Re: Neviem napalovat a podozrenie na rootkit
Napsal: 07 dub 2010 19:58
ł>#}><}Đđ>łj[ł>$đĐł[*MD$đß|ł}[$ł>đĐ{]${[$Đđđł[đĐ]$,]dĐđ[đĐ[đ[@đĐ]
Spustte ještě jednou combofix a napište, jak to vypadá s počítačem.
VIRY.CZ
Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/
Neviem napalovat a podozrenie na rootkit
Stránka 4 z 4
Re: Neviem napalovat a podozrenie na rootkit
Napsal: 07 dub 2010 20:05
Spustte ještě jednou combofix a napište, jak to vypadá s počítačem.
Re: Neviem napalovat a podozrenie na rootkit
Napsal: 07 dub 2010 20:30
ako som ho xel spustit tak sa vymazal.teraz som u suseda.co mam robit?nic sa neda robit na nom.ked tuknem na hociaku ikonu tak mi vyhodi vlastnosti,a klavesnica pise len to co si aj videla vissie,a mys ide len ked sa mu xe a aj ked ide tak ako keby mal pomenee vlastnosti.
Re: Neviem napalovat a podozrenie na rootkit
Napsal: 07 dub 2010 20:32
V nouzovém režimu funguje také takto?
Jinak já pro dnešek končím, omlouvám se
Jinak já pro dnešek končím, omlouvám se
Re: Neviem napalovat a podozrenie na rootkit
Napsal: 07 dub 2010 20:35
Zkuste ještě tohle, v nouzovém režimu
Stahněte Rkill z jednoho z odkazů, pokud by ho vir blokoval, zkuste stahnout jiný
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill COM:
http://download.bleepingcomputer.com/grinler/rkill.com
Rkill SCR:
http://download.bleepingcomputer.com/grinler/rkill.scr
Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif
-spusťte ho a nechejte pracovat. Sám se ukončí.
-
Ted nerestartujte počítač!
Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
-souhlaste s instalací konzole pro zotavení
- ComboFix je třeba spustit pod účtem s právy administrátora
- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem
Pokud to nepůjde, zítra Vám tu nechám návod na live cd
Stahněte Rkill z jednoho z odkazů, pokud by ho vir blokoval, zkuste stahnout jinýRkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill COM:
http://download.bleepingcomputer.com/grinler/rkill.com
Rkill SCR:
http://download.bleepingcomputer.com/grinler/rkill.scr
Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif
-spusťte ho a nechejte pracovat. Sám se ukončí.
-
Ted nerestartujte počítač! Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe -souhlaste s instalací konzole pro zotavení
- ComboFix je třeba spustit pod účtem s právy administrátora
- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem
Pokud to nepůjde, zítra Vám tu nechám návod na live cd
Re: Neviem napalovat a podozrenie na rootkit
Napsal: 07 dub 2010 21:57
ComboFix 10-04-06.05 - Gorgo . 04. 2010 22:47:47.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.1014.515 [GMT 2:00]
Running from: c:\documents and settings\Gorgo\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
((((((((((((((((((((((((( Files Created from 2010-03-07 to 2010-04-07 )))))))))))))))))))))))))))))))
.
2010-04-07 17:13 . 2010-04-07 17:15 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-03-26 16:15 . 2010-03-26 16:15 -------- d-----w- c:\program files\Common Files\Skype
2010-03-24 08:05 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-03-24 08:05 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-03-24 08:05 . 2010-03-24 08:05 -------- d-----w- c:\windows\Logs
2010-03-23 08:49 . 2002-12-17 15:23 33340 ------w- c:\windows\system32\dbmsqlgc.dll
2010-03-23 08:49 . 2002-10-20 13:05 24576 ------w- c:\windows\system32\dbmsgnet.dll
2010-03-23 08:49 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-03-23 08:49 . 2010-03-23 08:49 -------- d-----w- c:\program files\Microsoft SQL Server
2010-03-23 08:48 . 2010-03-23 08:48 -------- d-----w- C:\Tangram
2010-03-19 20:41 . 2004-03-02 16:37 125184 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-03-19 20:41 . 2004-03-02 16:37 5504 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-03-19 20:41 . 2004-07-26 16:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-03-19 20:41 . 2004-07-26 16:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-03-19 20:41 . 2004-07-26 16:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-03-19 20:41 . 2004-07-26 16:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-03-19 20:41 . 2000-06-26 10:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-03-19 20:41 . 2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-03-19 20:40 . 2010-03-19 20:40 -------- d-----w- c:\program files\Common Files\Ahead
2010-03-15 17:59 . 2010-03-15 17:59 -------- d--h--w- c:\windows\PIF
2010-03-14 16:57 . 2010-03-15 11:51 2905 ----a-w- C:\UsbFix_Upload_Me_TARA.zip
2010-03-14 16:45 . 2010-03-19 20:32 -------- d-----w- C:\UsbFix
2010-03-11 11:05 . 2010-04-07 18:38 -------- d-----w- c:\program files\trend micro
2010-03-11 11:05 . 2010-03-11 11:05 -------- d-----w- C:\rsit
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-07 20:50 . 2010-02-11 16:21 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2010-04-07 20:50 . 2010-02-11 16:20 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2010-04-07 10:47 . 2010-02-13 12:19 -------- d-----w- c:\program files\CCleaner
2010-03-28 08:11 . 2001-10-25 11:00 76220 ----a-w- c:\windows\system32\perfc005.dat
2010-03-28 08:11 . 2001-10-25 11:00 407610 ----a-w- c:\windows\system32\perfh005.dat
2010-03-24 08:05 . 2010-03-24 08:04 -------- d-----w- c:\program files\Winamp
2010-03-19 20:41 . 2010-02-20 14:22 -------- d-----w- c:\program files\Ahead
2010-03-07 20:45 . 2010-02-06 22:04 4700 ----a-w- c:\windows\system32\secushr.dat
2010-02-25 17:45 . 2010-02-25 17:45 -------- d-----w- c:\program files\THQ
2010-02-22 08:09 . 2010-02-22 08:09 -------- d-----w- c:\program files\Google
2010-02-13 13:35 . 2010-02-13 13:35 -------- d-----w- c:\program files\Common Files\Java
2010-02-13 13:34 . 2010-02-13 13:34 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-13 13:34 . 2010-02-13 13:34 -------- d-----w- c:\program files\Java
2010-02-12 22:37 . 2010-02-12 22:18 -------- d-----w- c:\program files\PhotoScape
2010-02-12 22:05 . 2010-02-12 22:03 -------- d-----w- c:\program files\QIP
2010-02-11 16:23 . 2010-02-11 16:19 -------- d-----w- c:\program files\Logitech
2010-02-11 16:21 . 2010-02-11 16:19 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-02-09 12:22 . 2010-02-07 21:44 141361 ----a-w- c:\windows\hpoins15.dat
2010-02-09 12:19 . 2010-02-09 12:19 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_silabser_01005.Wdf
2010-02-09 12:19 . 2010-02-09 12:19 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-02-09 12:16 . 2010-02-09 12:16 -------- d-----w- c:\program files\Silabs
