Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

r.o.s.t.a.c.k.a - kontrola logu.

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

#16 Příspěvek od r.o.s.t.a.c.k.a »

_neo píše:to r.o.s.t.a.c.k.a:
dobrá tapeta na pozadí :D
Díky... :lol:
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

#17 Příspěvek od r.o.s.t.a.c.k.a »

Už mi to zase hlásí nedostatek virtuální paměti, pár dní jsem měla pokoj.. Doufám, že je to virem a že neodchází ramka nebo něco.. :cry: Ale dřív jsem klidně mohla mít puštěnou hru, k tomu ICQ (prostě všechno možný) a byl klid...
Tady je log, tak prosím zase o kontrolu.. Děkuji...
Logfile of HijackThis v1.99.1
Scan saved at 9:06:29, on 30.5.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\TrojanHunter 4.5\THGuard.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\MSI\BToes Bluetooth Software\BTTray.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Games\The Sims 2 Seasons\TSBin\Sims2EP5.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Documents and Settings\Junior\Plocha\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [THGuard] "C:\Program Files\TrojanHunter 4.5\THGuard.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [aol] "C:\Program Files\AOL\Active Virus Shield\avp.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\System32\btxppanel.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
O23 - Service: Active Virus Shield (AVP) - AOL - C:\Program Files\AOL\Active Virus Shield\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Nahoru
eda
VIP
VIP
Příspěvky: 576
Registrován: 24 srp 2006 10:35
Bydliště: Kroměříž

#18 Příspěvek od eda »

Odinstalujte TrojanHunter.

V HijackThis fixněte:
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)


Vyčistěte CCleanerem a dejte vědět, co to dělá.
Obrázek
ObrázekObrázek
Jestli se Vám líbím, můžete mě kontaktovat na eda@forum.viry.cz :-)
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

#19 Příspěvek od r.o.s.t.a.c.k.a »

Hotovo: Ta tabulka se neobjevuje často, to nepoznám hned, jestli je to v pohodě...

Logfile of HijackThis v1.99.1
Scan saved at 10:04:54, on 30.5.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\MSI\BToes Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Junior\Plocha\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [aol] "C:\Program Files\AOL\Active Virus Shield\avp.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\System32\btxppanel.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
O23 - Service: Active Virus Shield (AVP) - AOL - C:\Program Files\AOL\Active Virus Shield\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Nahoru
Uživatelský avatar
riffman
VIP
VIP
Příspěvky: 3203
Registrován: 20 říj 2004 07:00
Bydliště: České Budějovice
Kontaktovat uživatele:
Kontaktovat uživatele riffman

#20 Příspěvek od riffman »

log je OK...

pro jistotu jeste stahnete a aplikujte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
postupujte dle pokynu na obrazovce, neklikejte behem skenu do okna; v prubehu skenu bude stroj restartovan

po ukonceni skenu bude vygenerovan log, ulozeny na C:/Combofix.txt, vlozte jej sem
Give us a chance to live
Give us a chance to die
Give us a chance to be free
Without fire from the sky
Give us a chance to love
Give us a chance to hate
Give us a chance, before you kill us all
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

#21 Příspěvek od r.o.s.t.a.c.k.a »

"Junior" - 2007-05-31 7:32:53 Service Pack 2
ComboFix 07-05.27.BV - Running from: "C:\Documents and Settings\Junior\Plocha\"


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


"C:\WINDOWS\drsmartload2.dat"
"C:\WINDOWS\keyboard1.dat"
"C:\WINDOWS\newname.dat"
"C:\WINDOWS\teller2.chk"
"C:\WINDOWS\system32\atmtd.dll"
"C:\WINDOWS\system32\atmtd.dll._"
"C:\WINDOWS\uninstall_nmon.vbs"
"C:\Program Files\deskbar\about.html"
"C:\Program Files\deskbar\basis.xml"
"C:\Program Files\deskbar\deskbar.crc"
"C:\Program Files\deskbar\deskbar.inf"
"C:\Program Files\deskbar\icons.bmp"
"C:\Program Files\deskbar\inst.bat"
"C:\Program Files\deskbar\mbback.bmp"
"C:\Program Files\deskbar\mbbigopen.bmp"
"C:\Program Files\deskbar\mbclose.bmp"
"C:\Program Files\deskbar\mbfwd.bmp"
"C:\Program Files\deskbar\mblogo.bmp"
"C:\Program Files\deskbar\mbsep.bmp"
"C:\Program Files\deskbar\options.html"
"C:\Program Files\deskbar\softomate.gif"
"C:\Program Files\deskbar\version.txt"
"C:\Program Files\network monitor\netmon.exe"
"C:\Program Files\network monitor\netmon.exe.tcf"
"C:\Program Files\network monitor\netmon.exe2399.tcf"
"C:\Program Files\network monitor\netmon.exe7692.tcf"
"C:\Program Files\network monitor\netmon.exe901.tcf"
"C:\DOCUME~1\LOCALS~1\DATAAP~1\netmon\domains.txt"
"C:\DOCUME~1\LOCALS~1\DATAAP~1\netmon\log.txt"
"C:\WINDOWS\system32\taskmgr.com"
"C:\WINDOWS\regedit.com"
"C:\Program Files\deskbar"
"C:\Program Files\network monitor"
"C:\DOCUME~1\LOCALS~1\DATAAP~1\netmon"


((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_CMDSERVICE
-------\nm


((((((((((((((((((((((((((((((( Files Created from 2007-04-28 to 2007-05-31 ))))))))))))))))))))))))))))))))))


