Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomaly internet :( + log

Návody, recenze, diskuze, řešení problémů

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zamčeno
Zpráva
Autor
safire
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 17 srp 2010 21:31

Pomaly internet :( + log

#1 Příspěvek od safire »

Zdravim mam podobny problem ako tato pani

Kód: Vybrat vše

http://forum.viry.cz/viewtopic.php?f=19&t=95074
mam pomaly internet skoro 10x ako mam normalne. Rozdiel v mojom probleme je, ze internet je pomaly aj na dalsiom PC a notebooku.Internet som skusal napojit aj cez router aj bez routra, bohuzial rychlost rovnaka. Volal som providerovi a u nich problem nie je, s nimi mam signal dobry tak sem hodim log, mohli by ste mi ho skontrolovat prosim ? :) THX

Kód: Vybrat vše

Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2012-02-09 19:55:33
Microsoft Windows XP Professional Service Pack 2
System drive D: has 10 GB (26%) free of 40 GB
Total RAM: 2559 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:56:01, on 9.2.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
D:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
D:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
D:\Program Files\iTunes\iTunesHelper.exe
D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe
D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE
C:\Program Files\DAEMON Tools Lite\daemon.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Steam\Steam.exe
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
D:\Program Files\Xfire\Xfire.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
D:\Program Files\Application Updater\ApplicationUpdater.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\iPod\bin\iPodService.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\Pando Networks\Media Booster\PMB.exe
D:\Program Files\Google\Chrome\Application\chrome.exe
D:\Program Files\Google\Chrome\Application\chrome.exe
D:\Program Files\Google\Chrome\Application\chrome.exe
D:\Program Files\Google\Chrome\Application\chrome.exe
D:\Program Files\Google\Chrome\Application\chrome.exe
D:\Program Files\Google\Chrome\Application\chrome.exe
D:\Program Files\Google\Chrome\Application\chrome.exe
D:\Program Files\Opera\opera.exe
D:\Program Files\iTunes\iTunes.exe
D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
D:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
D:\Documents and Settings\Administrator\Desktop\RSIT.exe
D:\Program Files\trend micro\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=down
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{0C26C70D-6214-4FBE-B9A7-19EE3E97E98B}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=down&s={searchTerms}&f=4
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - D:\Program Files\Dealio Toolbar\IE\4.9\dealioToolbarIE.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - D:\Program Files\uTorrentBar\prxtbuTo0.dll
R3 - URLSearchHook: ToolbarURLSearchHook Class - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - D:\Program Files\Hyperionics DB Toolbar\tbhelper.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - D:\Program Files\Dealio Toolbar\IE\4.9\dealioToolbarIE.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - D:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: uTorrentBar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - D:\Program Files\uTorrentBar\prxtbuTo0.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - D:\Program Files\Hyperionics DB Toolbar\tbcore3.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - D:\Program Files\uTorrentBar\prxtbuTo0.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Hyperionics DB Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - D:\Program Files\Hyperionics DB Toolbar\tbcore3.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - D:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - D:\Program Files\Dealio Toolbar\IE\4.9\dealioToolbarIE.dll
O4 - HKLM\..\Run: [PRONoMgrWired] D:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [svcdotnet] D:\WINDOWS\svcdotnet\svcdotnet.exe
O4 - HKLM\..\Run: [StartCCC] "D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [facemoods] "D:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [SearchSettings] "D:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [B2C_AGENT] D:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
O4 - HKLM\..\Run: [APSDaemon] "D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LG LinkAir] D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe
O4 - HKCU\..\Run: [EPSON SX510W Series] D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE /FU "D:\WINDOWS\TEMP\E_SE8.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [uTorrent] "D:\Program Files\uTorrent\uTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Pando Media Booster] D:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [KPeerNexonEU] D:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - HKCU\..\Run: [Any Wallpaper] "D:\Program Files\AnyUtils\Any Weblock\AnyWallpaper.exe" "hide"
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - Startup: Xfire.lnk = D:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - D:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - D:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Image - res://D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Memo - res://D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
O8 - Extra context menu item: LG Air Sync (R-Click) - Save as Mobile Text file - res://D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
O8 - Extra context menu item: LG Air Sync (R-Click) - Set as Mobile Wallpaper - res://D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
O8 - Extra context menu item: LG Air Sync Option - res://D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{E520D09A-DEDA-4C87-B40D-535F86158834}: NameServer = 172.22.39.254,217.119.117.170
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\System32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - D:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - D:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 12272 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - D:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gc8f186z.default

prefs.js - "browser.startup.homepage" -  "http://start.facemoods.com/?a=down"
prefs.js - "extensions.enabledItems" -  "jqs@sun.com:1.0, webcomponent@globalenglish.com:2.0.0.55, {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}:6.0.30, ffxtlbr@Facemoods.com:1.4.1, dealio@mybrowserbar.com:4.9, wtxpcom@mybrowserbar.com:4.9, {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.26"
prefs.js - "keyword.URL" -  "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=867034&ilc=12&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"webcomponent@globalenglish.com"=D:\Program Files\GlobalEnglish\Firefox\Version3\webcomponent@globalenglish.com
"jqs@sun.com"=D:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}"=D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=D:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller
"Path"=D:\Documents and Settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=D:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=D:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=D:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP]
"Description"=Viewpoint Media Player for Mozilla
"Path"=D:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

D:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

D:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

D:\Program Files\Mozilla Firefox\plugins\
libdivx.dll
np-mswmp.dll
npdeployJava1.dll
npdivx32.dll
npdivx32.xpt
npnul32.dll
ssldivx.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

D:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
fcmdSrch.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

D:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gc8f186z.default\extensions\
ffxtlbr@Facemoods.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Dealio Toolbar - D:\Program Files\Dealio Toolbar\IE\4.9\dealioToolbarIE.dll [2011-12-13 1071456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class - D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2010-09-16 35688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486b-A045-B233BD0DA8FC}]
CescrtHlpr Object - D:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll [2011-09-05 265944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - D:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-10 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - D:\Program Files\Hyperionics DB Toolbar\tbcore3.dll [2011-06-22 2398720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - D:\Program Files\uTorrentBar\prxtbuTo0.dll [2011-05-09 176936]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - D:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-04-21 1000768]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - Hyperionics DB Toolbar - D:\Program Files\Hyperionics DB Toolbar\tbcore3.dll [2011-06-22 2398720]
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - facemoods Toolbar - D:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll [2011-09-05 220888]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Dealio Toolbar - D:\Program Files\Dealio Toolbar\IE\4.9\dealioToolbarIE.dll [2011-12-13 1071456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PRONoMgrWired"=D:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe [2004-11-18 86016]
"SoundMan"=D:\WINDOWS\SOUNDMAN.EXE [2005-06-14 77824]
"GrooveMonitor"=D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"svcdotnet"=D:\WINDOWS\svcdotnet\svcdotnet.exe []
"StartCCC"=D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-10 61440]
"SunJavaUpdateSched"=D:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"facemoods"=D:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe [2011-09-05 362200]
""= []
"SearchSettings"=D:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2011-12-13 922976]
"KernelFaultCheck"=D:\WINDOWS\system32\dumprep 0 -k []
"B2C_AGENT"=D:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2011-09-28 404568]
"APSDaemon"=D:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-01 59240]
"iTunesHelper"=D:\Program Files\iTunes\iTunesHelper.exe [2012-01-16 421736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LG LinkAir"=D:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe [2010-09-16 2440552]
"EPSON SX510W Series"=D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [2008-11-20 199680]
"uTorrent"=D:\Program Files\uTorrent\uTorrent.exe  /MINIMIZED []
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-24 490952]
"Skype"=D:\Program Files\Skype\Phone\Skype.exe [2011-10-13 17351304]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"Pando Media Booster"=D:\Program Files\Pando Networks\Media Booster\PMB.exe [2011-10-12 3077528]
"KPeerNexonEU"=D:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe [2011-10-12 438272]
"Any Wallpaper"=D:\Program Files\AnyUtils\Any Weblock\AnyWallpaper.exe hide []
"Steam"=D:\Program Files\Steam\Steam.exe [2012-01-05 1242448]

D:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

D:\Documents and Settings\Administrator\Start Menu\Programs\Startup
Xfire.lnk - D:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
D:\WINDOWS\system32\Ati2evxx.dll [2010-02-11 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=
scecli

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Opera\opera.exe"="D:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Hry\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe"="C:\Program Files\Hry\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-EU-Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Hry\World of Warcraft\Launcher.exe"="C:\Program Files\Hry\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Hry\World of Warcraft\Launcher.patch.exe"="C:\Program Files\Hry\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Hry\dd\World of Warcraft\Launcher.exe"="C:\Program Files\Hry\dd\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"C:\Program Files\Hry\dd\World of Warcraft\Launcher.patch.exe"="C:\Program Files\Hry\dd\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"D:\Program Files\VideoLAN\VLC\vlc.exe"="D:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Hry\RCT3\rct.exe"="C:\Program Files\Hry\RCT3\rct.exe:*:Enabled:rct"
"D:\Program Files\Counter-Strike 1.6 & Half-Life\hl.exe"="D:\Program Files\Counter-Strike 1.6 & Half-Life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\WINDOWS\system32\PnkBstrA.exe"="D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\WINDOWS\system32\PnkBstrB.exe"="D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Hry\B2\BF2.exe"="C:\Program Files\Hry\B2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Hry\BF2\BF2.exe"="C:\Program Files\Hry\BF2\BF2.exe:*:Enabled:Battlefield 2"
"D:\Program Files\Pando Networks\Media Booster\PMB.exe"="D:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe"="D:\Documents and Settings\All Users\Application Data\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="D:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"D:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe"="D:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"D:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="D:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer"
"D:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="D:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL Connectivity Service"
"D:\Program Files\Common Files\AOL\1318448853\ee\aolsoftware.exe"="D:\Program Files\Common Files\AOL\1318448853\ee\aolsoftware.exe:*:Enabled:AOL Shared Components"
"D:\Program Files\Common Files\AOL\Loader\aolload.exe"="D:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"D:\Program Files\Common Files\AOL\1318448853\ee\AOLDesktop.exe"="D:\Program Files\Common Files\AOL\1318448853\ee\AOLDesktop.exe:*:Enabled:AOL Desktop"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="D:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"D:\Program Files\Bonjour\mDNSResponder.exe"="D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"D:\Program Files\iTunes\iTunes.exe"="D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"D:\Program Files\ACSPMonitor\ASMonitor.exe"="D:\Program Files\ACSPMonitor\ASMonitor.exe:*:Enabled:System"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Pando Networks\Media Booster\PMB.exe"="D:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"msacm.vorbis"=vorbis.acm
"VIDC.XFR1"=xfcodec.dll