2010-02-09 12:12 . 2010-01-30 16:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-09 12:07 . 2010-02-09 12:07 -------- d-----w- c:\program files\Elcom
2010-02-07 22:05 . 2010-02-07 22:05 -------- d-----w- c:\program files\Microsoft.NET
2010-02-07 21:55 . 2010-02-07 21:49 -------- d-----w- c:\program files\HP
2010-02-07 21:52 . 2010-02-07 21:52 -------- d-----w- c:\program files\Common Files\HP
2010-02-07 21:51 . 2010-02-07 21:51 -------- d-----w- c:\program files\Hewlett-Packard
2010-02-07 21:51 . 2010-02-07 21:51 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2010-01-31 18:50 . 2010-01-30 15:33 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-31 18:50 . 2010-01-30 15:33 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-31 18:50 . 2010-01-30 15:34 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-30 16:35 . 2010-01-30 16:35 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-30 16:30 . 2010-01-30 16:30 0 ----a-w- c:\windows\nsreg.dat
2010-01-30 16:04 . 2010-01-30 16:04 315392 ----a-w- c:\windows\HideWin.exe
2010-01-30 15:31 . 2010-01-30 15:31 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-08 07:13 . 2010-01-08 07:13 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-03-11_16.49.23 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-07 20:51 . 2010-04-07 20:51 16384 c:\windows\Temp\Perflib_Perfdata_67c.dat
+ 2005-01-28 12:44 . 2005-01-28 12:44 10752 c:\windows\system32\wpdtrace.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 66560 c:\windows\system32\wpdmtpus.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 61952 c:\windows\system32\wpdconns.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 38912 c:\windows\system32\wpd_ci.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 33792 c:\windows\system32\WMDMPS.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 28160 c:\windows\system32\WMDMLOG.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 38912 c:\windows\system32\wdfmgr.exe
+ 2005-01-28 12:44 . 2005-01-28 12:44 15872 c:\windows\system32\wdfapi.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 96752 c:\windows\system32\vxblock.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 47104 c:\windows\system32\uwdf.exe
+ 2010-03-24 08:04 . 2009-04-28 20:20 66032 c:\windows\system32\pxinsa64.exe
+ 2010-03-24 08:04 . 2009-04-28 20:20 72176 c:\windows\system32\pxhpinst.exe
+ 2010-03-24 08:04 . 2009-04-28 20:20 66544 c:\windows\system32\pxcpya64.exe
+ 2001-10-25 11:00 . 2010-03-28 08:11 66076 c:\windows\system32\perfc009.dat
+ 2008-04-14 06:51 . 2005-01-28 12:44 25088 c:\windows\system32\MsPMSNSv.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 96768 c:\windows\system32\logagent.exe
+ 2008-04-14 06:51 . 2005-01-28 12:44 96768 c:\windows\system32\drmstor.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 18944 c:\windows\system32\drivers\wpdusb.sys
+ 2010-03-24 08:04 . 2009-04-28 20:20 44944 c:\windows\system32\drivers\PxHelp20.sys
+ 2008-04-14 06:52 . 2005-01-28 12:44 33792 c:\windows\system32\dllcache\wmdmps.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 28160 c:\windows\system32\dllcache\wmdmlog.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 25088 c:\windows\system32\dllcache\mspmsnsv.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 96768 c:\windows\system32\dllcache\logagent.exe
+ 2008-04-14 06:51 . 2005-01-28 12:44 96768 c:\windows\system32\dllcache\drmstor.dll
+ 2002-12-17 16:23 . 2002-12-17 16:23 29244 c:\windows\system32\DBmsLPCn.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 96768 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmstor.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 87040 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmstor.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 96768 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe
+ 2010-03-24 08:04 . 2005-01-28 12:44 18944 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdusb.sys
+ 2010-03-24 08:04 . 2005-01-28 12:44 10752 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdtrace.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 66560 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtpus.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 61952 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdconns.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 38912 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpd_ci.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 38912 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe
+ 2010-03-24 08:04 . 2005-01-28 12:44 15872 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfapi.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 47104 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe
+ 2010-03-24 08:04 . 2005-01-28 12:44 33792 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\WMDMPS.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 28160 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\WMDMLOG.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 25088 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 23552 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\WMDMPS.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 27136 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\WMDMLOG.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 52224 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 6656 c:\windows\system32\laprxy.dll
- 2008-04-14 06:51 . 2008-04-14 06:51 6656 c:\windows\system32\laprxy.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 9200 c:\windows\system32\drivers\cdralw2k.sys
+ 2010-03-24 08:04 . 2009-04-28 20:20 9072 c:\windows\system32\drivers\cdr4_xp.sys
+ 2008-04-14 06:51 . 2005-01-28 12:44 6656 c:\windows\system32\dllcache\laprxy.dll
