prosím o kontrolu logu - problém pri zapínaní PC

Zpráva

klarkaa · #16 Příspěvek od **klarkaa** » 26 pro 2010 20:22

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090809-104847.515.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090809-155103.281.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090809-155114.093.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090809-155431.984.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090810-141916.281.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090810-143728.078.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090810-143828.406.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090810-144104.234.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090810-144353.984.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090810-180551.265.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090810-180600.875.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090810-191142.281.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090810-191243.812.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090810-192159.296.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090811-105224.359.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090811-105656.609.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090811-105728.078.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090811-113220.000.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090811-142221.375.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090811-143258.859.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090811-145017.171.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090811-153142.968.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090811-170054.765.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090811-172326.562.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090811-182654.000.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090811-184458.765.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090812-130120.500.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090812-132543.750.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090812-133644.828.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090812-134753.046.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090812-141214.750.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090812-160927.593.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090812-162634.656.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090812-171027.765.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090812-171752.828.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090812-172221.859.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090813-083602.015.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090813-120302.906.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090813-120314.343.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090813-120539.250.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090813-124226.281.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090813-124227.593.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090813-140954.421.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090813-141600.593.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090813-152952.890.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090813-153102.828.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090813-180022.390.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090814-120915.375.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090814-121940.718.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090815-122332.343.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090815-122936.281.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090815-122946.078.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090815-123407.218.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090815-152244.703.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090816-082158.828.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090816-101136.218.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090816-104451.796.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090816-115617.625.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090816-115921.890.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090816-135205.093.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090816-145338.140.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090816-163437.359.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090816-165832.828.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-100236.781.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-122508.015.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-123519.109.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-124050.093.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-124105.296.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-124150.500.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-124308.843.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-133532.109.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-163500.546.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-163742.312.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-163744.734.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-164459.156.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-164517.265.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-164538.406.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-164850.812.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-195001.031.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-195347.031.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090818-075822.156.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090818-120941.156.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090818-132236.734.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090819-140634.734.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090819-163528.609.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090819-163827.390.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090819-165833.546.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090819-170036.875.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090819-170230.031.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-083533.122.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-100324.218.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-100352.921.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-101101.968.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-103547.640.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-103830.656.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-105948.187.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-111757.500.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-121437.062.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090715-191026.171.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090717-123621.859.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090718-153755.421.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090719-180212.093.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090721-151412.625.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090808-194320.421.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090810-144044.718.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090811-143838.265.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090812-163239.500.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090813-153315.875.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090816-121103.375.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090817-163635.843.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090819-163735.890.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-121552.328.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090821-093807.468.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090823-103508.015.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090825-154726.218.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-131046.859.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-131150.156.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-132318.937.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-132612.046.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-133408.625.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-140910.640.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-143356.218.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-143712.453.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-143725.750.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-152910.250.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-153151.296.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-154759.328.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090820-163744.406.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090821-115258.375.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090821-120143.921.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090821-120638.828.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090821-120642.906.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090821-125243.437.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090821-155049.984.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090821-172718.468.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090821-173528.640.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090822-093746.140.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090822-095515.015.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090822-105204.468.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090822-142604.156.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090823-094829.734.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090823-103730.046.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090823-141837.656.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090823-180328.000.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090824-082942.078.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090824-085644.140.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090824-114053.218.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090824-123030.765.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090824-123327.359.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090824-153736.765.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090825-134017.796.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090825-134402.906.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090825-141652.906.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090825-154154.328.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090514-131006.406.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090514-132746.859.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090514-133107.000.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090514-133433.750.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090825-155009.796.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090825-175726.250.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090826-080815.421.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090826-120251.828.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090826-181819.515.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090827-071619.421.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090827-103922.381.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090827-120545.296.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090827-121301.078.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090827-121308.671.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090827-121402.500.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090827-160453.406.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090827-184449.406.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090828-082057.921.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090828-093453.671.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090828-093525.453.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090828-105700.000.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090828-110232.125.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090828-110744.125.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090828-111446.265.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090828-111651.421.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\hjhp_20090828-111837.578.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\a\local settings\application data\media access startup\1.0.0.610\ipdata.md (Adware.DoubleD) -> No action taken.

c:\documents and settings\Guest\local settings\application data\media access startup\1.0.0.610\config.md (Adware.DoubleD) -> No action taken.

c:\documents and settings\Guest\local settings\application data\media access startup\1.0.0.610\hjhp_20090705-121828.984.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\Guest\local settings\application data\media access startup\1.0.0.610\hjhp_20090705-121846.734.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\Guest\local settings\application data\media access startup\1.0.0.610\hjhp_20090705-121905.343.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\Guest\local settings\application data\media access startup\1.0.0.610\hjhp_20090705-121923.171.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\Guest\local settings\application data\media access startup\1.0.0.610\hjhp_20090705-122305.906.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\Guest\local settings\application data\media access startup\1.0.0.610\hjhp_20090712-111148.093.log (Adware.DoubleD) -> No action taken.

c:\documents and settings\Guest\local settings\application data\media access startup\1.0.0.610\hjhp_20090712-111256.015.log (Adware.DoubleD) -> No action taken.

#17 Příspěvek od **Roli** » 26 pro 2010 21:58

Tu nádheru co Mbam našel nech smazat.

Nyní použijeme větší kalibr tak že pozorně číst, protože tenhle softík netoleruje chyby.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.

klarkaa · #18 Příspěvek od **klarkaa** » 27 pro 2010 15:33

ComboFix 10-12-26.01 - a 27.12.2010 11:33:31.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.1022.359 [GMT 1:00]
Running from: c:\documents and settings\a\My Documents\Stažené soubory\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\a\Application Data\.#
c:\documents and settings\a\Application Data\.#\MBX@160@3C4160.###
c:\documents and settings\a\Application Data\.#\MBX@160@3C4190.###
c:\documents and settings\a\Application Data\.#\MBX@160@3C41C0.###
c:\documents and settings\a\Application Data\ACD Systems\ACDSee\ImageDB.ddf
c:\documents and settings\a\Application Data\PriceGong
c:\documents and settings\a\Application Data\PriceGong\Data\1.xml
c:\documents and settings\a\Application Data\PriceGong\Data\a.xml
c:\documents and settings\a\Application Data\PriceGong\Data\b.xml
c:\documents and settings\a\Application Data\PriceGong\Data\c.xml
c:\documents and settings\a\Application Data\PriceGong\Data\d.xml
c:\documents and settings\a\Application Data\PriceGong\Data\e.xml
c:\documents and settings\a\Application Data\PriceGong\Data\f.xml
c:\documents and settings\a\Application Data\PriceGong\Data\g.xml
c:\documents and settings\a\Application Data\PriceGong\Data\h.xml
c:\documents and settings\a\Application Data\PriceGong\Data\i.xml
c:\documents and settings\a\Application Data\PriceGong\Data\J.xml
c:\documents and settings\a\Application Data\PriceGong\Data\k.xml
c:\documents and settings\a\Application Data\PriceGong\Data\l.xml
c:\documents and settings\a\Application Data\PriceGong\Data\m.xml
c:\documents and settings\a\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\a\Application Data\PriceGong\Data\n.xml
c:\documents and settings\a\Application Data\PriceGong\Data\o.xml
c:\documents and settings\a\Application Data\PriceGong\Data\p.xml
c:\documents and settings\a\Application Data\PriceGong\Data\q.xml
c:\documents and settings\a\Application Data\PriceGong\Data\r.xml
c:\documents and settings\a\Application Data\PriceGong\Data\s.xml
c:\documents and settings\a\Application Data\PriceGong\Data\t.xml
c:\documents and settings\a\Application Data\PriceGong\Data\u.xml
c:\documents and settings\a\Application Data\PriceGong\Data\v.xml
c:\documents and settings\a\Application Data\PriceGong\Data\w.xml
c:\documents and settings\a\Application Data\PriceGong\Data\x.xml
c:\documents and settings\a\Application Data\PriceGong\Data\y.xml
c:\documents and settings\a\Application Data\PriceGong\Data\z.xml
c:\program files\INSTALL.LOG
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\Thumbs.db

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MYWEBSEARCHSERVICE

((((((((((((((((((((((((( Files Created from 2010-11-27 to 2010-12-27 )))))))))))))))))))))))))))))))
.

