\uzivatel\Application Data\TeamViewer
2009-11-10 17:31 . 2009-01-20 14:51 -------- d-----w- c:\program files\Common Files\EasyInfo
2009-11-10 17:29 . 2008-08-11 19:35 -------- d-----w- c:\documents and settings\uzivatel\Application Data\uTorrent
2009-11-10 17:29 . 2008-08-15 00:55 -------- d-----w- c:\documents and settings\uzivatel\Application Data\DNA
2009-11-10 17:29 . 2008-07-31 18:56 -------- d-----w- c:\documents and settings\uzivatel\Application Data\BitTorrent
2009-11-10 16:10 . 2009-11-10 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle Studio
2009-11-10 15:57 . 2009-11-10 15:57 -------- d-----w- c:\program files\Microsoft SQL Server
2009-11-10 15:51 . 2009-11-10 15:51 -------- d-----w- c:\program files\SmartSound Software
2009-11-10 15:51 . 2009-11-10 15:51 -------- d-----w- c:\documents and settings\All Users\Application Data\SmartSound Software Inc
2009-11-10 15:50 . 2009-11-10 15:49 -------- d-----w- c:\program files\DivX
2009-11-10 15:48 . 2009-11-10 15:48 29926 ----a-r- c:\documents and settings\uzivatel\Application Data\Microsoft\Installer\{EEECE229-49F6-4851-A73A-99B058221F8C}\ARPPRODUCTICON.exe
2009-11-07 17:07 . 2009-11-07 17:07 -------- d-----w- c:\program files\Common Files\Native Instruments
2009-11-04 15:09 . 2009-09-16 11:03 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Red Alert 3
2009-10-29 07:45 . 2006-02-28 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-27 18:58 . 2009-10-27 18:58 10134 ----a-r- c:\documents and settings\uzivatel\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2009-10-21 05:38 . 2006-02-28 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2006-02-28 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2006-02-28 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:30 . 2006-02-28 12:00 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2006-02-28 12:00 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2006-02-28 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-08 13:57 . 2007-10-09 11:03 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2009-10-08 13:57 . 2006-02-28 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 13:56 . 2006-02-28 12:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-06 10:52 . 2008-08-01 15:32 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-09-08 09:00 . 2009-09-08 09:00 10455 ----a-w- c:\program files\Common Files\litorew.bin
2009-09-07 16:17 . 2009-09-07 16:17 16802 ----a-w- c:\program files\Common Files\lywoxahoxe.bin
2009-09-07 16:17 . 2009-09-07 16:17 15095 ----a-w- c:\program files\Common Files\cuhel.com
2009-09-07 16:17 . 2009-09-07 16:17 10862 ----a-w- c:\program files\Common Files\divadujyf.exe
2009-09-07 14:58 . 2009-09-07 14:58 16615 ----a-w- c:\program files\Common Files\cudamec.lib
2009-09-07 14:58 . 2009-09-07 14:58 10658 ----a-w- c:\program files\Common Files\uwerep._dl
2009-01-24 09:39 . 2009-01-07 12:07 4290 ----a-w- c:\program files\Common Files\unins000.dat
2009-01-24 09:39 . 2009-01-07 12:07 728858 ----a-w- c:\program files\Common Files\unins000.exe
2008-09-11 21:32 . 2008-09-11 21:32 14284 ----a-w- c:\program files\settings.dat
2008-03-09 06:25 . 2009-01-07 12:07 236 ---ha-w- c:\program files\Common Files\dx.reg
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2008-06-10 19:29 97064 ----a-w- d:\nero\Nero\Nero8\InCD\NBHShx.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="d:\program\RocketDock\RocketDock.exe" [2007-09-02 495616]
"AlcoholAutomount"="d:\program\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-08-01 222592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-30 86016]
"RTHDCPL"="RTHDCPL.EXE" [2009-04-10 17879552]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"QuickTime Task"="d:\program\QuickTime\qttask.exe" [2009-09-04 417792]
"iTunesHelper"="d:\program\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0smrgdf c:\program files\iolo\System Mechanic 6
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^uzivatel^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^uzivatel^Start Menu^Programs^Startup^Registration .LNK]
backup=c:\windows\pss\Registration .LNKStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2009-11-04 16:00 2334856 ----a-w- d:\program\IObit\Advanced SystemCare 3\AWC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-08-13 13:51 177440 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
2007-09-13 22:54 380928 ----a-w- c:\program files\ASUS\GamerOSD\GamerOSD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Control Center]
2006-08-15 14:48 1696256 ----a-w- d:\program\ASUS\WLAN Card Utilities\Center.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLSDeviceControlPanel]
2009-12-10 10:07 91696 ----a-w- c:\windows\system32\FLSDEVCP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
2008-08-21 01:18 443968 ----a-w- d:\program\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-04 23:54 417792 ----a-w- d:\program\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SteamUp]
2009-12-08 14:01 1217808 ----a-w- d:\call of duty modern warfare 2\Cracked Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program\\TeamViewer3\\TeamViewer.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"d:\\Program\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\ASUS\\GamerOSD\\GamerOSD.exe"=
"d:\\Program\\Namo\\WebEditor 2006\\bin\\WebEditor.exe"=
"d:\\VAL\\Counter-Strike Source\\hl2.exe"=
"d:\\Program\\Hamachi\\hamachi.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"d:\\FlatOut\\FlatOut2\\FlatOut2.exe"=
"d:\\Program\\HLSW\\hlsw.exe"=
"d:\\Program\\Opera\\opera.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"d:\\Age of Empires II\\empires2.exe"=
"d:\\Program\\phpDesigner 2008\\phpDesigner2008.exe"=
"c:\\Program Files\\ASUS\\GamerOSD\\SBS.exe"=
"e:\\Need for Speed Underground 2\\speed2.exe"=