- 2008-04-14 06:51 . 2008-04-14 06:51 6656 c:\windows\system32\dllcache\laprxy.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 6656 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\laprxy.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 6656 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\laprxy.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 331264 c:\windows\system32\wpdsp.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 331776 c:\windows\system32\wpdmtpdr.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 114176 c:\windows\system32\wpdmtp.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 895736 c:\windows\system32\wmvdmod.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 940544 c:\windows\system32\wmspdmoe.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 413944 c:\windows\system32\wmspdmod.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 774904 c:\windows\system32\wmsdmod.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 150016 c:\windows\system32\wmidx.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 290816 c:\windows\system32\WMDRMNet.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 335872 c:\windows\system32\WMDRMdev.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 224768 c:\windows\system32\wmasf.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 716288 c:\windows\system32\wmadmoe.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 396528 c:\windows\system32\wmadmod.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 221184 c:\windows\system32\qasf.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 436720 c:\windows\system32\pxwave.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 219632 c:\windows\system32\pxmas.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 551408 c:\windows\system32\pxdrv.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 129520 c:\windows\system32\pxafs.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 670192 c:\windows\system32\px.dll
+ 2001-10-25 11:00 . 2010-03-28 08:11 410262 c:\windows\system32\perfh009.dat
+ 2008-04-14 06:51 . 2005-01-28 12:44 315904 c:\windows\system32\MSWMDM.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 364784 c:\windows\system32\MSSCP.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 173568 c:\windows\system32\MsPMSP.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 142336 c:\windows\system32\msnetobj.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 502272 c:\windows\system32\drmv2clt.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 258296 c:\windows\system32\drmclien.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 895736 c:\windows\system32\dllcache\wmvdmod.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 940544 c:\windows\system32\dllcache\wmspdmoe.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 413944 c:\windows\system32\dllcache\wmspdmod.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 774904 c:\windows\system32\dllcache\wmsdmod.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 150016 c:\windows\system32\dllcache\wmidx.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 224768 c:\windows\system32\dllcache\wmasf.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 716288 c:\windows\system32\dllcache\wmadmoe.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 396528 c:\windows\system32\dllcache\wmadmod.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 221184 c:\windows\system32\dllcache\qasf.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 315904 c:\windows\system32\dllcache\mswmdm.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 364784 c:\windows\system32\dllcache\msscp.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 173568 c:\windows\system32\dllcache\mspmsp.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 142336 c:\windows\system32\dllcache\msnetobj.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 502272 c:\windows\system32\dllcache\drmv2clt.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 258296 c:\windows\system32\dllcache\drmclien.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 164864 c:\windows\system32\dllcache\cewmdm.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 294912 c:\windows\system32\dllcache\blackbox.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 164864 c:\windows\system32\cewmdm.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 294912 c:\windows\system32\blackbox.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 142336 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\msnetobj.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 502272 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmv2clt.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 258296 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmclien.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 294912 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\blackbox.dll
+ 2010-03-24 08:04 . 2008-04-14 06:53 259072 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\msnetobj.dll
+ 2010-03-24 08:04 . 2008-04-14 06:53 695808 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmv2clt.dll
+ 2010-03-24 08:04 . 2008-04-14 06:53 299520 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmclien.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 286720 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\blackbox.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 940544 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmspdmoe.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 150016 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmidx.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 290816 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMDRMNet.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 335872 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMDRMdev.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 224768 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmasf.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 716288 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmadmoe.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 221184 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\qasf.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 897024 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmspdmoe.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 151552 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmidx.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 230912 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmasf.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 670720 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmadmoe.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 237568 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\qasf.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 103936 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe
+ 2010-03-24 08:04 . 2005-01-28 12:44 895736 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmvdmod.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 413944 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmspdmod.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 774904 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmsdmod.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 396528 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmadmod.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 809984 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmvdmod.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 485376 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmspdmod.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 759296 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmsdmod.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 408064 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmadmod.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 331264 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdsp.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 331776 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtpdr.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 114176 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtp.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 315904 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MSWMDM.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 364784 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MSSCP.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 173568 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSP.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 164864 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\cewmdm.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 245760 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MSWMDM.dll
+ 2010-03-24 08:04 . 2008-04-14 06:53 356352 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MSSCP.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 201728 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSP.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 159232 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\cewmdm.dll
- 2010-01-30 16:32 . 2010-01-30 16:32 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2010-03-26 16:15 . 2010-03-26 16:15 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2008-04-14 06:52 . 2005-01-28 12:44 1003008 c:\windows\system32\wmvdmoe2.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 2370296 c:\windows\system32\wmvcore.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 1512448 c:\windows\system32\WMVADVE.DLL
+ 2005-01-28 12:44 . 2005-01-28 12:44 1218808 c:\windows\system32\wmvadvd.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 1119744 c:\windows\system32\wmsdmoe2.dll
- 2008-04-14 06:52 . 2008-04-14 06:52 1119744 c:\windows\system32\wmsdmoe2.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 1027072 c:\windows\system32\wmnetmgr.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 1858032 c:\windows\system32\pxsfs.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 1003008 c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 2370296 c:\windows\system32\dllcache\wmvcore.dll
- 2008-04-14 06:52 . 2008-04-14 06:52 1119744 c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 1119744 c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 1027072 c:\windows\system32\dllcache\wmnetmgr.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 1003008 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmvdmoe2.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 2370296 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmvcore.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 1512448 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMVADVE.DLL
+ 2010-03-24 08:04 . 2005-01-28 12:44 1119744 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmsdmoe2.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 1027072 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmnetmgr.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 1001472 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmvdmoe2.dll
+ 2010-03-24 08:04 . 2008-04-14 06:53 2109440 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmvcore.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 1119744 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmsdmoe2.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 1053184 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmnetmgr.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 1218808 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmvadvd.dll
+ 2010-03-26 16:15 . 2010-03-26 16:15 1575936 c:\windows\Installer\71cfe5.msi
+ 2010-03-23 08:50 . 2010-03-23 08:50 1880576 c:\windows\Installer\52e7e6a.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-08 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-11-08 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-08 137752]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-13 37888]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2057536]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16. 11. 2009 10:03 108792]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16. 11. 2009 10:04 735960]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [13. 11. 2009 12:28 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16. 6. 2009 9:58 20480]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [9. 2. 2010 14:16 17920]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [9. 2. 2010 14:16 58368]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [31. 1. 2010 17:07 11520]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Supplementary Scan -------
.
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Download all by FlashGet3 - c:\documents and settings\Gorgo\Data aplikací\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\documents and settings\Gorgo\Data aplikací\FlashGetBHO\GetUrl.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: kuaiche.com\software
TCP: {AA7DC3B3-E055-45B9-9D89-BA731EF87405} = 192.168.1.254
FF - ProfilePath - c:\documents and settings\Gorgo\Data aplikací\Mozilla\Firefox\Profiles\0i4uakqt.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-07 22:51
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2860)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Completion time: 2010-04-07 22:53:14 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-07 20:53
ComboFix2.txt 2010-03-15 12:19
ComboFix3.txt 2010-03-11 16:50
Pre-Run: 9 904 271 360
Post-Run: 9 868 546 048
- - End Of File - - 3821A4BE80BD6D1607E36108628A5F19
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.1014.515 [GMT 2:00]
Running from: c:\documents and settings\Gorgo\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Outdated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
((((((((((((((((((((((((( Files Created from 2010-03-07 to 2010-04-07 )))))))))))))))))))))))))))))))
.