2007-05-30 10:17 <DIR> d-------- C:\Program Files\QIP
2007-05-30 10:16 2,001,135 --a------ C:\qip8020.exe
2007-05-30 09:49 1,958,192 --a------ C:\DefragSetup.exe
2007-05-30 09:33 <DIR> d-------- C:\Program Files\IObit
2007-05-29 21:24 <DIR> d-------- C:\Program Files\Clear FTP 2006
2007-05-29 21:24 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\Micropro
2007-05-29 20:30 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\FlashFXP
2007-05-29 07:19 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\Talkback
2007-05-28 20:23 2,354,713 --a------ C:\mdvdp12.exe
2007-05-28 20:23 <DIR> d-------- C:\Program Files\Micro DVD Player
2007-05-28 17:57 <DIR> d-------- C:\Program Files\Theme Studio
2007-05-22 19:26 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\WildTangent
2007-05-22 13:35 <DIR> d-------- C:\Program Files\RadLight Company
2007-05-22 11:54 38,480 --------- C:\WINDOWS\system32\IJRMF.exe
2007-05-22 10:29 <DIR> d-------- C:\Program Files\Elaborate Bytes
2007-05-19 18:59 <DIR> d-------- C:\Program Files\Crazy Taxi 3
2007-05-19 18:36 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-05-19 18:36 <DIR> d-------- C:\WINDOWS\Prefetch
2007-05-19 18:29 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-05-19 18:28 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys
2007-05-19 18:28 9,728 --------- C:\WINDOWS\system32\comsdupd.exe
2007-05-19 18:28 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll
2007-05-19 18:28 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2007-05-19 18:28 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys
2007-05-19 18:28 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-05-19 18:28 71,680 --------- C:\WINDOWS\system32\blastcln.exe
2007-05-19 18:28 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-05-19 18:28 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2007-05-19 18:28 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2007-05-19 18:28 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys
2007-05-19 18:28 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2007-05-19 18:28 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-05-19 18:28 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys
2007-05-19 18:28 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys
2007-05-19 18:28 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2007-05-19 18:28 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys
2007-05-19 18:28 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2007-05-19 18:28 516,768 --------- C:\WINDOWS\system32\ativvaxx.dll
2007-05-19 18:28 50,688 --------- C:\WINDOWS\system32\btpanui.dll
2007-05-19 18:28 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys
2007-05-19 18:28 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys
2007-05-19 18:28 44,928 --------- C:\WINDOWS\system32\drivers\agpcpq.sys
2007-05-19 18:28 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys
2007-05-19 18:28 43,008 --------- C:\WINDOWS\system32\drivers\amdagp.sys
2007-05-19 18:28 42,752 --------- C:\WINDOWS\system32\drivers\alim1541.sys
2007-05-19 18:28 42,368 --------- C:\WINDOWS\system32\drivers\agp440.sys
2007-05-19 18:28 42,240 --------- C:\WINDOWS\system32\drivers\viaagp.sys
2007-05-19 18:28 41,088 --------- C:\WINDOWS\system32\drivers\sisagp.sys
2007-05-19 18:28 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys
2007-05-19 18:28 40,832 --------- C:\WINDOWS\system32\drivers\irbus.sys
2007-05-19 18:28 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll
2007-05-19 18:28 39,936 --------- C:\WINDOWS\system32\drivers\intelppm.sys
2007-05-19 18:28 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys
2007-05-19 18:28 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2007-05-19 18:28 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2007-05-19 18:28 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys
2007-05-19 18:28 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2007-05-19 18:28 326,912 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2007-05-19 18:28 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll
2007-05-19 18:28 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2007-05-19 18:28 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys
2007-05-19 18:28 30,208 --------- C:\WINDOWS\system32\bthserv.dll
2007-05-19 18:28 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-05-19 18:28 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll
2007-05-19 18:28 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll
2007-05-19 18:28 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll
2007-05-19 18:28 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll
2007-05-19 18:28 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll
2007-05-19 18:28 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll
2007-05-19 18:28 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll
2007-05-19 18:28 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2007-05-19 18:28 29,056 --------- C:\WINDOWS\system32\drivers\ip6fw.sys
2007-05-19 18:28 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2007-05-19 18:28 274,304 --------- C:\WINDOWS\system32\drivers\bthport.sys
2007-05-19 18:28 263,040 --------- C:\WINDOWS\system32\drivers\http.sys
2007-05-19 18:28 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys
2007-05-19 18:28 25,600 --------- C:\WINDOWS\system32\drivers\hidbth.sys
2007-05-19 18:28 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys
2007-05-19 18:28 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll
2007-05-19 18:28 229,376 --------- C:\WINDOWS\system32\ati2cqag.dll
2007-05-19 18:28 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2007-05-19 18:28 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys
2007-05-19 18:28 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2007-05-19 18:28 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll
2007-05-19 18:28 201,728 --------- C:\WINDOWS\system32\ati2dvag.dll
2007-05-19 18:28 20,992 --------- C:\WINDOWS\system32\bthci.dll
2007-05-19 18:28 180,360 --------- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2007-05-19 18:28 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys
2007-05-19 18:28 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll
2007-05-19 18:28 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys
2007-05-19 18:28 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys
2007-05-19 18:28 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys
2007-05-19 18:28 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2007-05-19 18:28 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys
2007-05-19 18:28 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2007-05-19 18:28 14,336 --------- C:\WINDOWS\system32\auditusr.exe
2007-05-19 18:28 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll
2007-05-19 18:28 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2007-05-19 18:28 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-05-19 18:28 13,824 --------- C:\WINDOWS\system32\cmsetacl.dll
2007-05-19 18:28 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys
2007-05-19 18:28 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2007-05-19 18:28 13,240 --------- C:\WINDOWS\system32\drivers\slwdmsup.sys
2007-05-19 18:28 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys
2007-05-19 18:28 126,686 --------- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2007-05-19 18:28 124,800 --------- C:\WINDOWS\system32\drivers\fltmgr.sys