"d:\\Program\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"d:\\Program\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"d:\\Program\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"e:\\Crysis\\Bin32\\Crysis.exe"=
"e:\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"d:\\Battlefield 2142 Demo\\BF2142.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"d:\\EA SPORTS\\FIFA 08\\Crack FIFA 08\\FIFA08.exe"=
"d:\\Program\\QIP Infium\\infium.exe"=
"d:\\FlatOut\\FlatOut\\flatout.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"e:\\GTA 4\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"e:\\GTA 4\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"e:\\Call of Duty - World at War\\CoDWaWmp.exe"=
"e:\\Call of Duty - World at War\\CoDWaW.exe"=
"d:\\Program\\ICQ6.5\\ICQ.exe"=
"d:\\Program\\Opera 10 Preview\\opera.exe"=
"e:\\Burnout(TM) Paradise The Ultimate Box\\BurnoutLauncher.exe"=
"e:\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"e:\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Program\\Opera-unite\\opera.exe"=
"e:\\Far Cry 2\\bin\\FarCry2.exe"=
"e:\\Far Cry 2\\bin\\FC2Launcher.exe"=
"e:\\Far Cry 2\\bin\\FC2Editor.exe"=
"d:\\Program\\iTunes\\iTunes.exe"=
"k:\\Hry\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"d:\\Battlefield 2142\\BF2142.exe"=
"d:\\Program\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"d:\\Program\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"d:\\Program\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"d:\\Program\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"3724:TCP"= 3724:TCP:Blizzard Downloader
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [19.2.2009 15:28 158720]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [19.2.2009 15:28 5248]
R0 eBoost;eBoostr caching filter driver;c:\windows\system32\drivers\eBoost.sys [28.1.2009 12:34 125544]
R1 dk2drv;DK2 WindowsNT Driver;c:\windows\system32\drivers\dk2drv.sys [3.1.2010 14:48 49720]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 107256]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [23.4.2007 12:03 82200]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [25.10.2008 9:36 115856]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [25.10.2008 9:36 41424]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.5.2009 14:47 731840]
R2 FLE5WNNT;FLE-5 WindowsNT Driver;c:\windows\system32\drivers\fle5wnnt.sys [10.12.2009 11:07 33404]
R2 FLSIFACE;FLSIface;c:\windows\system32\drivers\flsiface.sys [10.12.2009 11:07 13440]
R2 FLSPAR;FLSPar;c:\windows\system32\drivers\flspar.sys [10.12.2009 11:07 16314]
R2 FLSSER;FLSSer;c:\windows\system32\drivers\flsser.sys [10.12.2009 11:07 8344]
R2 FLSVCOM;FLSVCom;c:\windows\system32\drivers\flsvcom.sys [10.12.2009 11:07 34080]
R2 PARLDR2K;ParLdr2k;c:\windows\system32\drivers\parldr2k.sys [10.12.2009 11:07 10454]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [27.11.2009 16:24 185640]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [10.8.2009 9:59 91472]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [5.8.2009 15:20 100368]
S2 gupdate1c9906acf8ade4c;Služba Google Update (gupdate1c9906acf8ade4c);c:\program files\Google\Update\GoogleUpdate.exe [16.2.2009 20:14 133104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [7.5.2009 18:58 1684736]
S3 EBOOSTRSVC;eBoostr Service;c:\program files\eBoostr\EBstrSvc.exe [28.1.2009 12:34 634488]
S3 NeroRegInCDSrv;Nero Registry InCD Service;d:\nero\Nero\Nero8\InCD\NBHRegInCDSrv.exe [10.6.2008 20:29 53032]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [10.12.2009 14:32 32377]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25.1.2008 10:12 25088]
S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [10.8.2009 9:59 32016]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.9.2009 14:39 685816]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
2010-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-16 19:14]
2010-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-16 19:14]
2010-01-03 c:\windows\Tasks\User_Feed_Synchronization-{45D1BA51-D05A-4ABE-959B-41BCC0C6128C}.job
- c:\windows\system32\msfeedssync.exe [2009-09-08 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxp://picasaweb.google.sk/s/v/56.11/uploader2.cab
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath - c:\documents and settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\qzbhyp37.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|http://sk ... official\n
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: d:\program\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: d:\program\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: d:\program\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: d:\program\Opera-unite\program\plugins\npdsplay.dll
FF - plugin: d:\program\Opera-unite\program\plugins\npwmsdrm.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npdsplay.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin2.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin3.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin4.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin5.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin6.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin7.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\NPSWF32.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npwmsdrm.dll
FF - plugin: d:\program\Picasa2\npPicasa2.dll
FF - plugin: d:\program\Picasa2\npPicasa3.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
d:\program\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
AddRemove-{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1 - c:\program files\Media Access Startup\1.5.0.850\unins000.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
AddRemove-BitTorrent - c:\program files\BitTorrent\BitTorrent.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-03 15:42