2010-12-27 08:56 . 2010-12-27 08:56 -------- d-----w- c:\windows\LastGood.Tmp
2010-12-27 08:56 . 2010-12-27 08:56 -------- d-----w- c:\program files\MSXML 6.0
2010-12-26 21:13 . 2010-12-26 21:13 -------- d-----w- c:\windows\ServicePackFiles
2010-12-26 21:13 . 2004-08-03 22:56 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-12-26 12:59 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-12-26 11:58 . 2010-12-26 11:58 -------- d-----w- c:\documents and settings\a\Application Data\Malwarebytes
2010-12-26 11:58 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-26 11:58 . 2010-12-26 11:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-12-26 11:58 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-26 11:58 . 2010-12-26 12:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-25 18:37 . 2010-12-25 18:37 -------- d-----w- c:\program files\MSECache
2010-12-25 17:01 . 2010-12-25 17:01 -------- d-----w- c:\program files\Skype
2010-12-25 17:01 . 2010-12-25 17:01 -------- d-----w- c:\program files\Common Files\Skype
2010-12-25 16:50 . 2010-12-25 16:50 132 ----a-w- C:\Delapp.bat
2010-12-25 16:10 . 2010-12-25 16:44 -------- d-----w- c:\program files\CCleaner
2010-12-25 15:48 . 2010-12-25 15:48 -------- d-----w- c:\documents and settings\a\Local Settings\Application Data\Centrum.cz Toolbar
2010-12-25 15:31 . 2010-12-25 16:37 -------- d-----w- c:\documents and settings\a\Local Settings\Application Data\AskToolbar
2010-12-25 14:30 . 2010-12-26 11:53 -------- d-----w- c:\program files\trend micro
2010-12-25 14:30 . 2010-12-25 14:30 -------- d-----w- C:\rsit
2010-12-14 15:01 . 2010-12-23 09:51 -------- d-----w- c:\documents and settings\a\dwhelper
2010-12-12 09:32 . 2010-12-12 09:32 -------- d-----w- C:\found.002
2010-11-29 19:44 . 2010-11-29 19:44 1409 ----a-w- c:\windows\QTFont.for
2010-11-29 18:27 . 2010-11-29 18:27 -------- d-----w- c:\documents and settings\a\Application Data\Registry Mechanic

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-09 16:52 . 2010-11-09 16:52 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2010-11-01 09:41 . 2008-05-13 09:43 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-01 09:41 . 2003-03-19 04:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-10-25 17:37 . 2010-10-25 17:37 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSof2.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\Softonic-Eng7\tbSof2.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99756919-C498-4D97-9E20-2076DE0E42B9}]
2010-12-19 14:36 253952 ----a-w- c:\program files\Wowd\ext\eiexxpw.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2010-01-06 23:54 194912 ------w- c:\program files\Yontoo Layers Client\YontooIEClient.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSof2.dll" [2010-10-18 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSof2.dll" [2010-10-18 3908192]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2010-12-21 2162488]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-08 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"SW20"="c:\windows\system32\sw20.exe" [2006-05-18 208896]
"SW24"="c:\windows\system32\sw24.exe" [2006-05-17 69632]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-08 61952]
"RTHDCPL"="RTHDCPL.EXE" [2005-11-10 15473664]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-02-27 552960]
"3170 Scan2PC"="c:\windows\Twain_32\Samsung\CLX3170\Scan2pc.exe" [2009-01-30 503808]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-5-17 661776]
Philips GoGear VIBE Device Manager.lnk - c:\program files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe [2010-7-1 1611152]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Paradox Entertainment\\Airfix Dogfighter DEMO\\Dogfighter.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Ratbag\\Leadfoot Demo\\Leadfoot.exe"=
"c:\\Program Files\\Ratbag\\Leadfoot Demo\\Server.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\ScanMgr.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\CLX3170\\Scan2Pc.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\CLX3170\\Sscan2io.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Documents and Settings\\a\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\a\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\wowd.exe"=
"c:\\Program Files\\FlatOut2\\FlatOut2.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.1.2010 15:36 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.1.2010 15:36 17744]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12.2.2010 14:23 135664]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [9.1.2008 4:00 30192]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2010-10-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

2010-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-12 13:23]

2010-12-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-12 13:23]

2010-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-776561741-682003330-1003Core1cb6c278a433218.job
- c:\documents and settings\a\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-18 08:14]

2010-12-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-776561741-682003330-1003UA.job
- c:\documents and settings\a\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-18 08:14]

2010-12-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1004336348-776561741-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 17:32]

2010-12-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1004336348-776561741-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 17:32]

2010-12-27 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-09-28 21:44]

2010-11-16 c:\windows\Tasks\{68C0F52F-0123-465D-89E4-6AD01F46659D}_A-FF648227D8264_a.job
- c:\windows\system32\mobsync.exe [2004-08-03 22:56]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://www.google.com/ie
mDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = 62.103.162.171:8080
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: SmarThru4 Capture Selection - c:\program files\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\program files\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\SmarThru 4\WebCapture.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: {F336565F-C7B8-4E9D-AD9A-333834B7FCB6} = 213.151.236.74,213.151.236.66
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game14.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\documents and settings\a\Application Data\Mozilla\Firefox\Profiles\na0o3ahi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2418376&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2405280&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - prefs.js: network.proxy.http - 109.74.1.53
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Yontoo Layers: plugin@yontoo.com - %profile%\extensions\plugin@yontoo.com
FF - Ext: CrowdStar Gamebar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Wowd: {300B27DF-97E5-4219-AB2B-03AA67D5D557} - %profile%\extensions\{300B27DF-97E5-4219-AB2B-03AA67D5D557}
FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
FF - Ext: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - %profile%\extensions\{9565115d-c7d6-46d3-bd63-b67b481a4368}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
AddRemove-2D & 3D Animator - c:\program files\2D and 3D Animator\PY_UNINSTAL.EXE SOFTWARE\PySoft\AD_DESIGNER
AddRemove-Passage - c:\progra~1\Passage\UNWISE32

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-27 11:45
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3116)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
.
**************************************************************************
.
Completion time: 2010-12-27 11:51:13 - machine was rebooted
ComboFix-quarantined-files.txt 2010-12-27 10:50

Pre-Run: 199 421 472 768 bytes free
Post-Run: 30 adresárov, 199 391 653 888 voľných bajtov

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 0618FBDB55DD599CE2C48B8BF98A3FBA

#19 Příspěvek od **Roli** » 27 pro 2010 21:38

Pokud jsi tak ještě neučinila, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::  
c:\windows\LastGood.Tmp
c:\windows\system32\ConduitEngine.tmp

Folder::
c:\documents and settings\a\Local Settings\Application Data\AskToolbar
C:\found.002
c:\program files\Ask.com

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

FireFox::
FF - ProfilePath - c:\documents and settings\a\Application Data\Mozilla\Firefox\Profiles\na0o3ahi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT24052 ... hSource=13

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

klarkaa · #20 Příspěvek od **klarkaa** » 28 pro 2010 12:14

tu je log:

ComboFix 10-12-26.01 - a 28.12.2010 10:00:12.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.1022.640 [GMT 1:00]
Running from: c:\documents and settings\a\My Documents\Stažené soubory\ComboFix.exe
Command switches used :: c:\documents and settings\a\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\LastGood.Tmp"
"c:\windows\system32\ConduitEngine.tmp"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\a\Local Settings\Application Data\AskToolbar
c:\documents and settings\a\Local Settings\Application Data\AskToolbar\cache.dat
C:\found.002
c:\found.002\dir0000.chk\onefile
c:\found.002\dir0000.chk\setup.lok
c:\found.002\file0000.chk
c:\program files\Ask.com
c:\program files\Ask.com\cb_12d.ico
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\fv_12c.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\Thumbs.db
c:\program files\Ask.com\UpdateTask.exe
c:\windows\system32\ConduitEngine.tmp

.
((((((((((((((((((((((((( Files Created from 2010-11-28 to 2010-12-28 )))))))))))))))))))))))))))))))
.