2007-05-19 18:28 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2007-05-19 18:28 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2007-05-19 18:28 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2007-05-19 18:28 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys
2007-05-19 18:28 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys
2007-05-19 18:28 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2007-05-19 18:28 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys
2007-05-19 18:28 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2007-05-19 18:28 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll
2007-05-19 18:28 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll
2007-05-19 18:28 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys
2007-05-19 18:28 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys
2007-05-19 18:28 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-05-19 18:28 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys
2007-05-19 18:28 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys
2007-05-19 18:28 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2007-05-19 18:28 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys
2007-05-19 18:28 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2007-05-19 18:27 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll
2007-05-19 18:27 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll
2007-05-19 18:27 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll
2007-05-19 18:27 81,920 --------- C:\WINDOWS\system32\ieencode.dll
2007-05-19 18:27 81,408 --------- C:\WINDOWS\system32\wscsvc.dll
2007-05-19 18:27 8,192 --------- C:\WINDOWS\system32\smbinst.exe
2007-05-19 18:27 755,200 --------- C:\WINDOWS\system32\ir50_32.dll
2007-05-19 18:27 75,776 --------- C:\WINDOWS\system32\strmfilt.dll
2007-05-19 18:27 73,832 --------- C:\WINDOWS\system32\slcoinst.dll
2007-05-19 18:27 73,796 --------- C:\WINDOWS\system32\slserv.exe
2007-05-19 18:27 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll
2007-05-19 18:27 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll
2007-05-19 18:27 7,168 --------- C:\WINDOWS\system32\kbdukx.dll
2007-05-19 18:27 7,168 --------- C:\WINDOWS\system32\kbdno1.dll
2007-05-19 18:27 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll
2007-05-19 18:27 60,416 --------- C:\WINDOWS\system32\fwcfg.dll
2007-05-19 18:27 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll
2007-05-19 18:27 6,656 --------- C:\WINDOWS\system32\kbdinben.dll
2007-05-19 18:27 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll
2007-05-19 18:27 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll
2007-05-19 18:27 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll
2007-05-19 18:27 526,848 --------- C:\WINDOWS\system32\p2psvc.dll
2007-05-19 18:27 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll
2007-05-19 18:27 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll
2007-05-19 18:27 49,152 --------- C:\WINDOWS\system32\powercfg.exe
2007-05-19 18:27 48,640 --------- C:\WINDOWS\system32\pnrpnsp.dll
2007-05-19 18:27 463,360 --------- C:\WINDOWS\system32\xpob2res.dll
2007-05-19 18:27 44,032 --------- C:\WINDOWS\system32\twext.dll
2007-05-19 18:27 431,104 --------- C:\WINDOWS\system32\wuapi.dll
2007-05-19 18:27 397,056 --------- C:\WINDOWS\system32\s3gnb.dll
2007-05-19 18:27 384,512 --------- C:\WINDOWS\system32\mp4sdmod.dll
2007-05-19 18:27 36,864 --------- C:\WINDOWS\system32\wups.dll
2007-05-19 18:27 338,432 --------- C:\WINDOWS\system32\ir41_qcx.dll
2007-05-19 18:27 32,866 --------- C:\WINDOWS\system32\slrundll.exe
2007-05-19 18:27 32,866 --------- C:\WINDOWS\slrundll.exe
2007-05-19 18:27 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll
2007-05-19 18:27 312,320 --------- C:\WINDOWS\system32\p2pgraph.dll
2007-05-19 18:27 310,272 --------- C:\WINDOWS\system32\mp43dmod.dll
2007-05-19 18:27 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll
2007-05-19 18:27 286,792 --------- C:\WINDOWS\system32\slextspk.dll
2007-05-19 18:27 24,576 --------- C:\WINDOWS\system32\httpapi.dll
2007-05-19 18:27 22,528 --------- C:\WINDOWS\system32\fltmc.exe
2007-05-19 18:27 200,192 --------- C:\WINDOWS\system32\ir50_qc.dll
2007-05-19 18:27 2,927,616 --------- C:\WINDOWS\system32\xpsp2res.dll
2007-05-19 18:27 193,024 --------- C:\WINDOWS\system32\fsquirt.exe
2007-05-19 18:27 188,508 --------- C:\WINDOWS\system32\slgen.dll
2007-05-19 18:27 183,808 --------- C:\WINDOWS\system32\ir50_qcx.dll
2007-05-19 18:27 183,296 --------- C:\WINDOWS\system32\wuaueng1.dll
2007-05-19 18:27 17,408 --------- C:\WINDOWS\system32\winshfhc.dll
2007-05-19 18:27 166,912 --------- C:\WINDOWS\system32\wuauclt1.exe
2007-05-19 18:27 16,896 --------- C:\WINDOWS\system32\fltlib.dll
2007-05-19 18:27 15,872 --------- C:\WINDOWS\system32\w3ssl.dll
2007-05-19 18:27 13,824 --------- C:\WINDOWS\system32\wscntfy.exe
2007-05-19 18:27 129,536 --------- C:\WINDOWS\system32\xmlprov.dll
2007-05-19 18:27 120,320 --------- C:\WINDOWS\system32\wuweb.dll
2007-05-19 18:27 120,320 --------- C:\WINDOWS\system32\ir41_qc.dll
2007-05-19 18:27 118,784 --------- C:\WINDOWS\system32\msdadiag.dll
2007-05-19 18:27 116,224 --------- C:\WINDOWS\system32\p2p.dll
2007-05-19 18:27 112,640 --------- C:\WINDOWS\system32\wucltui.dll
2007-05-19 18:27 108,032 --------- C:\WINDOWS\system32\wshbth.dll
2007-05-19 18:27 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2007-05-19 18:27 <DIR> d-------- C:\WINDOWS\provisioning
2007-05-19 18:27 <DIR> d-------- C:\WINDOWS\peernet
2007-05-19 18:24 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-05-19 18:17 15,872 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-05-19 18:14 <DIR> d-------- C:\WINDOWS\EHome
2007-05-16 14:58 7,718,504 --a------ C:\WINDOWS\system32\exec1.exe
2007-05-16 14:58 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\WinZip
2007-05-14 19:58 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\S.V. Softwares
2007-05-11 12:19 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\ICQ
2007-05-11 12:17 <DIR> d-------- C:\Program Files\ICQ6
2007-05-08 14:02 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\Zoner
2007-05-08 14:01 <DIR> d-------- C:\Program Files\Zoner
2007-05-07 09:54 <DIR> d-------- C:\Program Files\EA GAMES
2007-04-28 16:32 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2007-04-28 16:30 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2007-04-28 16:30 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2007-04-28 16:30 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2007-04-28 16:30 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2007-04-28 16:30 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2007-04-28 16:28 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\Installations
2007-04-21 20:51 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\fltk.org
2007-04-21 20:49 <DIR> d-------- C:\Program Files\Playstation Emulator
2007-04-18 19:14 <DIR> d-------- C:\Program Files\uTorrent
2007-04-18 19:14 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\uTorrent
2007-04-15 19:23 <DIR> d-------- C:\Backup
2007-04-15 13:09 <DIR> d-------- C:\Program Files\FruityLoops3
2007-04-12 16:34 <DIR> d-------- C:\Program Files\Nero
2007-04-12 16:34 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-04-05 19:32 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\Ableton
2007-04-01 13:16 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\InstallShield
2007-04-01 13:14 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\Leadertech