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A7ED650]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb810cf28
\Driver\ACPI -> ACPI.sys @ 0xb7f47cb8
\Driver\atapi -> 0x8a7ed650
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Realtek PCIe GBE Family Controller -> SendCompleteHandler -> NDIS.sys @ 0xb7dd4bb0
PacketIndicateHandler -> NDIS.sys @ 0xb7de1a21
SendHandler -> NDIS.sys @ 0xb7dbf87b
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-515967899-2139871995-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:f7,32,1f,50,31,fc,51,b7,9c,79,5c,2d,5e,38,7a,75,b7,b6,ad,3b,24,ef,1d,
0d,a7,96,86,3a,99,e4,8a,79,fb,a8,48,74,37,20,8b,11,a5,71,ab,e6,5b,cd,8c,c4,\
"??"=hex:35,ea,7f,92,0d,f1,f8,bb,1a,74,b5,f8,48,7e,20,5e
[HKEY_USERS\S-1-5-21-515967899-2139871995-839522115-1004\Software\SecuROM\License information*]
"datasecu"=hex:3c,77,b4,9f,86,ce,09,fc,3d,84,07,23,ae,8a,03,e5,a3,42,f6,42,17,
34,d1,70,fd,1b,c1,93,38,73,0b,f5,5d,f7,54,70,e9,19,c0,8b,9e,53,f6,1b,65,26,\
"rkeysecu"=hex:11,90,bd,a6,4d,1d,93,f5,30,47,da,08,7c,17,8f,bb
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|˙˙˙˙¤•€|ů•A~*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(500)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
- - - - - - - > 'explorer.exe'(2652)
c:\windows\system32\WININET.dll
d:\program\RocketDock\RocketDock.dll
d:\nero\Nero\Nero8\InCD\NBHShx.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
d:\nero\Nero\Nero8\InCD\NBHStr.dll
c:\program files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll
d:\program\iTunes\iTunesMiniPlayer.dll
d:\program\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll
d:\program\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
d:\program\Nokia\Nokia PC Suite 7\phonebrowser.dll
d:\program\Nokia\Nokia PC Suite 7\NGSCM.DLL
d:\program\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_slk.nlr
d:\program\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
d:\program\Microsoft Virtual PC\VPCShExH.DLL
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\system32\ASWLSVC.exe
c:\windows\ATKKBService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\ASWL2K.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
d:\program files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
d:\program\NetLimiter 2 Pro\nlsvc.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\PnkBstrA.exe
d:\program\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\TeamViewer\Version5\TeamViewer.exe
c:\program files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2010-01-03 15:47:12 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-03 14:47
Pre-Run: 7 195 660 288 bytes free
Post-Run: 7 242 014 720 voľných bajtov
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - 005348819C10526CAE052FE6AD8574A0
ComboFix 10-01-02.05 - uzivatel 03.01.2010 15:33:03.11.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2047.1512 [GMT 1:00]
Running from: e:\lubos\virus\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\uboqaje.vbs
c:\documents and settings\All Users\Documents\jahoq.reg
c:\documents and settings\All Users\Documents\ogiloxuby.vbs
c:\documents and settings\LocalService\Application Data\emife.reg
c:\documents and settings\LocalService\Application Data\fazewuj.inf
c:\documents and settings\LocalService\Cookies\agudagysu.sys
c:\documents and settings\LocalService\Cookies\bovaha.bin
c:\documents and settings\LocalService\Cookies\usenopu.scr
c:\documents and settings\LocalService\Local Settings\Application Data\gyfory.reg
c:\documents and settings\LocalService\Local Settings\Temporary Internet Files\ecasajive.dl
c:\documents and settings\LocalService\Local Settings\Temporary Internet Files\idyt._dl
c:\documents and settings\LocalService\Local Settings\Temporary Internet Files\onifohopuk.bin
c:\documents and settings\LocalService\Local Settings\Temporary Internet Files\uciqi.com
c:\documents and settings\LocalService\Local Settings\Temporary Internet Files\vosoqinyw.exe
c:\documents and settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\uzivatel\Local Settings\Application Data\DoubleD
c:\documents and settings\uzivatel\My Documents\BackupRegistry(20090726).reg
c:\documents and settings\uzivatel\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.4.0.4340\adwpx.exe
c:\program files\Internet Saving Optimizer\3.4.0.4340\Data\config.md
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.4.0.4340\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPCommon.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\NPIEaddon.dll
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.dat
c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
c:\program files\Media Access Startup
c:\program files\Media Access Startup\1.5.0.850\Data\config.md
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFAddOn.xpt
c:\program files\Media Access Startup\1.5.0.850\FF\components\HPFFHelperComponent.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome.manifest
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.js
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\content\HPAddOn.xul
c:\program files\Media Access Startup\1.5.0.850\FF\chrome\HPAddOn.jar
c:\program files\Media Access Startup\1.5.0.850\FF\install.rdf
c:\program files\Media Access Startup\1.5.0.850\HPCommon.dll
c:\program files\Media Access Startup\1.5.0.850\HPIEaddon.dll
c:\program files\Media Access Startup\1.5.0.850\hppx.exe
c:\program files\Media Access Startup\1.5.0.850\MAHelper.exe
c:\program files\Media Access Startup\1.5.0.850\unins000.dat
c:\program files\Media Access Startup\1.5.0.850\unins000.exe
c:\windows\ivequryq.bat
c:\windows\ivusabyh.reg
c:\windows\izytabun.bat
c:\windows\nyhaqul.dll
c:\windows\patyb.inf
c:\windows\system32\AutoRun.inf
c:\windows\system32\vbzlib1.dll
c:\windows\uqyduny.bat
c:\windows\ycyh.dll
.
((((((((((((((((((((((((( Files Created from 2009-12-03 to 2010-01-03 )))))))))))))))))))))))))))))))
.
