Prosím o pomoc spyware terminator mi pokazdy najde kriticky objekt.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:29:35, on 20.3.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal
Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\nudla\AppData\Roaming\QipGuard\QipGuard.exe
D:\Program Files (x86)\Belkin\Nostromo\nost_LM.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
D:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\QIP 2010\qip.exe
C:\Program Files (x86)\Altap Salamander\salamand.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
C:\Program Files\trend micro\nudla.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\nudla\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\nudla\AppData\Roaming\QipGuard\QipGuard.exe /p
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: Logitech . Registrace produktu.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
O4 - Startup: Xfire.lnk = D:\Program Files (x86)\Xfire\Xfire.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Loadout Manager.lnk = D:\Program Files (x86)\Belkin\Nostromo\nost_LM.exe
O4 - Global Startup: Nostromo Loadout Manager.lnk = ?
O4 - Global Startup: SetPointII.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9641 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Windows\system32\FBAgent.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\QipGuard\QipGuard.exe"
"taskhost.exe"
"C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1088
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\rundll32.exe" C:\Windows\system32\AmbRunE.dll,RunDLLEntry
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Users\nudla\AppData\Roaming\QipGuard\QipGuard.exe" /p
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"D:\Program Files (x86)\Belkin\Nostromo\nost_LM.exe" -startup
"C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe"
"C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.Exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Logitech\SetPoint II\SetPointII.exe"
KHALMNPR.EXE /API
"D:\Program Files (x86)\Xfire\Xfire.exe"
"D:\Program Files (x86)\Xfire\xfire64.exe" xfire64.exe /pid 3604
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\Program Files (x86)\Xfire\xfire64.exe" xfire64.exe /pid 3604
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\QIP 2010\qip.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Altap Salamander\salamand.exe"
"C:\Program Files (x86)\Opera\opera.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe"
"D:\! downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\nudla\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2011-03-14 141184]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-23 393600]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2010-05-03 324096]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-05 2085160]
"RunDLLEntry"=C:\Windows\system32\AmbRunE.dll [2009-02-26 17920]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 130576]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-03-19 3318784]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"QIP Internet Guardian"=C:\Users\nudla\AppData\Roaming\QipGuard\QipGuard.exe [2011-03-14 187776]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-12-24 3058304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-05-25 10816544]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
"Boingo Wi-Fi"=C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-12-24 2429]
"VolPanel"=C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe [2008-12-30 237693]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-04-26 1597440]
"SpywareTerminator"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2011-03-19 2557440]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-12-17 98304]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Loadout Manager.lnk - D:\Program Files (x86)\Belkin\Nostromo\nost_LM.exe
Nostromo Loadout Manager.lnk - C:\Windows\Installer\{548C7B77-8B04-427E-ACD0-D0E6E6E59BCF}\NewShortcut2_548C7B778B04427EACD0D0E6E6E59BCF.exe
SetPointII.lnk - C:\Program Files\Logitech\SetPoint II\SetPointII.exe
C:\Users\nudla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Logitech . Registrace produktu.lnk - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
Xfire.lnk - D:\Program Files (x86)\Xfire\Xfire.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 290304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2011-03-20 09:29:28 ----D---- C:\Program Files\trend micro
2011-03-20 09:29:27 ----D---- C:\rsit
2011-03-20 09:11:51 ----D---- C:\Program Files\CCleaner
2011-03-19 23:43:07 ----ASH---- C:\pagefile.sys
2011-03-19 23:42:54 ----ASH---- C:\hiberfil.sys
2011-03-19 23:42:08 ----SHD---- C:\System Volume Information
2011-03-19 23:41:15 ----A---- C:\Pass.txt
2011-03-19 23:28:21 ----N---- C:\Windows\system32\MpSigStub.exe
2011-03-19 23:10:09 ----SHD---- C:\$RECYCLE.BIN
2011-03-19 23:08:11 ----D---- C:\Windows\temp
2011-03-19 23:08:09 ----A---- C:\ComboFix.txt
2011-03-19 22:59:33 ----A---- C:\Windows\zip.exe
2011-03-19 22:59:33 ----A---- C:\Windows\SWSC.exe
2011-03-19 22:59:33 ----A---- C:\Windows\SWREG.exe
2011-03-19 22:59:33 ----A---- C:\Windows\sed.exe
2011-03-19 22:59:33 ----A---- C:\Windows\PEV.exe
2011-03-19 22:59:33 ----A---- C:\Windows\NIRCMD.exe
2011-03-19 22:59:33 ----A---- C:\Windows\MBR.exe
2011-03-19 22:59:33 ----A---- C:\Windows\grep.exe
2011-03-19 22:59:26 ----D---- C:\Windows\ERDNT
2011-03-19 22:59:02 ----D---- C:\Qoobox
2011-03-19 22:58:42 ----A---- C:\Windows\SWXCACLS.exe
2011-03-19 22:58:36 ----D---- C:\32788R22FWJFW
2011-03-19 21:58:25 ----A---- C:\Windows\eSellerateEngine.dll
2011-03-19 21:58:25 ----A---- C:\Windows\eSellerateControl350.dll
2011-03-19 21:58:21 ----D---- C:\Program Files (x86)\Asusliveupdatevirus Removal Tool
2011-03-19 21:49:06 ----D---- C:\Program Files (x86)\Pando Networks
2011-03-19 21:33:33 ----D---- C:\Users\nudla\AppData\Roaming\HLSW
2011-03-19 21:25:03 ----A---- C:\Windows\ATKPF.ini
2011-03-19 21:20:13 ----D---- C:\Users\nudla\AppData\Roaming\Belkin
2011-03-19 21:19:57 ----D---- C:\Program Files (x86)\Belkin
2011-03-19 21:19:57 ----A---- C:\Windows\system32\drivers\bcgame.sys
2011-03-19 21:17:49 ----D---- C:\Users\nudla\AppData\Roaming\skypePM
2011-03-19 21:16:25 ----RD---- C:\Program Files (x86)\Skype
2011-03-19 21:16:25 ----D---- C:\Users\nudla\AppData\Roaming\Skype
2011-03-19 21:16:22 ----D---- C:\ProgramData\Skype
2011-03-19 21:15:07 ----D---- C:\Users\nudla\AppData\Roaming\QipGuard
2011-03-19 21:15:07 ----D---- C:\Program Files (x86)\QipGuard
2011-03-19 21:14:26 ----D---- C:\Program Files (x86)\QIP 2010
2011-03-19 21:08:14 ----D---- C:\Users\nudla\AppData\Roaming\teamspeak2
2011-03-19 20:49:22 ----A---- C:\Windows\SYSWOW64\drivers\USBICP.sys
2011-03-19 20:49:21 ----A---- C:\Windows\system32\drivers\vhidmini.sys
2011-03-19 20:40:09 ----D---- C:\Users\nudla\AppData\Roaming\TS3Client
2011-03-19 20:36:52 ----D---- C:\Program Files\TeamSpeak 3 Client
2011-03-19 20:33:37 ----D---- C:\Users\nudla\AppData\Roaming\Leadertech
2011-03-19 20:32:53 ----D---- C:\Program Files (x86)\Altap Salamander
2011-03-19 20:32:43 ----D---- C:\Program Files\Logitech
2011-03-19 20:32:41 ----D---- C:\Program Files\Common Files\Logishrd
2011-03-19 20:32:10 ----D---- C:\ProgramData\LogiShrd
2011-03-19 20:28:55 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2011-03-19 20:28:55 ----A---- C:\Windows\system32\d3d10_1.dll
2011-03-19 19:56:17 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-03-19 19:53:20 ----D---- C:\Windows\SYSWOW64\Wat
2011-03-19 19:53:20 ----D---- C:\Windows\system32\Wat
2011-03-19 19:51:54 ----A---- C:\Windows\system32\MRT.exe