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-05-30 08:26:35 -------- d-----w C:\Program Files\CCleaner
2007-05-30 08:01:48 -------- d-----w C:\Program Files\TrojanHunter 4.5
2007-05-28 16:13:29 -------- d--h--w C:\Program Files\Zero G Registry
2007-05-28 15:51:51 -------- d-----w C:\Program Files\Nokia
2007-05-22 09:54:28 -------- d-----w C:\Program Files\MyPhoneExplorer
2007-05-22 09:54:03 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-05-19 16:39:54 62,138 ----a-w C:\WINDOWS\system32\perfc005.dat
2007-05-19 16:39:54 379,568 ----a-w C:\WINDOWS\system32\perfh005.dat
2007-05-19 16:35:54 -------- d-----w C:\Program Files\Messenger
2007-05-19 16:35:13 96,256 ----a-w C:\WINDOWS\system32\drivers\sptd9533.sys
2007-05-19 16:27:48 -------- d-----w C:\Program Files\Movie Maker
2007-05-19 16:23:58 -------- d-----w C:\Program Files\Windows NT
2007-05-18 17:20:16 -------- d-----w C:\DOCUME~1\Junior\DATAAP~1\Nokia
2007-05-13 20:03:18 -------- d-----w C:\Program Files\Winamp
2007-05-13 10:57:04 -------- d-----w C:\Program Files\Common Files\Nokia
2007-05-13 10:56:14 -------- d-----w C:\Program Files\VstPlugins
2007-04-28 14:33:21 -------- d-----w C:\Program Files\DIFX
2007-04-17 13:11:51 -------- d-----w C:\DOCUME~1\Junior\DATAAP~1\Datalayer
2007-04-12 15:01:35 -------- d-----w C:\DOCUME~1\Junior\DATAAP~1\Ahead
2007-04-12 14:33:06 -------- d-----w C:\Program Files\Ahead
2007-04-10 14:49:23 -------- d-----w C:\Program Files\SlySoft
2007-04-01 11:17:05 146 ----a-w C:\WINDOWS\DelMR.bat
2007-04-01 11:14:02 -------- d-----w C:\Program Files\Image-Line
2007-03-31 05:02:47 -------- d-----w C:\Program Files\SaveNow
2007-03-30 17:00:55 -------- d-----w C:\Program Files\VideoLAN
2007-03-30 16:57:26 8,464 ----a-w C:\WINDOWS\system32\sporder.dll
2007-03-30 16:57:25 172,544 ----a-w C:\WINDOWS\RLUninstall.exe
2005-07-29 14:24:26 472 --sha-r C:\WINDOWS\SmFuYSBNYXp1cm924Q\mAIRsm1hsrDYwA6Zbk.vbs