2010-01-03 14:18 . 2010-01-03 14:17 389120 ----a-w- c:\windows\system32\CF16376.exe
2010-01-03 14:11 . 2010-01-03 14:11 -------- d-----w- C:\rsit
2010-01-03 13:48 . 2010-01-03 13:48 76600 ----a-w- c:\windows\system32\dk2cp32.dll
2010-01-03 13:48 . 2010-01-03 13:48 49720 ----a-w- c:\windows\system32\drivers\dk2drv.sys
2010-01-03 13:48 . 2010-01-03 13:48 30520 ----a-w- c:\windows\system32\DK2UInst.exe
2010-01-03 13:48 . 2010-01-03 13:48 24488 ----a-w- c:\windows\system32\dk2vdd.dll
2010-01-03 13:48 . 2010-01-03 13:48 18360 ----a-w- c:\windows\system32\drivers\DK2USB.sys
2010-01-02 07:47 . 2010-01-02 07:47 -------- d-----w- c:\documents and settings\Elenka\Local Settings\Application Data\HP
2010-01-01 19:15 . 2008-04-13 23:16 38912 -c--a-w- c:\windows\system32\dllcache\avc.sys
2010-01-01 19:15 . 2008-04-13 23:16 38912 ----a-w- c:\windows\system32\drivers\avc.sys
2010-01-01 19:15 . 2008-04-13 23:16 48128 -c--a-w- c:\windows\system32\dllcache\61883.sys
2010-01-01 19:15 . 2008-04-13 23:16 48128 ----a-w- c:\windows\system32\drivers\61883.sys
2010-01-01 10:54 . 2010-01-02 15:21 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Audacity
2009-12-31 13:27 . 2009-12-31 13:27 -------- d-----w- c:\program files\MSECache
2009-12-29 10:06 . 2009-12-29 17:56 -------- d-----w- c:\documents and settings\All Users\Application Data\AMMYY
2009-12-27 10:45 . 2009-12-27 10:45 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Miranda
2009-12-18 21:11 . 2009-12-18 21:11 -------- d-----w- c:\program files\DsNET Corp
2009-12-10 13:32 . 2006-08-29 14:56 32377 ----a-w- c:\windows\system32\drivers\prodigy.sys
2009-12-10 11:42 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2009-12-10 11:42 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2009-12-10 11:42 . 2009-10-06 10:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2009-12-10 11:42 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2009-12-10 11:42 . 2009-10-06 10:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2009-12-10 11:42 . 2009-10-06 10:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2009-12-10 10:06 . 2009-12-10 10:06 92984 ----a-w- c:\windows\system32\DNClnt32.dll
2009-12-10 10:06 . 2009-12-10 10:06 92984 ----a-w- c:\windows\system32\dkcpanel.exe
2009-12-10 10:06 . 2009-12-10 10:06 89400 ----a-w- c:\windows\system32\DNCP32.DLL
2009-12-10 10:06 . 2009-12-10 10:06 64312 ----a-w- c:\windows\system32\vercp32.dll
2009-12-10 10:06 . 2009-12-10 10:06 32208 ----a-w- c:\windows\system32\dk2win16.dll
2009-12-10 10:06 . 2009-12-10 10:06 14856 ----a-w- c:\windows\system32\drivers\dkpccard.sys
2009-12-10 10:06 . 2009-12-10 10:06 11576 ----a-w- c:\windows\system32\DKCLINST.DLL
2009-12-10 10:06 . 2009-12-10 10:06 -------- d-----w- c:\program files\Common Files\DESkey
2009-12-10 10:06 . 2009-12-10 10:06 2325304 ----a-w- c:\windows\system32\DK2INST.DLL
2009-12-10 10:05 . 2009-12-10 10:05 -------- d-----w- c:\program files\MSXML 6.0
2009-12-09 12:24 . 2009-12-09 12:24 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Thunderbird
2009-12-05 12:25 . 2009-12-25 12:30 -------- d-----w- c:\documents and settings\uzivatel\Local Settings\Application Data\Temp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-03 14:39 . 2009-05-05 18:45 12 ----a-w- c:\windows\bthservsdp.dat
2010-01-03 13:55 . 2008-08-01 17:15 -------- d-----w- c:\program files\Windows Desktop Search
2010-01-03 13:46 . 2008-07-30 03:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-03 13:19 . 2008-08-05 15:53 196608 ----a-w- c:\windows\system32\drivers\nStandard.bin
2010-01-03 12:24 . 2008-08-03 15:40 -------- d-----w- c:\documents and settings\All Users\Application Data\TrackMania
2010-01-02 08:12 . 2008-08-09 16:50 111072 ----a-w- c:\documents and settings\Elenka\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-01 21:36 . 2008-08-23 15:36 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Skype
2010-01-01 15:27 . 2008-08-01 18:15 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Vso
2010-01-01 15:03 . 2008-07-31 19:02 -------- d-----w- c:\documents and settings\uzivatel\Application Data\skypePM
2010-01-01 12:28 . 2008-07-31 18:56 -------- d-----w- c:\documents and settings\uzivatel\Application Data\AbsoluteTelnet
2010-01-01 11:18 . 2008-08-05 18:21 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Hamachi
2009-12-31 16:15 . 2008-07-30 02:09 111072 ----a-w- c:\documents and settings\uzivatel\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-31 11:45 . 2008-08-01 20:02 62256 ---ha-w- c:\windows\system32\mlfcache.dat
2009-12-30 20:05 . 2008-09-17 19:01 -------- d-----w- c:\documents and settings\Elenka\Application Data\Skype
2009-12-30 20:03 . 2008-09-17 19:03 -------- d-----w- c:\documents and settings\Elenka\Application Data\skypePM
2009-12-25 12:32 . 2008-08-23 15:35 -------- d-----w- c:\program files\Google
2009-12-17 17:25 . 2008-08-15 00:55 -------- d-----w- c:\documents and settings\uzivatel\Application Data\HLSW
2009-12-17 05:33 . 2008-10-18 06:53 -------- d-----w- c:\documents and settings\Elenka\Application Data\Apple Computer
2009-12-10 11:42 . 2008-11-27 14:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-12-10 11:41 . 2008-08-01 15:32 -------- d-----w- c:\program files\Nokia
2009-12-10 11:41 . 2008-11-27 14:35 -------- d-----w- c:\program files\Common Files\Nokia
2009-12-10 11:39 . 2009-12-10 11:39 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{12D6E140-AEDB-4F78-9D4A-643786772120}\Installer\CommonCustomActions\msxml6Exec.exe
2009-12-10 11:39 . 2009-12-10 11:39 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{12D6E140-AEDB-4F78-9D4A-643786772120}\Installer\CommonCustomActions\Sleep.exe
2009-12-10 11:39 . 2009-12-10 11:39 3203453 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{12D6E140-AEDB-4F78-9D4A-643786772120}\Installer\CommonCustomActions\vcredistExec.exe
2009-12-10 10:06 . 2009-12-10 10:06 10134 ----a-r- c:\documents and settings\uzivatel\Application Data\Microsoft\Installer\{1684A7CA-EF86-455B-B52A-B54F3FEDB78A}\ARPPRODUCTICON.exe
2009-12-10 09:57 . 2009-12-10 11:40 24610416 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{12D6E140-AEDB-4F78-9D4A-643786772120}\NokiaSoftwareUpdaterSetup_sk.exe