2010-12-27 20:43 . 2010-12-27 20:43 -------- d-----w- C:\0bf883604f84c879be87b343
2010-12-27 10:48 . 2010-12-27 10:48 -------- d-----w- c:\documents and settings\a\Local Settings\Application Data\PCHealth
2010-12-27 08:56 . 2010-12-27 08:56 -------- d-----w- c:\program files\MSXML 6.0
2010-12-26 21:13 . 2010-12-26 21:13 -------- d-----w- c:\windows\ServicePackFiles
2010-12-26 21:13 . 2004-08-03 22:56 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-12-26 12:59 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-12-26 11:58 . 2010-12-26 11:58 -------- d-----w- c:\documents and settings\a\Application Data\Malwarebytes
2010-12-26 11:58 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-26 11:58 . 2010-12-26 11:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-12-26 11:58 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-26 11:58 . 2010-12-26 12:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-25 18:37 . 2010-12-25 18:37 -------- d-----w- c:\program files\MSECache
2010-12-25 17:01 . 2010-12-25 17:01 -------- d-----w- c:\program files\Skype
2010-12-25 17:01 . 2010-12-25 17:01 -------- d-----w- c:\program files\Common Files\Skype
2010-12-25 16:50 . 2010-12-25 16:50 132 ----a-w- C:\Delapp.bat
2010-12-25 16:10 . 2010-12-25 16:44 -------- d-----w- c:\program files\CCleaner
2010-12-25 15:48 . 2010-12-25 15:48 -------- d-----w- c:\documents and settings\a\Local Settings\Application Data\Centrum.cz Toolbar
2010-12-25 14:30 . 2010-12-26 11:53 -------- d-----w- c:\program files\trend micro
2010-12-25 14:30 . 2010-12-25 14:30 -------- d-----w- C:\rsit
2010-12-14 15:01 . 2010-12-23 09:51 -------- d-----w- c:\documents and settings\a\dwhelper
2010-11-29 19:44 . 2010-11-29 19:44 1409 ----a-w- c:\windows\QTFont.for
2010-11-29 18:27 . 2010-11-29 18:27 -------- d-----w- c:\documents and settings\a\Application Data\Registry Mechanic

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-01 09:41 . 2008-05-13 09:43 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-01 09:41 . 2003-03-19 04:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-10-25 17:37 . 2010-10-25 17:37 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSof2.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\Softonic-Eng7\tbSof2.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99756919-C498-4D97-9E20-2076DE0E42B9}]
2010-12-19 14:36 253952 ----a-w- c:\program files\Wowd\ext\eiexxpw.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2010-01-06 23:54 194912 ------w- c:\program files\Yontoo Layers Client\YontooIEClient.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSof2.dll" [2010-10-18 3908192]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSof2.dll" [2010-10-18 3908192]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2010-12-21 2162488]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-08 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 1622016]
"SW20"="c:\windows\system32\sw20.exe" [2006-05-18 208896]
"SW24"="c:\windows\system32\sw24.exe" [2006-05-17 69632]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-08 61952]
"RTHDCPL"="RTHDCPL.EXE" [2005-11-10 15473664]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-02-27 552960]
"3170 Scan2PC"="c:\windows\Twain_32\Samsung\CLX3170\Scan2pc.exe" [2009-01-30 503808]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 63712]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-5-17 661776]
Philips GoGear VIBE Device Manager.lnk - c:\program files\Philips\GoGear VIBE Device Manager\GoGear_Vibe_DeviceManager.exe [2010-7-1 1611152]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\LEXPPS.EXE"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Paradox Entertainment\\Airfix Dogfighter DEMO\\Dogfighter.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\Ratbag\\Leadfoot Demo\\Leadfoot.exe"=
"c:\\Program Files\\Ratbag\\Leadfoot Demo\\Server.exe"=
"c:\\Program Files\\NetMeeting\\conf.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\ScanMgr.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\CLX3170\\Scan2Pc.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\CLX3170\\Sscan2io.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Documents and Settings\\a\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\a\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\wowd.exe"=
"c:\\Program Files\\FlatOut2\\FlatOut2.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [11.1.2010 15:36 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.1.2010 15:36 17744]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12.2.2010 14:23 135664]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 FXDRV;FXDRV;\??\d:\fxdrv.sys --> d:\Fxdrv.sys [?]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [9.1.2008 4:00 30192]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
.
Contents of the 'Scheduled Tasks' folder

2010-10-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

2010-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-12 13:23]

2010-12-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-12 13:23]

2010-10-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-776561741-682003330-1003Core1cb6c278a433218.job
- c:\documents and settings\a\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-18 08:14]

2010-12-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-776561741-682003330-1003UA.job
- c:\documents and settings\a\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-04-18 08:14]

2010-12-28 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1004336348-776561741-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 17:32]

2010-12-28 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1004336348-776561741-682003330-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-10-20 17:32]

2010-11-16 c:\windows\Tasks\{68C0F52F-0123-465D-89E4-6AD01F46659D}_A-FF648227D8264_a.job
- c:\windows\system32\mobsync.exe [2004-08-03 22:56]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyServer = 62.103.162.171:8080
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: SmarThru4 Capture Selection - c:\program files\SmarThru 4\WebCapture.dll2.htm
IE: SmarThru4 Save as HTML - c:\program files\SmarThru 4\WebCapture.dll1.htm
IE: SmarThru4 Save Selected Text - c:\program files\SmarThru 4\WebCapture.dll.htm
IE: SmarThru4 Web Capture - c:\program files\SmarThru 4\WebCapture.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: {F336565F-C7B8-4E9D-AD9A-333834B7FCB6} = 213.151.236.74,213.151.236.66
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game14.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\documents and settings\a\Application Data\Mozilla\Firefox\Profiles\na0o3ahi.default\
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
FF - prefs.js: network.proxy.http - 109.74.1.53
FF - prefs.js: network.proxy.http_port - 80
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Yontoo Layers: plugin@yontoo.com - %profile%\extensions\plugin@yontoo.com
FF - Ext: CrowdStar Gamebar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
FF - Ext: Wowd: {300B27DF-97E5-4219-AB2B-03AA67D5D557} - %profile%\extensions\{300B27DF-97E5-4219-AB2B-03AA67D5D557}
FF - Ext: Softonic-Eng7 Toolbar: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - %profile%\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
FF - Ext: PageRage Toolbar: {9565115d-c7d6-46d3-bd63-b67b481a4368} - %profile%\extensions\{9565115d-c7d6-46d3-bd63-b67b481a4368}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\documents and settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-28 10:09
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2010-12-28 10:11:00
ComboFix-quarantined-files.txt 2010-12-28 09:10
ComboFix2.txt 2010-12-27 10:51

Pre-Run: 198 486 499 328 bytes free
Post-Run: 30 adresárov, 198 528 811 008 voľných bajtov

- - End Of File - - 5194203AEF38F34395492E72DFF13114

#21 Příspěvek od **Roli** » 28 pro 2010 22:08

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.

Pak dej vědět jaký je stav PC.

klarkaa · #22 Příspěvek od **klarkaa** » 01 led 2011 12:06

PC už tak nemrzne, ale keď ho zapínam píše mi stále toto:

Checking file system on C:
The type of the file system NTFS.

One of your disks needs to be checked for consistency. You mys cancel the disk chcesk, but it is strongly recommended than you continue.
To skip disk checking, press any key within 10 second(s).

#23 Příspěvek od **Roli** » 01 led 2011 19:13

To je kontrola disku, nech jí jednou projet a pak už by neměla otravovat, pokud ano dej vědět něco s tím provedeme.

Ještě mi sem dej aktuální log z Rsit.

klarkaa · #24 Příspěvek od **klarkaa** » 02 led 2011 23:17

Logfile of random's system information tool 1.08
(written by random/random)
Run by a at 2011-01-02 11:43:40
Systém Microsoft Windows XP Professional Service
Pack 2
System drive C: has 193 GB (81%) free of 238 GB
Total RAM: 1022 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:43:48, on 2.1.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe
C:\WINDOWS\Twain_32\Samsung\CLX3170\Scan2pc.
exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe

C:\Program Files\Adobe\Photoshop Album Starter
Edition\3.2\Apps\apdproxy.exe
C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNot
ifier.exe
C:\Program Files\IVT
Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Philips\GoGear VIBE Device
Manager\GoGear_Vibe_DeviceManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Common Files\ArcSoft\Connection
Service\Bin\ACService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common
Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\a\My Documents\Stažené
soubory\RSIT.exe
C:\Program Files\trend micro\a.exe

R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page = http://www.google.sk/

R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://
go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL = http://
go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page = http://go.microsoft.com/
fwlink/?LinkId=54896
R1 -

HKCU\Software\Microsoft\Windows\CurrentVersion\In
ternet Settings,ProxyServer = 62.103.162.171:8080
R3 - URLSearchHook: PageRage Toolbar - {414b6d9d-
4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program
Files\Softonic-Eng7\tbSof2.dll
O2 - BHO: Adobe PDF Reader Link
Helper - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IEPlugin Class - {11222041-
111B-46E3-BD29-EFB2449479B1} -
C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARC
URL~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-
E8AD-4283-A596-FA578C2EBDC3}
- C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record
Plugin for Internet Explorer - {3049C3E9-

B461-4BC5-8870-4C09146192CA} -
C:\Documents and Settings\All Users\Application
Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrows
errecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-
4826-820B-08FBA6BD249D} - C:\Program
Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: PageRage Toolbar - {414b6d9d-4a95-4e8d-
b5b1-149dd2d93bb3} - C:\Program Files\Softonic-
Eng7\tbSof2.dll
O2 - BHO: Wowd Page Grabber - {99756919-
C498-4D97-9E20-2076DE0E42B9} - C:\Program
Files\Wowd\ext\eiexxpw.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-
01DD-4d91-8333-CF10577473F7} - C:\Program
Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier
BHO - {AF69DE43-7D58-4638-
B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg
.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} -
C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-
17CE-4C07-BC86-EABFE594F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-
A58A-0BAB4151CAD8} - C:\Program Files\Yontoo
Layers Client\YontooIEClient.dll