2011-03-19 19:44:49 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2011-03-19 19:44:49 ----A---- C:\Windows\SYSWOW64\x3daudio1_2.dll
2011-03-19 19:44:49 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2011-03-19 19:44:49 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2011-03-19 19:44:49 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2011-03-19 19:44:49 ----A---- C:\Windows\system32\xinput1_3.dll
2011-03-19 19:44:49 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-03-19 19:44:49 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-03-19 19:44:49 ----A---- C:\Windows\system32\x3daudio1_2.dll
2011-03-19 19:44:49 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-03-19 19:44:49 ----A---- C:\Windows\system32\d3dx9_34.dll
2011-03-19 19:44:49 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-03-19 19:44:49 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-03-19 19:44:33 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2011-03-19 19:44:32 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2011-03-19 19:44:32 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-03-19 19:44:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2011-03-19 19:44:31 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-03-19 19:44:30 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2011-03-19 19:44:30 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-03-19 19:44:28 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2011-03-19 19:44:28 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-03-19 19:44:25 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2011-03-19 19:44:25 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-03-19 19:44:24 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2011-03-19 19:44:24 ----A---- C:\Windows\system32\d3dx10.dll
2011-03-19 19:44:20 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2011-03-19 19:44:20 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2011-03-19 19:44:20 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-03-19 19:44:19 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2011-03-19 19:44:19 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-03-19 19:44:17 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2011-03-19 19:44:17 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2011-03-19 19:44:17 ----A---- C:\Windows\system32\xinput1_2.dll
2011-03-19 19:44:17 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-03-19 19:44:14 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2011-03-19 19:44:14 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2011-03-19 19:44:14 ----A---- C:\Windows\system32\xinput1_1.dll
2011-03-19 19:44:14 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-03-19 19:43:58 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2011-03-19 19:43:58 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-03-19 19:43:51 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2011-03-19 19:43:51 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-03-19 19:43:46 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2011-03-19 19:43:46 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2011-03-19 19:43:46 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-03-19 19:43:46 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-03-19 19:43:44 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2011-03-19 19:43:44 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-03-19 19:43:42 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2011-03-19 19:43:42 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-03-19 19:43:41 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2011-03-19 19:43:41 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-03-19 19:43:39 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2011-03-19 19:43:39 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-03-19 19:43:33 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2011-03-19 19:43:33 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-03-19 19:43:30 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2011-03-19 19:43:30 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-03-19 19:42:11 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2011-03-19 19:42:08 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2011-03-19 19:40:41 ----A---- C:\Windows\game.ini
2011-03-19 19:31:34 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll
2011-03-19 19:31:34 ----A---- C:\Windows\system32\wcncsvc.dll
2011-03-19 19:27:51 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2011-03-19 19:27:51 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2011-03-19 19:27:51 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2011-03-19 19:27:51 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2011-03-19 19:27:51 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2011-03-19 19:27:51 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-03-19 19:27:51 ----A---- C:\Windows\system32\PresentationHost.exe
2011-03-19 19:27:50 ----A---- C:\Windows\system32\netfxperf.dll
2011-03-19 19:27:50 ----A---- C:\Windows\system32\mscoree.dll
2011-03-19 19:27:50 ----A---- C:\Windows\system32\dfshim.dll
2011-03-19 19:27:44 ----A---- C:\Windows\system32\browserchoice.exe
2011-03-19 19:25:49 ----SHD---- C:\Windows\ftpcache
2011-03-19 19:24:29 ----A---- C:\Windows\system32\d2d1.dll
2011-03-19 19:24:28 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2011-03-19 19:24:28 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2011-03-19 19:24:28 ----A---- C:\Windows\system32\FntCache.dll
2011-03-19 19:24:28 ----A---- C:\Windows\system32\DWrite.dll
2011-03-19 19:24:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-03-19 19:24:21 ----A---- C:\Windows\system32\mshtml.dll
2011-03-19 19:24:18 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-03-19 19:24:18 ----A---- C:\Windows\system32\iertutil.dll
2011-03-19 19:24:17 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-03-19 19:24:17 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-03-19 19:24:17 ----A---- C:\Windows\system32\mstime.dll
2011-03-19 19:24:16 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-03-19 19:24:16 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-03-19 19:24:16 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-03-19 19:24:16 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-03-19 19:24:16 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-03-19 19:24:16 ----A---- C:\Windows\system32\msfeeds.dll
2011-03-19 19:24:16 ----A---- C:\Windows\system32\iedkcs32.dll
2011-03-19 19:24:15 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-03-19 19:24:15 ----A---- C:\Windows\system32\mshtmled.dll
2011-03-19 19:24:15 ----A---- C:\Windows\system32\msfeedssync.exe
2011-03-19 19:24:15 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-03-19 19:24:15 ----A---- C:\Windows\system32\licmgr10.dll
2011-03-19 19:24:15 ----A---- C:\Windows\system32\iepeers.dll
2011-03-19 19:23:55 ----A---- C:\Windows\system32\d3d10warp.dll
2011-03-19 19:23:54 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2011-03-19 19:23:53 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2011-03-19 19:23:53 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2011-03-19 19:23:53 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-03-19 19:23:53 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-03-19 19:23:53 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-03-19 19:23:53 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-03-19 19:23:52 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll
2011-03-19 19:23:52 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-03-19 19:23:52 ----A---- C:\Windows\system32\cdd.dll
