Logfile of random's system information tool 1.09 (written by random/random)
Run by Fifo at 2011-10-31 10:27:35
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (26%) free of 60 GB
Total RAM: 2046 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:27:42, on 31. 10. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Fifo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Fifo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Fifo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Fifo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Fifo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Fifo\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Fifo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dts.search-results.com/sidebar.h ... systemid=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2776682
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{B94 ... 08244399F8}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-results.com/sr?src=ie ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-results.com/sr?src=ie ... earchTerms}
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof2.dll
R3 - URLSearchHook: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\Hyperionics DB Toolbar\tbhelper.dll
O2 - BHO: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.6\bh\BabylonToolbar.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: FastestTube BHO - {3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A} - C:\Program Files\FastestTube\1.2.12\WombatBHO.dll (file missing)
O2 - BHO: Softonic-Eng7 - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof2.dll
O2 - BHO: UrlHelper Class - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
O2 - BHO: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Webblog - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files\wbtooltb\wbtoolDx.dll
O2 - BHO: (no name) - {C90DBB52-46E0-4E65-92BC-799ADEE54C86} - C:\PROGRA~1\Flash2X\FLASHP~1\FLASHP~1.DLL
O2 - BHO: (no name) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll
O3 - Toolbar: ToggleEN Toolbar - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\prxtbSof2.dll
O3 - Toolbar: BrotherSoft Extreme Toolbar - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll
O3 - Toolbar: Softonic Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: MediaBar - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll
O3 - Toolbar: Hyperionics DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.6\BabylonToolbarTlbr.dll
O3 - Toolbar: Webblog - {C3947F4E-8894-4C04-98E0-DF182C706DDF} - C:\Program Files\wbtooltb\wbtoolDx.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SmileyCentral] rundll32 C:\PROGRA~1\SMILEY~2\bar\1.bin\1vbar.dll,S
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [PCFix] C:\Program Files\PCFix\PCFix.exe
O4 - HKLM\..\Run: [eTypeToolbarHelper] "C:\Program Files\eType Toolbar\ToolbarHelper.exe"
O4 - HKLM\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Fifo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Search - http://tbedits.smileycentral.com/one-to ... 2010122702
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (file missing)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2313954046
O17 - HKLM\System\CCS\Services\Tcpip\..\{EC6549E2-6251-4332-BC72-21A5960DD055}: NameServer = 192.168.0.1,192.168.0.128
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O20 - AppInit_DLLs: C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SmileyCentral Service (SmileyCentral_1vService) - SmileyCentral - C:\PROGRA~1\SMILEY~2\bar\1.bin\1vbarsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 13741 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\BearShareNAG.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-884357618-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-884357618-839522115-1003UA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-884357618-839522115-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-884357618-839522115-1004UA.job
C:\WINDOWS\tasks\iMeshNAG.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\Updater.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
ToggleEN Toolbar - C:\Program Files\ToggleEN\tbTogg.dll [2010-09-12 3863136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
MediaBar - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll [2011-05-30 89008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
Babylon toolbar helper - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.6\bh\BabylonToolbar.dll [2011-06-27 270960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-09-12 3863136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E532CE8-C6D9-4A10-8ACE-4348C96E8B6A}]