O3 - Toolbar: PageRage Toolbar - {414b6d9d-
4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program
Files\Softonic-Eng7\tbSof2.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-
BAEF-A47D02414806} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-
4965-11d4-9B18-009027A5CD4F} - C:\Program
Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Conduit Engine - {30F9B915-
B755-4826-820B-08FBA6BD249D} - C:\Program
Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20]
C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24]
C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [High Definition Audio Property
Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter]
RUNDLL32.EXE
C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Samsung PanelMgr]
C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /
autorun
O4 - HKLM\..\Run: [3170 Scan2PC]
"C:\WINDOWS\Twain_32\Samsung\CLX3170\Scan2p
c.exe"

O4 - HKLM\..\Run: [avast5]
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [Adobe Photo Downloader]
"C:\Program Files\Adobe\Photoshop Album Starter
Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service]
C:\Program Files\Common Files\ArcSoft\Connection
Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program
Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] "C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNot
ifier.exe"
O4 - Global Startup: BlueSoleil.lnk = C:\Program
Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Philips GoGear VIBE Device
Manager.lnk = C:\Program Files\Philips\GoGear VIBE
Device Manager\GoGear_Vibe_DeviceManager.exe
O8 - Extra context menu item: Add to
Google Photos Screensa&ver - res://
C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Google Sidewiki...
- res://C:\Program Files\Google\Google
Toolbar\Component\GoogleToolbarDynamic_mui_en_8
9D8574934B26AC4.dll/cmsidewiki.html
O8 - Extra context menu item: SmarThru4
Capture Selection - C:\Program Files\SmarThru
4\WebCapture.dll2.htm
O8 - Extra context menu item: SmarThru4
Save as HTML - C:\Program Files\SmarThru

4\WebCapture.dll1.htm
O8 - Extra context menu item: SmarThru4 Save
Selected Text - C:\Program Files\SmarThru
4\WebCapture.dll.htm
O8 - Extra context menu item: SmarThru4 Web Capture
- C:\Program Files\SmarThru 4\WebCapture.dll
O9 - Extra button: Messenger - {FB5F1910-
F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger
- {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: SmarThru4 Web Capture -
{5941A0E4-56C1-4a49-9B18-05762CAC5F9B} -
C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Web Capture
- {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} -
C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Capture Selection -
{A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} -
C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Capture
Selection - {A07BFEF7-DD11-4937-B23B-
E70C11D2EDF4} - C:\Program Files\SmarThru
4\WebCapture.dll (HKCU)
O9 - Extra button: Wowd Home - {D7A4591C-
912F-4E83-B90F-EB82E0AC1808} - C:\Program
Files\Wowd\ext\eiexxpw.dll (HKCU)
O9 - Extra button: SmarThru4 Save as HTML -
{E753A93F-2367-4978-BFA0-83048C1E61CB} -

C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Save
as HTML - {E753A93F-2367-4978-BFA0-
83048C1E61CB} - C:\Program Files\SmarThru
4\WebCapture.dll (HKCU)
O9 - Extra button: SmarThru4 Save Selected Text -
{F1F53366-3E11-47ab-BF84-580C94F9C9AD} -
C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: SmarThru4 Save Selected
Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD}
- C:\Program Files\SmarThru 4\WebCapture.dll
(HKCU)
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-
B2CCF06D9A1B} (Zylom Games Player) - http://
game14.zylom.com/activex/zylomgamesplayer.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{F336565F-
C7B8-4E9D-AD9A-333834B7FCB6}: NameServer =
213.151.236.74,213.151.236.66
O18 - Protocol: skype4com - {FFC8B962-
9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader -
{438755C2-A8BA-11D1-B96B-00A0C90312E1} -
C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component

Categories cache daemon - {8C7461EF-
2B13-11d2-BE35-3078302C2030} -
C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon)
- ArcSoft Inc. - C:\Program Files\Common
Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: avast! Antivirus - AVAST Software -
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner -
AVAST Software - C:\Program Files\Alwil
Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner -
AVAST Software - C:\Program Files\Alwil
Software\Avast5\AvastSvc.exe
O23 - Service: Canon Camera Access Library
8 (CCALib8) - Canon Inc. - C:\Program
Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Desktop Manager
5.9.1005.12335 (GoogleDesktopManager-051210-
111108) - Google - C:\Program Files\Google\Google
Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update
(gupdate) (gupdate) - Google Inc. - C:\Program
Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) -
Google - C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT)
- Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter
(JavaQuickStarterService) - Sun Microsystems, Inc. -
C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS)
- Lexmark International, Inc. -
C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc
Labeling Service (LightScribeService) - Hewlett-
Packard Company - C:\Program Files\Common
Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver
Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - (no file)
O24 - Desktop Component 1: (no name) -
http://www.trikyatipy.sk/trikyatipy/index.php/
Domacalekaren/images/ObrazkyClanky/
BREZA%20PREVISNUT%C3%811.jpg

--
End of file - 10650 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.j
ob
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.jo
b
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-

1-5-21-1004336348-776561741-682003330-
1003Core1cb6c278a433218.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-
1004336348-776561741-682003330-1003UA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-
1004336348-776561741-682003330-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-
21-1004336348-776561741-682003330-1003.job
C:\WINDOWS\tasks\{68C0F52F-0123-465D-89E4-
6AD01F46659D}_A-FF648227D8264_a.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Micr
osoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3}]
Adobe PDF Reader Link Helper -
C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-
09-22 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Micr
osoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{11222041-111B-46E3-BD29-
EFB2449479B1}]
IEPlugin Class -

C:\PROGRA~1\ArcSoft\MEDIAC~1\INTERN~1\ARC
URL~1.DLL [2008-12-24 145920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Micr
osoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{18DF081C-E8AD-4283-A596-
FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
[2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Micr
osoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{3049C3E9-B461-4BC5-8870-
4C09146192CA}]
RealPlayer Download and Record Plugin
for Internet Explorer - C:\Documents
and Settings\All Users\Application
Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrows
errecordplugin.dll [2010-11-01 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Micr
osoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{30F9B915-B755-4826-820B-
08FBA6BD249D}]
Conduit Engine - C:\Program
Files\ConduitEngine\ConduitEngine.dll [2010-10-18
3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microso
ft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

PageRage Toolbar - C:\Program Files\Softonic-
Eng7\tbSof2.dll [2010-10-18 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Micr
osoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{99756919-C498-4D97-9E20-
2076DE0E42B9}]
Wowd Page Grabber - C:\Program
Files\Wowd\ext\eiexxpw.dll [2010-12-19 253952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Micr
osoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{AA58ED58-01DD-4d91-8333-
CF10577473F7}]
Google Toolbar Helper - C:\Program
Files\Google\Google Toolbar\GoogleToolbar_32.dll
[2010-07-11 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Micr
osoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{AF69DE43-7D58-4638-B6FA-
CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program
Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg
.dll [2010-10-06 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Micr
osoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{DBC80044-A445-435b-BC74-
9C25C1C588A9}]

Java(tm) Plug-In 2 SSV Helper - C:\Program
Files\Java\jre6\bin\jp2ssv.dll [2009-08-13 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Micr
osoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{E7E6F031-17CE-4C07-BC86-
EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-
13 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Micr
osoft\Windows\CurrentVersion\Explorer\Browser
Helper Objects\{FD72061E-9FDE-484D-A58A-
0BAB4151CAD8}]
Yontoo Layers - C:\Program Files\Yontoo Layers
Client\YontooIEClient.dll [2010-01-07 194912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\I
nternet Explorer\Toolbar]
{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} -
PageRage Toolbar - C:\Program Files\Softonic-
Eng7\tbSof2.dll [2010-10-18 3908192]
{D5D47440-0750-463D-BAEF-A47D02414806}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} -
Google Toolbar - C:\Program Files\Google\Google
Toolbar\GoogleToolbar_32.dll [2010-07-11 278192]
{30F9B915-B755-4826-820B-08FBA6BD249D}
- Conduit Engine - C:\Program
Files\ConduitEngine\ConduitEngine.dll [2010-10-18

3908192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Win
dows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll
[2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"SW20"=C:\WINDOWS\system32\sw20.exe [2006-05-
18 208896]
"SW24"=C:\WINDOWS\system32\sw24.exe [2006-05-
17 69632]
"High Definition Audio Property Page
Shortcut"=C:\WINDOWS\system32\HDAShCut.exe
[2005-01-08 61952]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-
11-10 15473664]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTra
y.dll [2006-10-22 86016]
"Samsung
PanelMgr"=C:\WINDOWS\Samsung\PanelMgr\SSMM
gr.exe [2009-02-27 552960]
"3170
Scan2PC"=C:\WINDOWS\Twain_32\Samsung\CLX31
70\Scan2pc.exe [2009-01-30 503808]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.e
xe [2010-09-07 2838912]
"Adobe Photo Downloader"=C:\Program
Files\Adobe\Photoshop Album Starter
Edition\3.2\Apps\apdproxy.exe [2007-03-09 63712]
"ArcSoft Connection Service"=C:\Program

