Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Zpráva

Andyman · #31 Příspěvek od **Andyman** » 08 led 2010 12:26

Log z Root Repeal

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2010/01/08 12:03
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xA6BA8000 Size: 98304 File Visible: No Signed: -
Status: -

Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xBA63A000 Size: 8192 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xA5CB3000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\ADSM_PData_0150
Status: Invisible to the Windows API!

Path: \\?\C:\ADSM_PData_0150\*
Status: Could not enumerate files with the Windows API (0x00000006)!

Path: C:\ADSM_PData_0150\DB
Status: Invisible to the Windows API!

Path: C:\ADSM_PData_0150\DragWait.exe
Status: Invisible to the Windows API!

Path: C:\ADSM_PData_0150\_avt
Status: Invisible to the Windows API!

Path: \\?\C:\ADSM_PData_0150\DB\*
Status: Could not enumerate files with the Windows API (0x00000006)!

Path: C:\ADSM_PData_0150\DB\SI.db
Status: Invisible to the Windows API!

Path: C:\ADSM_PData_0150\DB\UL.db
Status: Invisible to the Windows API!

Path: C:\ADSM_PData_0150\DB\VL.db
Status: Invisible to the Windows API!

Path: C:\ADSM_PData_0150\DB\_avt
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\cch6B0.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\cch6B1.tmp
Status: Invisible to the Windows API!

Path: C:\WINDOWS\Temp\cch6CD.tmp
Status: Visible to the Windows API, but not on disk.

Path: C:\WINDOWS\Temp\cch6CE.tmp
Status: Visible to the Windows API, but not on disk.

Path: C:\WINDOWS\Temp\cch6D0.tmp
Status: Visible to the Windows API, but not on disk.

Path: C:\WINDOWS\Temp\cch6D1.tmp
Status: Visible to the Windows API, but not on disk.

Path: C:\WINDOWS\Temp\cch6D3.tmp
Status: Visible to the Windows API, but not on disk.

Path: C:\WINDOWS\Temp\cch6D4.tmp
Status: Visible to the Windows API, but not on disk.

Path: C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Andy\Local Settings\temp\etilqs_eywnRbuzguhv1beGFcWi
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Andy\Local Settings\temp\etilqs_VdjhLM34eJG5WSWGb7n6
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Andy\Local Settings\temp\chrome_shutdown_ms.txt
Status: Visible to the Windows API, but not on disk.

Path: \\?\C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86\*
Status: Could not enumerate files with the Windows API (0x00000006)!

Path: C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86\AsDsm.sys
Status: Invisible to the Windows API!

Path: C:\Program Files\ASUS\ASUS Data Security Manager\driver\x86\_avt
Status: Invisible to the Windows API!

Path: C:\Documents and Settings\Andy\My Documents\Fotky\Fotky škola\veci.rar:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
Status: Visible to the Windows API, but not on disk.

Path: c:\documents and settings\all users\application data\kaspersky lab\avp9\report\01\0000018d_events.dat
Status: Size mismatch (API: 78692, Raw: 76872)

Path: c:\documents and settings\all users\application data\kaspersky lab\avp9\report\01\0000018d_objbt.dat
Status: Size mismatch (API: 3160, Raw: 3096)

Path: c:\documents and settings\all users\application data\kaspersky lab\avp9\report\01\0000018d_objdt.dat
Status: Size mismatch (API: 43060, Raw: 42412)

Path: c:\documents and settings\all users\application data\kaspersky lab\avp9\report\01\0000018d_objid.dat
Status: Size mismatch (API: 4130, Raw: 4072)

Path: C:\Documents and Settings\Andy\Local Settings\Apps\2.0\M4OA22RM.WV2\3V9DE1ZV.J00\manifests\clickonce_bootstrap.exe.cdf-ms
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Andy\Local Settings\Apps\2.0\M4OA22RM.WV2\3V9DE1ZV.J00\manifests\clickonce_bootstrap.exe.manifest
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Andy\Local Settings\Apps\2.0\M4OA22RM.WV2\3V9DE1ZV.J00\manifests\CZD Kalkulacka.exe.cdf-ms
Status: Locked to the Windows API!

Path: C:\Documents and Settings\Andy\Local Settings\Apps\2.0\M4OA22RM.WV2\3V9DE1ZV.J00\manifests\CZD Kalkulacka.exe.manifest
Status: Locked to the Windows API!

SSDT
-------------------
#: 011 Function Name: NtAdjustPrivilegesToken
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7736e

#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f77a86

#: 031 Function Name: NtConnectPort
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7860c

#: 035 Function Name: NtCreateEvent
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f78b40

#: 037 Function Name: NtCreateFile
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f77d78

#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f76460

#: 043 Function Name: NtCreateMutant
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f78a18

#: 044 Function Name: NtCreateNamedPipeFile
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f75d0a

#: 046 Function Name: NtCreatePort
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f788d4

#: 050 Function Name: NtCreateSection
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f77102

#: 051 Function Name: NtCreateSemaphore
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f78c72

#: 052 Function Name: NtCreateSymbolicLinkObject
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7a40e

#: 053 Function Name: NtCreateThread
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f77886

#: 056 Function Name: NtCreateWaitablePort
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f78976

#: 063 Function Name: NtDeleteKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f76a20

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f76cf8

#: 066 Function Name: NtDeviceIoControlFile
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7821c

#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7a980

#: 071 Function Name: NtEnumerateKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f76e3a

#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f76ee4

#: 084 Function Name: NtFsControlFile
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f78016

#: 097 Function Name: NtLoadDriver
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f79ea6

#: 098 Function Name: NtLoadKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7643c

#: 099 Function Name: NtLoadKey2
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7644e

#: 111 Function Name: NtNotifyChangeKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f77030

#: 114 Function Name: NtOpenEvent
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f78be2

#: 116 Function Name: NtOpenFile
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f77b08

#: 119 Function Name: NtOpenKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f76604

#: 120 Function Name: NtOpenMutant
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f78ab0