2011-03-19 19:23:48 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-03-19 19:23:38 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2011-03-19 19:23:36 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-03-19 19:23:36 ----A---- C:\Windows\system32\ieframe.dll
2011-03-19 19:23:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-03-19 19:23:35 ----A---- C:\Windows\SYSWOW64\upnp.dll
2011-03-19 19:23:35 ----A---- C:\Windows\system32\wininet.dll
2011-03-19 19:23:35 ----A---- C:\Windows\system32\urlmon.dll
2011-03-19 19:23:35 ----A---- C:\Windows\system32\upnp.dll
2011-03-19 19:23:35 ----A---- C:\Windows\system32\msxml6.dll
2011-03-19 19:23:35 ----A---- C:\Windows\system32\msxml3.dll
2011-03-19 19:23:34 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2011-03-19 19:23:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-03-19 19:23:34 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2011-03-19 19:23:34 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2011-03-19 19:23:34 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2011-03-19 19:23:34 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2011-03-19 19:23:34 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2011-03-19 19:23:34 ----A---- C:\Windows\system32\wscapi.dll
2011-03-19 19:23:34 ----A---- C:\Windows\system32\winhttp.dll
2011-03-19 19:23:34 ----A---- C:\Windows\system32\WebClnt.dll
2011-03-19 19:23:34 ----A---- C:\Windows\system32\davclnt.dll
2011-03-19 19:23:33 ----A---- C:\Windows\SYSWOW64\slwga.dll
2011-03-19 19:23:33 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-03-19 19:23:33 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-03-19 19:23:33 ----A---- C:\Windows\system32\wscsvc.dll
2011-03-19 19:23:33 ----A---- C:\Windows\system32\slwga.dll
2011-03-19 19:23:33 ----A---- C:\Windows\system32\jsproxy.dll
2011-03-19 19:23:33 ----A---- C:\Windows\system32\ieui.dll
2011-03-19 19:23:29 ----A---- C:\Windows\system32\msdri.dll
2011-03-19 19:23:27 ----A---- C:\Windows\system32\schedsvc.dll
2011-03-19 19:23:26 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2011-03-19 19:23:26 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2011-03-19 19:23:26 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2011-03-19 19:23:26 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2011-03-19 19:23:26 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-03-19 19:23:26 ----A---- C:\Windows\system32\taskschd.dll
2011-03-19 19:23:26 ----A---- C:\Windows\system32\taskeng.exe
2011-03-19 19:23:26 ----A---- C:\Windows\system32\taskcomp.dll
2011-03-19 19:23:26 ----A---- C:\Windows\system32\schtasks.exe
2011-03-19 19:23:24 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2011-03-19 19:23:23 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2011-03-19 19:23:23 ----A---- C:\Windows\system32\XpsPrint.dll
2011-03-19 19:23:23 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-03-19 19:23:22 ----D---- C:\Users\nudla\AppData\Roaming\DAEMON Tools Lite
2011-03-19 19:23:22 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-03-19 19:23:21 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-03-19 19:23:21 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2011-03-19 19:23:21 ----A---- C:\Windows\system32\EncDec.dll
2011-03-19 19:23:21 ----A---- C:\Windows\system32\CPFilters.dll
2011-03-19 19:23:20 ----A---- C:\Windows\SYSWOW64\sbe.dll
2011-03-19 19:23:20 ----A---- C:\Windows\system32\sbe.dll
2011-03-19 19:23:18 ----A---- C:\Windows\system32\kerberos.dll
2011-03-19 19:23:17 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2011-03-19 19:23:15 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-03-19 19:23:15 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-03-19 19:23:15 ----A---- C:\Windows\system32\vbscript.dll
2011-03-19 19:23:15 ----A---- C:\Windows\system32\jscript.dll
2011-03-19 19:23:12 ----A---- C:\Windows\SYSWOW64\webio.dll
2011-03-19 19:23:12 ----A---- C:\Windows\system32\webio.dll
2011-03-19 19:23:08 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-03-19 19:23:08 ----A---- C:\Windows\system32\tzres.dll
2011-03-19 19:22:47 ----A---- C:\Windows\system32\inetcomm.dll
2011-03-19 19:22:46 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-03-19 19:22:45 ----A---- C:\Windows\system32\win32k.sys
2011-03-19 19:22:43 ----A---- C:\Windows\system32\winsrv.dll
2011-03-19 19:22:41 ----A---- C:\Windows\system32\drivers\fvevol.sys
2011-03-19 19:22:31 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-03-19 19:22:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-03-19 19:22:31 ----A---- C:\Windows\system32\ntdll.dll
2011-03-19 19:22:30 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-03-19 19:22:30 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-03-19 19:22:28 ----A---- C:\Windows\system32\odbc32.dll
2011-03-19 19:22:27 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-03-19 19:22:24 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-03-19 19:22:24 ----A---- C:\Windows\system32\atmfd.dll
2011-03-19 19:22:23 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-03-19 19:22:23 ----A---- C:\Windows\system32\atmlib.dll
2011-03-19 19:22:22 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-03-19 19:22:21 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-03-19 19:22:21 ----A---- C:\Windows\system32\mstscax.dll
2011-03-19 19:22:20 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-03-19 19:22:20 ----A---- C:\Windows\system32\mstsc.exe
2011-03-19 19:21:15 ----D---- C:\Users\nudla\AppData\Roaming\Opera
2011-03-19 19:21:13 ----D---- C:\Program Files (x86)\Opera
2011-03-19 19:20:10 ----A---- C:\Windows\system32\consent.exe
2011-03-19 19:06:03 ----D---- C:\ProgramData\ATI
2011-03-19 19:03:53 ----D---- C:\Program Files\Common Files\ATI Technologies
2011-03-19 19:03:23 ----D---- C:\Program Files (x86)\ATI Technologies
2011-03-19 19:02:56 ----D---- C:\Program Files\ATI Technologies
2011-03-19 18:57:58 ----A---- C:\Windows\system32\acovcnt.exe
2011-03-19 18:43:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2011-03-19 18:43:37 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2011-03-19 18:43:36 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2011-03-19 18:43:36 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2011-03-19 18:31:22 ----D---- C:\Users\nudla\AppData\Roaming\Xfire
2011-03-19 18:31:18 ----D---- C:\ProgramData\Xfire
2011-03-19 18:26:48 ----D---- C:\Config.Msi
2011-03-19 18:25:04 ----D---- C:\Users\nudla\AppData\Roaming\GHISLER
2011-03-19 18:18:17 ----D---- C:\ProgramData\ASUS
2011-03-19 17:15:37 ----D---- C:\Users\nudla\AppData\Roaming\TeamViewer
2011-03-19 17:11:02 ----D---- C:\Users\nudla\AppData\Roaming\Macromedia
2011-03-19 17:11:02 ----D---- C:\Users\nudla\AppData\Roaming\Adobe
2011-03-19 17:04:39 ----D---- C:\Program Files (x86)\WinClamAVShield
2011-03-19 17:04:02 ----D---- C:\Users\nudla\AppData\Roaming\Spyware Terminator
2011-03-19 17:04:01 ----D---- C:\ProgramData\Spyware Terminator
2011-03-19 17:04:01 ----D---- C:\Program Files (x86)\Spyware Terminator
2011-03-19 16:04:26 ----D---- C:\Users\nudla\AppData\Roaming\Google
2011-03-19 16:03:49 ----D---- C:\Users\nudla\AppData\Roaming\Mozilla
2011-03-19 15:49:20 ----D---- C:\Users\nudla\AppData\Roaming\ATI
2011-03-19 15:47:37 ----D---- C:\Users\nudla\AppData\Roaming\Identities
2011-03-19 15:47:05 ----SD---- C:\Users\nudla\AppData\Roaming\Microsoft
2011-03-19 15:47:05 ----D---- C:\Users\nudla\AppData\Roaming\Media Center Programs
2011-03-11 12:33:52 ----A---- C:\Windows\SYSWOW64\xfcodec.dll
2011-03-11 12:30:28 ----A---- C:\Windows\system32\xfcodec64.dll
======List of files/folders modified in the last 1 months======
2011-03-20 09:29:28 ----RD---- C:\Program Files
2011-03-20 09:13:39 ----D---- C:\Windows\debug