FastestTubeBHO Class - C:\Program Files\FastestTube\1.2.12\WombatBHO.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof2.dll [2011-01-17 175912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{474597C5-AB09-49d6-A4D5-2E8D7341384E}]
UrlHelper Class - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll [2011-06-01 1236360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
BrotherSoft Extreme Toolbar - C:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll [2011-03-28 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3947F4E-8894-4C04-98E0-DF182C706DDF}]
Webblog - C:\Program Files\wbtooltb\wbtoolDx.dll [2010-12-09 86696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C90DBB52-46E0-4E65-92BC-799ADEE54C86}]
C:\PROGRA~1\Flash2X\FLASHP~1\FLASHP~1.DLL [2008-09-22 482304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Softonic Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-16 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-07-16 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll [2011-06-22 2398720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{038cb5c7-48ea-4af9-94e0-a1646542e62b} - ToggleEN Toolbar - C:\Program Files\ToggleEN\tbTogg.dll [2010-09-12 3863136]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-09-12 3863136]
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Softonic-Eng7 Toolbar - C:\Program Files\Softonic-Eng7\prxtbSof2.dll [2011-01-17 175912]
{51a86bb3-6602-4c85-92a5-130ee4864f13} - BrotherSoft Extreme Toolbar - C:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll [2011-03-28 176936]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Softonic Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-02-01 1487240]
{28387537-e3f9-4ed7-860c-11e69af4a8a0} - MediaBar - C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\ToolBar\imeshdtxmltbpi.dll [2011-05-30 89008]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - Hyperionics DB Toolbar - C:\Program Files\Hyperionics DB Toolbar\tbcore3.dll [2011-06-22 2398720]
{98889811-442D-49dd-99D7-DC866BE87DBC} - Babylon Toolbar - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.31.6\BabylonToolbarTlbr.dll [2011-06-27 237168]
{C3947F4E-8894-4C04-98E0-DF182C706DDF} - Webblog - C:\Program Files\wbtooltb\wbtoolDx.dll [2010-12-09 86696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-07-28 19557480]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-06-22 98304]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"SmileyCentral"=rundll32 C:\PROGRA~1\SMILEY~2\bar\1.bin\1vbar.dll,S []
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"DATAMNGR"=C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE [2011-06-01 1546672]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"Anti-phishing Domain Advisor"=C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2010-12-13 223400]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-04 1955208]
"PCFix"=C:\Program Files\PCFix\PCFix.exe []
"eTypeToolbarHelper"=C:\Program Files\eType Toolbar\ToolbarHelper.exe []
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2011-09-29 929680]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2011-09-29 3508112]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-09-08 421888]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2007-12-29 486856]
"AdobeBridge"= []
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-07-29 17361032]
"Google Update"=C:\Documents and Settings\Fifo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-09-26 136176]
"Steam"=C:\Program Files\Steam\steam.exe [2011-10-08 1242448]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-09-29 20880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\datamngr.dll C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\IEBHO.dll "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-06-22 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Hry\Metin2\metin2.bin"="D:\Hry\Metin2\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"D:\Valve\hl.exe"="D:\Valve\hl.exe:*:Disabled:Half-Life Launcher"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Disabled:Run a DLL as an App"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\novy warkkraft\Garena\Garena.exe"="D:\novy warkkraft\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Disabled:Half-Life Launcher"
"C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3y.exe:*:Enabled:Age of Empires III - The Asian Dynasties"