Files\Common Files\ArcSoft\Connection
Service\Bin\ACDaemon.exe [2010-03-18 207360]

[HKEY_CURRENT_USER\Software\Microsoft\Windo
ws\CurrentVersion\Run]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe
[2010-12-21 2162488]
"swg"=C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNot
ifier.exe [2009-04-08 39408]

C:\Documents and Settings\All Users\Start
Menu\Programs\Startup
BlueSoleil.lnk - C:\Program Files\IVT
Corporation\BlueSoleil\BlueSoleil.exe
Philips GoGear VIBE Device Manager.lnk -
C:\Program Files\Philips\GoGear VIBE Device
Manager\GoGear_Vibe_DeviceManager.exe

[HKEY_LOCAL_MACHINE\S
OFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-02-12
190976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\ShellServiceObjectDelayLoa
d]
WPDShServiceObj - {AAA288BA-
9A4C-45B0-95D7-94D524869DB5} -

C:\WINDOWS\system32\WPDShServiceObj.dll [2006-
10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentContro
lSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-
9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Win
dows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windo
ws\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Win
dows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\
services\sharedaccess\parameters\firewallpolicy\standar

dprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system
32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\LEXPPS.EXE"="C:\WIND
OWS\system32\LEXPPS.EXE:*:Enabled:LEXPPS.EX
E"
"C:\Program Files\IVT
Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program
Files\IVT
Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueS
oleil"
"C:\Program Files\Paradox Entertainment\Airfix
Dogfighter DEMO\Dogfighter.exe"="C:\Program
Files\Paradox Entertainment\Airfix Dogfighter
DEMO\Dogfighter.exe:*:Disabled:Dogfighter"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WIN
DOWS\system32\dplaysvr.exe:*:Enabled:Microsoft
DirectPlay Helper"
"C:\Program Files\Ratbag\Leadfoot
Demo\Leadfoot.exe"="C:\Program
Files\Ratbag\Leadfoot
Demo\Leadfoot.exe:*:Disabled:Leadfoot"
"C:\Program Files\Ratbag\Leadfoot
Demo\Server.exe"="C:\Program Files\Ratbag\Leadfoot
Demo\Server.exe:*:Disabled:Server"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program
Files\NetMeeting\conf.exe:*:Disabled:Windows®
NetMeeting®"
"C:\Program
Files\Messenger\msmsgs.exe"="C:\Program

Files\Messenger\msmsgs.exe:*:Enabled:Windows
Messenger"
"C:\WINDOWS\twain_32\Samsung\ScanMgr.exe"="C:
\WINDOWS\twain_32\Samsung\ScanMgr.exe:*:Enable
d:Scan Manger"
"C:\WINDOWS\twain_32\Samsung\CLX3170\Scan2Pc
.exe"="C:\WINDOWS\twain_32\Samsung\CLX3170\S
can2Pc.exe:*:Enabled:ScanToPC"
"C:\WINDOWS\twain_32\Samsung\CLX3170\Sscan2i
o.exe"="C:\WINDOWS\twain_32\Samsung\CLX3170\
Sscan2io.exe:*:Enabled:SScanToIO"
"C:\Program Files\Sony Ericsson\Sony Ericsson
Media Manager\MediaManager.exe"="C:\Program
Files\Sony Ericsson\Sony Ericsson Media
Manager\MediaManager.exe:*:Enabled:Sony Ericsson
Media Manager 1.1"
"C:\Documents and Settings\a\Local
Settings\Application Data\Google\Google Talk
Plugin\googletalkplugin.dll"="C:\Documents
and Settings\a\Local Settings\Application
Data\Google\Google Talk
Plugin\googletalkplugin.dll:*:Enabled:Google Talk
Plugin"
"C:\Documents and Settings\a\Local
Settings\Application Data\Google\Google Talk
Plugin\googletalkplugin.exe"="C:\Documents
and Settings\a\Local Settings\Application
Data\Google\Google Talk
Plugin\googletalkplugin.exe:*:Enabled:Google Talk
Plugin"

"C:\Program Files\Skype\Plugin
Manager\skypePM.exe"="C:\Program
Files\Skype\Plugin
Manager\skypePM.exe:*:Enabled:Skype Extras
Manager"
"C:\Program Files\Java\jre6\launch4j-
tmp\wowd.exe"="C:\Program Files\Java\jre6\launch4j-
tmp\wowd.exe:*:Enabled:Wowd"
"C:\Program Files\FlatOut2\FlatOut2.exe"="C:\Program
Files\FlatOut2\FlatOut2.exe:*:Disabled:FlatOut2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\
services\sharedaccess\parameters\firewallpolicy\domain
profile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system
32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1
months======

2011-01-02 11:43:40 ----D---- C:\rsit
2011-01-01 17:53:18 ----N----
C:\WINDOWS\SchedLgU.Txt
2010-12-30 15:56:43 ----D---- C:\Documents and
Settings\a\Application Data\CANON INC
2010-12-29 14:02:26 ----D---- C:\Documents and
Settings\a\Application Data\ZoomBrowser EX
2010-12-29 13:58:01 ----D---- C:\Documents and
Settings\All Users\Application Data\ZoomBrowser
2010-12-29 13:57:46 ----D---- C:\Program Files\Canon

2010-12-29 13:56:49 ----D---- C:\Program
Files\Common Files\Canon
2010-12-28 10:11:51 ----SHD---- C:\RECYCLER
2010-12-28 09:16:53 ----HDC----
C:\WINDOWS\$NtUninstallKB970430$
2010-12-28 09:16:15 ----HDC----
C:\WINDOWS\$NtUninstallKB961118$
2010-12-28 09:12:03 ----HDC----
C:\WINDOWS\$NtUninstallKB925720$
2010-12-28 09:11:51 ----HDC----
C:\WINDOWS\$NtUninstallKB971737$
2010-12-27 21:43:56 ----D----
C:\0bf883604f84c879be87b343
2010-12-27 11:30:05 ----A---- C:\Boot.bak
2010-12-27 11:30:00 ----RASHD---- C:\cmdcons
2010-12-27 09:59:42 ----D----
C:\WINDOWS\system32\XPSViewer
2010-12-27 09:59:39 ----D---- C:\Program
Files\MSBuild
2010-12-27 09:59:37 ----D----
C:\WINDOWS\system32\en-US
2010-12-27 09:59:30 ----D---- C:\Program
Files\Reference Assemblies
2010-12-27 09:59:09 ----N----
C:\WINDOWS\system32\xpssvcs.dll
2010-12-27 09:59:09 ----N----
C:\WINDOWS\system32\xpsshhdr.dll
2010-12-27 09:59:09 ----N----
C:\WINDOWS\system32\prntvpt.dll
2010-12-27 09:59:09 ----D----

C:\ee953a78a84225bafb587ec17c5955
2010-12-27 09:56:31 ----HDC----
C:\WINDOWS\$NtUninstallWIC$
2010-12-27 09:56:28 ----D---- C:\Program
Files\MSXML 6.0
2010-12-26 22:18:02 ----HDC----
C:\WINDOWS\$NtUninstallKB980218$
2010-12-26 22:17:57 ----HDC----
C:\WINDOWS\$NtUninstallKB960859$
2010-12-26 22:17:51 ----HDC----
C:\WINDOWS\$NtUninstallKB971468$
2010-12-26 22:17:42 ----HDC----
C:\WINDOWS\$NtUninstallKB979683$
2010-12-26 22:17:37 ----HDC----
C:\WINDOWS\$NtUninstallKB958869$
2010-12-26 22:17:31 ----HDC----
C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-12-26 22:17:28 ----HDC----
C:\WINDOWS\$NtUninstallKB980195$
2010-12-26 22:17:22 ----HDC----
C:\WINDOWS\$NtUninstallKB980232$
2010-12-26 22:17:16 ----HDC----
C:\WINDOWS\$NtUninstallKB981350$
2010-12-26 22:16:40 ----HDC----
C:\WINDOWS\$NtUninstallKB955759$
2010-12-26 22:16:34 ----HDC----
C:\WINDOWS\$NtUninstallKB974318$
2010-12-26 22:16:28 ----HDC----
C:\WINDOWS\$NtUninstallKB969059$
2010-12-26 22:16:23 ----HDC----