2011-03-20 09:13:39 ----D---- C:\Windows
2011-03-20 09:00:57 ----A---- C:\Windows\SYSWOW64\log.txt
2011-03-19 23:28:21 ----D---- C:\Windows\System32
2011-03-19 23:28:08 ----D---- C:\Windows\system32\config
2011-03-19 23:13:30 ----SHD---- C:\Windows\Installer
2011-03-19 23:13:29 ----D---- C:\Program Files (x86)\ASUS
2011-03-19 23:05:52 ----A---- C:\Windows\system.ini
2011-03-19 23:05:47 ----D---- C:\Windows\system32\drivers\etc
2011-03-19 23:05:02 ----D---- C:\ProgramData
2011-03-19 23:02:46 ----D---- C:\Windows\SYSWOW64\drivers
2011-03-19 23:02:46 ----D---- C:\Windows\SysWOW64
2011-03-19 23:02:46 ----D---- C:\Windows\system32\drivers
2011-03-19 23:02:46 ----D---- C:\Windows\AppPatch
2011-03-19 23:02:41 ----D---- C:\Program Files\Common Files
2011-03-19 23:02:41 ----D---- C:\Program Files (x86)\Common Files
2011-03-19 23:02:07 ----D---- C:\Windows\system32\Tasks
2011-03-19 22:59:00 ----D---- C:\Windows\system32\catroot2
2011-03-19 22:49:14 ----A---- C:\Windows\system32\AutoRunFilter.ini
2011-03-19 21:58:21 ----RD---- C:\Program Files (x86)
2011-03-19 21:49:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-03-19 21:33:43 ----D---- C:\Windows\winsxs
2011-03-19 21:27:31 ----A---- C:\Windows\system32\ServiceFilter.ini
2011-03-19 21:26:53 ----D---- C:\Windows\system32\catroot
2011-03-19 21:26:05 ----D---- C:\ProgramData\Trend Micro
2011-03-19 21:19:59 ----D---- C:\Windows\inf
2011-03-19 21:19:58 ----D---- C:\Windows\system32\DriverStore
2011-03-19 20:26:44 ----D---- C:\Windows\Microsoft.NET
2011-03-19 20:26:40 ----RSD---- C:\Windows\assembly
2011-03-19 19:56:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-03-19 19:56:17 ----D---- C:\Windows\SYSWOW64\en-US
2011-03-19 19:56:17 ----D---- C:\Windows\system32\en-US
2011-03-19 19:45:09 ----D---- C:\Windows\SYSWOW64\lv-LV
2011-03-19 19:45:09 ----D---- C:\Windows\SYSWOW64\lt-LT
2011-03-19 19:45:09 ----D---- C:\Program Files\Internet Explorer
2011-03-19 19:45:09 ----D---- C:\Program Files (x86)\Internet Explorer
2011-03-19 19:45:08 ----D---- C:\Windows\SYSWOW64\sr-Latn-CS
2011-03-19 19:45:08 ----D---- C:\Windows\SYSWOW64\sl-SI
2011-03-19 19:45:08 ----D---- C:\Windows\SYSWOW64\sk-SK
2011-03-19 19:45:08 ----D---- C:\Windows\SYSWOW64\ro-RO
2011-03-19 19:45:08 ----D---- C:\Windows\SYSWOW64\pl-PL
2011-03-19 19:45:08 ----D---- C:\Windows\SYSWOW64\hu-HU
2011-03-19 19:45:08 ----D---- C:\Windows\SYSWOW64\hr-HR
2011-03-19 19:45:08 ----D---- C:\Windows\SYSWOW64\et-EE
2011-03-19 19:45:08 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-03-19 19:45:08 ----D---- C:\Windows\SYSWOW64\bg-BG
2011-03-19 19:45:08 ----D---- C:\Windows\system32\sr-Latn-CS
2011-03-19 19:45:08 ----D---- C:\Windows\system32\sl-SI
2011-03-19 19:45:08 ----D---- C:\Windows\system32\sk-SK
2011-03-19 19:45:08 ----D---- C:\Windows\system32\ro-RO
2011-03-19 19:45:08 ----D---- C:\Windows\system32\pl-PL
2011-03-19 19:45:08 ----D---- C:\Windows\system32\lv-LV
2011-03-19 19:45:08 ----D---- C:\Windows\system32\lt-LT
2011-03-19 19:45:08 ----D---- C:\Windows\system32\hu-HU
2011-03-19 19:45:08 ----D---- C:\Windows\system32\hr-HR
2011-03-19 19:45:08 ----D---- C:\Windows\system32\et-EE
2011-03-19 19:45:08 ----D---- C:\Windows\system32\cs-CZ
2011-03-19 19:45:08 ----D---- C:\Windows\system32\bg-BG
2011-03-19 19:45:08 ----D---- C:\Windows\ehome
2011-03-19 19:45:08 ----D---- C:\Program Files\Windows Mail
2011-03-19 19:45:08 ----D---- C:\Program Files (x86)\Windows Mail
2011-03-19 19:45:07 ----D---- C:\Windows\SYSWOW64\migration
2011-03-19 19:45:07 ----D---- C:\Windows\system32\migration
2011-03-19 19:42:08 ----D---- C:\Windows\system32\LogFiles
2011-03-19 19:26:50 ----D---- C:\Windows\SoftwareDistribution
2011-03-19 19:19:55 ----D---- C:\Windows\system32\NDF
2011-03-19 18:42:53 ----D---- C:\Windows\Logs
2011-03-19 18:08:08 ----D---- C:\ProgramData\Partner
2011-03-19 18:08:08 ----D---- C:\Program Files\Google
2011-03-19 18:08:08 ----D---- C:\Program Files (x86)\Google
2011-03-19 18:07:27 ----D---- C:\Program Files (x86)\AmIcoSingLun
2011-03-19 17:12:52 ----D---- C:\Windows\Prefetch
2011-03-19 16:05:09 ----SD---- C:\ProgramData\Microsoft
2011-03-19 16:04:00 ----D---- C:\Program Files (x86)\Microsoft
2011-03-19 15:49:35 ----A---- C:\dpi.txt
2011-03-19 15:47:05 ----RD---- C:\Users
2011-03-19 15:46:57 ----A---- C:\Windows\system32\Defrag.ini
2011-03-19 15:46:03 ----D---- C:\Recovery
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-12-24 213888]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-19 254528]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2010-07-07 50696]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-08-06 13784]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-11-18 123408]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-12-17 6177792]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-12-14 53800]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-15 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 21288]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-05-25 2374560]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-04-21 76912]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-05 316464]
S3 bcgame;Nostromo HID Device Minidriver; C:\Windows\system32\drivers\bcgame.sys [2007-08-14 35328]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 55312]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 57872]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 vhidmini;Virtual Hid Device; C:\Windows\system32\DRIVERS\vhidmini.sys [2007-09-29 13952]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-12-08 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-12-17 202752]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-03-12 873248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-03-19 75136]
R2 QipGuard;QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [2011-03-14 187776]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe [2011-03-19 948775]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 135664]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-12-24 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-12-24 79360]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-19 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
mam v pc havěť prosím o pomoc :(
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: mam v pc havěť prosím o pomoc :(
Dělat sken RSIT po skenu ComboFix je k ničemu. Sken CF jste dělal včera. Dejte z něj log. Je uložen v C:\combofix.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: mam v pc havěť prosím o pomoc :(
ComboFix 11-03-19.01 - nudla 19.03.2011 23:00:29.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4021.2479 [GMT 1:00]
Spuštěný z: d:\! downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-19 do 2011-03-19 )))))))))))))))))))))))))))))))
.
.
2011-03-19 22:05 . 2011-03-19 22:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-19 20:58 . 2010-10-13 08:38 81920 ----a-w- c:\windows\eSellerateControl350.dll
2011-03-19 20:58 . 2010-10-13 08:38 356352 ----a-w- c:\windows\eSellerateEngine.dll
2011-03-19 20:58 . 2011-03-19 21:21 -------- d-----w- c:\program files (x86)\Asusliveupdatevirus Removal Tool
2011-03-19 20:49 . 2011-03-19 20:49 -------- d-----w- c:\program files (x86)\Pando Networks
2011-03-19 20:36 . 2011-03-19 21:13 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-03-19 20:19 . 2011-03-19 20:19 -------- d-----w- c:\program files (x86)\Belkin
2011-03-19 20:19 . 2007-08-14 09:36 35328 ----a-w- c:\windows\system32\drivers\bcgame.sys
2011-03-19 20:16 . 2011-03-19 20:16 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-03-19 20:16 . 2011-03-19 22:05 -------- d-----r- c:\program files (x86)\Skype