2009-12-06 15:59 . 2009-02-03 10:40 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Azureus
2009-12-05 15:09 . 2009-11-15 20:30 1025536 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-12-05 10:21 . 2009-01-04 14:49 -------- d-----w- c:\program files\TeamViewer
2009-11-30 15:28 . 2009-02-03 10:40 -------- d-----w- c:\program files\Vuze
2009-11-24 15:23 . 2009-11-24 15:22 -------- d-----w- c:\documents and settings\uzivatel\Application Data\avidemux
2009-11-23 19:30 . 2009-11-23 19:30 -------- d-----w- c:\documents and settings\All Users\Application Data\hps
2009-11-23 16:08 . 2008-08-14 19:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Kodak
2009-11-23 13:24 . 2009-11-23 12:37 -------- d-----w- c:\program files\Kodak
2009-11-18 17:30 . 2009-11-18 17:28 -------- d-----w- c:\documents and settings\Elenka\Application Data\Vso
2009-11-12 20:48 . 2009-11-12 20:48 138184 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-11-12 20:48 . 2009-11-12 20:48 183112 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-11-12 20:48 . 2009-11-12 20:48 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-10 17:32 . 2008-08-15 00:55 -------- d-----w- c:\documents and settings\uzivatel\Application Data\TeamViewer Manager
2009-11-10 17:32 . 2008-07-31 19:04 -------- d-----w- c:\documents and settings\uzivatel\Application Data\TeamViewer
2009-11-10 17:31 . 2009-01-20 14:51 -------- d-----w- c:\program files\Common Files\EasyInfo
2009-11-10 17:29 . 2008-08-11 19:35 -------- d-----w- c:\documents and settings\uzivatel\Application Data\uTorrent
2009-11-10 17:29 . 2008-08-15 00:55 -------- d-----w- c:\documents and settings\uzivatel\Application Data\DNA
2009-11-10 17:29 . 2008-07-31 18:56 -------- d-----w- c:\documents and settings\uzivatel\Application Data\BitTorrent
2009-11-10 16:10 . 2009-11-10 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Pinnacle Studio
2009-11-10 15:57 . 2009-11-10 15:57 -------- d-----w- c:\program files\Microsoft SQL Server
2009-11-10 15:51 . 2009-11-10 15:51 -------- d-----w- c:\program files\SmartSound Software
2009-11-10 15:51 . 2009-11-10 15:51 -------- d-----w- c:\documents and settings\All Users\Application Data\SmartSound Software Inc
2009-11-10 15:50 . 2009-11-10 15:49 -------- d-----w- c:\program files\DivX
2009-11-10 15:48 . 2009-11-10 15:48 29926 ----a-r- c:\documents and settings\uzivatel\Application Data\Microsoft\Installer\{EEECE229-49F6-4851-A73A-99B058221F8C}\ARPPRODUCTICON.exe
2009-11-07 17:07 . 2009-11-07 17:07 -------- d-----w- c:\program files\Common Files\Native Instruments
2009-11-04 15:09 . 2009-09-16 11:03 -------- d-----w- c:\documents and settings\uzivatel\Application Data\Red Alert 3
2009-10-29 07:45 . 2006-02-28 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-27 18:58 . 2009-10-27 18:58 10134 ----a-r- c:\documents and settings\uzivatel\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
2009-10-21 05:38 . 2006-02-28 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2006-02-28 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2006-02-28 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:30 . 2006-02-28 12:00 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2006-02-28 12:00 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2006-02-28 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-08 13:57 . 2007-10-09 11:03 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2009-10-08 13:57 . 2006-02-28 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2009-10-08 13:56 . 2006-02-28 12:00 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-06 10:52 . 2008-08-01 15:32 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-09-08 09:00 . 2009-09-08 09:00 10455 ----a-w- c:\program files\Common Files\litorew.bin
2009-09-07 16:17 . 2009-09-07 16:17 16802 ----a-w- c:\program files\Common Files\lywoxahoxe.bin
2009-09-07 16:17 . 2009-09-07 16:17 15095 ----a-w- c:\program files\Common Files\cuhel.com
2009-09-07 16:17 . 2009-09-07 16:17 10862 ----a-w- c:\program files\Common Files\divadujyf.exe
2009-09-07 14:58 . 2009-09-07 14:58 16615 ----a-w- c:\program files\Common Files\cudamec.lib
2009-09-07 14:58 . 2009-09-07 14:58 10658 ----a-w- c:\program files\Common Files\uwerep._dl
2009-01-24 09:39 . 2009-01-07 12:07 4290 ----a-w- c:\program files\Common Files\unins000.dat
2009-01-24 09:39 . 2009-01-07 12:07 728858 ----a-w- c:\program files\Common Files\unins000.exe
2008-09-11 21:32 . 2008-09-11 21:32 14284 ----a-w- c:\program files\settings.dat
2008-03-09 06:25 . 2009-01-07 12:07 236 ---ha-w- c:\program files\Common Files\dx.reg
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2008-06-10 19:29 97064 ----a-w- d:\nero\Nero\Nero8\InCD\NBHShx.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="d:\program\RocketDock\RocketDock.exe" [2007-09-02 495616]
"AlcoholAutomount"="d:\program\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-08-01 222592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-04-30 13750272]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-04-30 86016]
"RTHDCPL"="RTHDCPL.EXE" [2009-04-10 17879552]
"snp2std"="c:\windows\vsnp2std.exe" [2006-09-15 675840]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"QuickTime Task"="d:\program\QuickTime\qttask.exe" [2009-09-04 417792]
"iTunesHelper"="d:\program\iTunes\iTunesHelper.exe" [2009-09-21 305440]
"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0smrgdf c:\program files\iolo\System Mechanic 6
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
backup=c:\windows\pss\Logitech SetPoint.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^uzivatel^Start Menu^Programs^Startup^Adobe Gamma.lnk]
backup=c:\windows\pss\Adobe Gamma.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^uzivatel^Start Menu^Programs^Startup^Registration .LNK]
backup=c:\windows\pss\Registration .LNKStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2009-11-04 16:00 2334856 ----a-w- d:\program\IObit\Advanced SystemCare 3\AWC.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-08-13 13:51 177440 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSGamerOSD]
2007-09-13 22:54 380928 ----a-w- c:\program files\ASUS\GamerOSD\GamerOSD.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Control Center]