#: 122 Function Name: NtOpenProcess
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7756e

#: 125 Function Name: NtOpenSection
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7a438

#: 126 Function Name: NtOpenSemaphore
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f78d14

#: 128 Function Name: NtOpenThread
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f77492

#: 160 Function Name: NtQueryKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f76f8e

#: 161 Function Name: NtQueryMultipleValueKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f76bb6

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f768bc

#: 180 Function Name: NtQueueApcThread
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7a128

#: 192 Function Name: NtRenameKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f76b34

#: 193 Function Name: NtReplaceKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f760c2

#: 194 Function Name: NtReplyPort
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7909e

#: 195 Function Name: NtReplyWaitReceivePort
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f78f64

#: 200 Function Name: NtRequestWaitReplyPort
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f79c30

#: 204 Function Name: NtRestoreKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f76224

#: 206 Function Name: NtResumeThread
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7a860

#: 207 Function Name: NtSaveKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f75ec4

#: 210 Function Name: NtSecureConnectPort
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f78312

#: 213 Function Name: NtSetContextThread
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f77984

#: 230 Function Name: NtSetInformationToken
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f795f2

#: 237 Function Name: NtSetSecurityObject
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f79fa0

#: 240 Function Name: NtSetSystemInformation
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7a4c2

#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f76744

#: 253 Function Name: NtSuspendProcess
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7a5a6

#: 254 Function Name: NtSuspendThread
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7a6d2

#: 255 Function Name: NtSystemDebugControl
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f79dd2

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f776ea

#: 258 Function Name: NtTerminateThread
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f7763c

#: 277 Function Name: NtWriteVirtualMemory
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f777c8

Shadow SSDT
-------------------
#: 013 Function Name: NtGdiBitBlt
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f8732a

#: 227 Function Name: NtGdiMaskBlt
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f873ee

#: 237 Function Name: NtGdiPlgBlt
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f87454

#: 292 Function Name: NtGdiStretchBlt
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f8738a

#: 307 Function Name: NtUserAttachThreadInput
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f86ec4

#: 323 Function Name: NtUserCallOneParam
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f87242

#: 378 Function Name: NtUserFindWindowEx
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f870b2

#: 383 Function Name: NtUserGetAsyncKeyState
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f86e2c

#: 414 Function Name: NtUserGetKeyboardState
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f8717a

#: 416 Function Name: NtUserGetKeyState
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f86e78

#: 460 Function Name: NtUserMessageCall
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f87004

#: 475 Function Name: NtUserPostMessage
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f86f5a

#: 476 Function Name: NtUserPostThreadMessage
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f86fae

#: 491 Function Name: NtUserRegisterRawInputDevices
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f8710a

#: 502 Function Name: NtUserSendInput
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f87064

#: 549 Function Name: NtUserSetWindowsHookEx
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f86d7c

#: 552 Function Name: NtUserSetWinEventHook
Status: Hooked by "C:\WINDOWS\system32\DRIVERS\klif.sys" at address 0xa6f86dd2

==EOF==

#32 Příspěvek od **motji** » 08 led 2010 22:46

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

File::
C:\cleanup.bat
C:\zip.exe
Folder::
c:\program files\pdfforge Toolbar\
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SearchSettings"=-

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Andyman · #33 Příspěvek od **Andyman** » 10 led 2010 16:46

ComboFix 10-01-04.01 - Andy 10.01.2010 16:20:45.4.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2039.1039 [GMT 1:00]
Running from: c:\documents and settings\Andy\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Andy\Desktop\CFScript.txt
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

FILE ::
"C:\cleanup.bat"
"C:\zip.exe"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\cleanup.bat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\program files\pdfforge Toolbar\
C:\zip.exe

----- BITS: Possible infected sites -----

hxxp://armmf.adobe.com
.
((((((((((((((((((((((((( Files Created from 2009-12-10 to 2010-01-10 )))))))))))))))))))))))))))))))
.