2011-03-19 20:16 . 2011-03-19 20:16 -------- d-----w- c:\programdata\Skype
2011-03-19 20:15 . 2011-03-19 20:15 -------- d-----w- c:\program files (x86)\QipGuard
2011-03-19 20:14 . 2011-03-19 21:44 -------- d-----w- c:\program files (x86)\QIP 2010
2011-03-19 19:49 . 2005-10-21 16:01 19200 ----a-w- c:\windows\SysWow64\drivers\USBICP.sys
2011-03-19 19:49 . 2007-09-29 00:21 13952 ----a-w- c:\windows\system32\drivers\vhidmini.sys
2011-03-19 19:36 . 2011-03-19 19:36 -------- d-----w- c:\program files\TeamSpeak 3 Client
2011-03-19 19:32 . 2011-03-19 19:32 -------- d-----w- c:\program files (x86)\Altap Salamander
2011-03-19 19:32 . 2011-03-19 19:33 -------- d-----w- c:\program files (x86)\Common Files\LogiShrd
2011-03-19 19:32 . 2011-03-19 19:32 -------- d-----w- c:\program files\Logitech
2011-03-19 19:32 . 2011-03-19 19:32 -------- d-----w- c:\program files\Common Files\Logishrd
2011-03-19 19:32 . 2011-03-19 19:32 -------- d-----w- c:\programdata\LogiShrd
2011-03-19 19:28 . 2011-01-17 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-03-19 19:28 . 2011-01-17 05:38 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-03-19 18:56 . 2011-03-19 18:56 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-03-19 18:53 . 2011-03-19 18:53 -------- d-----w- c:\windows\SysWow64\Wat
2011-03-19 18:53 . 2011-03-19 18:53 -------- d-----w- c:\windows\system32\Wat
2011-03-19 18:42 . 2011-03-19 21:13 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-19 18:42 . 2011-03-19 21:12 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-03-19 18:42 . 2011-03-19 20:36 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-03-19 18:31 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-03-19 18:31 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-03-19 18:27 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-03-19 18:27 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-03-19 18:27 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-03-19 18:27 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-03-19 18:27 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-03-19 18:27 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-03-19 18:27 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-03-19 18:27 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-03-19 18:27 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-03-19 18:27 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-03-19 18:27 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-03-19 18:25 . 2011-03-19 18:25 -------- d-sh--w- c:\windows\ftpcache
2011-03-19 18:23 . 2010-11-02 05:12 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2011-03-19 18:22 . 2010-03-04 07:57 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-19 18:21 . 2011-03-19 18:21 -------- d-----w- c:\program files (x86)\Opera
2011-03-19 18:20 . 2010-10-16 05:23 112000 ----a-w- c:\windows\system32\consent.exe
2011-03-19 18:06 . 2011-03-19 18:06 -------- d-----w- c:\programdata\ATI
2011-03-19 18:03 . 2011-03-19 18:03 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-03-19 18:03 . 2011-03-19 18:03 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-03-19 18:02 . 2011-03-19 18:04 -------- d-----w- c:\program files\ATI Technologies
2011-03-19 17:57 . 2011-03-19 18:07 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-03-19 17:43 . 2008-10-10 03:52 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2011-03-19 17:43 . 2008-10-10 03:52 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2011-03-19 17:43 . 2008-10-10 03:52 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2011-03-19 17:43 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2011-03-19 17:31 . 2011-03-19 17:32 -------- d-----w- c:\programdata\Xfire
2011-03-19 17:18 . 2011-03-19 17:18 -------- d-----w- c:\programdata\ASUS
2011-03-19 16:04 . 2011-03-19 16:06 -------- d-----w- c:\program files (x86)\WinClamAVShield
2011-03-19 16:04 . 2011-03-19 21:52 -------- d-----w- c:\program files (x86)\Spyware Terminator
2011-03-19 16:04 . 2011-03-19 21:45 -------- d-----w- c:\programdata\Spyware Terminator
2011-03-19 14:47 . 2011-03-19 14:47 -------- d-----w- c:\users\nudla
2011-03-11 11:33 . 2011-03-11 11:33 36352 ----a-w- c:\windows\SysWow64\xfcodec.dll
2011-03-11 11:30 . 2011-03-11 11:30 22016 ----a-w- c:\windows\system32\xfcodec64.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-19 14:47 . 2010-06-24 19:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2010-12-24 16:19 . 2010-12-24 16:19 410504 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2010-12-24 16:19 . 2010-12-24 16:19 27016 ----a-w- c:\windows\system32\drivers\amdxata.sys
2010-12-24 16:19 . 2010-12-24 16:19 2566144 ----a-w- c:\windows\system32\esent.dll
2010-12-24 16:19 . 2010-12-24 16:19 187264 ----a-w- c:\windows\system32\drivers\storport.sys
2010-12-24 16:19 . 2010-12-24 16:19 1686016 ----a-w- c:\windows\SysWow64\esent.dll
2010-12-24 16:19 . 2010-12-24 16:19 166280 ----a-w- c:\windows\system32\drivers\nvstor.sys
2010-12-24 16:19 . 2010-12-24 16:19 1657216 ----a-w- c:\windows\system32\drivers\ntfs.sys
2010-12-24 16:19 . 2010-12-24 16:19 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2010-12-24 16:19 . 2010-12-24 16:19 107912 ----a-w- c:\windows\system32\drivers\amdsata.sys
2010-12-24 16:16 . 2010-12-24 16:16 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
2010-12-24 16:16 . 2010-12-24 16:16 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll
2010-12-24 16:15 . 2010-12-24 16:15 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2010-12-24 16:15 . 2010-12-24 16:15 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2010-12-24 16:13 . 2010-12-24 16:13 9728 ----a-w- c:\windows\SysWow64\sscore.dll
2010-12-24 16:13 . 2010-12-24 16:13 463360 ----a-w- c:\windows\system32\drivers\srv.sys
2010-12-24 16:13 . 2010-12-24 16:13 402944 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-12-24 16:13 . 2010-12-24 16:13 236032 ----a-w- c:\windows\system32\srvsvc.dll
2010-12-24 16:13 . 2010-12-24 16:13 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-12-24 16:12 . 2010-12-24 16:12 633856 ----a-w- c:\windows\system32\comctl32.dll
2010-12-24 16:12 . 2010-12-24 16:12 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2010-12-24 16:11 . 2010-12-24 16:11 738816 ----a-w- c:\windows\SysWow64\wmpmde.dll
2010-12-24 16:11 . 2010-12-24 16:11 1024512 ----a-w- c:\windows\system32\wmpmde.dll
2010-12-24 16:11 . 2010-12-24 16:11 340992 ----a-w- c:\windows\system32\schannel.dll
2010-12-24 16:11 . 2010-12-24 16:11 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2010-12-24 16:08 . 2010-12-24 16:08 148992 ----a-w- c:\windows\system32\t2embed.dll
2010-12-24 16:08 . 2010-12-24 16:08 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2010-12-24 16:07 . 2010-12-24 16:07 483840 ----a-w- c:\windows\system32\StructuredQuery.dll
2010-12-24 16:07 . 2010-12-24 16:07 363520 ----a-w- c:\windows\SysWow64\StructuredQuery.dll
2010-12-24 16:06 . 2010-12-24 16:06 2085376 ----a-w- c:\windows\system32\ole32.dll
2010-12-24 16:06 . 2010-12-24 16:06 1413632 ----a-w- c:\windows\SysWow64\ole32.dll
2010-12-24 16:05 . 2010-12-24 16:05 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2010-12-24 16:05 . 2010-12-24 16:05 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2010-12-24 16:04 . 2010-12-24 16:04 558592 ----a-w- c:\windows\system32\spoolsv.exe
2010-12-24 16:02 . 2010-12-24 16:02 861184 ----a-w- c:\windows\system32\oleaut32.dll
2010-12-24 16:02 . 2010-12-24 16:02 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2010-12-24 15:56 . 2010-12-24 15:56 52224 ----a-w- c:\windows\system32\rtutils.dll
2010-12-24 15:56 . 2010-12-24 15:56 37376 ----a-w- c:\windows\SysWow64\rtutils.dll
2010-12-24 15:56 . 2010-12-24 15:56 82944 ----a-w- c:\windows\SysWow64\iccvid.dll