C:\WINDOWS\$NtUninstallKB2229593$
2010-12-26 22:16:18 ----HDC----
C:\WINDOWS\$NtUninstallKB978037$
2010-12-26 22:16:13 ----HDC----
C:\WINDOWS\$NtUninstallKB975713$
2010-12-26 22:16:07 ----HDC----
C:\WINDOWS\$NtUninstallKB971657$
2010-12-26 22:16:02 ----HDC----
C:\WINDOWS\$NtUninstallKB978338$
2010-12-26 22:15:57 ----HDC----
C:\WINDOWS\$NtUninstallKB972270$
2010-12-26 22:15:51 ----HDC----
C:\WINDOWS\$NtUninstallKB974112$
2010-12-26 22:15:47 ----HDC----
C:\WINDOWS\$NtUninstallKB956844$
2010-12-26 22:15:41 ----HDC----
C:\WINDOWS\$NtUninstallKB975561$
2010-12-26 22:15:35 ----HDC----
C:\WINDOWS\$NtUninstallKB973869$
2010-12-26 22:15:30 ----HDC----
C:\WINDOWS\$NtUninstallKB975025$
2010-12-26 22:15:25 ----HDC----
C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-12-26 22:15:22 ----HDC----
C:\WINDOWS\$NtUninstallKB974571$
2010-12-26 22:15:16 ----HDC----
C:\WINDOWS\$NtUninstallKB975560$
2010-12-26 22:15:09 ----HDC----
C:\WINDOWS\$NtUninstallKB973507$
2010-12-26 22:15:04 ----HDC----

C:\WINDOWS\$NtUninstallKB977816$
2010-12-26 22:14:58 ----HDC----
C:\WINDOWS\$NtUninstallKB973687$
2010-12-26 22:14:53 ----HDC----
C:\WINDOWS\$NtUninstallKB981793$
2010-12-26 22:14:50 ----HDC----
C:\WINDOWS\$NtUninstallKB978601$
2010-12-26 22:14:44 ----HDC----
C:\WINDOWS\$NtUninstallKB979559$
2010-12-26 22:14:38 ----HDC----
C:\WINDOWS\$NtUninstallKB973904$
2010-12-26 22:14:33 ----HDC----
C:\WINDOWS\$NtUninstallKB974392$
2010-12-26 22:14:25 ----HDC----
C:\WINDOWS\$NtUninstallKB977914$
2010-12-26 22:14:16 ----HDC----
C:\WINDOWS\$NtUninstallKB971961$
2010-12-26 22:14:10 ----HDC----
C:\WINDOWS\$NtUninstallKB978542$
2010-12-26 22:14:05 ----HDC----
C:\WINDOWS\$NtUninstallKB979309$
2010-12-26 22:14:00 ----HDC----
C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-12-26 22:13:56 ----HDC----
C:\WINDOWS\$NtUninstallKB979482$
2010-12-26 22:13:51 ----HDC----
C:\WINDOWS\$NtUninstallKB978706$
2010-12-26 22:13:45 ----D----
C:\WINDOWS\ServicePackFiles
2010-12-26 22:13:43 ----HDC----

C:\WINDOWS\$NtUninstallKB958470$
2010-12-26 22:13:37 ----HDC----
C:\WINDOWS\$NtUninstallKB973815$
2010-12-26 22:13:32 ----HDC----
C:\WINDOWS\$NtUninstallKB975562$
2010-12-26 22:13:25 ----HDC----
C:\WINDOWS\$NtUninstallKB971032$
2010-12-26 22:13:21 ----A----
C:\WINDOWS\system32\wmpns.dll
2010-12-26 22:13:18 ----HDC----
C:\WINDOWS\$NtUninstallKB979402_WM9L$
2010-12-26 22:13:05 ----HDC----
C:\WINDOWS\$NtUninstallKB982381$
2010-12-26 22:10:45 ----HDC----
C:\WINDOWS\$NtUninstallKB975467$
2010-12-26 22:10:36 ----HDC----
C:\WINDOWS\$NtUninstallKB968389$
2010-12-26 13:59:08 ----N----
C:\WINDOWS\system32\browserchoice.exe
2010-12-26 12:58:51 ----D---- C:\Documents and
Settings\a\Application Data\Malwarebytes
2010-12-26 12:58:46 ----A----
C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-12-26 12:58:45 ----D---- C:\Documents and
Settings\All Users\Application Data\Malwarebytes
2010-12-26 12:58:43 ----A----
C:\WINDOWS\system32\drivers\mbam.sys
2010-12-26 12:58:42 ----D---- C:\Program
Files\Malwarebytes' Anti-Malware
2010-12-25 19:37:27 ----D---- C:\Program

Files\MSECache
2010-12-25 18:01:08 ----D---- C:\Program Files\Skype
2010-12-25 18:01:08 ----D---- C:\Program
Files\Common Files\Skype
2010-12-25 17:10:20 ----D---- C:\Program
Files\CCleaner
2010-12-25 15:30:23 ----D---- C:\Program Files\trend
micro

======List of files/folders modified in the last 1
months======

2011-01-02 11:43:45 ----D---- C:\WINDOWS\Prefetch
2011-01-02 11:39:38 ----D---- C:\WINDOWS\Temp
2011-01-02 11:38:24 ----D---- C:\WINDOWS
2011-01-02 11:38:20 ----D----
C:\WINDOWS\system32\Lang
2011-01-01 20:04:04 ----SD---- C:\WINDOWS\Tasks
2011-01-01 13:22:13 ----A----
C:\WINDOWS\NeroDigital.ini
2010-12-30 15:56:13 ----HD---- C:\WINDOWS\inf
2010-12-30 15:56:12 ----D----
C:\WINDOWS\system32\CatRoot2
2010-12-29 13:57:46 ----RD---- C:\Program Files
2010-12-29 13:56:49 ----D---- C:\Program
Files\Common Files
2010-12-28 17:28:14 ----D----
C:\WINDOWS\Microsoft.NET
2010-12-28 17:28:11 ----RSD----
C:\WINDOWS\assembly

2010-12-28 17:02:53 ----SHD----
C:\WINDOWS\Installer
2010-12-28 10:09:31 ----A----
C:\WINDOWS\system.ini
2010-12-28 10:09:25 ----D----
C:\WINDOWS\system32\drivers\etc
2010-12-28 10:09:06 ----D---- C:\WINDOWS\system32
2010-12-28 10:07:30 ----D----
C:\WINDOWS\system32\drivers
2010-12-28 10:07:30 ----D----
C:\WINDOWS\AppPatch
2010-12-28 09:50:26 ----A----
C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-28 09:18:57 ----D---- C:\WINDOWS\WinSxS
2010-12-28 09:16:55 ----RSHDC----
C:\WINDOWS\system32\dllcache
2010-12-28 09:16:43 ----D----
C:\WINDOWS\system32\CatRoot
2010-12-28 09:16:13 ----HD----
C:\WINDOWS\$hf_mig$
2010-12-27 11:41:36 ----D----
C:\WINDOWS\system32\config
2010-12-27 11:41:01 ----SD----
C:\WINDOWS\Downloaded Program Files
2010-12-27 11:30:05 ----RASH---- C:\boot.ini
2010-12-27 09:59:35 ----RSD---- C:\WINDOWS\Fonts
2010-12-27 09:59:21 ----D----
C:\WINDOWS\system32\spool
2010-12-27 09:53:40 ----D---- C:\WINDOWS\Debug
2010-12-27 09:52:36 ----D----

C:\WINDOWS\system32\Setup
2010-12-26 22:15:42 ----D---- C:\Program Files\Movie
Maker
2010-12-26 22:14:12 ----D---- C:\Program
Files\Outlook Express
2010-12-26 22:13:10 ----D---- C:\Program Files\Internet
Explorer
2010-12-26 15:16:52 ----D----
C:\WINDOWS\system32\CatRoot_bak
2010-12-26 13:34:24 ----D---- C:\WINDOWS\Help
2010-12-26 12:53:09 ----D---- C:\Program
Files\GamesBar
2010-12-25 19:38:25 ----D---- C:\Program
Files\Common Files\Microsoft Shared
2010-12-25 19:38:08 ----D---- C:\Program
Files\Microsoft Office
2010-12-25 19:19:31 ----D---- C:\Program Files\PopCap
Games
2010-12-25 18:57:16 ----D---- C:\Program Files\Our
Love Screensaver
2010-12-25 18:56:58 ----D---- C:\Program Files\3D
Realistic Fireplace 3
2010-12-25 18:01:08 ----D---- C:\Documents and
Settings\All Users\Application Data\Skype
2010-12-25 18:00:44 ----AD---- C:\Documents and
Settings\All Users\Application Data\TEMP
2010-12-25 18:00:09 ----D---- C:\Program
Files\Registry Mechanic
2010-12-25 17:59:21 ----D---- C:\Program
Files\Daycare Nightmare Mini Monsters