2010-01-10 12:59 . 2010-01-10 13:24 -------- d-----w- C:\michal key
2010-01-06 09:46 . 2010-01-10 15:19 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-01-04 11:00 . 2009-10-13 15:42 25704 ----a-w- c:\windows\system32\drivers\WsAudio_DeviceS(5).sys
2010-01-04 10:59 . 2009-10-13 15:42 25704 ----a-w- c:\windows\system32\drivers\WsAudio_DeviceS(4).sys
2010-01-04 10:59 . 2009-10-13 15:42 25704 ----a-w- c:\windows\system32\drivers\WsAudio_DeviceS(3).sys
2010-01-04 10:59 . 2009-10-13 15:42 25704 ----a-w- c:\windows\system32\drivers\WsAudio_DeviceS(2).sys
2010-01-04 10:58 . 2009-10-13 15:42 25704 ----a-w- c:\windows\system32\drivers\WsAudio_DeviceS(1).sys
2010-01-04 10:58 . 2010-01-04 10:58 -------- d-----w- c:\program files\Daniusoft
2010-01-02 20:27 . 2010-01-03 21:20 -------- d-----w- c:\documents and settings\Andy\DoctorWeb
2010-01-01 16:24 . 2010-01-01 16:24 -------- d-----w- c:\program files\Acclaim Entertainment
2010-01-01 16:24 . 1998-01-23 11:22 304128 ----a-w- c:\windows\IsUninst.exe
2009-12-31 11:08 . 2007-03-12 15:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2009-12-31 11:04 . 2009-12-31 11:23 -------- d--h--w- c:\windows\msdownld.tmp
2009-12-31 10:40 . 2009-12-31 10:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Recisio
2009-12-31 10:40 . 2009-12-31 11:28 -------- d-----w- c:\program files\KaraFun
2009-12-29 18:47 . 2009-12-29 18:48 -------- d-----w- C:\DCPARTE
2009-12-29 11:06 . 2000-03-29 21:00 125440 ----a-w- c:\windows\system32\UNZDLL.DLL
2009-12-29 11:06 . 1999-05-21 20:10 129024 ----a-w- c:\windows\system32\ZIPDLL.DLL
2009-12-29 11:06 . 2009-12-29 11:06 -------- d-----w- c:\program files\Common Files\Borland Shared
2009-12-28 15:20 . 2009-12-28 15:21 -------- d-----w- c:\program files\RM Downloader
2009-12-27 13:39 . 2009-12-27 13:39 -------- d-----w- c:\program files\DriverGuide DriverScan
2009-12-25 11:02 . 2009-12-25 11:03 -------- d-----w- C:\rsit
2009-12-25 11:02 . 2009-12-25 11:02 -------- d-----w- c:\program files\trend micro
2009-12-25 10:54 . 2009-12-25 10:54 -------- d-----w- c:\program files\Common Files\LightScribe
2009-12-23 16:13 . 2009-12-23 16:13 -------- d-----w- c:\program files\HD Tune
2009-12-22 18:00 . 2009-12-22 18:00 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
2009-12-22 17:57 . 2009-12-22 18:04 95259 ----a-w- c:\windows\system32\drivers\klick.dat
2009-12-22 17:57 . 2009-12-22 18:04 108059 ----a-w- c:\windows\system32\drivers\klin.dat
2009-12-22 17:56 . 2010-01-10 14:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2009-12-22 17:56 . 2009-12-22 17:56 -------- d-----w- c:\program files\Kaspersky Lab
2009-12-20 15:24 . 2009-12-20 15:24 -------- d-----w- c:\documents and settings\Andy\Local Settings\Application Data\Thinstall
2009-12-19 16:23 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-19 16:23 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-15 21:30 . 2009-12-15 21:30 -------- d-----w- c:\program files\Tunatic
2009-12-15 14:44 . 2009-12-15 14:44 -------- d-----w- c:\documents and settings\Andy\Application Data\omnitrans
2009-12-15 12:11 . 2009-12-22 17:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-12-14 22:43 . 2010-01-01 17:20 -------- d-sh--w- c:\documents and settings\Andy\Phone Browser
2009-12-13 14:51 . 2009-12-13 14:51 -------- d-----w- c:\program files\Omnitrans International

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-10 01:58 . 2009-11-08 11:03 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-01-08 10:20 . 2009-02-18 19:41 -------- d-----w- c:\documents and settings\Andy\Application Data\BatteryBar
2010-01-08 10:15 . 2009-02-18 19:41 -------- d-----w- c:\program files\BatteryBar
2010-01-07 15:10 . 2009-02-20 14:02 -------- d-----w- c:\documents and settings\Andy\Application Data\uTorrent
2010-01-07 11:54 . 2009-07-28 14:46 -------- d-----w- c:\documents and settings\Andy\Application Data\vlc
2010-01-03 19:28 . 2009-06-04 10:46 -------- d-----w- c:\program files\eTECH
2010-01-01 17:20 . 2009-02-18 12:59 -------- d-----w- c:\documents and settings\Andy\Application Data\PC Suite
2009-12-29 21:21 . 2009-03-27 15:43 -------- d-----w- c:\documents and settings\Andy\Application Data\dvdcss
2009-12-29 20:41 . 2009-05-23 10:02 -------- d-----w- c:\documents and settings\Andy\Application Data\Canon
2009-12-29 10:48 . 2009-02-14 12:43 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-28 19:28 . 2009-02-16 17:06 -------- d-----w- c:\documents and settings\Andy\Application Data\Skype
2009-12-28 16:23 . 2006-06-24 01:13 114688 ----a-w- c:\windows\system32\liclock.dll
2009-12-22 17:52 . 2009-02-14 19:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-12-22 16:40 . 2009-02-28 20:45 237568 ----a-w- c:\windows\system32\winping.exe
2009-12-22 16:40 . 2009-02-28 20:45 397379 ----a-w- c:\windows\system32\paqbonus.exe
2009-12-22 13:20 . 2009-02-23 22:12 -------- d-----w- c:\program files\Mobiola Web Camera 2 for S60 3rd Edition
2009-12-20 15:24 . 2009-11-09 14:01 -------- d-----w- c:\documents and settings\Andy\Application Data\Thinstall
2009-12-19 16:14 . 2009-05-23 10:02 -------- d-----w- c:\program files\Canon
2009-12-19 16:14 . 2009-02-14 11:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-15 13:12 . 2009-02-14 11:42 135144 ----a-w- c:\documents and settings\Andy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-15 13:08 . 2009-02-14 19:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-12-11 13:27 . 2009-12-11 13:27 -------- d-----w- c:\program files\KGB Archiver 2
2009-12-07 21:07 . 2009-02-16 17:12 -------- d-----w- c:\documents and settings\Andy\Application Data\skypePM
2009-12-06 17:34 . 2009-12-06 17:34 -------- d-----w- c:\program files\Aspect one
2009-12-04 13:58 . 2009-02-27 12:46 -------- d-----w- c:\program files\Java