2010-12-24 15:55 . 2010-12-24 15:55 3058304 ----a-w- c:\windows\AsScrPro.exe
2010-12-24 15:54 . 2010-12-24 15:54 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2010-12-24 15:54 . 2010-12-24 15:54 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2010-12-24 15:54 . 2010-12-24 15:54 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2010-12-24 15:54 . 2010-12-24 15:54 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2010-12-24 15:52 . 2010-12-24 15:52 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-12-24 15:47 . 2010-12-24 15:47 213888 ----a-w- c:\windows\system32\drivers\rdyboost.sys
2010-12-24 15:41 . 2010-12-24 15:41 84992 ----a-w- c:\windows\system32\asycfilt.dll
2010-12-24 15:41 . 2010-12-24 15:41 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2010-12-24 15:40 . 2010-12-24 15:40 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2010-12-24 15:40 . 2010-12-24 15:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2010-12-24 15:40 . 2010-12-24 15:40 153160 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2010-12-24 15:40 . 2010-12-24 15:40 1446912 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-24 15:39 . 2010-12-24 15:39 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2010-12-24 15:37 . 2010-12-24 15:37 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-12-24 15:37 . 2010-12-24 15:37 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-12-24 15:37 . 2010-12-24 15:37 125952 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-12-24 15:34 . 2010-12-24 15:34 139264 ----a-w- c:\windows\system32\cabview.dll
2010-12-24 15:34 . 2010-12-24 15:34 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2010-12-24 15:33 . 2010-12-24 15:33 220672 ----a-w- c:\windows\system32\wintrust.dll
2010-12-24 15:33 . 2010-12-24 15:33 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2010-12-24 15:32 . 2010-12-24 15:32 613888 ----a-w- c:\windows\system32\psisdecd.dll
2010-12-24 15:32 . 2010-12-24 15:32 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2010-12-24 15:30 . 2010-12-24 15:30 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2010-12-24 15:30 . 2010-12-24 15:30 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2010-12-24 15:30 . 2010-12-24 15:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2010-12-24 15:30 . 2010-12-24 15:30 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2010-12-24 15:30 . 2010-12-24 15:30 243200 ----a-w- c:\windows\system32\wow64.dll
2010-12-24 15:30 . 2010-12-24 15:30 2048 ----a-w- c:\windows\SysWow64\user.exe
2010-12-24 15:30 . 2010-12-24 15:30 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2010-12-24 15:27 . 2010-12-24 15:27 389632 ----a-w- c:\windows\system32\winlogon.exe
2010-12-24 15:27 . 2010-12-24 15:27 2870272 ----a-w- c:\windows\explorer.exe
2010-12-24 15:27 . 2010-12-24 15:27 2614272 ----a-w- c:\windows\SysWow64\explorer.exe
2010-12-24 15:27 . 2010-12-24 15:27 91648 ----a-w- c:\windows\SysWow64\avifil32.dll
2010-12-24 15:27 . 2010-12-24 15:27 84480 ----a-w- c:\windows\SysWow64\mciavi32.dll
2010-12-24 15:27 . 2010-12-24 15:27 54272 ----a-w- c:\windows\system32\iyuv_32.dll
2010-12-24 15:27 . 2010-12-24 15:27 50176 ----a-w- c:\windows\SysWow64\iyuv_32.dll
2010-12-24 15:27 . 2010-12-24 15:27 38912 ----a-w- c:\windows\system32\msvidc32.dll
2010-12-24 15:27 . 2010-12-24 15:27 31744 ----a-w- c:\windows\SysWow64\msvidc32.dll
2010-12-24 15:27 . 2010-12-24 15:27 25088 ----a-w- c:\windows\system32\msyuv.dll
2010-12-24 15:27 . 2010-12-24 15:27 22016 ----a-w- c:\windows\SysWow64\msyuv.dll
2010-12-24 15:27 . 2010-12-24 15:27 16384 ----a-w- c:\windows\system32\msrle32.dll
2010-12-24 15:27 . 2010-12-24 15:27 1572352 ----a-w- c:\windows\system32\quartz.dll
2010-12-24 15:27 . 2010-12-24 15:27 14848 ----a-w- c:\windows\system32\tsbyuv.dll
2010-12-24 15:27 . 2010-12-24 15:27 13312 ----a-w- c:\windows\SysWow64\msrle32.dll
2010-12-24 15:27 . 2010-12-24 15:27 1328640 ----a-w- c:\windows\SysWow64\quartz.dll
2010-12-24 15:27 . 2010-12-24 15:27 12288 ----a-w- c:\windows\SysWow64\tsbyuv.dll
2010-12-24 15:21 . 2010-12-24 15:21 85504 ----a-w- c:\windows\SysWow64\secproc_ssp.dll
2010-12-24 15:21 . 2010-12-24 15:21 306688 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-12-24 15:21 . 2010-12-24 15:21 280064 ----a-w- c:\windows\SysWow64\RMActivate_ssp.exe
2010-12-24 15:21 . 2010-12-24 15:21 121856 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-12-24 15:21 . 2010-12-24 15:21 85504 ----a-w- c:\windows\SysWow64\secproc_ssp_isv.dll
2010-12-24 15:21 . 2010-12-24 15:21 424960 ----a-w- c:\windows\system32\secproc.dll
2010-12-24 15:21 . 2010-12-24 15:21 422912 ----a-w- c:\windows\system32\secproc_isv.dll
2010-12-24 15:21 . 2010-12-24 15:21 369152 ----a-w- c:\windows\SysWow64\secproc.dll
2010-12-24 15:21 . 2010-12-24 15:21 365568 ----a-w- c:\windows\SysWow64\secproc_isv.dll
2010-12-24 15:21 . 2010-12-24 15:21 357888 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-12-24 15:21 . 2010-12-24 15:21 356352 ----a-w- c:\windows\system32\RMActivate.exe
2010-12-24 15:21 . 2010-12-24 15:21 324608 ----a-w- c:\windows\SysWow64\RMActivate_isv.exe
2010-12-24 15:21 . 2010-12-24 15:21 320512 ----a-w- c:\windows\SysWow64\RMActivate.exe
2010-12-24 15:21 . 2010-12-24 15:21 305152 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-03-19 3318784]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"QIP Internet Guardian"="c:\users\nudla\AppData\Roaming\QipGuard\QipGuard.exe" [2011-03-14 187776]
"Sidebar"="c:\program files\WINDOWS SIDEBAR\SIDEBAR.EXE" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-12-24 2429]
"VolPanel"="c:\program files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" [2008-12-30 237693]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-04-26 1597440]
"SpywareTerminator"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2011-03-19 2557440]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-17 98304]
.
c:\users\nudla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Registrace produktu.lnk - c:\program files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe [2008-11-7 517384]
Xfire.lnk - d:\program files (x86)\Xfire\Xfire.exe [2011-3-11 3498496]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-12 1083680]
Loadout Manager.lnk - d:\program files (x86)\Belkin\Nostromo\nost_LM.exe [2003-6-24 442368]
Nostromo Loadout Manager.lnk - c:\windows\Installer\{548C7B77-8B04-427E-ACD0-D0E6E6E59BCF}\NewShortcut2_548C7B778B04427EACD0D0E6E6E59BCF.exe [2011-3-19 45056]
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 135664]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-12-24 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-12-24 79360]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 QipGuard;QipGuard;c:\program files (x86)\QipGuard\QipGuard.exe [2011-03-14 187776]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - ASMMAP64
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 15:35]
.
2011-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 15:35]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"RunDLLEntry"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://search.qip.ru/ie
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ASUS WebStorage - c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-03-19 23:08:09
ComboFix-quarantined-files.txt 2011-03-19 22:08
.
Před spuštěním: Volných bajtů: 89 116 880 896
Po spuštění: Volných bajtů: 89 649 111 040
.
- - End Of File - - BC5EC38EDC1C5154690F6F9B21381D6B
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.4021.2479 [GMT 1:00]
Spuštěný z: d:\! downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-19 do 2011-03-19 )))))))))))))))))))))))))))))))
.
.