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 07:12]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 13:22]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" []
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-12-10 16:57]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2003-12-13 02:50]
"nwiz"="nwiz.exe" [2006-08-11 21:43 C:\WINDOWS\system32\nwiz.exe]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 07:03]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 17:15]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 14:16]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 13:45]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20]
"SmartDefrag"="C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" [2007-04-28 21:54]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-17 15:49]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-09-13 11:12]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*


********************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-31 07:39:52
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0


********************************************************************

Completion time: 2007-05-31 7:42:03 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-05-31 07:42

--- E O F ---
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15241
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

#22 Příspěvek od JaRon »

vycisti PC s CCleanerom a nasledne aj so SaS - v podpise
po vycisteni napis, ci su nejake problemy ?
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

#23 Příspěvek od r.o.s.t.a.c.k.a »

Tak hotovo... Problémy zatím nejsou, uvidím jestli začne zase blbnout.. Kdyžtak tady je log po vyčištění - SaS našel pár souborů, které se mu nezdály...

Logfile of HijackThis v1.99.1
Scan saved at 11:53:11, on 31.5.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\MSI\BToes Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\QIP\qip.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Junior\Plocha\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [aol] "C:\Program Files\AOL\Active Virus Shield\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\System32\btxppanel.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
O23 - Service: Active Virus Shield (AVP) - AOL - C:\Program Files\AOL\Active Virus Shield\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15241
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

#24 Příspěvek od JaRon »

log je OK
ComboFix vykonal kus prace - ak by nieco, vies, kde nas najst :wink:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

#25 Příspěvek od r.o.s.t.a.c.k.a »

JaRon píše:log je OK
ComboFix vykonal kus prace - ak by nieco, vies, kde nas najst :wink:
Díky.. :)
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

#26 Příspěvek od r.o.s.t.a.c.k.a »

Prosim o kontrolu logu - hazim sem pro jistotu z combofixu i hajackthis... Zase mi obcas blbne PC, antivir nic nenasel, superantispyware taky ne, ale jistota je jistota:

Combofix:

"Junior" - 2007-06-08 12:01:56 Service Pack 2
ComboFix 07-05.27.BV - Running from: ""


((((((((((((((((((((((((((((((( Files Created from 2007-05-08 to 2007-06-08 ))))))))))))))))))))))))))))))))))