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 month======

2012-02-09 19:49:31 ----D---- D:\rsit
2012-02-09 19:49:31 ----D---- D:\Program Files\trend micro
2012-02-09 18:18:14 ----D---- D:\Program Files\GIMP-2.0
2012-02-03 10:29:56 ----A---- D:\WINDOWS\system32\xfcodec.dll
2012-02-03 09:52:26 ----A---- D:\WINDOWS\WININIT.INI
2012-01-27 21:47:43 ----AD---- D:\Documents and Settings\All Users\Application Data\TEMP
2012-01-27 21:46:23 ----A---- D:\WINDOWS\system32\IJL_11.DLL
2012-01-27 21:32:28 ----D---- D:\Documents and Settings\Administrator\Application Data\twinstar_launcher
2012-01-24 20:23:43 ----D---- D:\Lyrics
2012-01-24 20:23:33 ----D---- D:\Documents and Settings\Administrator\Application Data\MiniLyrics
2012-01-24 20:23:25 ----D---- D:\Program Files\Minilyrics
2012-01-21 21:39:07 ----D---- D:\Documents and Settings\Administrator\Application Data\Apple Computer
2012-01-21 21:38:58 ----A---- D:\WINDOWS\system32\GEARAspi.dll
2012-01-21 21:38:58 ----A---- D:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2012-01-21 21:38:20 ----D---- D:\Program Files\iPod
2012-01-21 21:38:10 ----D---- D:\Program Files\iTunes
2012-01-21 21:38:10 ----D---- D:\Documents and Settings\All Users\Application Data\Apple Computer
2012-01-21 21:38:10 ----D---- D:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2012-01-21 21:37:42 ----D---- D:\Program Files\Apple Software Update
2012-01-21 21:37:10 ----D---- D:\Program Files\Bonjour
2012-01-21 21:36:55 ----D---- D:\Program Files\Common Files\Apple
2012-01-21 21:36:55 ----D---- D:\Documents and Settings\All Users\Application Data\Apple
2012-01-20 19:54:09 ----A---- D:\WINDOWS\system32\pwNative.exe
2012-01-20 19:54:08 ----N---- D:\WINDOWS\system32\pwdspio.sys
2012-01-20 19:54:08 ----N---- D:\WINDOWS\system32\pwdrvio.sys
2012-01-20 19:54:03 ----D---- D:\Program Files\MiniTool Partition Wizard Home Edition 7.1
2012-01-19 18:21:17 ----A---- D:\WINDOWS\system32\drivers\lgandmodem.sys
2012-01-19 18:21:17 ----A---- D:\WINDOWS\system32\drivers\lgandgps.sys
2012-01-19 18:21:17 ----A---- D:\WINDOWS\system32\drivers\lganddiag.sys
2012-01-19 18:21:17 ----A---- D:\WINDOWS\system32\drivers\lgandbus.sys
2012-01-19 18:21:17 ----A---- D:\WINDOWS\system32\drivers\lgandadb.sys
2012-01-19 15:02:08 ----A---- D:\WINDOWS\ModemLog_LGE Android Platform USB Modem.txt
2012-01-19 14:56:11 ----D---- D:\Program Files\mstrgen
2012-01-19 14:52:30 ----HDC---- D:\WINDOWS\$NtUninstallWdf01005$
2012-01-18 19:09:09 ----A---- D:\WINDOWS\system32\msvcr90.dll
2012-01-18 19:09:09 ----A---- D:\WINDOWS\system32\msvcp90.dll
2012-01-18 19:09:09 ----A---- D:\WINDOWS\system32\msvcm90.dll
2012-01-18 19:09:05 ----A---- D:\WINDOWS\system32\lgAxconfig.ini
2012-01-18 19:09:05 ----A---- D:\WINDOWS\system32\CommonDL.dll
2012-01-18 19:08:50 ----D---- D:\Documents and Settings\All Users\Application Data\LGMOBILEAX