2006-08-15 14:48 1696256 ----a-w- d:\program\ASUS\WLAN Card Utilities\Center.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLSDeviceControlPanel]
2009-12-10 10:07 91696 ----a-w- c:\windows\system32\FLSDEVCP.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
2008-08-21 01:18 443968 ----a-w- d:\program\Picasa2\PicasaMediaDetector.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-09-04 23:54 417792 ----a-w- d:\program\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SteamUp]
2009-12-08 14:01 1217808 ----a-w- d:\call of duty modern warfare 2\Cracked Steam\Steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program\\TeamViewer3\\TeamViewer.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"c:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"d:\\Program\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\ASUS\\GamerOSD\\GamerOSD.exe"=
"d:\\Program\\Namo\\WebEditor 2006\\bin\\WebEditor.exe"=
"d:\\VAL\\Counter-Strike Source\\hl2.exe"=
"d:\\Program\\Hamachi\\hamachi.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=
"d:\\FlatOut\\FlatOut2\\FlatOut2.exe"=
"d:\\Program\\HLSW\\hlsw.exe"=
"d:\\Program\\Opera\\opera.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"d:\\Age of Empires II\\empires2.exe"=
"d:\\Program\\phpDesigner 2008\\phpDesigner2008.exe"=
"c:\\Program Files\\ASUS\\GamerOSD\\SBS.exe"=
"e:\\Need for Speed Underground 2\\speed2.exe"=
"d:\\Program\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"d:\\Program\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"d:\\Program\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"e:\\Crysis\\Bin32\\Crysis.exe"=
"e:\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"d:\\Battlefield 2142 Demo\\BF2142.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"d:\\EA SPORTS\\FIFA 08\\Crack FIFA 08\\FIFA08.exe"=
"d:\\Program\\QIP Infium\\infium.exe"=
"d:\\FlatOut\\FlatOut\\flatout.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"e:\\GTA 4\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"e:\\GTA 4\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"e:\\Call of Duty - World at War\\CoDWaWmp.exe"=
"e:\\Call of Duty - World at War\\CoDWaW.exe"=
"d:\\Program\\ICQ6.5\\ICQ.exe"=
"d:\\Program\\Opera 10 Preview\\opera.exe"=
"e:\\Burnout(TM) Paradise The Ultimate Box\\BurnoutLauncher.exe"=
"e:\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"e:\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Program\\Opera-unite\\opera.exe"=
"e:\\Far Cry 2\\bin\\FarCry2.exe"=
"e:\\Far Cry 2\\bin\\FC2Launcher.exe"=
"e:\\Far Cry 2\\bin\\FC2Editor.exe"=
"d:\\Program\\iTunes\\iTunes.exe"=
"k:\\Hry\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"d:\\Battlefield 2142\\BF2142.exe"=
"d:\\Program\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"d:\\Program\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"d:\\Program\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"d:\\Program\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"3724:TCP"= 3724:TCP:Blizzard Downloader
R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [19.2.2009 15:28 158720]
R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [19.2.2009 15:28 5248]
R0 eBoost;eBoostr caching filter driver;c:\windows\system32\drivers\eBoost.sys [28.1.2009 12:34 125544]
R1 dk2drv;DK2 WindowsNT Driver;c:\windows\system32\drivers\dk2drv.sys [3.1.2010 14:48 49720]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [6.2.2009 14:23 107256]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [23.4.2007 12:03 82200]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [25.10.2008 9:36 115856]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [25.10.2008 9:36 41424]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.5.2009 14:47 731840]
R2 FLE5WNNT;FLE-5 WindowsNT Driver;c:\windows\system32\drivers\fle5wnnt.sys [10.12.2009 11:07 33404]
R2 FLSIFACE;FLSIface;c:\windows\system32\drivers\flsiface.sys [10.12.2009 11:07 13440]
R2 FLSPAR;FLSPar;c:\windows\system32\drivers\flspar.sys [10.12.2009 11:07 16314]
R2 FLSSER;FLSSer;c:\windows\system32\drivers\flsser.sys [10.12.2009 11:07 8344]
R2 FLSVCOM;FLSVCom;c:\windows\system32\drivers\flsvcom.sys [10.12.2009 11:07 34080]
R2 PARLDR2K;ParLdr2k;c:\windows\system32\drivers\parldr2k.sys [10.12.2009 11:07 10454]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [27.11.2009 16:24 185640]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [10.8.2009 9:59 91472]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [5.8.2009 15:20 100368]
S2 gupdate1c9906acf8ade4c;Služba Google Update (gupdate1c9906acf8ade4c);c:\program files\Google\Update\GoogleUpdate.exe [16.2.2009 20:14 133104]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [7.5.2009 18:58 1684736]
S3 EBOOSTRSVC;eBoostr Service;c:\program files\eBoostr\EBstrSvc.exe [28.1.2009 12:34 634488]
S3 NeroRegInCDSrv;Nero Registry InCD Service;d:\nero\Nero\Nero8\InCD\NBHRegInCDSrv.exe [10.6.2008 20:29 53032]
S3 PRODIGY;PRODIGY;c:\windows\system32\drivers\prodigy.sys [10.12.2009 14:32 32377]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25.1.2008 10:12 25088]
S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [10.8.2009 9:59 32016]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.9.2009 14:39 685816]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
2010-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-16 19:14]
2010-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-16 19:14]
2010-01-03 c:\windows\Tasks\User_Feed_Synchronization-{45D1BA51-D05A-4ABE-959B-41BCC0C6128C}.job
- c:\windows\system32\msfeedssync.exe [2009-09-08 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxp://picasaweb.google.sk/s/v/56.11/uploader2.cab
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath - c:\documents and settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\qzbhyp37.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.theprizeday.com/today.php|http://sk ... official\n
FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&q=
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: d:\program\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: d:\program\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: d:\program\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF - plugin: d:\program\Opera-unite\program\plugins\npdsplay.dll