"C:\Program Files\B2BPOKER\Betsson Euro Tables\jre\bin\javaw.exe"="C:\Program Files\B2BPOKER\Betsson Euro Tables\jre\bin\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\Documents and Settings\All Users\Documents\Valve\hl.exe"="C:\Documents and Settings\All Users\Documents\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Hry\CandyLongju Client 3.8\CandyLongju.exe"="D:\Hry\CandyLongju Client 3.8\CandyLongju.exe:*:Enabled:CandyLongju"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Documents and Settings\Fifo\Local Settings\Temp\Rar$EX17.656\CandyLongju Client 3.8\CandyLongju.exe"="C:\Documents and Settings\Fifo\Local Settings\Temp\Rar$EX17.656\CandyLongju Client 3.8\CandyLongju.exe:*:Enabled:CandyLongju"
"C:\Program Files\CandyLongju Client 3.8\CandyLongju.exe"="C:\Program Files\CandyLongju Client 3.8\CandyLongju.exe:*:Enabled:CandyLongju"
"C:\Program Files\TmUnitedForever\TmForever.exe"="C:\Program Files\TmUnitedForever\TmForever.exe:*:Enabled:TmForever"
"K:\CandyLongju Client 3.8\CandyLongju.exe"="K:\CandyLongju Client 3.8\CandyLongju.exe:*:Enabled:CandyLongju"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Conter\Steam\SteamApps\galisko\condition zero deleted scenes\hl.exe"="C:\Program Files\Conter\Steam\SteamApps\galisko\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Conter\Steam\Steam.exe"="C:\Program Files\Conter\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Riot Games\League of Legends\air\LolClient.exe"="C:\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby"
"C:\Riot Games\League of Legends\game\League of Legends.exe"="C:\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"L:\Sindicate\client.bin"="L:\Sindicate\client.bin:*:Disabled:client"
"C:\Program Files\Sindicate\client.bin"="C:\Program Files\Sindicate\client.bin:*:Enabled:client"
"C:\Program Files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe"="C:\Program Files\Landwirtschafts Simulator 2011\FarmingSimulator2011.exe:*:Enabled:Landwirtschafts Simulator 2011"
"C:\Program Files\Landwirtschafts Simulator 2011\game.exe"="C:\Program Files\Landwirtschafts Simulator 2011\game.exe:*:Enabled:Landwirtschafts Simulator 2011"
"C:\Program Files\Conter\Steam\SteamApps\galisko\day of defeat\hl.exe"="C:\Program Files\Conter\Steam\SteamApps\galisko\day of defeat\hl.exe:*:Enabled:Day of Defeat"
"C:\Program Files\Conter\Steam\SteamApps\galisko\ricochet\hl.exe"="C:\Program Files\Conter\Steam\SteamApps\galisko\ricochet\hl.exe:*:Enabled:Ricochet"
"C:\Program Files\Conter\Steam\SteamApps\galisko\condition zero\hl.exe"="C:\Program Files\Conter\Steam\SteamApps\galisko\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero"
"D:\Hry\TmNationsForever\TmForever.exe"="D:\Hry\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Total commander\totalcmd\TOTALCMD.EXE"="C:\Program Files\Total commander\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Documents and Settings\Fifo\My Documents\Preberanie\CandyLongju Client 4.3\CandyLongju.exe"="C:\Documents and Settings\Fifo\My Documents\Preberanie\CandyLongju Client 4.3\CandyLongju.exe:*:Enabled:CandyLongju"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\EslWire\wire.exe"="C:\Program Files\EslWire\wire.exe:*:Enabled:ESL Wire Client"
"C:\Program Files\Metin2\metin2.bin"="C:\Program Files\Metin2\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager"
"C:\Downloads\Software\CandyLongju Client 4.4\CandyLongju.exe"="C:\Downloads\Software\CandyLongju Client 4.4\CandyLongju.exe:*:Enabled:CandyLongju"
"C:\Downloads\Software\CandyLongju Client 4.5\CandyLongju.exe"="C:\Downloads\Software\CandyLongju Client 4.5\CandyLongju.exe:*:Enabled:CandyLongju"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Documents and Settings\Fifo\Desktop\Skype.exe"="C:\Documents and Settings\Fifo\Desktop\Skype.exe:*:Enabled:Skype "
"C:\Documents and Settings\Fifo\Application Data\GameRanger\GameRanger\GameRanger.exe"="C:\Documents and Settings\Fifo\Application Data\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"C:\Program Files\Army.Men.RTS\amrts.exe"="C:\Program Files\Army.Men.RTS\amrts.exe:*:Enabled:Army Men RTS"
"C:\Program Files\CandyLongju Client 4.5\CandyLongju.exe"="C:\Program Files\CandyLongju Client 4.5\CandyLongju.exe:*:Enabled:CandyLongju"
"C:\Program Files\Conter\Steam\SteamApps\galisko\counter-strike\hl.exe"="C:\Program Files\Conter\Steam\SteamApps\galisko\counter-strike\hl.exe:*:Enabled:Counter-Strike"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"C:\Program Files\iMesh Applications\iMesh\iMesh.exe"="C:\Program Files\iMesh Applications\iMesh\iMesh.exe:*:Enabled:iMesh"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"msacm.lhacm"=lhacm.acm