======List of files/folders modified in the last 1 month======

2012-02-09 19:52:07 ----D---- D:\Documents and Settings\Administrator\Application Data\Skype
2012-02-09 19:50:01 ----D---- D:\WINDOWS\Prefetch
2012-02-09 19:49:31 ----D---- D:\Program Files
2012-02-09 19:37:31 ----D---- D:\Documents and Settings\All Users\Application Data\PMB Files
2012-02-09 17:12:59 ----D---- D:\WINDOWS\system32\CatRoot2
2012-02-09 17:11:01 ----D---- D:\WINDOWS
2012-02-09 15:31:13 ----D---- D:\Program Files\Steam
2012-02-09 15:30:53 ----D---- D:\WINDOWS\Temp
2012-02-08 21:59:25 ----A---- D:\WINDOWS\SchedLgU.Txt
2012-02-08 21:53:27 ----D---- D:\WINDOWS\system32
2012-02-08 21:51:36 ----D---- D:\Documents and Settings\Administrator\Application Data\vlc
2012-02-08 21:03:58 ----D---- D:\Documents and Settings\Administrator\Application Data\Xfire
2012-02-04 21:00:31 ----D---- D:\Program Files\Xfire
2012-02-04 11:16:38 ----A---- D:\WINDOWS\system32\CmdLineExt.dll
2012-02-03 10:22:45 ----HD---- D:\Program Files\Izwvnutxkomaj
2012-02-02 20:13:14 ----D---- D:\Program Files\Mozilla Firefox
2012-02-01 22:43:24 ----SHD---- D:\WINDOWS\Installer
2012-02-01 17:40:38 ----HD---- D:\WINDOWS\svcdotnet
2012-01-31 21:56:23 ----A---- D:\Documents and Settings\All Users\Application Data\svcdotnet.txt
2012-01-30 15:49:14 ----D---- D:\Program Files\Opera
2012-01-29 14:13:05 ----D---- D:\Documents and Settings\Administrator\Application Data\dvdcss
2012-01-27 21:52:44 ----D---- D:\WINDOWS\system
2012-01-23 21:42:45 ----D---- D:\Documents and Settings\Administrator\Application Data\Opera
2012-01-23 21:13:24 ----HD---- D:\WINDOWS\inf
2012-01-23 20:54:53 ----D---- D:\WINDOWS\Logs
2012-01-23 17:42:34 ----D---- D:\ATI
2012-01-23 17:42:16 ----D---- D:\WINDOWS\system32\DirectX
2012-01-23 17:41:37 ----RSD---- D:\WINDOWS\assembly
2012-01-21 21:39:00 ----D---- D:\WINDOWS\system32\drivers
2012-01-21 21:38:58 ----DC---- D:\WINDOWS\system32\DRVSTORE
2012-01-21 21:37:47 ----SD---- D:\WINDOWS\Tasks
2012-01-21 21:37:02 ----D---- D:\WINDOWS\WinSxS
2012-01-21 21:36:55 ----D---- D:\Program Files\Common Files
2012-01-19 18:28:39 ----D---- D:\WINDOWS\system32\CatRoot
2012-01-19 18:21:29 ----D---- D:\Program Files\LG Electronics
2012-01-19 16:23:37 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2012-01-18 19:48:18 ----HD---- D:\Program Files\InstallShield Installation Information
2012-01-18 18:15:26 ----D---- D:\Program Files\MSXML 4.0
2012-01-15 21:06:54 ----D---- D:\Documents and Settings\Administrator\Application Data\U3
2012-01-14 00:08:32 ----D---- D:\WINDOWS\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; D:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 nvata;nvata; D:\WINDOWS\System32\DRIVERS\nvata.sys [2005-05-26 92800]
R0 speedfan;speedfan; D:\WINDOWS\system32\speedfan.sys [2011-03-18 25240]
R0 sptd;sptd; D:\WINDOWS\System32\Drivers\sptd.sys [2011-07-30 717296]
R1 intelppm;Intel Processor Driver; D:\WINDOWS\System32\DRIVERS\intelppm.sys [2004-08-04 36096]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-06-16 2323072]
R3 ati2mtag;ati2mtag; D:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2010-02-11 3565056]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; D:\WINDOWS\System32\DRIVERS\e1000325.sys [2004-11-22 176128]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 LgBttPort;LGE Bluetooth TransPort; D:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; D:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; D:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; D:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 MTsensor;ATK0110 ACPI UTILITY; D:\WINDOWS\System32\DRIVERS\ASACPI.sys [2004-08-13 5810]
S3 agnom6wa;agnom6wa; D:\WINDOWS\system32\drivers\agnom6wa.sys []
S3 Andbus;LGE Android Platform Composite USB Device; D:\WINDOWS\System32\DRIVERS\lgandbus.sys [2010-12-07 14336]
S3 AndDiag;LGE Android Platform USB Serial Port; D:\WINDOWS\System32\DRIVERS\lganddiag.sys [2010-12-07 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; D:\WINDOWS\System32\DRIVERS\lgandgps.sys [2010-12-07 20096]
S3 ANDModem;LGE Android Platform USB Modem; D:\WINDOWS\System32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
S3 androidusb;ADB Interface Driver; D:\WINDOWS\System32\Drivers\lgandadb.sys [2010-08-02 25728]
S3 cpuz135;cpuz135; \??\D:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys []
S3 EagleXNt;EagleXNt; \??\D:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 pwdrvio;pwdrvio; \??\D:\WINDOWS\system32\pwdrvio.sys []
S3 pwdspio;pwdspio; \??\D:\WINDOWS\system32\pwdspio.sys []
S3 speccy;speccy; \??\D:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\f52b2715-9e3d-4586-aae7-cfad1ecd68d7 []
S3 usbccgp;Microsoft USB Generic Parent Driver; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
S3 usbscan;USB Scanner Driver; D:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 15104]
S3 USBSTOR;USB Mass Storage Driver; D:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
S3 wanatw;WAN Miniport (ATW); D:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 Wdf01000;Wdf01000; D:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 Application Updater;Application Updater; D:\Program Files\Application Updater\ApplicationUpdater.exe [2011-12-13 748440]
R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2010-02-11 602112]
R2 Bonjour Service;Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2011-11-10 153376]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2011-09-20 75136]
R3 iPod Service;iPod Service; D:\Program Files\iPod\bin\iPodService.exe [2012-01-16 821608]
S2 ATI Smart;ATI Smart; D:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-13 136176]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Google Update Service (gupdatem); D:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-13 136176]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-26 65824]
S3 NetSvc;Intel NCS NetService; D:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [2004-11-19 147456]
S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; D:\Program Files\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomaly internet :( + log

#2 Příspěvek od Rudy »

Zdravím!

Poprosím o log ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
safire
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 17 srp 2010 21:31

Re: Pomaly internet :( + log

#3 Příspěvek od safire »