2009-12-01 00:19 . 2009-03-31 16:35 -------- d-----w- c:\documents and settings\Andy\Application Data\U3
2009-11-28 08:56 . 2009-02-14 19:05 -------- d-----w- c:\program files\Opera
2009-11-22 15:28 . 2009-11-22 15:28 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-22 11:48 . 2009-11-22 11:48 -------- d-----w- c:\documents and settings\Andy\Application Data\Vectir
2009-11-22 11:43 . 2009-11-22 11:43 -------- d-----w- c:\program files\Vectir
2009-11-21 15:51 . 2006-02-28 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-18 22:30 . 2009-11-03 22:41 996984 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-11-11 20:02 . 2009-11-11 20:02 -------- d-----w- c:\program files\directx
2009-11-11 16:34 . 2009-08-11 13:39 -------- d-----w- c:\program files\4shared.com
2009-10-29 07:45 . 2006-02-28 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-10-28 08:33 . 2009-02-14 11:35 356352 ----a-w- c:\windows\system32\AegisI5Installer.exe
2009-10-21 05:38 . 2006-02-28 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2006-02-28 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2006-02-28 12:00 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-13 10:30 . 2006-02-28 12:00 270336 ----a-w- c:\windows\system32\oakley.dll
2006-02-28 12:00 . 2009-02-14 12:13 73728 --sha-w- c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StatBar"="c:\program files\Globe Software\StatBar\StatBar.exe" [2003-07-25 335872]
"SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2007-05-31 3158016]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2009-03-23 2582288]
"PhilipsLime"="c:\program files\Philips\Philips Lime Service\bin\LimeAlive.exe" [2006-06-09 159744]
"MzRamBooster"="c:\program files\MzRam\MzRamBooster.exe" [2009-05-15 194560]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-10-16 39408]
"Google Update"="c:\documents and settings\Andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-10-24 133104]
"Vectir"="c:\program files\Vectir\Vectir.exe" [2008-03-18 688128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-07-12 225280]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-26 16855552]
"SkyTel"="SkyTel.EXE" [2007-10-12 1826816]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-26 630784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-17 815104]
"IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2007-03-05 677408]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-17 7737344]
"ASUS Live Update"="c:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"ACMON"="c:\program files\ASUS\Splendid\ACMON.exe" [2007-11-13 851968]
"ASUS Screen Saver Protector"="c:\windows\ASScrPro.exe" [2009-02-14 33136]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-11-03 2540800]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-01-21 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-01-21 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-01-21 134656]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-12-11 286720]
"PhilipsDM"="c:\program files\Philips\Philips Device Manager\Bin\DeviceManager.exe" [2006-07-13 651264]
"4shared Update"="c:\program files\4shared Desktop\checkUpdate.exe" [2009-07-13 1337344]
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-10-16 122368]
"IntelZeroConfig"="c:\program files\Intel\WiFi\bin\ZCfgSvc.exe" [2009-05-21 1372160]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2009-05-21 1202448]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-07-03 303376]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-8-2 2760704]
Canon LBP3200 Status Window.LNK - c:\windows\system32\spool\drivers\w32x86\3\CAP4LAK.EXE [2009-3-15 30720]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Documents and Settings\\Andy\\My Documents\\VLCPortable\\App\\vlc\\vlc.exe"=
"c:\\Documents and Settings\\Andy\\My Documents\\Nový priečinok\\DC++\\StrongDC.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Mobiola Web Camera for S60\\webcam.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Phone Remote Control\\PhoneRemoteControl.exe"=
"c:\\Documents and Settings\\Andy\\My Documents\\utorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15.12.2008 20:41 33808]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [30.1.2007 21:07 39080]
R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [23.3.2009 19:07 1382672]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [16.2.2009 17:07 222456]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.1.2007 18:31 42000]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [14.2.2009 12:30 36608]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13.5.2009 17:46 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16.5.2009 20:59 19472]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [4.1.2010 11:58 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [4.1.2010 11:59 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [4.1.2010 11:59 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [4.1.2010 11:59 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [4.1.2010 12:00 25704]
S0 a347scsi;a347scsi;c:\windows\system32\Drivers\a347scsi.sys --> c:\windows\system32\Drivers\a347scsi.sys [?]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S3 TEUSBAVCAP;USB AV4CH Capture;c:\windows\system32\drivers\U3104AVCap.sys [25.9.2009 9:43 73472]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-11-20 13:28 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2009-12-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2010-01-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-606747145-725345543-1004Core.job
- c:\documents and settings\Andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-24 12:22]