======List of files/folders created in the last 1 month======
2011-10-31 10:19:15 ----D---- C:\Program Files\trend micro
2011-10-31 10:19:14 ----D---- C:\rsit
2011-10-31 08:46:36 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-10-31 08:46:35 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-10-31 08:46:34 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-10-31 08:46:34 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-10-31 08:46:33 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-10-31 08:46:33 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-10-31 08:46:33 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-10-31 08:46:32 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-10-31 08:46:27 ----SHD---- C:\Config.Msi
2011-10-31 08:46:19 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-10-31 08:46:19 ----A---- C:\WINDOWS\avastSS.scr
2011-10-31 08:46:11 ----D---- C:\Program Files\AVAST Software
2011-10-31 08:46:11 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software
2011-10-21 21:28:01 ----D---- C:\output
2011-10-09 14:28:40 ----D---- C:\hudba
2011-10-09 14:25:07 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-10-09 14:24:59 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2011-10-09 14:22:54 ----A---- C:\WINDOWS\system32\WdfCoInstaller01005.dll
2011-10-09 14:22:54 ----A---- C:\WINDOWS\system32\drivers\WdfCoInstaller01005.dll
2011-10-09 14:22:54 ----A---- C:\WINDOWS\system32\drivers\ssadserd.sys
2011-10-09 14:22:54 ----A---- C:\WINDOWS\system32\drivers\ssadmdm.sys
2011-10-09 14:22:54 ----A---- C:\WINDOWS\system32\drivers\ssadmdfl.sys
2011-10-09 14:22:54 ----A---- C:\WINDOWS\system32\drivers\ssadcmnt.sys
2011-10-09 14:22:54 ----A---- C:\WINDOWS\system32\drivers\ssadcm.sys
2011-10-09 14:22:54 ----A---- C:\WINDOWS\system32\drivers\ssadadb.sys
2011-10-09 14:22:53 ----A---- C:\WINDOWS\system32\drivers\ssadwhnt.sys
2011-10-09 14:22:53 ----A---- C:\WINDOWS\system32\drivers\ssadwh.sys
2011-10-09 14:22:53 ----A---- C:\WINDOWS\system32\drivers\ssadbus.sys
2011-10-09 14:22:02 ----A---- C:\WINDOWS\system32\Redemption.dll
2011-10-09 14:21:49 ----D---- C:\Program Files\MarkAny
2011-10-09 14:21:49 ----A---- C:\WINDOWS\system32\drivers\dgderdrv.sys
2011-10-09 14:21:49 ----A---- C:\WINDOWS\system32\DIFxAPI.dll
2011-10-09 14:21:49 ----A---- C:\WINDOWS\system32\dgderapi.dll
2011-10-09 14:21:17 ----D---- C:\Documents and Settings\Fifo\Application Data\Samsung
2011-10-09 14:21:16 ----D---- C:\Program Files\Samsung
2011-10-09 14:21:16 ----D---- C:\Documents and Settings\All Users\Application Data\Samsung
2011-10-08 11:44:06 ----D---- C:\Program Files\Common Files\Steam
2011-10-08 11:44:04 ----D---- C:\Program Files\Steam
2011-10-06 19:38:51 ----D---- C:\Program Files\WinPcap
2011-10-06 19:38:49 ----D---- C:\ProgramData
2011-10-06 19:38:49 ----A---- C:\Program Files\Common Files\WinPcapNmap.exe
2011-10-06 19:38:47 ----D---- C:\Program Files\VDownloader
2011-10-05 17:28:22 ----A---- C:\WINDOWS\DictionaryServiceProxy.INI
2011-10-04 18:45:30 ----D---- C:\Microgaming
2011-10-04 18:45:30 ----D---- C:\Documents and Settings\All Users\Application Data\MGS
======List of files/folders modified in the last 1 month======
2011-10-31 10:25:26 ----D---- C:\Documents and Settings\Fifo\Application Data\Skype
2011-10-31 10:21:23 ----D---- C:\WINDOWS\Temp
2011-10-31 10:19:15 ----D---- C:\Program Files
2011-10-31 10:14:56 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-31 10:14:42 ----D---- C:\Documents and Settings\All Users\Application Data\Anti-phishing Domain Advisor
2011-10-31 08:46:36 ----D---- C:\WINDOWS\system32\drivers
2011-10-31 08:46:30 ----SHD---- C:\WINDOWS\Installer
2011-10-31 08:46:29 ----D---- C:\WINDOWS\WinSxS
2011-10-31 08:46:19 ----D---- C:\WINDOWS\system32
2011-10-31 08:46:19 ----D---- C:\WINDOWS
2011-10-31 08:36:57 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-31 08:35:54 ----HD---- C:\WINDOWS\inf
2011-10-30 18:49:47 ----D---- C:\Documents and Settings\Fifo\Application Data\Ventrilo
2011-10-30 18:49:36 ----D---- C:\WINDOWS\Minidump
2011-10-30 17:15:39 ----D---- C:\Program Files\PokerStars
2011-10-30 09:03:01 ----D---- C:\Documents and Settings\Fifo\Application Data\FileHunter
2011-10-30 08:38:52 ----D---- C:\WINDOWS\system32\config
2011-10-30 06:56:55 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-26 19:21:39 ----D---- C:\WINDOWS\Prefetch