Kód: Vybrat vše

ComboFix 12-02-09.04 - Administrator 09.02.2012  21:35:26.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.2.1250.420.1033.18.2559.1795 [GMT 1:00]
Spuštěný z: d:\documents and settings\Administrator\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\documents and settings\Administrator\Application Data\Dealio
d:\documents and settings\Administrator\Application Data\Dealio\res\widgets.xml
d:\documents and settings\Administrator\Application Data\Dealio\temp\http___www_dealio_com_rss_coupons-deals_top_7days__cnid=[CHANNEL_ID]&ccv=[CODE_VER]&ISN=[ISN]&lngid=[LANG_ID].xml
d:\documents and settings\Administrator\Application Data\facemoods.com
d:\documents and settings\Administrator\Application Data\Toolbar4
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\0a4f35b626016d8cd6d5731fa5e2aad7
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\0b64ffa009d9e3d1236fb2b575bd953d
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\0d53f0a9a42a5167b78657f1fc9488f1
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\1df1df47b49e8b3090bc211048795c5a
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\27c746d432b7a753a0af8d7c033b46fe
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2b4ad282984708f7b89800e17a257476
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\2f51f062108c7f20a67770bbdf546004
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\31dca3ca44f44956ffde9959067d1093
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\521788680d3595d05d274f3713057765
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\593abe4ad021a7ca3002ccb2dca1969d
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\757a20d7a75ae93435ac64a6095eab39
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\7afabe4e3af1a66103f629a38d90558a
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9956734e872eec3ea3e17f52e84dc6cc
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9d810aab3f7bcbacb07c241f8d726714
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\9fc2051aee76f9ef060973477300788d
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\c48c9e27c16419ab995d48b077a802ff
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\d1a2c0b23b2d4e91acf26940533c64f0
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\cache\dcd16c0f4842bc19d648b261e3cf263d
d:\documents and settings\Administrator\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\include_files\1e6d0a92883b25f29523edfaccfcde3b
d:\documents and settings\Administrator\Desktop\Setup.exe
d:\documents and settings\Administrator\Local Settings\Application Data\bloson.bmp
d:\documents and settings\Administrator\Local Settings\Application Data\dealply.bmp
d:\documents and settings\Administrator\Local Settings\Application Data\dealply.exe
d:\documents and settings\Administrator\Local Settings\Application Data\facemoods.bmp
d:\documents and settings\Administrator\Local Settings\Application Data\facemoods.exe
d:\documents and settings\Administrator\Local Settings\Application Data\lateral1.bmp
d:\documents and settings\Administrator\Local Settings\Application Data\lateral2.bmp
d:\documents and settings\Administrator\Local Settings\Application Data\lateral3.bmp
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\common.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\background.html
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\cached_http_request.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\extension_info.json
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\icons\icon128.png
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\icons\icon19.png
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\icons\icon32.png
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\icons\icon48.png
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\includes\content.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\includes\content_kango.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\includes\content_messaging.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\includes\content_userscript.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\kango-ui\button.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\kango-ui\ui.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\kango\browser.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\kango\console.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\kango\event_listener.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\kango\initialize.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\kango\io.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\kango\jsonstorage.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\kango\kango.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\kango\lang.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\kango\messaging.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\kango\userscript_engine.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\kango\xhr.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\main.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\manifest.json
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\minibar\actions.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\minibar\cachedxhr.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\minibar\config.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\minibar\macros.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\minibar\minibar.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\popup.html
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\popup.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\tab.html
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome\tab.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\chrome_installer.js
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\install.json
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\minibar.crx
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\sqlite3.exe
d:\documents and settings\Administrator\Local Settings\Application Data\Minibar\Uninstall.exe
d:\documents and settings\Administrator\WINDOWS
d:\documents and settings\All Users\Application Data\TEMP
d:\program files\Dealio Toolbar
d:\program files\Dealio Toolbar\FF\chrome.manifest
d:\program files\Dealio Toolbar\FF\chrome\content\chevron.js
d:\program files\Dealio Toolbar\FF\chrome\content\chevron.xul
d:\program files\Dealio Toolbar\FF\chrome\content\JSWidget.js
d:\program files\Dealio Toolbar\FF\chrome\content\login.js
d:\program files\Dealio Toolbar\FF\chrome\content\login.xul
d:\program files\Dealio Toolbar\FF\chrome\content\parser.js
d:\program files\Dealio Toolbar\FF\chrome\content\RadioWidget.js
d:\program files\Dealio Toolbar\FF\chrome\content\RadioWidget.xul
d:\program files\Dealio Toolbar\FF\chrome\content\RssTickerWidget.js
d:\program files\Dealio Toolbar\FF\chrome\content\searchbox.js
d:\program files\Dealio Toolbar\FF\chrome\content\searchbox.xul
d:\program files\Dealio Toolbar\FF\chrome\content\utils.js
d:\program files\Dealio Toolbar\FF\chrome\content\widgicomm.js
d:\program files\Dealio Toolbar\FF\chrome\content\widgihandling.js
d:\program files\Dealio Toolbar\FF\chrome\content\widgichevron.js
d:\program files\Dealio Toolbar\FF\chrome\content\widgilisteners.js
d:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.js
d:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.xul
d:\program files\Dealio Toolbar\FF\chrome\content\widgiui.js
d:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\searchbox.dtd
d:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd
d:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
d:\program files\Dealio Toolbar\FF\chrome\skin\amazon.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\apple.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\barnes.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\bestbuy.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo_hover.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\ebay.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\facebook.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\googleplus.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\chevron.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\icon_settings.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\macys.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\newegg.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\overstock.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\radio-close.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\radio-minimize.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\radiobeta.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\search-button-hover.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\search-button.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron-hover.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\search-wmrk-baidu.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\search-wmrk-yahoo.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\search-wmrk-yandex.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\search_amazon.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\search_baidu.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\search_dealio.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\search_ebay.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\search_yahoo.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\search_yandex.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\searchbox.css