2010-01-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-606747145-725345543-1004UA.job
- c:\documents and settings\Andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-24 12:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.sk/
uInternet Settings,ProxyOverride = *.local
IE: &Download all 4shared files - c:\program files\4shared Desktop\down_all.htm
IE: &Download using 4shared Desktop - c:\program files\4shared Desktop\down_link.htm
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\Andy\Application Data\Mozilla\Firefox\Profiles\8t5423nd.default\
FF - component: c:\documents and settings\Andy\Application Data\Mozilla\Firefox\Profiles\8t5423nd.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Andy\Application Data\Mozilla\Firefox\Profiles\8t5423nd.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}\components\mpint.dll
FF - component: c:\documents and settings\Andy\Application Data\Mozilla\Firefox\Profiles\8t5423nd.default\extensions\{fcbf663e-8530-46f8-a880-ac5abe9d2b23}\components\FFExternalAlert.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\components\pdfforgeToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\Andy\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nprjplug.dll
FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll
FF - plugin: c:\program files\Opera\program\plugins\NPSWF32_back.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-10 16:33
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\ADSM_PData_0150

scan completed successfully
hidden files: 1

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DUMeterSvc]
"ImagePath"="c:\program files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="9C1EC2BA3B63FC1690A227E97A2EC579ED27AFD839CC6CD11E336FBD1A049AA84ED1124ED429DB4785D2707FED7A0EBD81B27D5C410535FE6805EE62D699988BC772CC798DD62B29E54ABCF4963B47B3669F2D24FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B9808FEBC9E127BECC74C9DB7CE019D40AA5CACECAF4D34B19C002A3F5E5371FA61DD7B4241719884C932128D508F820E93BEBF6A7A814E696556AC6BDFD8778F7275A115DEBA5053F45C1E11F0493B216A49447AD6223ECB2C330E2C95E8E16B5625D72D435DE4CA771839252287B8E8986AAC658C7555830FE305793702D53AA4C2BBD4B2B1703786E10704D41BAAF3116ABFF55BE2F7025C191ED06C458F6EA888BD5A64B2212C0B9EFAECECF75696F9F698FCF17721FA1968B7B3D5F8DBBCE416A28F01003C0024176021C23593672E9EA64D7665DC67FA4B08A403089D1F8C6D81492ADA984B22F3D4E8220FCEC1BB57ABBE017F4C82ED1F94ACFBFDC9D28975C9E172AB21ED8AC6C98D4BE688C5E5773FAD1F41A5CC12A53AD9B90EEC57F5F6BA365FFB55889782045FF0BD5454A2BDCA7853C4B089BA83293CAA0FA37224A169A8ED7C4882367D2030BCBD5A171CC98E038F4DCC426FC264E7B079A0AD99073F1E8C7E2105877409D54BB2D7F6319F9DB53FBE69C26BD14376A1EBAAD60D9D77019CF91B7E6286812BA98A1DA475A75D7C3EA20D9A9E7F7383C7A71CFD6BC1253FF6870622CF3620115EDB0E132E2D08C65FA4509EAC8272B0611462F7D42F2B49E569C4E40CEBCC66E15DA2F8D6E2AE866595E0E66D7595A220B800601F8AC215A9014F810AF248959DE9E6D01DDCB2B50AEBFE4F6AD404012AC50B9152D7F81EF3D42F75EEF921867303FB5B6312CACE7AC08077E48039F8990CAEADA983AD5FEB10858394153FA9374C951B405F02D0584FD04450C0863B7B81A81A96DB975C2C818431883B5BF0B10D7C567F85B7C138F8E95ED4BC8DFCD3C0CB80BE12BD1A459D74C90BC803D11D310C1A1EA89EA6A3C25EB04C02477596867CCCF93C7DA1397830DA927B1A4AAA4936335052BB0D95D5546C47837FE2AF353830D35608817E4E26364AF7D3D47D887DB67AEC6B03817F8384099556847BD20AA08DBEE0CB027FDA710C463BF62FC6FA7BB84B5C1ECBAF3AB288713E20CC0916579BB6E294218CE4686C4F2EB64A80DA1CD91F91F34CFBD97173357FFEE92791D1A7E4B8F62F1E6F38B0655E9E50D6DCF6DD036121519C5782A661B76B8C1D48500B54E38FF37D394350BA503DB28A57B17E71F5C59C6F3C69375D543863019657D9F33A01A91B97AFFA6560A45C85AF3024CCCF05E0F4A4EDEBEF19B88E8E7031579463EFFE896FE712E23A6CA854"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3056)
c:\windows\system32\WININET.dll
c:\program files\Unlocker\UnlockerHook.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\program files\BatteryBar\BatteryBar.dll
c:\program files\BatteryBar\BatteryBar.Utilities.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\program files\Bonjour\mdnsNSP.dll
c:\windows\system32\netprovcredman.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\WiFi\bin\S24EvMon.exe
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\DRIVERS\CDANTSRV.EXE
c:\windows\system32\crypserv.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\system32\ifxtcs.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\oodag.exe
c:\windows\system32\IfxPsdSv.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\CAP4RSK.EXE
c:\windows\RTHDCPL.EXE
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\ATK Hotkey\KBFiltr.exe
c:\windows\system32\ACEngSvr.exe
c:\program files\ATK Hotkey\WDC.exe
c:\program files\Infineon\Security Platform Software\PSDrt.exe
c:\program files\Infineon\Security Platform Software\SpTna.exe
c:\program files\Philips\Philips Lime Service\bin\Lime.exe
c:\windows\system32\wbem\unsecapp.exe
c:\documents and settings\Andy\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
c:\windows\system32\spool\drivers\w32x86\3\CAP4SWK.EXE
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
.
**************************************************************************
.
Completion time: 2010-01-10 16:45:16 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-10 15:45
ComboFix2.txt 2010-01-04 14:18
ComboFix3.txt 2009-12-27 22:01

Pre-Run: 68 826 013 696 bytes free
Post-Run: 68 908 109 824 bytes free

- - End Of File - - 126E52BB70538AA2A435E752DE0650E7

#34 Příspěvek od **motji** » 10 led 2010 20:29

Jak to vypadá s počítačem ted?

Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

Stahněte TFC a použijte
TFC (http://oldtimer.geekstogo.com/TFC.exe)

Stáhněte Ccleaner,viz můj podpis
-nainstalujte a vyčištěte dočasné soubory, i registry

Vložte nový log ze RSIT a řekněte co počítač,jak se chová,už je vše v pořádku?

Andyman · #35 Příspěvek od **Andyman** » 11 led 2010 21:21

Zdá sa mi, že procesor je viac vyťažený aj pri jednoduchej práci. Niekedy sa mi sekne bluetooth adaptér a musím reštartovať pc.