2011-03-19 22:05 . 2011-03-19 22:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-19 20:58 . 2010-10-13 08:38 81920 ----a-w- c:\windows\eSellerateControl350.dll
2011-03-19 20:58 . 2010-10-13 08:38 356352 ----a-w- c:\windows\eSellerateEngine.dll
2011-03-19 20:58 . 2011-03-19 21:21 -------- d-----w- c:\program files (x86)\Asusliveupdatevirus Removal Tool
2011-03-19 20:49 . 2011-03-19 20:49 -------- d-----w- c:\program files (x86)\Pando Networks
2011-03-19 20:36 . 2011-03-19 21:13 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2011-03-19 20:19 . 2011-03-19 20:19 -------- d-----w- c:\program files (x86)\Belkin
2011-03-19 20:19 . 2007-08-14 09:36 35328 ----a-w- c:\windows\system32\drivers\bcgame.sys
2011-03-19 20:16 . 2011-03-19 20:16 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-03-19 20:16 . 2011-03-19 22:05 -------- d-----r- c:\program files (x86)\Skype
2011-03-19 20:16 . 2011-03-19 20:16 -------- d-----w- c:\programdata\Skype
2011-03-19 20:15 . 2011-03-19 20:15 -------- d-----w- c:\program files (x86)\QipGuard
2011-03-19 20:14 . 2011-03-19 21:44 -------- d-----w- c:\program files (x86)\QIP 2010
2011-03-19 19:49 . 2005-10-21 16:01 19200 ----a-w- c:\windows\SysWow64\drivers\USBICP.sys
2011-03-19 19:49 . 2007-09-29 00:21 13952 ----a-w- c:\windows\system32\drivers\vhidmini.sys
2011-03-19 19:36 . 2011-03-19 19:36 -------- d-----w- c:\program files\TeamSpeak 3 Client
2011-03-19 19:32 . 2011-03-19 19:32 -------- d-----w- c:\program files (x86)\Altap Salamander
2011-03-19 19:32 . 2011-03-19 19:33 -------- d-----w- c:\program files (x86)\Common Files\LogiShrd
2011-03-19 19:32 . 2011-03-19 19:32 -------- d-----w- c:\program files\Logitech
2011-03-19 19:32 . 2011-03-19 19:32 -------- d-----w- c:\program files\Common Files\Logishrd
2011-03-19 19:32 . 2011-03-19 19:32 -------- d-----w- c:\programdata\LogiShrd
2011-03-19 19:28 . 2011-01-17 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-03-19 19:28 . 2011-01-17 05:38 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-03-19 18:56 . 2011-03-19 18:56 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-03-19 18:53 . 2011-03-19 18:53 -------- d-----w- c:\windows\SysWow64\Wat
2011-03-19 18:53 . 2011-03-19 18:53 -------- d-----w- c:\windows\system32\Wat
2011-03-19 18:42 . 2011-03-19 21:13 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-03-19 18:42 . 2011-03-19 21:12 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2011-03-19 18:42 . 2011-03-19 20:36 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-03-19 18:31 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-03-19 18:31 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-03-19 18:27 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-03-19 18:27 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-03-19 18:27 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-03-19 18:27 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-03-19 18:27 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-03-19 18:27 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-03-19 18:27 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-03-19 18:27 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-03-19 18:27 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-03-19 18:27 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-03-19 18:27 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2011-03-19 18:25 . 2011-03-19 18:25 -------- d-sh--w- c:\windows\ftpcache
2011-03-19 18:23 . 2010-11-02 05:12 1837568 ----a-w- c:\windows\system32\d3d10warp.dll
2011-03-19 18:22 . 2010-03-04 07:57 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-19 18:21 . 2011-03-19 18:21 -------- d-----w- c:\program files (x86)\Opera
2011-03-19 18:20 . 2010-10-16 05:23 112000 ----a-w- c:\windows\system32\consent.exe
2011-03-19 18:06 . 2011-03-19 18:06 -------- d-----w- c:\programdata\ATI
2011-03-19 18:03 . 2011-03-19 18:03 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-03-19 18:03 . 2011-03-19 18:03 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-03-19 18:02 . 2011-03-19 18:04 -------- d-----w- c:\program files\ATI Technologies
2011-03-19 17:57 . 2011-03-19 18:07 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-03-19 17:43 . 2008-10-10 03:52 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2011-03-19 17:43 . 2008-10-10 03:52 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2011-03-19 17:43 . 2008-10-10 03:52 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2011-03-19 17:43 . 2007-04-04 17:53 81768 ----a-w- c:\windows\SysWow64\xinput1_3.dll
2011-03-19 17:31 . 2011-03-19 17:32 -------- d-----w- c:\programdata\Xfire
2011-03-19 17:18 . 2011-03-19 17:18 -------- d-----w- c:\programdata\ASUS
2011-03-19 16:04 . 2011-03-19 16:06 -------- d-----w- c:\program files (x86)\WinClamAVShield
2011-03-19 16:04 . 2011-03-19 21:52 -------- d-----w- c:\program files (x86)\Spyware Terminator
2011-03-19 16:04 . 2011-03-19 21:45 -------- d-----w- c:\programdata\Spyware Terminator
2011-03-19 14:47 . 2011-03-19 14:47 -------- d-----w- c:\users\nudla
2011-03-11 11:33 . 2011-03-11 11:33 36352 ----a-w- c:\windows\SysWow64\xfcodec.dll
2011-03-11 11:30 . 2011-03-11 11:30 22016 ----a-w- c:\windows\system32\xfcodec64.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-19 14:47 . 2010-06-24 19:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2010-12-24 16:19 . 2010-12-24 16:19 410504 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2010-12-24 16:19 . 2010-12-24 16:19 27016 ----a-w- c:\windows\system32\drivers\amdxata.sys
2010-12-24 16:19 . 2010-12-24 16:19 2566144 ----a-w- c:\windows\system32\esent.dll
2010-12-24 16:19 . 2010-12-24 16:19 187264 ----a-w- c:\windows\system32\drivers\storport.sys
2010-12-24 16:19 . 2010-12-24 16:19 1686016 ----a-w- c:\windows\SysWow64\esent.dll
2010-12-24 16:19 . 2010-12-24 16:19 166280 ----a-w- c:\windows\system32\drivers\nvstor.sys
2010-12-24 16:19 . 2010-12-24 16:19 1657216 ----a-w- c:\windows\system32\drivers\ntfs.sys
2010-12-24 16:19 . 2010-12-24 16:19 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2010-12-24 16:19 . 2010-12-24 16:19 107912 ----a-w- c:\windows\system32\drivers\amdsata.sys
2010-12-24 16:16 . 2010-12-24 16:16 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
2010-12-24 16:16 . 2010-12-24 16:16 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll
2010-12-24 16:15 . 2010-12-24 16:15 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2010-12-24 16:15 . 2010-12-24 16:15 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2010-12-24 16:13 . 2010-12-24 16:13 9728 ----a-w- c:\windows\SysWow64\sscore.dll
2010-12-24 16:13 . 2010-12-24 16:13 463360 ----a-w- c:\windows\system32\drivers\srv.sys
2010-12-24 16:13 . 2010-12-24 16:13 402944 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-12-24 16:13 . 2010-12-24 16:13 236032 ----a-w- c:\windows\system32\srvsvc.dll
2010-12-24 16:13 . 2010-12-24 16:13 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-12-24 16:12 . 2010-12-24 16:12 633856 ----a-w- c:\windows\system32\comctl32.dll
2010-12-24 16:12 . 2010-12-24 16:12 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2010-12-24 16:11 . 2010-12-24 16:11 738816 ----a-w- c:\windows\SysWow64\wmpmde.dll
2010-12-24 16:11 . 2010-12-24 16:11 1024512 ----a-w- c:\windows\system32\wmpmde.dll
2010-12-24 16:11 . 2010-12-24 16:11 340992 ----a-w- c:\windows\system32\schannel.dll
2010-12-24 16:11 . 2010-12-24 16:11 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2010-12-24 16:08 . 2010-12-24 16:08 148992 ----a-w- c:\windows\system32\t2embed.dll
2010-12-24 16:08 . 2010-12-24 16:08 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2010-12-24 16:07 . 2010-12-24 16:07 483840 ----a-w- c:\windows\system32\StructuredQuery.dll
2010-12-24 16:07 . 2010-12-24 16:07 363520 ----a-w- c:\windows\SysWow64\StructuredQuery.dll
2010-12-24 16:06 . 2010-12-24 16:06 2085376 ----a-w- c:\windows\system32\ole32.dll
2010-12-24 16:06 . 2010-12-24 16:06 1413632 ----a-w- c:\windows\SysWow64\ole32.dll
2010-12-24 16:05 . 2010-12-24 16:05 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2010-12-24 16:05 . 2010-12-24 16:05 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2010-12-24 16:04 . 2010-12-24 16:04 558592 ----a-w- c:\windows\system32\spoolsv.exe
2010-12-24 16:02 . 2010-12-24 16:02 861184 ----a-w- c:\windows\system32\oleaut32.dll
2010-12-24 16:02 . 2010-12-24 16:02 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2010-12-24 15:56 . 2010-12-24 15:56 52224 ----a-w- c:\windows\system32\rtutils.dll