d:\program files\Dealio Toolbar\FF\chrome\skin\splitter.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\target.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\twitter.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\walmart.gif
d:\program files\Dealio Toolbar\FF\chrome\skin\widgitoolbarplugin.css
d:\program files\Dealio Toolbar\FF\install.rdf
d:\program files\Dealio Toolbar\IE\4.9\config.ini
d:\program files\Dealio Toolbar\IE\4.9\dealioToolbarIE.dll
d:\program files\Dealio Toolbar\Res\amazon.gif
d:\program files\Dealio Toolbar\Res\apple.gif
d:\program files\Dealio Toolbar\Res\barnes.gif
d:\program files\Dealio Toolbar\Res\bestbuy.gif
d:\program files\Dealio Toolbar\Res\dealio_logo.gif
d:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif
d:\program files\Dealio Toolbar\Res\ebay.gif
d:\program files\Dealio Toolbar\Res\facebook.gif
d:\program files\Dealio Toolbar\Res\googleplus.gif
d:\program files\Dealio Toolbar\Res\icon_settings.gif
d:\program files\Dealio Toolbar\Res\Lang\res1031.ini
d:\program files\Dealio Toolbar\Res\Lang\res1033.ini
d:\program files\Dealio Toolbar\Res\Lang\res1034.ini
d:\program files\Dealio Toolbar\Res\Lang\res1036.ini
d:\program files\Dealio Toolbar\Res\Lang\res1040.ini
d:\program files\Dealio Toolbar\Res\macys.gif
d:\program files\Dealio Toolbar\Res\newegg.gif
d:\program files\Dealio Toolbar\Res\overstock.gif
d:\program files\Dealio Toolbar\Res\radio-close.gif
d:\program files\Dealio Toolbar\Res\radio-minimize.gif
d:\program files\Dealio Toolbar\Res\radiobeta.gif
d:\program files\Dealio Toolbar\Res\search-button-hover.gif
d:\program files\Dealio Toolbar\Res\search-button.gif
d:\program files\Dealio Toolbar\Res\search-chevron-hover.gif
d:\program files\Dealio Toolbar\Res\search-chevron.gif
d:\program files\Dealio Toolbar\Res\search_amazon.gif
d:\program files\Dealio Toolbar\Res\search_baidu.gif
d:\program files\Dealio Toolbar\Res\search_dealio.gif
d:\program files\Dealio Toolbar\Res\search_ebay.gif
d:\program files\Dealio Toolbar\Res\search_yahoo.gif
d:\program files\Dealio Toolbar\Res\search_yandex.gif
d:\program files\Dealio Toolbar\Res\target.gif
d:\program files\Dealio Toolbar\Res\twitter.gif
d:\program files\Dealio Toolbar\Res\walmart.gif
d:\program files\Dealio Toolbar\Res\widgets.xml
d:\program files\Dealio Toolbar\WidgiHelper.exe
d:\program files\facemoods.com
d:\program files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
d:\program files\facemoods.com\facemoods\1.4.17.11\facemoods.crx
d:\program files\facemoods.com\facemoods\1.4.17.11\facemoods.png
d:\program files\facemoods.com\facemoods\1.4.17.11\facemoodsApp.dll
d:\program files\facemoods.com\facemoods\1.4.17.11\facemoodsEng.dll
d:\program files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe
d:\program files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
d:\program files\facemoods.com\facemoods\1.4.17.11\uninstall.exe
d:\program files\Hyperionics DB Toolbar\tbHElper.dll
d:\windows\alcrmv.exe
.
.
(((((((((((((((((((((((((   Soubory vytvořené od 2012-01-09 do 2012-02-09  )))))))))))))))))))))))))))))))
.
.
2012-02-09 18:49 . 2012-02-09 18:56	--------	d-----w-	d:\program files\trend micro
2012-02-09 18:49 . 2012-02-09 18:50	--------	d-----w-	D:\rsit
2012-02-09 17:18 . 2012-02-09 17:18	--------	d-----w-	d:\program files\GIMP-2.0
2012-02-03 09:29 . 2012-02-03 09:29	42392	----a-w-	d:\windows\system32\xfcodec.dll
2012-01-27 20:46 . 2004-03-08 22:00	124688	----a-w-	d:\windows\system32\MSWINSCK.OCX
2012-01-27 20:46 . 2004-03-08 22:00	212240	----a-w-	d:\windows\system32\RICHTX32.OCX
2012-01-27 20:46 . 2003-07-06 12:07	372736	----a-w-	d:\windows\system32\IJL_11.DLL
2012-01-27 20:32 . 2012-01-27 20:33	--------	d-----w-	d:\documents and settings\Administrator\Application Data\twinstar_launcher
2012-01-27 20:32 . 2012-01-27 20:32	--------	d-----w-	d:\documents and settings\Administrator\Local Settings\Application Data\Deployment
2012-01-26 20:09 . 2012-01-26 20:09	--------	d-----w-	d:\documents and settings\NetworkService\Local Settings\Application Data\uTorrentBar
2012-01-26 20:09 . 2012-01-26 20:09	--------	d-----w-	d:\documents and settings\NetworkService\Local Settings\Application Data\Apple
2012-01-24 19:23 . 2012-02-05 21:00	--------	d-----w-	D:\Lyrics
2012-01-24 19:23 . 2012-02-05 21:00	--------	d-----w-	d:\documents and settings\Administrator\Application Data\MiniLyrics
2012-01-24 19:23 . 2012-01-24 19:23	--------	d-----w-	d:\program files\Minilyrics
2012-01-23 20:42 . 2012-01-23 20:42	--------	d-----w-	d:\documents and settings\Administrator\Local Settings\Application Data\Google Translator
2012-01-21 20:39 . 2012-01-21 20:39	--------	d-----w-	d:\documents and settings\Administrator\Local Settings\Application Data\Apple Computer
2012-01-21 20:39 . 2012-01-21 20:39	--------	d-----w-	d:\documents and settings\Administrator\Application Data\Apple Computer
2012-01-21 20:38 . 2009-05-18 12:17	26600	----a-w-	d:\windows\system32\drivers\GEARAspiWDM.sys
2012-01-21 20:38 . 2008-04-17 11:12	107368	----a-w-	d:\windows\system32\GEARAspi.dll
2012-01-21 20:38 . 2012-01-21 20:38	--------	d-----w-	d:\program files\iPod
2012-01-21 20:38 . 2012-01-24 19:23	--------	d-----w-	d:\program files\iTunes
2012-01-21 20:38 . 2012-01-21 20:38	--------	d-----w-	d:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2012-01-21 20:38 . 2012-01-21 20:38	--------	d-----w-	d:\documents and settings\All Users\Application Data\Apple Computer
2012-01-21 20:37 . 2012-01-21 20:37	--------	d-----w-	d:\documents and settings\Administrator\Local Settings\Application Data\Apple
2012-01-21 20:37 . 2012-01-21 20:37	--------	d-----w-	d:\program files\Apple Software Update
2012-01-21 20:37 . 2012-01-21 20:37	--------	d-----w-	d:\documents and settings\LocalService\Application Data\Apple Computer
2012-01-21 20:37 . 2012-01-21 20:37	--------	d-----w-	d:\program files\Bonjour
2012-01-21 20:36 . 2012-01-21 20:38	--------	d-----w-	d:\program files\Common Files\Apple
2012-01-21 20:36 . 2012-01-21 20:36	--------	d-----w-	d:\documents and settings\All Users\Application Data\Apple
2012-01-20 18:54 . 2012-01-18 14:55	922184	----a-w-	d:\windows\system32\pwNative.exe
2012-01-20 18:54 . 2012-01-18 14:55	16472	------w-	d:\windows\system32\pwdrvio.sys
2012-01-20 18:54 . 2012-01-18 14:55	11104	------w-	d:\windows\system32\pwdspio.sys
2012-01-20 18:54 . 2012-01-20 18:54	--------	d-----w-	d:\program files\MiniTool Partition Wizard Home Edition 7.1
2012-01-19 17:56 . 2012-01-19 19:53	--------	d-----w-	d:\documents and settings\Administrator\.android
2012-01-19 17:21 . 2010-12-07 13:23	25088	----a-w-	d:\windows\system32\drivers\lgandmodem.sys
2012-01-19 17:21 . 2010-12-07 13:23	20736	----a-w-	d:\windows\system32\drivers\lganddiag.sys
2012-01-19 17:21 . 2010-12-07 13:23	20096	----a-w-	d:\windows\system32\drivers\lgandgps.sys
2012-01-19 17:21 . 2010-12-07 13:22	14336	----a-w-	d:\windows\system32\drivers\lgandbus.sys
2012-01-19 17:21 . 2010-08-02 15:19	25728	----a-w-	d:\windows\system32\drivers\lgandadb.sys
2012-01-19 13:56 . 2012-01-19 13:56	--------	d-----w-	d:\program files\mstrgen
2012-01-18 18:09 . 2011-05-10 12:37	655872	----a-w-	d:\windows\system32\msvcr90.dll
2012-01-18 18:09 . 2011-05-10 12:37	568832	----a-w-	d:\windows\system32\msvcp90.dll
2012-01-18 18:09 . 2011-05-10 12:37	224768	----a-w-	d:\windows\system32\msvcm90.dll
2012-01-18 18:09 . 2006-05-04 07:33	53248	----a-w-	d:\windows\system32\CommonDL.dll
2012-01-18 18:08 . 2012-01-19 17:38	--------	d-----w-	d:\documents and settings\All Users\Application Data\LGMOBILEAX
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-04 10:16 . 2011-07-25 14:29	98304	----a-w-	d:\windows\system32\CmdLineExt.dll
2012-01-16 06:39 . 2011-06-30 14:02	60416	----a-w-	d:\windows\ALCFDRTM.VER
2012-01-07 09:08 . 2011-09-18 14:00	234536	----a-w-	d:\windows\system32\PnkBstrB.xtr
2012-01-07 09:08 . 2011-09-18 12:19	234536	----a-w-	d:\windows\system32\PnkBstrB.exe
2012-01-07 08:16 . 2011-09-18 12:19	138520	----a-w-	d:\windows\system32\drivers\PnkBstrK.sys
2011-11-15 15:37 . 2011-06-30 00:47	414368	----a-w-	d:\windows\system32\FlashPlayerCPLApp.cpl
2009-05-01 21:02 . 2009-05-01 21:02	1044480	----a-w-	d:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02	200704	----a-w-	d:\program files\mozilla firefox\plugins\ssldivx.dll