Log RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Andy at 2010-01-12 10:52:20
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 75 GB (32%) free of 238 GB
Total RAM: 2039 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:52:26, on 12.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\WINDOWS\system32\ifxspmgt.exe
C:\WINDOWS\system32\ifxtcs.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CAP4RSK.EXE
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ATK Hotkey\KBFiltr.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\Infineon\Security Platform Software\PSDrt.exe
C:\Program Files\Infineon\Security Platform Software\SpTna.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\WINDOWS\ASScrPro.exe
C:\WINDOWS\system32\oodtray.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Globe Software\StatBar\StatBar.exe
C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe
C:\Program Files\MzRam\MzRamBooster.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Philips\Philips Lime Service\bin\Lime.exe
C:\Program Files\Vectir\Vectir.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Documents and Settings\Andy\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP4LAK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP4SWK.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Documents and Settings\Andy\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Andy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] "C:\Program Files\ASUS\Splendid\ACMON.exe"
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\WINDOWS\ASScrPro.exe
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [4shared Update] "C:\Program Files\4shared Desktop\checkUpdate.exe"
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [StatBar] C:\Program Files\Globe Software\StatBar\StatBar.exe
O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
O4 - HKCU\..\Run: [MzRamBooster] C:\Program Files\MzRam\MzRamBooster.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Vectir] C:\Program Files\Vectir\Vectir.exe /Startup
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: BatteryBar.lnk = ?
O4 - Startup: Real Desktop.lnk = C:\Program Files\Real Desktop\Real Desktop.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Canon LBP3200 Status Window.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP4LAK.EXE
O8 - Extra context menu item: &Download all 4shared files - C:\Program Files\4shared Desktop\down_all.htm
O8 - Extra context menu item: &Download using 4shared Desktop - C:\Program Files\4shared Desktop\down_link.htm
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_ind.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 3869890203
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\ifxtcs.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 14830 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-606747145-725345543-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-606747145-725345543-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-07-03 68112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-09 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-04 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-12-22 264720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-09 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATKHOTKEY"=C:\Program Files\ATK Hotkey\Hcontrol.exe [2007-07-12 225280]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-10-26 16855552]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-10-12 1826816]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-11-26 630784]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-17 815104]
"IFXSPMGT"=C:\WINDOWS\system32\ifxspmgt.exe [2007-03-05 677408]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2007-10-17 7737344]
"ASUS Live Update"=C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30 51768]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2007-11-13 851968]
"ASUS Screen Saver Protector"=C:\WINDOWS\ASScrPro.exe [2009-02-14 33136]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2008-11-03 2540800]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-01-21 134656]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-01-21 166912]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-01-21 134656]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2007-12-11 286720]
"PhilipsDM"=C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe [2006-07-13 651264]
"4shared Update"=C:\Program Files\4shared Desktop\checkUpdate.exe [2009-07-13 1337344]
"Google Quick Search Box"=C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe [2009-10-16 122368]
"IntelZeroConfig"=C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [2009-05-21 1372160]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2009-05-21 1202448]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StatBar"=C:\Program Files\Globe Software\StatBar\StatBar.exe [2003-07-25 335872]
"SRS Audio Sandbox"=C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe [2007-05-31 3158016]
"DU Meter"=C:\Program Files\DU Meter\DUMeter.exe [2009-03-23 2582288]
"PhilipsLime"=C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe [2006-06-09 159744]
"MzRamBooster"=C:\Program Files\MzRam\MzRamBooster.exe [2009-05-15 194560]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-10-16 39408]
"Google Update"=C:\Documents and Settings\Andy\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-10-24 133104]
"Vectir"=C:\Program Files\Vectir\Vectir.exe [2008-03-18 688128]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Canon LBP3200 Status Window.LNK - C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP4LAK.EXE

C:\Documents and Settings\Andy\Start Menu\Programs\Startup
BatteryBar.lnk - C:\Program Files\BatteryBar\BatteryBar.exe
Real Desktop.lnk - C:\Program Files\Real Desktop\Real Desktop.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-01-21 205824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2009-07-03 219664]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Documents and Settings\Andy\My Documents\VLCPortable\App\vlc\vlc.exe"="C:\Documents and Settings\Andy\My Documents\VLCPortable\App\vlc\vlc.exe:*:Enabled:VLC media player"
"C:\Documents and Settings\Andy\My Documents\Nový priečinok\DC++\StrongDC.exe"="C:\Documents and Settings\Andy\My Documents\Nový priečinok\DC++\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Mobiola Web Camera for S60\webcam.exe"="C:\Program Files\Mobiola Web Camera for S60\webcam.exe:*:Enabled:Mobiola Web Camera"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Phone Remote Control\PhoneRemoteControl.exe"="C:\Program Files\Phone Remote Control\PhoneRemoteControl.exe:*:Enabled: "
"C:\Documents and Settings\Andy\My Documents\utorrent.exe"="C:\Documents and Settings\Andy\My Documents\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Promixis\Girder\girder.exe"="C:\Program Files\Promixis\Girder\girder.exe:*:Enabled:Trust Girder"
"C:\Program Files\Promixis\Girder\grunt.exe"="C:\Program Files\Promixis\Girder\grunt.exe:*:Enabled:Trust Girder Runtime"