2011-10-23 07:26:25 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-10-21 21:29:12 ----A---- C:\WINDOWS\NeroDigital.ini
2011-10-21 13:31:04 ----D---- C:\WINDOWS\Cursors
2011-10-09 14:42:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-09 14:23:20 ----D---- C:\WINDOWS\system32\CatRoot
2011-10-09 14:23:08 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-10-09 14:21:47 ----HD---- C:\Program Files\InstallShield Installation Information
2011-10-08 11:44:06 ----D---- C:\Program Files\Common Files
2011-10-08 00:43:07 ----D---- C:\Documents and Settings\Fifo\Application Data\GetRightToGo
2011-10-07 21:05:38 ----SD---- C:\WINDOWS\Tasks
2011-10-07 21:04:25 ----D---- C:\Documents and Settings\Fifo\Application Data\PriceGong
2011-10-07 21:04:00 ----D---- C:\Documents and Settings\Fifo\Application Data\mediabarim
2011-10-07 20:51:45 ----SD---- C:\Documents and Settings\Fifo\Application Data\Microsoft
2011-10-06 19:34:39 ----D---- C:\Program Files\BrotherSoft_Extreme
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-08-28 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-09-06 52568]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-09-06 110552]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-06-22 5068288]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2007-07-20 84992]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-07-28 6108776]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 ajwl6no2;ajwl6no2; C:\WINDOWS\system32\drivers\ajwl6no2.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2010-12-21 30312]
S3 ao6lsdd5;ao6lsdd5; C:\WINDOWS\system32\drivers\ao6lsdd5.sys []
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\Admin\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 ESLvnic1;ESLvnic Virtual Network 32 Bit; C:\WINDOWS\system32\DRIVERS\ESLvnic.sys [2010-12-08 24504]
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\Admin\LOCALS~1\Temp\TGDF0.tmp []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\WINDOWS\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\WINDOWS\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\WINDOWS\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1039bus.sys [2009-11-19 98672]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys [2009-11-19 14960]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1039mdm.sys [2009-11-19 124016]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys [2009-11-19 117872]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1039nd5.sys [2009-11-19 25456]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1039obex.sys [2009-11-19 113904]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1039unic.sys [2009-11-19 123504]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-06-02 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-06-02 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-06-02 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-06-02 114280]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-06-22 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 1361288]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-07-16 153376]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-06-11 75136]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-09 136176]
S2 SmileyCentral_1vService;SmileyCentral Service; C:\PROGRA~1\SMILEY~2\bar\1.bin\1vbarsvc.exe [2010-12-27 28766]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-09 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-10-12 419624]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
PROSIM O kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: PROSIM O kontrolu logu
Chcel by som sa spýtať približne každú pol hodinu mi vypne PC a bliká zelené svetielko neviem či sa prehrieva ale keď ho chytím je skoro studený potom vypnem poistku vytiahnem kábel počkám 10 min. a zasa na pol hodinu a zasa to iste ale mam v PC približne dosť vírov ale mam len ESET aj to nie aktívny a neviem v čom to je.
Re: PROSIM O kontrolu logu
Hezké dopoledne 
Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
-souhlaste s instalací konzole pro zotavení
- ComboFix je třeba spustit pod účtem s právy administrátora
- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem
Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe -souhlaste s instalací konzole pro zotavení
- ComboFix je třeba spustit pod účtem s právy administrátora
- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: PROSIM O kontrolu logu
ComboFix 11-10-30.03 - Fifo . 10. 2011 12:20:30.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2046.1472 [GMT 1:00]