2010-04-07 17:13 . 2010-04-07 17:15 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-03-26 16:15 . 2010-03-26 16:15 -------- d-----w- c:\program files\Common Files\Skype
2010-03-24 08:05 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-03-24 08:05 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2010-03-24 08:05 . 2010-03-24 08:05 -------- d-----w- c:\windows\Logs
2010-03-23 08:49 . 2002-12-17 15:23 33340 ------w- c:\windows\system32\dbmsqlgc.dll
2010-03-23 08:49 . 2002-10-20 13:05 24576 ------w- c:\windows\system32\dbmsgnet.dll
2010-03-23 08:49 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-03-23 08:49 . 2010-03-23 08:49 -------- d-----w- c:\program files\Microsoft SQL Server
2010-03-23 08:48 . 2010-03-23 08:48 -------- d-----w- C:\Tangram
2010-03-19 20:41 . 2004-03-02 16:37 125184 ------w- c:\windows\system32\drivers\imagesrv.sys
2010-03-19 20:41 . 2004-03-02 16:37 5504 ------w- c:\windows\system32\drivers\imagedrv.sys
2010-03-19 20:41 . 2004-07-26 16:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2010-03-19 20:41 . 2004-07-26 16:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2010-03-19 20:41 . 2004-07-26 16:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2010-03-19 20:41 . 2004-07-26 16:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2010-03-19 20:41 . 2000-06-26 10:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2010-03-19 20:41 . 2001-07-09 10:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2010-03-19 20:40 . 2010-03-19 20:40 -------- d-----w- c:\program files\Common Files\Ahead
2010-03-15 17:59 . 2010-03-15 17:59 -------- d--h--w- c:\windows\PIF
2010-03-14 16:57 . 2010-03-15 11:51 2905 ----a-w- C:\UsbFix_Upload_Me_TARA.zip
2010-03-14 16:45 . 2010-03-19 20:32 -------- d-----w- C:\UsbFix
2010-03-11 11:05 . 2010-04-07 18:38 -------- d-----w- c:\program files\trend micro
2010-03-11 11:05 . 2010-03-11 11:05 -------- d-----w- C:\rsit
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-07 20:50 . 2010-02-11 16:21 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
2010-04-07 20:50 . 2010-02-11 16:20 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
2010-04-07 10:47 . 2010-02-13 12:19 -------- d-----w- c:\program files\CCleaner
2010-03-28 08:11 . 2001-10-25 11:00 76220 ----a-w- c:\windows\system32\perfc005.dat
2010-03-28 08:11 . 2001-10-25 11:00 407610 ----a-w- c:\windows\system32\perfh005.dat
2010-03-24 08:05 . 2010-03-24 08:04 -------- d-----w- c:\program files\Winamp
2010-03-19 20:41 . 2010-02-20 14:22 -------- d-----w- c:\program files\Ahead
2010-03-07 20:45 . 2010-02-06 22:04 4700 ----a-w- c:\windows\system32\secushr.dat
2010-02-25 17:45 . 2010-02-25 17:45 -------- d-----w- c:\program files\THQ
2010-02-22 08:09 . 2010-02-22 08:09 -------- d-----w- c:\program files\Google
2010-02-13 13:35 . 2010-02-13 13:35 -------- d-----w- c:\program files\Common Files\Java
2010-02-13 13:34 . 2010-02-13 13:34 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-13 13:34 . 2010-02-13 13:34 -------- d-----w- c:\program files\Java
2010-02-12 22:37 . 2010-02-12 22:18 -------- d-----w- c:\program files\PhotoScape
2010-02-12 22:05 . 2010-02-12 22:03 -------- d-----w- c:\program files\QIP
2010-02-11 16:23 . 2010-02-11 16:19 -------- d-----w- c:\program files\Logitech
2010-02-11 16:21 . 2010-02-11 16:19 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-02-09 12:22 . 2010-02-07 21:44 141361 ----a-w- c:\windows\hpoins15.dat
2010-02-09 12:19 . 2010-02-09 12:19 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_silabser_01005.Wdf
2010-02-09 12:19 . 2010-02-09 12:19 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-02-09 12:16 . 2010-02-09 12:16 -------- d-----w- c:\program files\Silabs
2010-02-09 12:12 . 2010-01-30 16:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-09 12:07 . 2010-02-09 12:07 -------- d-----w- c:\program files\Elcom
2010-02-07 22:05 . 2010-02-07 22:05 -------- d-----w- c:\program files\Microsoft.NET
2010-02-07 21:55 . 2010-02-07 21:49 -------- d-----w- c:\program files\HP
2010-02-07 21:52 . 2010-02-07 21:52 -------- d-----w- c:\program files\Common Files\HP
2010-02-07 21:51 . 2010-02-07 21:51 -------- d-----w- c:\program files\Hewlett-Packard
2010-02-07 21:51 . 2010-02-07 21:51 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2010-01-31 18:50 . 2010-01-30 15:33 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-31 18:50 . 2010-01-30 15:33 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-31 18:50 . 2010-01-30 15:34 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-30 16:35 . 2010-01-30 16:35 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-01-30 16:30 . 2010-01-30 16:30 0 ----a-w- c:\windows\nsreg.dat
2010-01-30 16:04 . 2010-01-30 16:04 315392 ----a-w- c:\windows\HideWin.exe
2010-01-30 15:31 . 2010-01-30 15:31 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-08 07:13 . 2010-01-08 07:13 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-03-11_16.49.23 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-07 20:51 . 2010-04-07 20:51 16384 c:\windows\Temp\Perflib_Perfdata_67c.dat
+ 2005-01-28 12:44 . 2005-01-28 12:44 10752 c:\windows\system32\wpdtrace.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 66560 c:\windows\system32\wpdmtpus.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 61952 c:\windows\system32\wpdconns.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 38912 c:\windows\system32\wpd_ci.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 33792 c:\windows\system32\WMDMPS.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 28160 c:\windows\system32\WMDMLOG.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 38912 c:\windows\system32\wdfmgr.exe
+ 2005-01-28 12:44 . 2005-01-28 12:44 15872 c:\windows\system32\wdfapi.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 96752 c:\windows\system32\vxblock.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 47104 c:\windows\system32\uwdf.exe
+ 2010-03-24 08:04 . 2009-04-28 20:20 66032 c:\windows\system32\pxinsa64.exe
+ 2010-03-24 08:04 . 2009-04-28 20:20 72176 c:\windows\system32\pxhpinst.exe
+ 2010-03-24 08:04 . 2009-04-28 20:20 66544 c:\windows\system32\pxcpya64.exe