2007-06-06 07:39 <DIR> d-------- C:\Program Files\DAEMON Tools
2007-06-06 06:53 <DIR> dr-h----- C:\DOCUME~1\Junior\DATAAP~1\SecuROM
2007-06-01 12:02 <DIR> d-------- C:\Program Files\SimPE
2007-05-31 14:19 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\FLEXnet
2007-05-31 14:08 <DIR> d-------- C:\Program Files\Common Files\Macrovision Shared
2007-05-31 14:07 <DIR> d-------- C:\Program Files\Bonjour
2007-05-31 10:32 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\SUPERAntiSpyware.com
2007-05-31 10:31 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-05-31 10:31 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-05-31 10:31 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\SUPERAntiSpyware.com
2007-05-31 07:42 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-05-30 10:17 <DIR> d-------- C:\Program Files\QIP
2007-05-30 09:33 <DIR> d-------- C:\Program Files\IObit
2007-05-29 21:24 <DIR> d-------- C:\Program Files\Clear FTP 2006
2007-05-29 21:24 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\Micropro
2007-05-29 20:30 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\FlashFXP
2007-05-29 07:19 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\Talkback
2007-05-28 20:23 <DIR> d-------- C:\Program Files\Micro DVD Player
2007-05-28 17:57 <DIR> d-------- C:\Program Files\Theme Studio
2007-05-22 19:26 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\WildTangent
2007-05-22 13:35 <DIR> d-------- C:\Program Files\RadLight Company
2007-05-22 11:54 38,480 --------- C:\WINDOWS\system32\IJRMF.exe
2007-05-22 10:29 <DIR> d-------- C:\Program Files\Elaborate Bytes
2007-05-19 18:59 <DIR> d-------- C:\Program Files\Crazy Taxi 3
2007-05-19 18:36 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-05-19 18:36 <DIR> d-------- C:\WINDOWS\Prefetch
2007-05-19 18:29 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-05-19 18:28 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys
2007-05-19 18:28 9,728 --------- C:\WINDOWS\system32\comsdupd.exe
2007-05-19 18:28 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll
2007-05-19 18:28 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2007-05-19 18:28 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys
2007-05-19 18:28 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-05-19 18:28 71,680 --------- C:\WINDOWS\system32\blastcln.exe
2007-05-19 18:28 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-05-19 18:28 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2007-05-19 18:28 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2007-05-19 18:28 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys
2007-05-19 18:28 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2007-05-19 18:28 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-05-19 18:28 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys
2007-05-19 18:28 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys
2007-05-19 18:28 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2007-05-19 18:28 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys
2007-05-19 18:28 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2007-05-19 18:28 516,768 --------- C:\WINDOWS\system32\ativvaxx.dll
2007-05-19 18:28 50,688 --------- C:\WINDOWS\system32\btpanui.dll
2007-05-19 18:28 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys
2007-05-19 18:28 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys
2007-05-19 18:28 44,928 --------- C:\WINDOWS\system32\drivers\agpcpq.sys
2007-05-19 18:28 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys
2007-05-19 18:28 43,008 --------- C:\WINDOWS\system32\drivers\amdagp.sys
2007-05-19 18:28 42,752 --------- C:\WINDOWS\system32\drivers\alim1541.sys
2007-05-19 18:28 42,368 --------- C:\WINDOWS\system32\drivers\agp440.sys
2007-05-19 18:28 42,240 --------- C:\WINDOWS\system32\drivers\viaagp.sys
2007-05-19 18:28 41,088 --------- C:\WINDOWS\system32\drivers\sisagp.sys
2007-05-19 18:28 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys
2007-05-19 18:28 40,832 --------- C:\WINDOWS\system32\drivers\irbus.sys
2007-05-19 18:28 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll
2007-05-19 18:28 39,936 --------- C:\WINDOWS\system32\drivers\intelppm.sys
2007-05-19 18:28 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys
2007-05-19 18:28 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2007-05-19 18:28 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2007-05-19 18:28 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys
2007-05-19 18:28 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2007-05-19 18:28 326,912 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2007-05-19 18:28 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll
2007-05-19 18:28 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2007-05-19 18:28 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys
2007-05-19 18:28 30,208 --------- C:\WINDOWS\system32\bthserv.dll
2007-05-19 18:28 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-05-19 18:28 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll
2007-05-19 18:28 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll
2007-05-19 18:28 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll
2007-05-19 18:28 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll
2007-05-19 18:28 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll
2007-05-19 18:28 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll
2007-05-19 18:28 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll
2007-05-19 18:28 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2007-05-19 18:28 29,056 --------- C:\WINDOWS\system32\drivers\ip6fw.sys
2007-05-19 18:28 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2007-05-19 18:28 274,304 --------- C:\WINDOWS\system32\drivers\bthport.sys
2007-05-19 18:28 263,040 --------- C:\WINDOWS\system32\drivers\http.sys
2007-05-19 18:28 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys
2007-05-19 18:28 25,600 --------- C:\WINDOWS\system32\drivers\hidbth.sys
2007-05-19 18:28 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys
2007-05-19 18:28 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll
2007-05-19 18:28 229,376 --------- C:\WINDOWS\system32\ati2cqag.dll
2007-05-19 18:28 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2007-05-19 18:28 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys
2007-05-19 18:28 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2007-05-19 18:28 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll
2007-05-19 18:28 201,728 --------- C:\WINDOWS\system32\ati2dvag.dll
2007-05-19 18:28 20,992 --------- C:\WINDOWS\system32\bthci.dll
2007-05-19 18:28 180,360 --------- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2007-05-19 18:28 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys
2007-05-19 18:28 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll
2007-05-19 18:28 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys
2007-05-19 18:28 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys
2007-05-19 18:28 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys
2007-05-19 18:28 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2007-05-19 18:28 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys
2007-05-19 18:28 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2007-05-19 18:28 14,336 --------- C:\WINDOWS\system32\auditusr.exe
2007-05-19 18:28 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll
2007-05-19 18:28 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2007-05-19 18:28 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-05-19 18:28 13,824 --------- C:\WINDOWS\system32\cmsetacl.dll
2007-05-19 18:28 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys
2007-05-19 18:28 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2007-05-19 18:28 13,240 --------- C:\WINDOWS\system32\drivers\slwdmsup.sys
2007-05-19 18:28 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys
2007-05-19 18:28 126,686 --------- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2007-05-19 18:28 124,800 --------- C:\WINDOWS\system32\drivers\fltmgr.sys
2007-05-19 18:28 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2007-05-19 18:28 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2007-05-19 18:28 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2007-05-19 18:28 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys
2007-05-19 18:28 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys
2007-05-19 18:28 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2007-05-19 18:28 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys
2007-05-19 18:28 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2007-05-19 18:28 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll
2007-05-19 18:28 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll
2007-05-19 18:28 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys
2007-05-19 18:28 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys
2007-05-19 18:28 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-05-19 18:28 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys
2007-05-19 18:28 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys
2007-05-19 18:28 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2007-05-19 18:28 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys
2007-05-19 18:28 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2007-05-19 18:27 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll
2007-05-19 18:27 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll
2007-05-19 18:27 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll
2007-05-19 18:27 81,920 --------- C:\WINDOWS\system32\ieencode.dll
2007-05-19 18:27 81,408 --------- C:\WINDOWS\system32\wscsvc.dll
2007-05-19 18:27 8,192 --------- C:\WINDOWS\system32\smbinst.exe
2007-05-19 18:27 755,200 --------- C:\WINDOWS\system32\ir50_32.dll
2007-05-19 18:27 75,776 --------- C:\WINDOWS\system32\strmfilt.dll
2007-05-19 18:27 73,832 --------- C:\WINDOWS\system32\slcoinst.dll
2007-05-19 18:27 73,796 --------- C:\WINDOWS\system32\slserv.exe
2007-05-19 18:27 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll
2007-05-19 18:27 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll
2007-05-19 18:27 7,168 --------- C:\WINDOWS\system32\kbdukx.dll
2007-05-19 18:27 7,168 --------- C:\WINDOWS\system32\kbdno1.dll
2007-05-19 18:27 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll
2007-05-19 18:27 60,416 --------- C:\WINDOWS\system32\fwcfg.dll
2007-05-19 18:27 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll
2007-05-19 18:27 6,656 --------- C:\WINDOWS\system32\kbdinben.dll
2007-05-19 18:27 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll
2007-05-19 18:27 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll
2007-05-19 18:27 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll
2007-05-19 18:27 526,848 --------- C:\WINDOWS\system32\p2psvc.dll
2007-05-19 18:27 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll
2007-05-19 18:27 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll
2007-05-19 18:27 49,152 --------- C:\WINDOWS\system32\powercfg.exe
2007-05-19 18:27 48,640 --------- C:\WINDOWS\system32\pnrpnsp.dll
2007-05-19 18:27 463,360 --------- C:\WINDOWS\system32\xpob2res.dll
2007-05-19 18:27 44,032 --------- C:\WINDOWS\system32\twext.dll
2007-05-19 18:27 431,104 --------- C:\WINDOWS\system32\wuapi.dll
2007-05-19 18:27 397,056 --------- C:\WINDOWS\system32\s3gnb.dll
2007-05-19 18:27 384,512 --------- C:\WINDOWS\system32\mp4sdmod.dll
2007-05-19 18:27 36,864 --------- C:\WINDOWS\system32\wups.dll
2007-05-19 18:27 338,432 --------- C:\WINDOWS\system32\ir41_qcx.dll
2007-05-19 18:27 32,866 --------- C:\WINDOWS\system32\slrundll.exe
2007-05-19 18:27 32,866 --------- C:\WINDOWS\slrundll.exe
2007-05-19 18:27 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll
2007-05-19 18:27 312,320 --------- C:\WINDOWS\system32\p2pgraph.dll
2007-05-19 18:27 310,272 --------- C:\WINDOWS\system32\mp43dmod.dll
2007-05-19 18:27 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll
2007-05-19 18:27 286,792 --------- C:\WINDOWS\system32\slextspk.dll
2007-05-19 18:27 24,576 --------- C:\WINDOWS\system32\httpapi.dll
2007-05-19 18:27 22,528 --------- C:\WINDOWS\system32\fltmc.exe
2007-05-19 18:27 200,192 --------- C:\WINDOWS\system32\ir50_qc.dll
2007-05-19 18:27 2,927,616 --------- C:\WINDOWS\system32\xpsp2res.dll
2007-05-19 18:27 193,024 --------- C:\WINDOWS\system32\fsquirt.exe
2007-05-19 18:27 188,508 --------- C:\WINDOWS\system32\slgen.dll
2007-05-19 18:27 183,808 --------- C:\WINDOWS\system32\ir50_qcx.dll
2007-05-19 18:27 183,296 --------- C:\WINDOWS\system32\wuaueng1.dll
2007-05-19 18:27 17,408 --------- C:\WINDOWS\system32\winshfhc.dll
2007-05-19 18:27 166,912 --------- C:\WINDOWS\system32\wuauclt1.exe
2007-05-19 18:27 16,896 --------- C:\WINDOWS\system32\fltlib.dll
2007-05-19 18:27 15,872 --------- C:\WINDOWS\system32\w3ssl.dll
2007-05-19 18:27 13,824 --------- C:\WINDOWS\system32\wscntfy.exe
2007-05-19 18:27 129,536 --------- C:\WINDOWS\system32\xmlprov.dll
2007-05-19 18:27 120,320 --------- C:\WINDOWS\system32\wuweb.dll
2007-05-19 18:27 120,320 --------- C:\WINDOWS\system32\ir41_qc.dll
2007-05-19 18:27 118,784 --------- C:\WINDOWS\system32\msdadiag.dll
2007-05-19 18:27 116,224 --------- C:\WINDOWS\system32\p2p.dll
2007-05-19 18:27 112,640 --------- C:\WINDOWS\system32\wucltui.dll
2007-05-19 18:27 108,032 --------- C:\WINDOWS\system32\wshbth.dll
2007-05-19 18:27 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2007-05-19 18:27 <DIR> d-------- C:\WINDOWS\provisioning
2007-05-19 18:27 <DIR> d-------- C:\WINDOWS\peernet
2007-05-19 18:24 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-05-19 18:17 15,872 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-05-19 18:14 <DIR> d-------- C:\WINDOWS\EHome
2007-05-16 14:58 7,718,504 --a------ C:\WINDOWS\system32\exec1.exe
2007-05-16 14:58 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\DATAAP~1\WinZip
2007-05-14 19:58 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\S.V. Softwares
2007-05-11 12:19 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\ICQ
2007-05-11 12:17 <DIR> d-------- C:\Program Files\ICQ6
2007-05-08 14:02 <DIR> d-------- C:\DOCUME~1\Junior\DATAAP~1\Zoner
2007-05-08 14:01 <DIR> d-------- C:\Program Files\Zoner