2010-12-25 17:56:40 ----D---- C:\Program Files\Beach
Head 2000
2010-12-25 17:50:58 ----D---- C:\Program Files\Diver
2010-12-25 17:50:37 ----D---- C:\Program
Files\EACOM
2010-12-25 17:50:32 ----HD---- C:\Program
Files\InstallShield Installation Information
2010-12-25 17:49:42 ----D---- C:\Program
Files\Drawing for Children
2010-12-25 17:49:31 ----D---- C:\Program
Files\FrameMaster2
2010-12-25 17:47:13 ----D---- C:\Program
Files\WinRAR
2010-12-25 17:44:27 ----D---- C:\Program
Files\GameHouse
2010-12-25 17:44:11 ----D---- C:\GameHouse Games
2010-12-25 17:44:09 ----D---- C:\Program
Files\RealArcade
2010-12-25 17:40:21 ----D---- C:\Program Files\Sony
Online Entertainment
2010-12-25 17:36:52 ----D---- C:\Program Files\Castle
Attack
2010-12-25 17:33:05 ----D---- C:\Program Files\123
Free Memory
2010-12-25 17:31:15 ----D---- C:\Program
Files\Winamp
2010-12-25 17:30:48 ----D----
C:\WINDOWS\Minidump
2010-12-25 17:08:12 ----D---- C:\Program
Files\Shockwave.com

2010-12-25 16:58:00 ----D---- C:\Program
Files\Gamenext
2010-12-25 16:50:59 ----D---- C:\Program Files\Play
2010-12-25 16:46:06 ----D---- C:\Program
Files\Cannonhills
2010-12-25 16:42:47 ----D---- C:\Program
Files\Terasoft
2010-12-25 16:39:09 ----D---- C:\Program Files\Virtual
Villagers The Secret City
2010-12-25 16:34:29 ----D---- C:\Program Files\Kitty
Luv
2010-12-25 16:33:57 ----D---- C:\Program Files\Chcete
byt milionářem
2010-12-25 16:33:51 ----D---- C:\Program Files\Hotel
Mogul
2010-12-25 16:32:44 ----D---- C:\Program Files\Alawar
2010-12-25 16:32:37 ----D---- C:\Program Files\Exotic
Aquarium 3D Screensaver
2010-12-25 16:32:19 ----D---- C:\Program Files\diktaty
2010-12-25 16:31:23 ----D---- C:\Documents and
Settings\All Users\Application Data\Google
2010-12-25 16:29:24 ----D---- C:\Program Files\123
Free Solitaire
2010-12-25 16:09:57 ----D---- C:\Program Files\Telltale
Games
2010-12-25 16:09:39 ----D---- C:\Program
Files\SeEnemyIsWeaken
2010-12-25 15:51:00 ----D---- C:\Program
Files\Addictive Football Demo
2010-12-25 15:49:17 ----D---- C:\Program Files\Opera

2010-12-25 15:47:28 ----D---- C:\Program Files\Norton
Security Scan
2010-12-25 15:47:28 ----D---- C:\Documents and
Settings\All Users\Application Data\Norton
2010-12-25 15:47:26 ----D---- C:\Program
Files\Common Files\Symantec Shared
2010-12-25 15:47:05 ----D---- C:\Program Files\Eset
2010-12-25 15:44:04 ----D---- C:\Program Files\MSN
2010-12-22 12:46:29 ----D---- C:\Program
Files\Softonic-Eng7
2010-12-19 21:18:14 ----D---- C:\Documents and
Settings\a\Application Data\Wowd
2010-12-19 15:36:50 ----D---- C:\Program Files\Wowd
2010-12-18 20:20:53 ----D---- C:\FSDownloader
2010-12-18 20:20:49 ----D---- C:\Program Files\Mozilla
Firefox
2010-12-17 14:42:42 ----D---- C:\Program
Files\Common Files\Adobe
2010-12-17 14:42:41 ----D---- C:\Documents and
Settings\All Users\Application Data\Adobe
2010-12-17 14:42:14 ----D---- C:\Program Files\Adobe
2010-12-11 17:48:50 ----D---- C:\Program
Files\Football Generation
2010-12-08 21:34:08 ----A----
C:\WINDOWS\system32\MRT.exe
2010-12-06 13:16:17 ----D---- C:\Documents and
Settings\a\Application Data\Mozilla

======List of drivers (R=Running, S=Stopped,
0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)

======

R0 BTHidEnum;Bluetooth HID Enumerator;
C:\WINDOWS\System32\Drivers\vbtenum.sys [2007-
03-04 20880]
R0 BTHidMgr;Bluetooth HID Manager Service;
C:\WINDOWS\System32\Drivers\BTHidMgr.sys
[2007-03-04 35600]
R0 nvata;nvata;
C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-
08-12 98432]
R0 ohci1394;Texas Instruments OHCI
Compliant IEEE 1394 Host Controller;
C:\WINDOWS\system32\DRIVERS\ohci1394.sys
[2004-08-03 61056]
R0 WudfPf;Windows Driver Foundation -
User-mode Driver Framework Platform Driver;
C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-
09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor;
C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-
09-07 28880]
R1 aswSP;aswSP;
C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-
07 165584]
R1 aswTdi;avast! Network Shield Support;
C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-
07 46672]
R2 aswFsBlk;aswFsBlk;
C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-

09-07 17744]
R2 aswMon2;avast! Standard Shield Support;
C:\WINDOWS\system32\drivers\aswMon2.sys [2010-
09-07 100176]
R2 atksgt;atksgt;
C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-
09-16 271360]
R2 DgiVecp;DgiVecp; \??
\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
R2 irda;IrDA Protocol;
C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-
04 87424]
R2 lirsgt;lirsgt;
C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-
09-16 18048]
R3 Arp1394;1394 ARP Client Protocol;
C:\WINDOWS\system32\DRIVERS\arp1394.sys
[2004-08-04 60800]
R3 aswRdr;aswRdr;
C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-
07 23376]
R3 BlueletAudio;Bluetooth Audio Service;
C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
[2007-05-10 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service;
C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.
sys [2007-03-04 27792]
R3 BT;Bluetooth PAN Network Adapter;
C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
[2007-03-04 18320]

R3 HDAudBus;Microsoft UAA Bus
Driver for High Definition Audio;
C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
[2005-01-08 138752]
R3 IntcAzAudAddService;Service
for Realtek HD Audio (WDM);
C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-
11-10 4064256]
R3 irsir;Microsoft Serial Infrared Driver;
C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-
17 18688]
R3 NIC1394;1394 Net Driver;
C:\WINDOWS\system32\DRIVERS\nic1394.sys
[2004-08-04 61824]
R3 nv;nv;
C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
[2006-10-22 3994624]
R3 NVENETFD;NVIDIA nForce
Networking Controller Driver;
C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
[2005-07-29 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator;
C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
[2005-07-29 12928]
R3 Rasirda;WAN Miniport (IrDA);
C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-
08-17 19584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver;
C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-
08-23 5888]

R3 StillCam;Still Serial Digital Camera Driver;
C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-
08-17 6784]
R3 VComm;Virtual Serial port driver;
C:\WINDOWS\system32\DRIVERS\VComm.sys
[2007-03-04 34448]
R3 VcommMgr;Bluetooth VComm Manager Service;
C:\WINDOWS\System32\Drivers\VcommMgr.sys
[2007-03-04 44304]
S1 kbdhid;Keyboard HID Driver;
C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-
08-04 14848]
S2 SSPORT;SSPORT; \??
\C:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service;
C:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-
08 36496]
S3 BTNetFilter;Bluetooth Network
Filter; \??\C:\Program Files\IVT
Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys
[]
S3 FXDRV;FXDRV; \??\D:\Fxdrv.sys []
S3 GMSIPCI;GMSIPCI; \??
\D:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;Microsoft UAA Function
Driver for High Definition Audio Service;
C:\WINDOWS\system32\drivers\HdAudio.sys [2005-
01-08 145920]
S3 HidUsb;Microsoft HID Class Driver;
C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-

08-17 9600]
S3 mouhid;Mouse HID Driver;
C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-
08-17 12160]
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SE2Ebus;Sony Ericsson Device
046 Driver driver (WDM);
C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys
[2006-11-10 61600]
S3 SE2Emdfl;Sony Ericsson Device
046 USB WMC Modem Filter;
C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys
[2006-11-10 9360]
S3 SE2Emdm;Sony Ericsson Device
046 USB WMC Modem Driver;
C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys
[2006-11-10 97184]
S3 SE2Emgmt;Sony Ericsson Device 046 USB
WMC Device Management Drivers (WDM);
C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys
[2006-11-10 88688]
S3 se2End5;Sony Ericsson Device 046
USB Ethernet Emulation SEMC46 (NDIS);
C:\WINDOWS\system32\DRIVERS\se2End5.sys
[2006-11-10 18704]
S3 SE2Eobex;Sony Ericsson Device
046 USB WMC OBEX Interface;
C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys
[2006-11-10 86560]