+ 2001-10-25 11:00 . 2010-03-28 08:11 66076 c:\windows\system32\perfc009.dat
+ 2008-04-14 06:51 . 2005-01-28 12:44 25088 c:\windows\system32\MsPMSNSv.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 96768 c:\windows\system32\logagent.exe
+ 2008-04-14 06:51 . 2005-01-28 12:44 96768 c:\windows\system32\drmstor.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 18944 c:\windows\system32\drivers\wpdusb.sys
+ 2010-03-24 08:04 . 2009-04-28 20:20 44944 c:\windows\system32\drivers\PxHelp20.sys
+ 2008-04-14 06:52 . 2005-01-28 12:44 33792 c:\windows\system32\dllcache\wmdmps.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 28160 c:\windows\system32\dllcache\wmdmlog.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 25088 c:\windows\system32\dllcache\mspmsnsv.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 96768 c:\windows\system32\dllcache\logagent.exe
+ 2008-04-14 06:51 . 2005-01-28 12:44 96768 c:\windows\system32\dllcache\drmstor.dll
+ 2002-12-17 16:23 . 2002-12-17 16:23 29244 c:\windows\system32\DBmsLPCn.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 96768 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmstor.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 87040 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmstor.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 96768 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe
+ 2010-03-24 08:04 . 2005-01-28 12:44 18944 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdusb.sys
+ 2010-03-24 08:04 . 2005-01-28 12:44 10752 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdtrace.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 66560 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtpus.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 61952 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdconns.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 38912 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpd_ci.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 38912 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe
+ 2010-03-24 08:04 . 2005-01-28 12:44 15872 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfapi.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 47104 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe
+ 2010-03-24 08:04 . 2005-01-28 12:44 33792 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\WMDMPS.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 28160 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\WMDMLOG.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 25088 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 23552 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\WMDMPS.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 27136 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\WMDMLOG.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 52224 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 6656 c:\windows\system32\laprxy.dll
- 2008-04-14 06:51 . 2008-04-14 06:51 6656 c:\windows\system32\laprxy.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 9200 c:\windows\system32\drivers\cdralw2k.sys
+ 2010-03-24 08:04 . 2009-04-28 20:20 9072 c:\windows\system32\drivers\cdr4_xp.sys
+ 2008-04-14 06:51 . 2005-01-28 12:44 6656 c:\windows\system32\dllcache\laprxy.dll
- 2008-04-14 06:51 . 2008-04-14 06:51 6656 c:\windows\system32\dllcache\laprxy.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 6656 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\laprxy.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 6656 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\laprxy.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 331264 c:\windows\system32\wpdsp.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 331776 c:\windows\system32\wpdmtpdr.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 114176 c:\windows\system32\wpdmtp.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 895736 c:\windows\system32\wmvdmod.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 940544 c:\windows\system32\wmspdmoe.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 413944 c:\windows\system32\wmspdmod.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 774904 c:\windows\system32\wmsdmod.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 150016 c:\windows\system32\wmidx.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 290816 c:\windows\system32\WMDRMNet.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 335872 c:\windows\system32\WMDRMdev.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 224768 c:\windows\system32\wmasf.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 716288 c:\windows\system32\wmadmoe.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 396528 c:\windows\system32\wmadmod.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 221184 c:\windows\system32\qasf.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 436720 c:\windows\system32\pxwave.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 219632 c:\windows\system32\pxmas.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 551408 c:\windows\system32\pxdrv.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 129520 c:\windows\system32\pxafs.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 670192 c:\windows\system32\px.dll
+ 2001-10-25 11:00 . 2010-03-28 08:11 410262 c:\windows\system32\perfh009.dat