2010-12-24 15:56 . 2010-12-24 15:56 37376 ----a-w- c:\windows\SysWow64\rtutils.dll
2010-12-24 15:56 . 2010-12-24 15:56 82944 ----a-w- c:\windows\SysWow64\iccvid.dll
2010-12-24 15:55 . 2010-12-24 15:55 3058304 ----a-w- c:\windows\AsScrPro.exe
2010-12-24 15:54 . 2010-12-24 15:54 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2010-12-24 15:54 . 2010-12-24 15:54 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2010-12-24 15:54 . 2010-12-24 15:54 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2010-12-24 15:54 . 2010-12-24 15:54 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2010-12-24 15:52 . 2010-12-24 15:52 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-12-24 15:47 . 2010-12-24 15:47 213888 ----a-w- c:\windows\system32\drivers\rdyboost.sys
2010-12-24 15:41 . 2010-12-24 15:41 84992 ----a-w- c:\windows\system32\asycfilt.dll
2010-12-24 15:41 . 2010-12-24 15:41 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2010-12-24 15:40 . 2010-12-24 15:40 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2010-12-24 15:40 . 2010-12-24 15:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2010-12-24 15:40 . 2010-12-24 15:40 153160 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2010-12-24 15:40 . 2010-12-24 15:40 1446912 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-24 15:39 . 2010-12-24 15:39 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2010-12-24 15:37 . 2010-12-24 15:37 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-12-24 15:37 . 2010-12-24 15:37 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-12-24 15:37 . 2010-12-24 15:37 125952 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-12-24 15:34 . 2010-12-24 15:34 139264 ----a-w- c:\windows\system32\cabview.dll
2010-12-24 15:34 . 2010-12-24 15:34 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2010-12-24 15:33 . 2010-12-24 15:33 220672 ----a-w- c:\windows\system32\wintrust.dll
2010-12-24 15:33 . 2010-12-24 15:33 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2010-12-24 15:32 . 2010-12-24 15:32 613888 ----a-w- c:\windows\system32\psisdecd.dll
2010-12-24 15:32 . 2010-12-24 15:32 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2010-12-24 15:30 . 2010-12-24 15:30 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2010-12-24 15:30 . 2010-12-24 15:30 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2010-12-24 15:30 . 2010-12-24 15:30 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2010-12-24 15:30 . 2010-12-24 15:30 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2010-12-24 15:30 . 2010-12-24 15:30 243200 ----a-w- c:\windows\system32\wow64.dll
2010-12-24 15:30 . 2010-12-24 15:30 2048 ----a-w- c:\windows\SysWow64\user.exe
2010-12-24 15:30 . 2010-12-24 15:30 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2010-12-24 15:27 . 2010-12-24 15:27 389632 ----a-w- c:\windows\system32\winlogon.exe
2010-12-24 15:27 . 2010-12-24 15:27 2870272 ----a-w- c:\windows\explorer.exe
2010-12-24 15:27 . 2010-12-24 15:27 2614272 ----a-w- c:\windows\SysWow64\explorer.exe
2010-12-24 15:27 . 2010-12-24 15:27 91648 ----a-w- c:\windows\SysWow64\avifil32.dll
2010-12-24 15:27 . 2010-12-24 15:27 84480 ----a-w- c:\windows\SysWow64\mciavi32.dll
2010-12-24 15:27 . 2010-12-24 15:27 54272 ----a-w- c:\windows\system32\iyuv_32.dll
2010-12-24 15:27 . 2010-12-24 15:27 50176 ----a-w- c:\windows\SysWow64\iyuv_32.dll
2010-12-24 15:27 . 2010-12-24 15:27 38912 ----a-w- c:\windows\system32\msvidc32.dll
2010-12-24 15:27 . 2010-12-24 15:27 31744 ----a-w- c:\windows\SysWow64\msvidc32.dll
2010-12-24 15:27 . 2010-12-24 15:27 25088 ----a-w- c:\windows\system32\msyuv.dll
2010-12-24 15:27 . 2010-12-24 15:27 22016 ----a-w- c:\windows\SysWow64\msyuv.dll
2010-12-24 15:27 . 2010-12-24 15:27 16384 ----a-w- c:\windows\system32\msrle32.dll
2010-12-24 15:27 . 2010-12-24 15:27 1572352 ----a-w- c:\windows\system32\quartz.dll
2010-12-24 15:27 . 2010-12-24 15:27 14848 ----a-w- c:\windows\system32\tsbyuv.dll
2010-12-24 15:27 . 2010-12-24 15:27 13312 ----a-w- c:\windows\SysWow64\msrle32.dll
2010-12-24 15:27 . 2010-12-24 15:27 1328640 ----a-w- c:\windows\SysWow64\quartz.dll
2010-12-24 15:27 . 2010-12-24 15:27 12288 ----a-w- c:\windows\SysWow64\tsbyuv.dll
2010-12-24 15:21 . 2010-12-24 15:21 85504 ----a-w- c:\windows\SysWow64\secproc_ssp.dll
2010-12-24 15:21 . 2010-12-24 15:21 306688 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-12-24 15:21 . 2010-12-24 15:21 280064 ----a-w- c:\windows\SysWow64\RMActivate_ssp.exe
2010-12-24 15:21 . 2010-12-24 15:21 121856 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-12-24 15:21 . 2010-12-24 15:21 85504 ----a-w- c:\windows\SysWow64\secproc_ssp_isv.dll
2010-12-24 15:21 . 2010-12-24 15:21 424960 ----a-w- c:\windows\system32\secproc.dll
2010-12-24 15:21 . 2010-12-24 15:21 422912 ----a-w- c:\windows\system32\secproc_isv.dll
2010-12-24 15:21 . 2010-12-24 15:21 369152 ----a-w- c:\windows\SysWow64\secproc.dll
2010-12-24 15:21 . 2010-12-24 15:21 365568 ----a-w- c:\windows\SysWow64\secproc_isv.dll
2010-12-24 15:21 . 2010-12-24 15:21 357888 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-12-24 15:21 . 2010-12-24 15:21 356352 ----a-w- c:\windows\system32\RMActivate.exe
2010-12-24 15:21 . 2010-12-24 15:21 324608 ----a-w- c:\windows\SysWow64\RMActivate_isv.exe
2010-12-24 15:21 . 2010-12-24 15:21 320512 ----a-w- c:\windows\SysWow64\RMActivate.exe
2010-12-24 15:21 . 2010-12-24 15:21 305152 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-03-19 3318784]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"QIP Internet Guardian"="c:\users\nudla\AppData\Roaming\QipGuard\QipGuard.exe" [2011-03-14 187776]
"Sidebar"="c:\program files\WINDOWS SIDEBAR\SIDEBAR.EXE" [2009-07-14 1475072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-12-24 2429]
"VolPanel"="c:\program files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" [2008-12-30 237693]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-04-26 1597440]
"SpywareTerminator"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2011-03-19 2557440]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-17 98304]
.
c:\users\nudla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Registrace produktu.lnk - c:\program files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe [2008-11-7 517384]
Xfire.lnk - d:\program files (x86)\Xfire\Xfire.exe [2011-3-11 3498496]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-12 1083680]
Loadout Manager.lnk - d:\program files (x86)\Belkin\Nostromo\nost_LM.exe [2003-6-24 442368]
Nostromo Loadout Manager.lnk - c:\windows\Installer\{548C7B77-8B04-427E-ACD0-D0E6E6E59BCF}\NewShortcut2_548C7B778B04427EACD0D0E6E6E59BCF.exe [2011-3-19 45056]
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 135664]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-12-24 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-12-24 79360]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 QipGuard;QipGuard;c:\program files (x86)\QipGuard\QipGuard.exe [2011-03-14 187776]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 bcgame;Nostromo HID Device Minidriver;c:\windows\system32\drivers\bcgame.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - ASMMAP64
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 15:35]
.
2011-03-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-24 15:35]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"RunDLLEntry"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://search.qip.ru/ie
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ASUS WebStorage - c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-03-19 23:08:09
ComboFix-quarantined-files.txt 2011-03-19 22:08
.
Před spuštěním: Volných bajtů: 89 116 880 896
Po spuštění: Volných bajtů: 89 649 111 040
.
- - End Of File - - BC5EC38EDC1C5154690F6F9B21381D6B
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: mam v pc havěť prosím o pomoc :(
Jednu položku CF smazal. O jaký kritický objekt se jedná?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: mam v pc havěť prosím o pomoc :(
udelal sem image aby bylo videt co mi to tentokrat naslo... Rekl bych ze mi to najde pokazdy neco jinyho 
- Přílohy
-
- ..
- spyware.jpg (54.24 KiB) Zobrazeno 552 x
-
Rudy
- Site Admin
- Příspěvky: 119506
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: mam v pc havěť prosím o pomoc :(
Ten soubor, který je označen jako trojan, otestujte online na www.virustotal.com . Výsledek oznamte. Moc se mi nechce věřit, že je to opravdu trojan. Druhá detekce je prázdný klíč.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?