FF - plugin: d:\program\Opera-unite\program\plugins\npwmsdrm.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npdsplay.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin2.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin3.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin4.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin5.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin6.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npqtplugin7.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\NPSWF32.dll
FF - plugin: d:\program\Opera 10 Preview\program\plugins\npwmsdrm.dll
FF - plugin: d:\program\Picasa2\npPicasa2.dll
FF - plugin: d:\program\Picasa2\npPicasa3.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\program\QuickTime\Plugins\npqtplugin7.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
d:\program\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
AddRemove-{16B6279B-9FF5-41fb-8BF9-404324F5DD1F}}_is1 - c:\program files\Media Access Startup\1.5.0.850\unins000.exe
AddRemove-{1FB52AB3-5987-45a2-85E0-F3EC30DDDC29}}_is1 - c:\program files\Internet Saving Optimizer\3.4.0.4340\unins000.exe
AddRemove-BitTorrent - c:\program files\BitTorrent\BitTorrent.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-03 15:42
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A7ED650]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb810cf28
\Driver\ACPI -> ACPI.sys @ 0xb7f47cb8
\Driver\atapi -> 0x8a7ed650
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Realtek PCIe GBE Family Controller -> SendCompleteHandler -> NDIS.sys @ 0xb7dd4bb0
PacketIndicateHandler -> NDIS.sys @ 0xb7de1a21
SendHandler -> NDIS.sys @ 0xb7dbf87b
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-515967899-2139871995-839522115-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:f7,32,1f,50,31,fc,51,b7,9c,79,5c,2d,5e,38,7a,75,b7,b6,ad,3b,24,ef,1d,
0d,a7,96,86,3a,99,e4,8a,79,fb,a8,48,74,37,20,8b,11,a5,71,ab,e6,5b,cd,8c,c4,\
"??"=hex:35,ea,7f,92,0d,f1,f8,bb,1a,74,b5,f8,48,7e,20,5e
[HKEY_USERS\S-1-5-21-515967899-2139871995-839522115-1004\Software\SecuROM\License information*]
"datasecu"=hex:3c,77,b4,9f,86,ce,09,fc,3d,84,07,23,ae,8a,03,e5,a3,42,f6,42,17,
34,d1,70,fd,1b,c1,93,38,73,0b,f5,5d,f7,54,70,e9,19,c0,8b,9e,53,f6,1b,65,26,\
"rkeysecu"=hex:11,90,bd,a6,4d,1d,93,f5,30,47,da,08,7c,17,8f,bb
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|˙˙˙˙¤•€|ů•A~*]
"5E7CEC10DF0760D4F8DAFB12FDC06CCD"="02:\\Software\\Adobe\\FeatureSubscriptions\\DVAAdobeDocMeta\\{01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}\\Registered"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(500)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
- - - - - - - > 'explorer.exe'(2652)
c:\windows\system32\WININET.dll
d:\program\RocketDock\RocketDock.dll
d:\nero\Nero\Nero8\InCD\NBHShx.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
d:\nero\Nero\Nero8\InCD\NBHStr.dll
c:\program files\Common Files\Nero\Shared\NL3\AdvrCntr3.dll
d:\program\iTunes\iTunesMiniPlayer.dll
d:\program\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll
d:\program\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
d:\program\Nokia\Nokia PC Suite 7\phonebrowser.dll
d:\program\Nokia\Nokia PC Suite 7\NGSCM.DLL
d:\program\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_slk.nlr
d:\program\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
d:\program\Microsoft Virtual PC\VPCShExH.DLL
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\system32\ASWLSVC.exe
c:\windows\ATKKBService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\ASWL2K.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
d:\program files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
c:\windows\system32\rundll32.exe
c:\windows\RTHDCPL.EXE
d:\program\NetLimiter 2 Pro\nlsvc.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\PnkBstrA.exe
d:\program\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\TeamViewer\Version5\TeamViewer.exe
c:\program files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2010-01-03 15:47:12 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-03 14:47
Pre-Run: 7 195 660 288 bytes free
Post-Run: 7 242 014 720 voľných bajtov
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - 005348819C10526CAE052FE6AD8574A0
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spomaleny pc + automaticke otvaranie nevyziadanej stranky
Udělejte sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Dvdrw
- 3. Stupeň Varování
- Příspěvky: 29
- Registrován: 13 srp 2008 07:36
- Bydliště: Slovakia :-D
- Kontaktovat uživatele:
Re: spomaleny pc + automaticke otvaranie nevyziadanej stranky
MBAM LOG:
Malwarebytes' Anti-Malware 1.43
Verzia databázy: 3496
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
5.1.2010 18:25:16
mbam-log-2010-01-05 (18-25-13).txt
Typ kontroly: Úplná (C:\|D:\|E:\|)
Objektov kontrolovaných: 528202
Uplynutý cas: 1 hour(s), 48 minute(s), 6 second(s)
Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 30
Infikovaných registracných hodnôt: 4
Infikovaných registracných údajov položiek: 1
Infikovaných priecinkov: 9
Infikovaných súborov: 35
Infikovaných procesov pamäte:
(Žiadne škodlivé položky)
Infikovaných modulov pamäte:
(Žiadne škodlivé položky)
Infikovaných registracných klúcov:
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{42c23154-00fa-4a93-9de9-3eb523cffff6} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{803e73fe-cb73-4d49-8aff-653fd6f44171} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{57aba38e-6535-48f3-99fd-efdc62137c78} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2e8e2100-98cb-4aac-9480-63a281acaff5} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51b67a88-02d0-43cb-8d12-5ca3e2d4cf49} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d44cc2fb-77b8-48a5-a5dc-f961f2d258fb} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{0514c9b0-e4c6-4d6b-a3a6-b38bc280b115} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d335d84d-61d8-4b5f-9c4e-067dc8b27ed5} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\AppID\AIMActiveXDLL.dll (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Addins\OEActiveXDLL.DesktopOEAddin1 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.