+ 2008-04-14 06:51 . 2005-01-28 12:44 315904 c:\windows\system32\MSWMDM.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 364784 c:\windows\system32\MSSCP.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 173568 c:\windows\system32\MsPMSP.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 142336 c:\windows\system32\msnetobj.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 502272 c:\windows\system32\drmv2clt.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 258296 c:\windows\system32\drmclien.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 895736 c:\windows\system32\dllcache\wmvdmod.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 940544 c:\windows\system32\dllcache\wmspdmoe.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 413944 c:\windows\system32\dllcache\wmspdmod.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 774904 c:\windows\system32\dllcache\wmsdmod.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 150016 c:\windows\system32\dllcache\wmidx.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 224768 c:\windows\system32\dllcache\wmasf.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 716288 c:\windows\system32\dllcache\wmadmoe.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 396528 c:\windows\system32\dllcache\wmadmod.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 221184 c:\windows\system32\dllcache\qasf.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 315904 c:\windows\system32\dllcache\mswmdm.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 364784 c:\windows\system32\dllcache\msscp.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 173568 c:\windows\system32\dllcache\mspmsp.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 142336 c:\windows\system32\dllcache\msnetobj.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 502272 c:\windows\system32\dllcache\drmv2clt.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 258296 c:\windows\system32\dllcache\drmclien.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 164864 c:\windows\system32\dllcache\cewmdm.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 294912 c:\windows\system32\dllcache\blackbox.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 164864 c:\windows\system32\cewmdm.dll
+ 2008-04-14 06:51 . 2005-01-28 12:44 294912 c:\windows\system32\blackbox.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 142336 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\msnetobj.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 502272 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmv2clt.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 258296 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drmclien.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 294912 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\blackbox.dll
+ 2010-03-24 08:04 . 2008-04-14 06:53 259072 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\msnetobj.dll
+ 2010-03-24 08:04 . 2008-04-14 06:53 695808 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmv2clt.dll
+ 2010-03-24 08:04 . 2008-04-14 06:53 299520 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\drmclien.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 286720 c:\windows\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}$BACKUP$\System\blackbox.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 940544 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmspdmoe.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 150016 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmidx.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 290816 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMDRMNet.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 335872 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMDRMdev.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 224768 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmasf.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 716288 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmadmoe.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 221184 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\qasf.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 897024 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmspdmoe.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 151552 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmidx.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 230912 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmasf.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 670720 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmadmoe.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 237568 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\qasf.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 103936 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe
+ 2010-03-24 08:04 . 2005-01-28 12:44 895736 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmvdmod.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 413944 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmspdmod.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 774904 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmsdmod.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 396528 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmadmod.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 809984 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmvdmod.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 485376 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmspdmod.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 759296 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmsdmod.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 408064 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}$BACKUP$\System\wmadmod.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 331264 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdsp.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 331776 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtpdr.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 114176 c:\windows\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpdmtp.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 315904 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MSWMDM.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 364784 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MSSCP.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 173568 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSP.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 164864 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\cewmdm.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 245760 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MSWMDM.dll