======File associations======

.scr - open - "C:\WINDOWS\system32\notepad.exe" "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-01-12 10:52:20 ----D---- C:\rsit
2010-01-12 10:49:06 ----D---- C:\Program Files\CCleaner
2010-01-12 10:04:09 ----SHD---- C:\RECYCLER
2010-01-10 13:59:07 ----D---- C:\michal key
2010-01-06 10:46:35 ----A---- C:\WINDOWS\system32\acovcnt.exe
2010-01-04 11:58:34 ----D---- C:\Program Files\Daniusoft
2010-01-02 20:09:33 ----A---- C:\Boot.bak
2010-01-02 20:09:27 ----RASHD---- C:\cmdcons
2010-01-01 17:24:31 ----D---- C:\Program Files\Acclaim Entertainment
2010-01-01 17:24:15 ----A---- C:\WINDOWS\IsUninst.exe
2009-12-31 12:09:33 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2009-12-31 12:09:32 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2009-12-31 12:09:32 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2009-12-31 12:09:31 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2009-12-31 12:09:31 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2009-12-31 12:09:30 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2009-12-31 12:09:30 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2009-12-31 12:09:29 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-12-31 12:09:29 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-12-31 12:09:28 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-12-31 12:09:27 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-12-31 12:09:27 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-12-31 12:09:27 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-12-31 12:09:26 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-12-31 12:09:25 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-12-31 12:09:25 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-12-31 12:09:25 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-12-31 12:09:23 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-12-31 12:09:23 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-12-31 12:09:22 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-12-31 12:09:22 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-12-31 12:09:21 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-12-31 12:09:21 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-12-31 12:09:20 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-12-31 12:09:20 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-12-31 12:09:20 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-12-31 12:09:19 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-12-31 12:09:18 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-12-31 12:09:18 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-12-31 12:09:17 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-12-31 12:09:16 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-12-31 12:09:15 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-12-31 12:09:15 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-12-31 12:09:14 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-12-31 12:09:14 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-12-31 12:09:13 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-12-31 12:09:13 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-12-31 12:09:12 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-12-31 12:09:12 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-12-31 12:09:11 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-12-31 12:09:11 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-12-31 12:09:09 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-12-31 12:09:09 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-12-31 12:09:09 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-12-31 12:09:08 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-12-31 12:09:07 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-12-31 12:09:07 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-12-31 12:09:06 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-12-31 12:09:05 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-12-31 12:09:05 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-12-31 12:09:05 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-12-31 12:09:05 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-12-31 12:09:04 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-12-31 12:09:04 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-12-31 12:09:02 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-12-31 12:09:01 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-12-31 12:09:00 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-12-31 12:08:59 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-12-31 12:08:58 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-12-31 12:08:57 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-12-31 12:08:56 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-12-31 12:08:56 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-12-31 12:08:56 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-12-31 12:08:55 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-12-31 12:08:55 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-12-31 12:08:54 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-12-31 12:08:54 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-12-31 12:08:53 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-12-31 12:08:48 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-12-31 12:08:48 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-12-31 12:08:48 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-12-31 12:08:47 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-12-31 12:08:47 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-12-31 12:08:46 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-12-31 12:08:46 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-12-31 12:08:45 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-12-31 12:08:44 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-12-31 11:40:21 ----D---- C:\Documents and Settings\All Users\Application Data\Recisio
2009-12-31 11:40:20 ----D---- C:\Program Files\KaraFun
2009-12-29 19:47:57 ----D---- C:\DCPARTE
2009-12-29 12:07:07 ----A---- C:\WINDOWS\Memoria3.ini
2009-12-29 12:06:52 ----A---- C:\WINDOWS\PROTOCOL.INI
2009-12-29 12:06:38 ----A---- C:\WINDOWS\system32\ZIPDLL.DLL
2009-12-29 12:06:38 ----A---- C:\WINDOWS\system32\UNZDLL.DLL
2009-12-29 12:06:34 ----D---- C:\Program Files\Common Files\Borland Shared
2009-12-28 16:20:42 ----D---- C:\Program Files\RM Downloader
2009-12-27 14:39:35 ----D---- C:\Program Files\DriverGuide DriverScan
2009-12-25 12:02:41 ----D---- C:\Program Files\trend micro
2009-12-25 11:54:28 ----D---- C:\Program Files\Common Files\LightScribe
2009-12-23 17:13:12 ----D---- C:\Program Files\HD Tune
2009-12-22 18:56:32 ----D---- C:\Program Files\Kaspersky Lab
2009-12-22 18:56:32 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2009-12-19 17:26:02 ----A---- C:\WINDOWS\CSTBox.INI
2009-12-15 22:30:09 ----D---- C:\Program Files\Tunatic
2009-12-15 15:44:00 ----D---- C:\Documents and Settings\Andy\Application Data\omnitrans
2009-12-15 13:11:45 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2009-12-13 15:51:24 ----D---- C:\Program Files\Omnitrans International