.
.
((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "d:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49	176936	----a-w-	d:\program files\uTorrentBar\prxtbuTo0.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "d:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "d:\program files\uTorrentBar\prxtbuTo0.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LG LinkAir"="d:\program files\LG Electronics\LG PC Suite IV\LinkAir\LinkAir.exe" [2010-09-16 2440552]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"Skype"="d:\program files\Skype\Phone\Skype.exe" [2011-10-13 17351304]
"Pando Media Booster"="d:\program files\Pando Networks\Media Booster\PMB.exe" [2011-10-12 3077528]
"KPeerNexonEU"="d:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2011-10-12 438272]
"Steam"="d:\program files\Steam\Steam.exe" [2012-01-05 1242448]
"ctfmon.exe"="d:\windows\system32\ctfmon.exe" [2004-08-04 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PRONoMgrWired"="d:\program files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe" [2004-11-18 86016]
"SoundMan"="SOUNDMAN.EXE" [2005-06-14 77824]
"GrooveMonitor"="d:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"StartCCC"="d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"SunJavaUpdateSched"="d:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"SearchSettings"="d:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-12-13 922976]
"B2C_AGENT"="d:\documents and settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2011-09-28 404568]
"APSDaemon"="d:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="d:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
.
d:\documents and settings\Administrator\Start Menu\Programs\Startup\
Xfire.lnk - d:\program files\Xfire\Xfire.exe [2012-2-3 3530136]
.
d:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - d:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\Counter-Strike 1.6 & Half-Life\\hl.exe"=
"d:\\WINDOWS\\system32\\PnkBstrA.exe"=
"d:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"d:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"d:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Steam\\Steam.exe"=
"d:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"d:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57617:TCP"= 57617:TCP:Pando Media Booster
"57617:UDP"= 57617:UDP:Pando Media Booster
.
R0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [25.7.2011 15:11 717296]
R2 Application Updater;Application Updater;d:\program files\Application Updater\ApplicationUpdater.exe [13.12.2011 17:35 748440]
R3 LgBttPort;LGE Bluetooth TransPort;d:\windows\system32\drivers\lgbtport.sys [29.9.2009 8:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;d:\windows\system32\drivers\lgbtbus.sys [29.9.2009 8:11 10496]
R3 LGVMODEM;LGE Virtual Modem;d:\windows\system32\drivers\lgvmodem.sys [29.9.2009 8:11 12928]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;d:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 gupdate;Google Update Service (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [13.7.2011 15:17 136176]
S3 Andbus;LGE Android Platform Composite USB Device;d:\windows\system32\drivers\lgandbus.sys [19.1.2012 18:21 14336]
S3 AndDiag;LGE Android Platform USB Serial Port;d:\windows\system32\drivers\lganddiag.sys [19.1.2012 18:21 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;d:\windows\system32\drivers\lgandgps.sys [19.1.2012 18:21 20096]
S3 ANDModem;LGE Android Platform USB Modem;d:\windows\system32\drivers\lgandmodem.sys [19.1.2012 18:21 25088]
S3 androidusb;ADB Interface Driver;d:\windows\system32\drivers\lgandadb.sys [19.1.2012 18:21 25728]
S3 cpuz135;cpuz135;\??\d:\docume~1\ADMINI~1\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys --> d:\docume~1\ADMINI~1\LOCALS~1\Temp\cpuz135\cpuz135_x32.sys [?]
S3 EagleXNt;EagleXNt;\??\d:\windows\system32\drivers\EagleXNt.sys --> d:\windows\system32\drivers\EagleXNt.sys [?]
S3 gupdatem;Google Update Service (gupdatem);d:\program files\Google\Update\GoogleUpdate.exe [13.7.2011 15:17 136176]
S3 pwdrvio;pwdrvio;d:\windows\system32\pwdrvio.sys [20.1.2012 19:54 16472]
S3 pwdspio;pwdspio;d:\windows\system32\pwdspio.sys [20.1.2012 19:54 11104]
S3 speccy;speccy;\??\d:\docume~1\ADMINI~1\LOCALS~1\Temp\f52b2715-9e3d-4586-aae7-cfad1ecd68d7 --> d:\docume~1\ADMINI~1\LOCALS~1\Temp\f52b2715-9e3d-4586-aae7-cfad1ecd68d7 [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;d:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-09 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2012-02-09 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2011-07-13 14:16]
.
2012-02-09 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2011-07-13 14:16]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.facemoods.com/?a=down
mStart Page = hxxp://www.bigseekpro.com/hypercam/{0C26C70D-6214-4FBE-B9A7-19EE3E97E98B}
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - d:\documents and settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - d:\documents and settings\Administrator\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: LG Air Sync (R-Click) - Save as Mobile Image - d:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/206
IE: LG Air Sync (R-Click) - Save as Mobile Memo - d:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/208
IE: LG Air Sync (R-Click) - Save as Mobile Text file - d:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/210
IE: LG Air Sync (R-Click) - Set as Mobile Wallpaper - d:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/205
IE: LG Air Sync Option - d:\program files\LG Electronics\LG PC Suite IV\LinkAir\IEContextMenu.dll/209
TCP: Interfaces\{E520D09A-DEDA-4C87-B40D-535F86158834}: NameServer = 172.22.39.254,217.119.117.170
DPF: DirectAnimation Java Classes - file://d:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://d:\windows\Java\classes\xmldso.cab
FF - ProfilePath - d:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gc8f186z.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=down
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=867034&ilc=12&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - d:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com
FF - Ext: GlobalEnglish Learning Technology (f3.5): webcomponent@globalenglish.com - d:\program files\GlobalEnglish\Firefox\Version3\webcomponent@globalenglish.com
FF - Ext: Java Quick Starter: jqs@sun.com - d:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: LG Air Sync: {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B} - d:\program files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-uTorrent - d:\program files\uTorrent\uTorrent.exe
HKCU-Run-Any Wallpaper - d:\program files\AnyUtils\Any Weblock\AnyWallpaper.exe
HKLM-Run-svcdotnet - d:\windows\svcdotnet\svcdotnet.exe
HKLM-Run-facemoods - d:\program files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe
AddRemove-Europe MapleStory_is1 - d:\program files\NEXON\Europe MapleStory\unins000.exe
AddRemove-facemoods - d:\program files\facemoods.com\facemoods\1.4.17.11\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-09 21:42
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...  
.
skenování skrytých položek 'Po spuštění' ... 
.
skenování skrytých souborů ...  
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\speccy]
"ImagePath"="\??\d:\docume~1\ADMINI~1\LOCALS~1\Temp\f52b2715-9e3d-4586-aae7-cfad1ecd68d7"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1482476501-1177238915-839522115-500\Software\SecuROM\License information*]
"datasecu"=hex:e7,5d,f6,24,c0,bc,ec,37,46,1e,7f,21,08,19,12,17,5d,77,c0,41,f2,
   fe,49,fd,60,09,95,09,89,c4,37,b4,e7,98,49,84,1d,19,c6,85,6b,ce,ce,ff,0b,16,\
"rkeysecu"=hex:ae,2a,a1,eb,af,68,61,7a,d2,d0,ef,b8,9b,2a,07,43
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(720)
d:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2388)
d:\program files\Xfire\xfire_toucan_45177.dll
d:\windows\system32\msi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\windows\system32\Ati2evxx.exe
d:\windows\system32\Ati2evxx.exe
d:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
d:\program files\Bonjour\mDNSResponder.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\windows\system32\PnkBstrA.exe
d:\windows\SOUNDMAN.EXE
d:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
d:\nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe
d:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
d:\program files\iPod\bin\iPodService.exe
d:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-02-09  21:45:40 - počítač byl restartován
ComboFix-quarantined-files.txt  2012-02-09 20:45
.
Před spuštěním: 10 697 621 504 bytes free
Po spuštění: 10 571 669 504 bytes free
.
- - End Of File - - 07CDEE0D1B1EAE407F76C01CD3DFE44F
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomaly internet :( + log