+ 2010-03-24 08:04 . 2008-04-14 06:53 356352 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MSSCP.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 201728 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSP.dll
+ 2010-03-24 08:04 . 2008-04-14 06:51 159232 c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\cewmdm.dll
- 2010-01-30 16:32 . 2010-01-30 16:32 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2010-03-26 16:15 . 2010-03-26 16:15 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2008-04-14 06:52 . 2005-01-28 12:44 1003008 c:\windows\system32\wmvdmoe2.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 2370296 c:\windows\system32\wmvcore.dll
+ 2005-01-28 12:44 . 2005-01-28 12:44 1512448 c:\windows\system32\WMVADVE.DLL
+ 2005-01-28 12:44 . 2005-01-28 12:44 1218808 c:\windows\system32\wmvadvd.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 1119744 c:\windows\system32\wmsdmoe2.dll
- 2008-04-14 06:52 . 2008-04-14 06:52 1119744 c:\windows\system32\wmsdmoe2.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 1027072 c:\windows\system32\wmnetmgr.dll
+ 2010-03-24 08:04 . 2009-04-28 20:20 1858032 c:\windows\system32\pxsfs.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 1003008 c:\windows\system32\dllcache\wmvdmoe2.dll
+ 2008-04-14 06:53 . 2005-01-28 12:44 2370296 c:\windows\system32\dllcache\wmvcore.dll
- 2008-04-14 06:52 . 2008-04-14 06:52 1119744 c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 1119744 c:\windows\system32\dllcache\wmsdmoe2.dll
+ 2008-04-14 06:52 . 2005-01-28 12:44 1027072 c:\windows\system32\dllcache\wmnetmgr.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 1003008 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmvdmoe2.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 2370296 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmvcore.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 1512448 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMVADVE.DLL
+ 2010-03-24 08:04 . 2005-01-28 12:44 1119744 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmsdmoe2.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 1027072 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmnetmgr.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 1001472 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmvdmoe2.dll
+ 2010-03-24 08:04 . 2008-04-14 06:53 2109440 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmvcore.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 1119744 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmsdmoe2.dll
+ 2010-03-24 08:04 . 2008-04-14 06:52 1053184 c:\windows\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\wmnetmgr.dll
+ 2010-03-24 08:04 . 2005-01-28 12:44 1218808 c:\windows\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\wmvadvd.dll
+ 2010-03-26 16:15 . 2010-03-26 16:15 1575936 c:\windows\Installer\71cfe5.msi
+ 2010-03-23 08:50 . 2010-03-23 08:50 1880576 c:\windows\Installer\52e7e6a.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-11-08 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-11-08 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-11-08 137752]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-13 37888]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2057536]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HonorAutoRunSetting"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16. 11. 2009 10:03 108792]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16. 11. 2009 10:04 735960]
R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [13. 11. 2009 12:28 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16. 6. 2009 9:58 20480]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\drivers\silabenm.sys [9. 2. 2010 14:16 17920]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver;c:\windows\system32\drivers\silabser.sys [9. 2. 2010 14:16 58368]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [31. 1. 2010 17:07 11520]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
------- Supplementary Scan -------
.
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Download all by FlashGet3 - c:\documents and settings\Gorgo\Data aplikací\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\documents and settings\Gorgo\Data aplikací\FlashGetBHO\GetUrl.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: kuaiche.com\software
TCP: {AA7DC3B3-E055-45B9-9D89-BA731EF87405} = 192.168.1.254
FF - ProfilePath - c:\documents and settings\Gorgo\Data aplikací\Mozilla\Firefox\Profiles\0i4uakqt.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-07 22:51
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2860)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Completion time: 2010-04-07 22:53:14 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-07 20:53
ComboFix2.txt 2010-03-15 12:19
ComboFix3.txt 2010-03-11 16:50
Pre-Run: 9 904 271 360
Post-Run: 9 868 546 048
- - End Of File - - 3821A4BE80BD6D1607E36108628A5F19
Re: Neviem napalovat a podozrenie na rootkit
Napsal: 07 dub 2010 23:50
Ted to vypadá jak, zlepšilo se to nebo ne?
Re: Neviem napalovat a podozrenie na rootkit
Napsal: 08 dub 2010 09:38
nezlepsilo sa...a aj ked sa dostanem do biosu tak tam nereaguje klavesnica,a nudzoví rezim vôbec neviem nahodit.
Re: Neviem napalovat a podozrenie na rootkit
Napsal: 08 dub 2010 09:59
Jakou máte klávesnici? Do USB nebo normální?
A nouzový režim nejde spustit?
A nouzový režim nejde spustit?
Re: Neviem napalovat a podozrenie na rootkit
Napsal: 08 dub 2010 13:14
takze klavesnicu mam na ps2....a ano vyzera to tak ze je chyba v nom...ako som ho vymenil nemám ziadni problem s pc,ale aj tak nechapem ako moze klavesnica mat az take ucinky ze aj mys prestal posluchat...a to ze ani v biose nesiel je az moc
Re: Neviem napalovat a podozrenie na rootkit
Napsal: 08 dub 2010 13:17
ale aj tak si myslim ze tu nieco je aj ine lebo combofix spravil na Ccku zastupcu na tento pocitac ale s nazvom ze combofix...alebo to este moze byt z toho a mam to jednoducho vymazat?
Re: Neviem napalovat a podozrenie na rootkit
Napsal: 08 dub 2010 19:06
Podívejte se , jestli máte na disku C složku Qoobox, pokud ano, zararujte ji a pošlete na www.leteckaposta.cz. Link k souboru mi vložte do sz, děkuji