Running from: C:\Documents and Settings\Fifo\My Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\Fifo\LOCALS~1\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
C:\Documents and Settings\Fifo\Local Settings\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-31 )))))))))))))))))))))))))))))))
2011-10-31 11:36:58 . 2011-10-31 11:36:58 -------- d-----w- C:\WINDOWS\LastGood
2011-10-31 10:51:29 . 2011-04-29 19:07:11 852480 -c----w- C:\WINDOWS\system32\dllcache\vgx.dll
2011-10-31 10:51:07 . 2011-07-08 14:02:00 10496 -c----w- C:\WINDOWS\system32\dllcache\ndistapi.sys
2011-10-31 09:19:15 . 2011-10-31 09:27:37 -------- d-----w- C:\Program Files\trend micro
2011-10-31 09:19:14 . 2011-10-31 09:19:32 -------- d-----w- C:\rsit
2011-10-21 20:28:01 . 2011-10-21 20:28:01 -------- d-----w- C:\output
2011-10-09 13:28:40 . 2011-10-09 13:29:03 -------- d-----w- C:\hudba
2011-10-09 13:24:31 . 2011-10-09 13:24:31 -------- d-----w- C:\Documents and Settings\Fifo\Local Settings\Application Data\Samsung
2011-10-09 13:24:14 . 2008-04-14 00:12:07 26624 ----a-w- C:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-10-09 13:22:54 . 2011-06-02 05:47:22 136808 ----a-w- C:\WINDOWS\system32\drivers\ssadmdm.sys
2011-10-09 13:22:54 . 2011-06-02 05:47:22 12776 ----a-w- C:\WINDOWS\system32\drivers\ssadmdfl.sys
2011-10-09 13:22:54 . 2011-06-02 05:47:22 114280 ----a-w- C:\WINDOWS\system32\drivers\ssadserd.sys
2011-10-09 13:22:54 . 2011-06-02 05:47:22 10472 ----a-w- C:\WINDOWS\system32\drivers\ssadcmnt.sys
2011-10-09 13:22:54 . 2011-06-02 05:47:22 10472 ----a-w- C:\WINDOWS\system32\drivers\ssadcm.sys
2011-10-09 13:21:16 . 2011-10-09 13:21:16 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Samsung
2011-10-09 13:14:51 . 2011-10-09 13:14:51 -------- d-----w- C:\Documents and Settings\Fifo\Local Settings\Application Data\Downloaded Installations
2011-10-08 10:44:06 . 2011-10-23 05:35:31 -------- d-----w- C:\Program Files\Common Files\Steam
2011-10-08 10:44:04 . 2011-10-31 11:35:44 -------- d-----w- C:\Program Files\Steam
2011-10-07 20:22:31 . 2011-10-07 20:22:54 -------- d-----w- C:\Documents and Settings\Fifo\048298C9A4D3490B9FF9AB023A9238F3.TMP
2011-10-06 18:38:51 . 2011-10-06 18:38:51 -------- d-----w- C:\Program Files\WinPcap
2011-10-06 18:38:49 . 2011-10-07 19:59:44 -------- d-----w- C:\ProgramData
2011-10-06 18:38:49 . 2010-01-26 09:11:08 444283 ----a-w- C:\Program Files\Common Files\WinPcapNmap.exe
2011-10-06 18:38:47 . 2011-10-08 13:59:54 -------- d-----w- C:\Program Files\VDownloader
2011-10-04 17:45:30 . 2011-10-04 17:45:31 -------- d-----w- C:\Microgaming
2011-10-04 17:45:30 . 2011-10-04 17:45:30 -------- d-----w- C:\Documents and Settings\All Users\Application Data\MGS
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-09-16 09:54:48 . 2011-09-16 09:54:48 90112 ----a-w- C:\WINDOWS\MAMCityDownload.ocx
2011-09-16 09:54:48 . 2011-09-16 09:54:48 325552 ----a-w- C:\WINDOWS\MASetupCaller.dll
2011-09-16 09:54:48 . 2011-09-16 09:54:48 30568 ----a-w- C:\WINDOWS\MusiccityDownload.exe
2011-09-16 09:54:44 . 2011-09-16 09:54:44 974848 ----a-w- C:\WINDOWS\system32\cis-2.4.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 81920 ----a-w- C:\WINDOWS\system32\issacapi_bs-2.3.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 65536 ----a-w- C:\WINDOWS\system32\issacapi_pe-2.3.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 57344 ----a-w- C:\WINDOWS\system32\MTXSYNCICON.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 57344 ----a-w- C:\WINDOWS\system32\MK_Lyric.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 57344 ----a-w- C:\WINDOWS\system32\issacapi_se-2.3.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 569344 ----a-w- C:\WINDOWS\system32\muzdecode.ax
2011-09-16 09:54:44 . 2011-09-16 09:54:44 491520 ----a-w- C:\WINDOWS\system32\muzapp.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 49152 ----a-w- C:\WINDOWS\system32\MaJGUILib.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 45056 ----a-w- C:\WINDOWS\system32\MaXMLProto.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 45056 ----a-w- C:\WINDOWS\system32\MACXMLProto.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 40960 ----a-w- C:\WINDOWS\system32\MTTELECHIP.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 40960 ----a-w- C:\WINDOWS\system32\MAMACExtract.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 382976 ----a-w- C:\WINDOWS\system32\mfplat.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 352256 ----a-w- C:\WINDOWS\system32\MSLUR71.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 258048 ----a-w- C:\WINDOWS\system32\muzoggsp.ax