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-06 15:59:05 -------- d-----w C:\Program Files\PHONES PROGRAMS
2007-06-06 15:09:29 -------- d-----w C:\DOCUME~1\Junior\DATAAP~1\uTorrent
2007-06-06 05:37:06 682,232 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-06-06 04:51:55 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-06-05 05:26:49 -------- d-----w C:\Program Files\Yahoo!
2007-06-01 10:00:49 73,416 ----a-w C:\WINDOWS\system32\perfc005.dat
2007-06-01 10:00:49 398,746 ----a-w C:\WINDOWS\system32\perfh005.dat
2007-05-31 10:44:40 -------- d-----w C:\Program Files\EA GAMES
2007-05-30 08:26:35 -------- d-----w C:\Program Files\CCleaner
2007-05-30 08:01:48 -------- d-----w C:\Program Files\TrojanHunter 4.5
2007-05-28 16:13:29 -------- d--h--w C:\Program Files\Zero G Registry
2007-05-28 15:51:51 -------- d-----w C:\Program Files\Nokia
2007-05-22 09:54:28 -------- d-----w C:\Program Files\MyPhoneExplorer
2007-05-22 09:54:03 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-05-19 16:35:54 -------- d-----w C:\Program Files\Messenger
2007-05-19 16:27:48 -------- d-----w C:\Program Files\Movie Maker
2007-05-19 16:23:58 -------- d-----w C:\Program Files\Windows NT
2007-05-18 17:20:16 -------- d-----w C:\DOCUME~1\Junior\DATAAP~1\Nokia
2007-05-13 20:03:18 -------- d-----w C:\Program Files\Winamp
2007-05-13 10:57:04 -------- d-----w C:\Program Files\Common Files\Nokia
2007-05-13 10:56:14 -------- d-----w C:\Program Files\VstPlugins
2007-05-13 10:55:14 -------- d-----w C:\DOCUME~1\Junior\DATAAP~1\Ableton
2007-04-28 14:33:21 -------- d-----w C:\Program Files\DIFX
2007-04-28 14:32:44 -------- d-----w C:\Program Files\Common Files\PCSuite
2007-04-28 14:30:42 -------- d-----w C:\Program Files\PC Connectivity Solution
2007-04-21 18:51:05 -------- d-----w C:\DOCUME~1\Junior\DATAAP~1\fltk.org
2007-04-21 18:49:33 -------- d-----w C:\Program Files\Playstation Emulator
2007-04-18 17:14:57 -------- d-----w C:\Program Files\uTorrent
2007-04-17 13:11:51 -------- d-----w C:\DOCUME~1\Junior\DATAAP~1\Datalayer
2007-04-15 11:10:25 -------- d-----w C:\Program Files\FruityLoops3
2007-04-12 15:01:35 -------- d-----w C:\DOCUME~1\Junior\DATAAP~1\Ahead
2007-04-12 14:40:01 -------- d-----w C:\Program Files\Common Files\Ahead
2007-04-12 14:34:52 -------- d-----w C:\Program Files\Nero
2007-04-12 14:33:06 -------- d-----w C:\Program Files\Ahead
2007-04-10 14:49:23 -------- d-----w C:\Program Files\SlySoft
2007-04-01 11:17:05 146 ----a-w C:\WINDOWS\DelMR.bat
2007-03-30 16:57:26 8,464 ----a-w C:\WINDOWS\system32\sporder.dll
2007-03-30 16:57:25 172,544 ----a-w C:\WINDOWS\RLUninstall.exe