======List of files/folders modified in the last 1 months======

2010-01-12 10:52:26 ----D---- C:\WINDOWS\Prefetch
2010-01-12 10:52:17 ----HD---- C:\WINDOWS\Temp
2010-01-12 10:49:06 ----D---- C:\Program Files
2010-01-12 10:42:12 ----AD---- C:\WINDOWS\system32
2010-01-12 10:42:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-12 10:39:19 ----A---- C:\WINDOWS\win.ini
2010-01-12 10:37:35 ----SHD---- C:\System Volume Information
2010-01-12 10:37:35 ----D---- C:\WINDOWS\system32\Restore
2010-01-12 10:36:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-12 10:35:45 ----AD---- C:\WINDOWS
2010-01-12 10:12:40 ----D---- C:\WINDOWS\Minidump
2010-01-11 21:35:34 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-10 16:45:35 ----D---- C:\WINDOWS\system32\drivers
2010-01-10 16:33:37 ----A---- C:\WINDOWS\system.ini
2010-01-10 16:30:18 ----D---- C:\WINDOWS\system32\config
2010-01-10 16:25:54 ----D---- C:\WINDOWS\AppPatch
2010-01-10 16:25:47 ----D---- C:\Program Files\Common Files
2010-01-10 16:12:50 ----A---- C:\WINDOWS\wincmd.ini
2010-01-10 15:54:21 ----D---- C:\Program Files\Mozilla Firefox
2010-01-10 15:36:17 ----HD---- C:\WINDOWS\inf
2010-01-08 11:20:58 ----D---- C:\Documents and Settings\Andy\Application Data\BatteryBar
2010-01-08 11:15:48 ----D---- C:\Program Files\BatteryBar
2010-01-07 16:10:45 ----D---- C:\Documents and Settings\Andy\Application Data\uTorrent
2010-01-07 12:54:48 ----D---- C:\Documents and Settings\Andy\Application Data\vlc
2010-01-04 15:43:26 ----D---- C:\Download
2010-01-04 12:00:32 ----DC---- C:\WINDOWS\system32\dllcache
2010-01-03 20:28:00 ----D---- C:\Program Files\eTECH
2010-01-03 10:56:20 ----SHD---- C:\WINDOWS\Installer
2010-01-03 10:56:20 ----D---- C:\Config.Msi
2010-01-03 10:56:14 ----A---- C:\WINDOWS\OEWABLog.txt
2010-01-03 10:55:10 ----D---- C:\Documents and Settings
2010-01-02 20:41:33 ----SD---- C:\WINDOWS\Tasks
2010-01-02 20:09:33 ----RASH---- C:\boot.ini
2010-01-01 18:20:14 ----D---- C:\Documents and Settings\Andy\Application Data\PC Suite
2009-12-31 12:23:16 ----D---- C:\WINDOWS\system32\DirectX
2009-12-31 12:08:53 ----RSD---- C:\WINDOWS\assembly
2009-12-29 22:21:26 ----D---- C:\Documents and Settings\Andy\Application Data\dvdcss
2009-12-29 21:41:01 ----D---- C:\Documents and Settings\Andy\Application Data\Canon
2009-12-29 15:55:08 ----D---- C:\WINDOWS\system32\oodag
2009-12-29 11:48:30 ----D---- C:\Program Files\Common Files\Adobe
2009-12-29 11:48:23 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-12-29 11:48:14 ----D---- C:\Program Files\Adobe
2009-12-28 20:28:37 ----D---- C:\Documents and Settings\Andy\Application Data\Skype
2009-12-28 17:23:26 ----A---- C:\WINDOWS\system32\liclock.dll
2009-12-28 10:14:23 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-22 18:52:59 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2009-12-22 18:52:56 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-22 17:55:48 ----D---- C:\WINDOWS\msk
2009-12-22 17:40:09 ----A---- C:\WINDOWS\system32\winping.exe
2009-12-22 17:40:08 ----A---- C:\WINDOWS\system32\paqbonus.exe
2009-12-22 14:20:59 ----D---- C:\Program Files\Mobiola Web Camera 2 for S60 3rd Edition
2009-12-22 00:04:33 ----SD---- C:\Documents and Settings\Andy\Application Data\Microsoft
2009-12-20 16:24:09 ----D---- C:\Documents and Settings\Andy\Application Data\Thinstall
2009-12-19 17:24:48 ----D---- C:\WINDOWS\Media
2009-12-19 17:24:46 ----D---- C:\WINDOWS\twain_32
2009-12-19 17:14:33 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-19 17:14:33 ----D---- C:\Program Files\Canon
2009-12-15 14:08:46 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-12-14 23:25:35 ----A---- C:\WINDOWS\WirelessFTP.INI
2009-12-14 21:48:32 ----A---- C:\WINDOWS\IE4 Error Log.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-12-22 296976]
R1 NetworkX;NetworkX; C:\WINDOWS\system32\ckldrv.sys [2006-01-10 31846]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2007-01-30 39080]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-01-25 42000]
R2 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936]
R2 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2007-03-21 37376]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-08-13 11904]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-01-21 6278560]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-01-30 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-11-02 4620288]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2007-01-29 5632]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
R3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-25 5760]
R3 NETw5x32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw5x32.sys [2009-05-28 4203392]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-03-27 130816]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-11-26 982272]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-10-02 1769984]
R3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys [2007-05-03 39552]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-10-17 198976]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1); C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys [2009-10-13 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2); C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys [2009-10-13 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3); C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys [2009-10-13 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4); C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys [2009-10-13 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5); C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys [2009-10-13 25704]
S3 APLMp50;APLMp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\APLMp50.sys [2006-11-29 28224]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2008-04-13 22016]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-06-21 2208512]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 STIrUsb;STIrUsb.sys SigmaTel USB-IrDA Adapter; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2004-10-19 31048]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TEUSBAVCAP;USB AV4CH Capture; C:\WINDOWS\system32\drivers\U3104AVCap.sys [2008-05-28 73472]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-07 18612]
S3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2007-05-18 73728]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 C-DillaSrv;C-DillaSrv; C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE [2001-08-01 32256]
R2 Crypkey License;Crypkey License; C:\WINDOWS\system32\crypserv.exe [2006-09-22 69632]
R2 DUMeterSvc;DU Meter Service; C:\Program Files\DU Meter\DUMeterSvc.exe [2009-03-23 1382672]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-05-21 874768]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\ifxspmgt.exe [2007-03-05 677408]
R2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\ifxtcs.exe [2007-03-01 849440]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-11-20 73728]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-11-03 1332480]
R2 PersonalSecureDriveService;Personal Secure Drive Service; C:\WINDOWS\system32\IfxPsdSv.exe [2007-03-01 140832]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-05-21 473360]
R2 S24EventMonitor;Intel(R) PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2009-05-21 909312]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-02-25 85096]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-22 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-10-16 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-01-25 93048]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#36 Příspěvek od **motji** » 12 led 2010 23:05

Znáte tuto složku, můžete se prosím podívat, co v ní je?
C:\WINDOWS\msk

tyto dva soubory dejte do zipu nebo raru a někde uložte bokem. Tyto pak smažte
C:\WINDOWS\system32\winping.exe
C:\WINDOWS\system32\paqbonus.exe

Pokud by vám někde chyběli, njaké programy nešly, obnovíte je z raru

. Nezdají se mi, ačkoliv virustotal byl v pořádku

.

Zkoušeli jsme opravu winxp managerem?

Andyman · #37 Příspěvek od **Andyman** » 13 led 2010 10:52

Priečinok msk je prázdny, opravu XP managerom sme nerobili.

#38 Příspěvek od **motji** » 13 led 2010 20:43

Dobře, tu složku tedy smažte. Co procesor nejvíc vytěžuje nevíte?
Podle mě je pc čisté

Andyman · #39 Příspěvek od **Andyman** » 13 led 2010 21:17

Najviac Google quick search box, je asi druhy alebo treti a berie dosť ramky. Ešte by som chcecel tu ikonu Moje dokumenty to Tento počítač. Ako často mám používať CCleaner ?

#40 Příspěvek od **motji** » 13 led 2010 21:30

A můžete ho zkusit vypnout - odinstalovat, zda to pomůže?
Tu složku moje dokumenty nemáte jako ikonu na ploše, ale v nabídce startu ano?

Andyman · #41 Příspěvek od **Andyman** » 13 led 2010 21:31

Mám ju v Štarte ale mal som ju aj v Tento počítač.

#42 Příspěvek od **motji** » 13 led 2010 21:34

A na ploše ji nechcete, že by jste nechal odeslat zástupce na plochu

#43 Příspěvek od **motji** » 13 led 2010 21:35

Jinak zkuste opravu win xp managerem
http://www.viry.cz/forum/viewtopic.php?f=46&t=17549
Zkuste si s tím trochu pohrát

Andyman · #44 Příspěvek od **Andyman** » 13 led 2010 21:36

Nedalo by sa to nejako do toho počítača ? (starý zvyk)

#45 Příspěvek od **motji** » 13 led 2010 21:43

Zkuste ten win xp manager

, jinak nevím

VIRY.CZ

Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3

Re: Nejdú zobraziť skryté súbory a priečinky windows xp sp3