2011-09-16 09:54:44 . 2011-09-16 09:54:44 245760 ----a-w- C:\WINDOWS\system32\MSCLib.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 24576 ----a-w- C:\WINDOWS\system32\MASetupCleaner.exe
2011-09-16 09:54:44 . 2011-09-16 09:54:44 200704 ----a-w- C:\WINDOWS\system32\muzwmts.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 155648 ----a-w- C:\WINDOWS\system32\MSFLib.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 143360 ----a-w- C:\WINDOWS\system32\3DAudio.ax
2011-09-16 09:54:44 . 2011-09-16 09:54:44 14336 ----a-w- C:\WINDOWS\system32\avrt.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 135168 ----a-w- C:\WINDOWS\system32\muzaf1.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 131072 ----a-w- C:\WINDOWS\system32\muzmpgsp.ax
2011-09-16 09:54:44 . 2011-09-16 09:54:44 122880 ----a-w- C:\WINDOWS\system32\muzeffect.ax
2011-09-16 09:54:44 . 2011-09-16 09:54:44 118784 ----a-w- C:\WINDOWS\system32\MaDRM.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 110592 ----a-w- C:\WINDOWS\system32\muzmp4sp.ax
2008-11-27 12:26:13 . 2010-10-18 12:11:35 142848 ----a-w- C:\Program Files\Mssv12.asi
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "C:\Program Files\Ask.com\GenericAskToolbar.dll" [2011-02-01 17:17:24 1487240]
"{038cb5c7-48ea-4af9-94e0-a1646542e62b}"= "C:\Program Files\ToggleEN\tbTogg.dll" [2010-09-12 13:02:22 3863136]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "C:\Program Files\Softonic-Eng7\prxtbSof2.dll" [2011-01-17 14:54:02 175912]
"{51a86bb3-6602-4c85-92a5-130ee4864f13}"= "C:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll" [2011-03-28 16:22:54 176936]
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_CLASSES_ROOT\clsid\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
2010-09-12 13:02:22 3863136 ----a-w- C:\Program Files\ToggleEN\tbTogg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2046.1472 [GMT 1:00]
Running from: C:\Documents and Settings\Fifo\My Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\Fifo\LOCALS~1\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
C:\Documents and Settings\Fifo\Local Settings\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
((((((((((((((((((((((((( Files Created from 2011-09-28 to 2011-10-31 )))))))))))))))))))))))))))))))
2011-10-31 11:36:58 . 2011-10-31 11:36:58 -------- d-----w- C:\WINDOWS\LastGood
2011-10-31 10:51:29 . 2011-04-29 19:07:11 852480 -c----w- C:\WINDOWS\system32\dllcache\vgx.dll
2011-10-31 10:51:07 . 2011-07-08 14:02:00 10496 -c----w- C:\WINDOWS\system32\dllcache\ndistapi.sys
2011-10-31 09:19:15 . 2011-10-31 09:27:37 -------- d-----w- C:\Program Files\trend micro
2011-10-31 09:19:14 . 2011-10-31 09:19:32 -------- d-----w- C:\rsit
2011-10-21 20:28:01 . 2011-10-21 20:28:01 -------- d-----w- C:\output
2011-10-09 13:28:40 . 2011-10-09 13:29:03 -------- d-----w- C:\hudba
2011-10-09 13:24:31 . 2011-10-09 13:24:31 -------- d-----w- C:\Documents and Settings\Fifo\Local Settings\Application Data\Samsung
2011-10-09 13:24:14 . 2008-04-14 00:12:07 26624 ----a-w- C:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2011-10-09 13:22:54 . 2011-06-02 05:47:22 136808 ----a-w- C:\WINDOWS\system32\drivers\ssadmdm.sys
2011-10-09 13:22:54 . 2011-06-02 05:47:22 12776 ----a-w- C:\WINDOWS\system32\drivers\ssadmdfl.sys
2011-10-09 13:22:54 . 2011-06-02 05:47:22 114280 ----a-w- C:\WINDOWS\system32\drivers\ssadserd.sys
2011-10-09 13:22:54 . 2011-06-02 05:47:22 10472 ----a-w- C:\WINDOWS\system32\drivers\ssadcmnt.sys
2011-10-09 13:22:54 . 2011-06-02 05:47:22 10472 ----a-w- C:\WINDOWS\system32\drivers\ssadcm.sys
2011-10-09 13:21:16 . 2011-10-09 13:21:16 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Samsung
2011-10-09 13:14:51 . 2011-10-09 13:14:51 -------- d-----w- C:\Documents and Settings\Fifo\Local Settings\Application Data\Downloaded Installations
2011-10-08 10:44:06 . 2011-10-23 05:35:31 -------- d-----w- C:\Program Files\Common Files\Steam
2011-10-08 10:44:04 . 2011-10-31 11:35:44 -------- d-----w- C:\Program Files\Steam
2011-10-07 20:22:31 . 2011-10-07 20:22:54 -------- d-----w- C:\Documents and Settings\Fifo\048298C9A4D3490B9FF9AB023A9238F3.TMP
2011-10-06 18:38:51 . 2011-10-06 18:38:51 -------- d-----w- C:\Program Files\WinPcap
2011-10-06 18:38:49 . 2011-10-07 19:59:44 -------- d-----w- C:\ProgramData
2011-10-06 18:38:49 . 2010-01-26 09:11:08 444283 ----a-w- C:\Program Files\Common Files\WinPcapNmap.exe
2011-10-06 18:38:47 . 2011-10-08 13:59:54 -------- d-----w- C:\Program Files\VDownloader