#4 Příspěvek od Rudy »

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Collect::
d:\docume~1\ADMINI~1\LOCALS~1\Temp\f52b2715-9e3d-4586-aae7-cfad1ecd68d7

Driver::
speccy

Firefox::
FF - ProfilePath - d:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\gc8f186z.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://start.facemoods.com/?a=down
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=867034&ilc=12&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - d:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com
FF - Ext: GlobalEnglish Learning Technology (f3.5): webcomponent@globalenglish.com - d:\program files\GlobalEnglish\Firefox\Version3\webcomponent@globalenglish.com
FF - Ext: Java Quick Starter: jqs@sun.com - d:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: LG Air Sync: {00ADD29A-66F4-4f22-BCC0-4C1D29DA647B} - d:\program files\LG Electronics\LG PC Suite IV\LinkAir\{00ADD29A-66F4-4f22-BCC0-4C1D29DA647B}
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
safire
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 17 srp 2010 21:31

Re: Pomaly internet :( + log

#5 Příspěvek od safire »

Dakujem, internet mi ide normalne, nechapem co tam mohlo byt ze mi ho tak spomalovalo aj na inych pc :) mate u mna :28: :D
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Pomaly internet :( + log

#6 Příspěvek od Rudy »

Byl tam AdWare, rootkit a nějaké zbytečnosti. Vše bylo smazáno. Za nabídku děkuji, pokud to bude Bažant, nabo Martiner :D . Nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Prohlížeče, antispamy a poštovní klienti“