S3 se2Eunic;Sony Ericsson Device 046
USB Ethernet Emulation SEMC46 (WDM);
C:\WINDOWS\system32\DRIVERS\se2Eunic.sys
[2006-11-10 90800]
S3 SetupNTGLM7X;SetupNTGLM7X; \??
\D:\NTGLM7X.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver;
C:\WINDOWS\system32\DRIVERS\usbccgp.sys
[2004-08-04 31616]
S3 usbprint;Microsoft USB PRINTER Class;
C:\WINDOWS\system32\DRIVERS\usbprint.sys
[2004-08-04 25856]
S3 usbscan;USB Scanner Driver;
C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-
08-03 15104]
S3 USBSTOR;USB Mass Storage Driver;
C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
[2004-08-03 26496]
S3 VHidMinidrv;Bluetooth HID Device Service;
C:\WINDOWS\system32\drivers\VHIDMini.sys [2007-
03-04 19472]
S3 WpdUsb;WpdUsb;
C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-
10-18 38528]
S3 WudfRd;Windows Driver Foundation
- User-mode Driver Framework Reflector;
C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-
09-28 82944]
S4 WS2IFSL;Prostredie podpory poskytovateľa
služby Windows Socket 2.0 Non-IFS Service;

C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-
23 12032]

======List of services (R=Running, S=Stopped,
0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)
======

R2 ACDaemon;ArcSoft Connect Daemon;
C:\Program Files\Common Files\ArcSoft\Connection
Service\Bin\ACService.exe [2010-03-18 113152]
R2 avast! Antivirus;avast! Antivirus; C:\Program
Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07
40384]
R2 CCALib8;Canon Camera Access Library 8;
C:\Program Files\Canon\CAL\CALMAIN.exe [2009-
09-08 96334]
R2 Irmon;Infrared Monitor;
C:\WINDOWS\system32\svchost.exe [2004-08-03
14336]
R2 JavaQuickStarterService;Java Quick Starter;
C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-13
152984]
R2 LexBceS;LexBce Server;
C:\WINDOWS\system32\LEXBCES.EXE [2003-02-25
303104]
R2 LightScribeService;LightScribeService Direct
Disc Labeling Service; C:\Program Files\Common
Files\LightScribe\LSSrvc.exe [2006-04-24 73728]
R2 NVSvc;NVIDIA Display Driver Service;
C:\WINDOWS\system32\nvsvc32.exe [2006-10-22

159810]
R2 WudfSvc;Windows Driver Foundation
- User-mode Driver Framework;
C:\WINDOWS\system32\svchost.exe [2004-08-03
14336]
R3 avast! Mail Scanner;avast! Mail Scanner;
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
[2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner;
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
[2010-09-07 40384]
S2 gupdate;Služba Google Update (gupdate);
C:\Program Files\Google\Update\GoogleUpdate.exe
[2010-02-12 135664]
S3 aspnet_state;ASP.NET State Service;
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET
Runtime Optimization Service v2.0.50727_X86;
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation
Foundation Font Cache 3.0.0.0;
c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\P
resentationFontCache.exe [2008-07-29 46104]
S3 GoogleDesktopManager-051210-
111108;Google Desktop Manager 5.9.1005.12335;
C:\Program Files\Google\Google Desktop
Search\GoogleDesktop.exe [2010-10-25 30192]
S3 gusvc;Google Software Updater;

C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe [2009-04-25
182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program
Files\Common Files\InstallShield\Driver\11\Intel
32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace;
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windo
ws Communication Foundation\infocard.exe [2008-07-
29 881664]
S4 aswUpdSv;avast! iAVS4 Control Service;
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windo
ws Communication Foundation\SMSvcHost.exe [2008-
07-29 132096]

-----------------EOF-----------------

klarkaa · #25 Příspěvek od **klarkaa** » 02 led 2011 23:19

A tú kontrolu vždy keď chcem nechať prejsť tak sa mi úplne zasekne PC a musím ho vypnúť

#26 Příspěvek od **Roli** » 03 led 2011 19:59

Tohle fixni v HJT :

O4 - HKLM\..\Run: [Adobe Photo Downloader]"C:\Program Files\Adobe\Photoshop Album StarterEdition\3.2\Apps\apdproxy.exe"
O4 - HKCU\..\Run: [ccleaner] "C:\ProgramFiles\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [swg] "C:\ProgramFiles\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

HJT najdeš zde :
C:\Program Files\trend micro\a.exe

Fix znamená že spustíš HJT Obrázek

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Otevři si Poznámkový blok

do něj zkopíruj text z následujícího okna:

Kód: Vybrat vše

Windows Registry Editor Version 5.00 Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager] [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Session Manager]
"AutoChkTimeOut"=dword:0000000 "AutoChkTimeOut" = dword: 0000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager] [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Session Manager]
"BootExecute"=hex(7):61,00,75,00,74,00,6f,00,63,00,68,00,65,00,63,00,6b,00,20,\ "BootExecute" = hex (7): 61,00,75,00,74,00,6 f, 00,63,00,68,00,65,00,63,00,6 b, 00,20, \
00,61,00,75,00,74,00,6f,00,63,00,68,00,6b,00,20,00,2a,00,00,00,00,00 00,61,00,75,00,74,00,6 f, b 00,63,00,68,00,6, 00,20,00,2, 00,00,00,00,00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon]
"SFCScan"=dword:00000000 "SfcScan" = dword: 00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\cleanuppath] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mycomputer \ cleanuppath]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\ @ = Hex (2): 25,00,53,00,79,00,73,00,74,00,65,00,6 d, f 00,52,00,6, 00,6 f, 00,74,00 , 25, \
00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,63,00,6c,00,\ 00,5 c, d 00,73,00,79,00,73,00,74,00,65,00,6, 00,33,00,32,00,5 c, c 00,63,00,6, 00, \
65,00,61,00,6e,00,6d,00,67,00,72,00,2e,00,65,00,78,00,65,00,20,00,2f,00,44,\ 65,00,61,00,6 e, 00,6 d, e 00,67,00,72,00,2, 00,65,00,78,00,65,00,20,00,2 f, 00,44, \
00,20,00,25,00,63,00,00,00 00,20,00,25,00,63,00,00,00

ulož Tebou vytvořený TXT soubor jako disable.reg na plochu,

dvojklikem spusť >> povol zápis do registru a hotovo.

Stáhni HD Tune a otestuj HDD.

Benchmark - Test disku Klikni na tlačítko Start a vyčkej dokud se nezaplní celý graf. Poté se dozvíš přenosovou rychlost a přístupový čas pevného disku.

Info Přesná kapacita, souborový systém, podporované funkce, verze firmware, sériové číslo a typ zapojení disků.

Health - Kondice Seznam důležitých parametrů a jejich hodnoty. Ideální je mít všude OK.

Když je nějaká položka žlutá pravděpodobně brzy změní status na failed. Když je červená má status failed, to by znamenalo výměnu disku.

Error Scan - Hledání chyb Klikni na tlačítko Start a program prozkoumá disk zda na něm nejsou vadné bloky.

Pokud na konci testu jsou všechny zelené, je vše v pořádku. Když je byť jeden z nich červený, doporučuji zazálohovat data a počítat s výměnou disku.

Teplota Teploměr nahoře a číslo vedle něj znázorňují teplotu disku. Normální hodnota je pod 50°C. Teplota ale nesmí přesáhnout 60°C, program upozorní když dosáhne hranice 55°C.

Pak dej vědět jak to dopadlo.

klarkaa · #27 Příspěvek od **klarkaa** » 07 led 2011 22:51

už je to ok, pc je rýchly a ani mi to na začiatku nepíše
chcem sa veľmi veľmi poďakovať za pomoc

všetko len to dobré prajem

#28 Příspěvek od **Roli** » 07 led 2011 23:44

Není zač, princezno.

Měj se.

VIRY.CZ

prosím o kontrolu logu - problém pri zapínaní PC

Re: prosím o kontrolu logu - problém pri zapínaní PC

Re: prosím o kontrolu logu - problém pri zapínaní PC

Re: prosím o kontrolu logu - problém pri zapínaní PC

Re: prosím o kontrolu logu - problém pri zapínaní PC

Re: prosím o kontrolu logu - problém pri zapínaní PC

Re: prosím o kontrolu logu - problém pri zapínaní PC

Re: prosím o kontrolu logu - problém pri zapínaní PC

Re: prosím o kontrolu logu - problém pri zapínaní PC

Re: prosím o kontrolu logu - problém pri zapínaní PC

Re: prosím o kontrolu logu - problém pri zapínaní PC

Re: prosím o kontrolu logu - problém pri zapínaní PC

Re: prosím o kontrolu logu - problém pri zapínaní PC

Re: prosím o kontrolu logu - problém pri zapínaní PC