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 07:12]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 13:22]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" []
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2003-12-13 02:50]
"nwiz"="nwiz.exe" [2006-08-11 21:43 C:\WINDOWS\system32\nwiz.exe]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 07:03]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 17:15]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 14:16]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 13:45]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20]
"SmartDefrag"="C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" [2007-04-28 21:54]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-17 15:49]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-09-13 11:12]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-05-23 10:12]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 00:29]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)
"NoResolveSearch"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LinkResolveIgnoreLinkInfo"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"="C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2006-12-20 13:55]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*


Contents of the 'Scheduled Tasks' folder
2007-06-08 09:38:12 C:\WINDOWS\tasks\SmartDefrag.job

********************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-08 12:06:45
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0


********************************************************************

Completion time: 2007-06-08 12:08:10
C:\ComboFix-quarantined-files.txt ... 2007-05-31 07:42
C:\ComboFix.txt ... 2007-05-31 07:42

--- E O F ---

hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 12:10:04, on 8.6.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\MSI\BToes Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\AOL\Active Virus Shield\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\QIP\qip.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Junior\Plocha\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\MSI\BToes Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\System32\btxppanel.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: klogon - C:\WINDOWS\System32\klogon.dll
O23 - Service: Active Virus Shield (AVP) - AOL - C:\Program Files\AOL\Active Virus Shield\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\MSI\BToes Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Nahoru
Ryan
Přítel fóra
Přítel fóra
Příspěvky: 109
Registrován: 22 črc 2006 14:51
Bydliště: tam kde je přístup k netu:-) / Nový Bydžov
Kontaktovat uživatele:
Kontaktovat uživatele Ryan

#27 Příspěvek od Ryan »

co znamená když "blbne PC"?
Toto je můj podpis (slouží jako doporučení pro všechny!!!) :
1. Používejte zdravý rozum při surfování po netu a instalování programů
2. Mějte aktuálně zazáplatovaný systém
3. Používejte alternativní webový prohlížeč (Firefox, Opera)
4. Mějte nainstalovaný firewall, ale nespoléhejte se na integrovaný firewall ve Windows (zkuste Kerio, Zone Alarm nebo Comodo)
5. Používejte antivirový program s aktuální virovou databází
6. Mějte alespoň 2 programy (aktualizované) na boj proti spyware/adware/malware
7. Když máte problém, o který se chcete podělit, popište ho podrobně a přiložte log z programu HijackThis
8. Neztěžujte práci moderátorům a rádcům tohoto fóra svojí NEOCHOTOU, LENOSTÍ a POHODLNOSTÍ
9. Všechny podstatné informace naleznete v sekci Důležité informace zde na fóru
10. Dodržováním těchto pravidel nezměníte svět, ale nám ubyde práce a vám problémy;-)
Obrázek
Obrázek
Obrázek
Obrázek
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

#28 Příspěvek od r.o.s.t.a.c.k.a »

Ryan píše:co znamená když "blbne PC"?
Hlásí nedostatek virtuální paměti, i když není vůbec zatížený a občas mi zničehonic nejde vypnout program.. prostě něco pustím, celou dobu všechno funguje, ale nejde vypnout... Tohle se mi stávalo asi před rokem, ale to jsem měla PC zavirovaný a teď to nenašlo nic... Taky obcas zamrzava - vzdycky jen na chvilku....
Nahoru
Ryan
Přítel fóra
Přítel fóra
Příspěvky: 109
Registrován: 22 črc 2006 14:51
Bydliště: tam kde je přístup k netu:-) / Nový Bydžov
Kontaktovat uživatele:
Kontaktovat uživatele Ryan

#29 Příspěvek od Ryan »

kolik máte paměti RAM a místa na harddisku? nemáte zbytečně puštěno moc programu na pozadí?
Toto je můj podpis (slouží jako doporučení pro všechny!!!) :
1. Používejte zdravý rozum při surfování po netu a instalování programů
2. Mějte aktuálně zazáplatovaný systém
3. Používejte alternativní webový prohlížeč (Firefox, Opera)
4. Mějte nainstalovaný firewall, ale nespoléhejte se na integrovaný firewall ve Windows (zkuste Kerio, Zone Alarm nebo Comodo)
5. Používejte antivirový program s aktuální virovou databází
6. Mějte alespoň 2 programy (aktualizované) na boj proti spyware/adware/malware
7. Když máte problém, o který se chcete podělit, popište ho podrobně a přiložte log z programu HijackThis
8. Neztěžujte práci moderátorům a rádcům tohoto fóra svojí NEOCHOTOU, LENOSTÍ a POHODLNOSTÍ
9. Všechny podstatné informace naleznete v sekci Důležité informace zde na fóru
10. Dodržováním těchto pravidel nezměníte svět, ale nám ubyde práce a vám problémy;-)
Obrázek
Obrázek
Obrázek
Obrázek
Nahoru
r.o.s.t.a.c.k.a
Návštěvník
Návštěvník
Příspěvky: 200
Registrován: 12 zář 2006 09:40
Bydliště: Teplice
Kontaktovat uživatele:
Kontaktovat uživatele r.o.s.t.a.c.k.a

#30 Příspěvek od r.o.s.t.a.c.k.a »

Ryan píše:kolik máte paměti RAM a místa na harddisku? nemáte zbytečně puštěno moc programu na pozadí?
ramka nic moc - 512 - ale driv to nedelalo.. Programu moc najednou nepoustim.. Momentalne ted mi jede jen QIP.. A aktivni je antivir a Kerio... na disku mam 14 GB volnyho...
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“