2011-10-04 17:45:30 . 2011-10-04 17:45:31 -------- d-----w- C:\Microgaming
2011-10-04 17:45:30 . 2011-10-04 17:45:30 -------- d-----w- C:\Documents and Settings\All Users\Application Data\MGS
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2011-09-16 09:54:48 . 2011-09-16 09:54:48 90112 ----a-w- C:\WINDOWS\MAMCityDownload.ocx
2011-09-16 09:54:48 . 2011-09-16 09:54:48 325552 ----a-w- C:\WINDOWS\MASetupCaller.dll
2011-09-16 09:54:48 . 2011-09-16 09:54:48 30568 ----a-w- C:\WINDOWS\MusiccityDownload.exe
2011-09-16 09:54:44 . 2011-09-16 09:54:44 974848 ----a-w- C:\WINDOWS\system32\cis-2.4.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 81920 ----a-w- C:\WINDOWS\system32\issacapi_bs-2.3.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 65536 ----a-w- C:\WINDOWS\system32\issacapi_pe-2.3.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 57344 ----a-w- C:\WINDOWS\system32\MTXSYNCICON.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 57344 ----a-w- C:\WINDOWS\system32\MK_Lyric.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 57344 ----a-w- C:\WINDOWS\system32\issacapi_se-2.3.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 569344 ----a-w- C:\WINDOWS\system32\muzdecode.ax
2011-09-16 09:54:44 . 2011-09-16 09:54:44 491520 ----a-w- C:\WINDOWS\system32\muzapp.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 49152 ----a-w- C:\WINDOWS\system32\MaJGUILib.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 45056 ----a-w- C:\WINDOWS\system32\MaXMLProto.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 45056 ----a-w- C:\WINDOWS\system32\MACXMLProto.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 40960 ----a-w- C:\WINDOWS\system32\MTTELECHIP.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 40960 ----a-w- C:\WINDOWS\system32\MAMACExtract.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 382976 ----a-w- C:\WINDOWS\system32\mfplat.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 352256 ----a-w- C:\WINDOWS\system32\MSLUR71.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 258048 ----a-w- C:\WINDOWS\system32\muzoggsp.ax
2011-09-16 09:54:44 . 2011-09-16 09:54:44 245760 ----a-w- C:\WINDOWS\system32\MSCLib.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 24576 ----a-w- C:\WINDOWS\system32\MASetupCleaner.exe
2011-09-16 09:54:44 . 2011-09-16 09:54:44 200704 ----a-w- C:\WINDOWS\system32\muzwmts.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 155648 ----a-w- C:\WINDOWS\system32\MSFLib.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 143360 ----a-w- C:\WINDOWS\system32\3DAudio.ax
2011-09-16 09:54:44 . 2011-09-16 09:54:44 14336 ----a-w- C:\WINDOWS\system32\avrt.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 135168 ----a-w- C:\WINDOWS\system32\muzaf1.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 131072 ----a-w- C:\WINDOWS\system32\muzmpgsp.ax
2011-09-16 09:54:44 . 2011-09-16 09:54:44 122880 ----a-w- C:\WINDOWS\system32\muzeffect.ax
2011-09-16 09:54:44 . 2011-09-16 09:54:44 118784 ----a-w- C:\WINDOWS\system32\MaDRM.dll
2011-09-16 09:54:44 . 2011-09-16 09:54:44 110592 ----a-w- C:\WINDOWS\system32\muzmp4sp.ax
2008-11-27 12:26:13 . 2010-10-18 12:11:35 142848 ----a-w- C:\Program Files\Mssv12.asi
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "C:\Program Files\Ask.com\GenericAskToolbar.dll" [2011-02-01 17:17:24 1487240]
"{038cb5c7-48ea-4af9-94e0-a1646542e62b}"= "C:\Program Files\ToggleEN\tbTogg.dll" [2010-09-12 13:02:22 3863136]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "C:\Program Files\Softonic-Eng7\prxtbSof2.dll" [2011-01-17 14:54:02 175912]
"{51a86bb3-6602-4c85-92a5-130ee4864f13}"= "C:\Program Files\BrotherSoft_Extreme\prxtbBro0.dll" [2011-03-28 16:22:54 176936]
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[HKEY_CLASSES_ROOT\clsid\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
[HKEY_CLASSES_ROOT\clsid\{51a86bb3-6602-4c85-92a5-130ee4864f13}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{038cb5c7-48ea-4af9-94e0-a1646542e62b}]
2010-09-12 13:02:22 3863136 ----a-w- C:\Program Files\ToggleEN\tbTogg.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
Re: PROSIM O kontrolu logu
dufam ze je to ono
Re: PROSIM O kontrolu logu
LOg není celý. Změnilo se s pc něco?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: PROSIM O kontrolu logu
hej sorry ale ja sem to ani nestihol ani cele protoze kim se to dodelalo mne viplo PC tak sem to pak dokoncil az PO zapnuty tak newm ci se tam mohlo daco utratit zatim skusim to znova
Re: PROSIM O kontrolu logu
ok
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?