Infikovaných registracných hodnôt:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> No action taken.
Infikovaných registracných údajov položiek:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Infikovaných priecinkov:
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Media Access Startup\1.5.0.850 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.3.0.790 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850 (Adware.DoubleD) -> No action taken.
Infikovaných súborov:
C:\System Volume Information\_restore{EFE6C157-2584-41DE-8EAE-1508C9779482}\RP73\A0035499.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{EFE6C157-2584-41DE-8EAE-1508C9779482}\RP88\A0043519.dll (Adware.DoubleD) -> No action taken.
E:\Lubos\HACK\astlog\astlog.exe (HackTool.Asterisk) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\ipdata.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091216-204845.203.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091230-205035.062.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\rstatus.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\ipdata.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091112-081249.796.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091113-153554.281.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091204-160236.453.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091217-180023.562.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091218-181251.859.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091220-092428.359.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091222-190945.000.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091231-130712.546.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\rstatus.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Media Access Startup\1.5.0.850\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091216-204845.125.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091230-205035.000.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Media Access Startup\1.5.0.850\ipdata.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.3.0.790\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091112-081249.781.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091113-153554.156.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091204-160236.312.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091217-180023.484.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091218-181251.812.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091220-092428.328.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091222-190944.875.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091231-130712.437.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\ipdata.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\All Users\Application Data\licylota.dll (Trojan.Agent) -> No action taken.
Malwarebytes' Anti-Malware 1.43
Verzia databázy: 3496
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
5.1.2010 18:25:16
mbam-log-2010-01-05 (18-25-13).txt
Typ kontroly: Úplná (C:\|D:\|E:\|)
Objektov kontrolovaných: 528202
Uplynutý cas: 1 hour(s), 48 minute(s), 6 second(s)
Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 30
Infikovaných registracných hodnôt: 4
Infikovaných registracných údajov položiek: 1
Infikovaných priecinkov: 9
Infikovaných súborov: 35
Infikovaných procesov pamäte:
(Žiadne škodlivé položky)
Infikovaných modulov pamäte:
(Žiadne škodlivé položky)
Infikovaných registracných klúcov:
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\aimactivexdll.aimhelper.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopbuttonhandler.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\oeactivexdll.desktopoeaddin1.1 (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{42c23154-00fa-4a93-9de9-3eb523cffff6} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{803e73fe-cb73-4d49-8aff-653fd6f44171} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{877f3eab-4462-44df-8475-6064eafd7fbf} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{57aba38e-6535-48f3-99fd-efdc62137c78} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2e8e2100-98cb-4aac-9480-63a281acaff5} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3fb17508-0bf4-4fde-845a-323a1052957c} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51b67a88-02d0-43cb-8d12-5ca3e2d4cf49} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d44cc2fb-77b8-48a5-a5dc-f961f2d258fb} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{0514c9b0-e4c6-4d6b-a3a6-b38bc280b115} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d335d84d-61d8-4b5f-9c4e-067dc8b27ed5} (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_CLASSES_ROOT\AppID\AIMActiveXDLL.dll (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Addins\OEActiveXDLL.DesktopOEAddin1 (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> No action taken.
Infikovaných registracných hodnôt:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{5617eca9-488d-4ba2-8562-9710b9ab78d2} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{0ba0192d-94a5-45e3-b2b8-3ec5a1a0b5ec} (Adware.DoubleD) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{2224e955-00e9-4613-a844-ce69fccaae91} (Adware.DoubleD) -> No action taken.
Infikovaných registracných údajov položiek:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Infikovaných priecinkov:
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Media Access Startup\1.5.0.850 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.3.0.790 (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850 (Adware.DoubleD) -> No action taken.
Infikovaných súborov:
C:\System Volume Information\_restore{EFE6C157-2584-41DE-8EAE-1508C9779482}\RP73\A0035499.exe (Trojan.Agent) -> No action taken.
C:\System Volume Information\_restore{EFE6C157-2584-41DE-8EAE-1508C9779482}\RP88\A0043519.dll (Adware.DoubleD) -> No action taken.
E:\Lubos\HACK\astlog\astlog.exe (HackTool.Asterisk) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\ipdata.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091216-204845.203.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091230-205035.062.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\rstatus.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\ipdata.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091112-081249.796.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091113-153554.281.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091204-160236.453.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091217-180023.562.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091218-181251.859.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091220-092428.359.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091222-190945.000.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\NP_20091231-130712.546.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Internet Saving Optimizer\3.4.0.4340\rstatus.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Media Access Startup\1.5.0.850\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091216-204845.125.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091230-205035.000.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\Elenka\Local Settings\Application Data\Media Access Startup\1.5.0.850\ipdata.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.3.0.790\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\config.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091112-081249.781.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091113-153554.156.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091204-160236.312.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091217-180023.484.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091218-181251.812.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091220-092428.328.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091222-190944.875.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\HJHP_20091231-130712.437.log (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\uzivatel\Local Settings\Application Data\Media Access Startup\1.5.0.850\ipdata.md (Adware.DoubleD) -> No action taken.
C:\Documents and Settings\All Users\Application Data\licylota.dll (Trojan.Agent) -> No action taken.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: spomaleny pc + automaticke otvaranie nevyziadanej stranky
Vše smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?