To je ten link na tu themu. Ale to je jedno, v PC mam virus takze neviem preco riesime temu, Virus mi odobral prava, zrusil Firewall. Uz minuly rok sa mi toto iste stalo, mal som v PC Virut. Hodim sem teraz log z ComboFix.
Kód: Vybrat vše
ComboFix 10-08-26.02 - xxx . 08. 2010 16:12:02.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.3327.2748 [GMT 2:00]
Running from: c:\documents and settings\xxx\Plocha\ComboFix.exe
AV: AVG Internet Security *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Firewall *disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\FlashGet Network
c:\program files\FlashGet Network\FlashGet universal\btcore.dll
c:\program files\FlashGet Network\FlashGet universal\btwrap.dll
c:\program files\FlashGet Network\FlashGet universal\BugReport.dll
c:\program files\FlashGet Network\FlashGet universal\BugReport.exe
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
c:\program files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhocfg.ini
c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
c:\program files\FlashGet Network\FlashGet universal\ComDlls\ComDlls.ini
c:\program files\FlashGet Network\FlashGet universal\ComDlls\flashget.xpi
c:\program files\FlashGet Network\FlashGet universal\ComDlls\FlashgetXpi.dll
c:\program files\FlashGet Network\FlashGet universal\ComDlls\IFlashgetXpi.xpt
c:\program files\FlashGet Network\FlashGet universal\dbghelp.dll
c:\program files\FlashGet Network\FlashGet universal\DBTrans.dll
c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log
c:\program files\FlashGet Network\FlashGet universal\DBTransC.exe
c:\program files\FlashGet Network\FlashGet universal\ed2kwrap.dll
c:\program files\FlashGet Network\FlashGet universal\explorerbar.dll
c:\program files\FlashGet Network\FlashGet universal\fgoption.ini
c:\program files\FlashGet Network\FlashGet universal\FGVer.dll
c:\program files\FlashGet Network\FlashGet universal\flashget.exe
c:\program files\FlashGet Network\FlashGet universal\gt.exe
c:\program files\FlashGet Network\FlashGet universal\hashgen.dll
c:\program files\FlashGet Network\FlashGet universal\Help\license.txt
c:\program files\FlashGet Network\FlashGet universal\Help\Readme.txt
c:\program files\FlashGet Network\FlashGet universal\Help\WHATSNEW.TXT
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBatchLinksDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBTTask.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Added.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddEMTask.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddHpFpLink.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlgEx.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksModern.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BrowserPlugins.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BTOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CategoryView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ComfirmWhenExitDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CommonDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ConfirmInvalidLinks.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ContextMenu.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DefaultDownloadsDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DeleteFilesDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DetailStatus.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMServers.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExplorerPane.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExtensionRuleDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FG2SearchTopPlugin.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileListCtrl.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileRemovedDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FindTaskDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashgetAbout.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashGetDlg.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FSUStatusBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageLoginDialog.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HotResource.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HpFpOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Info.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\LogsOutput.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MACReader.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainMenu.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainToolbar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MonitorOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NormalOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NotifyOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Option.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\P4PPluginMain.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ProxySetting.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SearchBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Security.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityScan.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityToolbar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Shutdown.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\StatusBar.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskDefOption.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskListView.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskNotify.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\UserListCtrl.ini
c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\XpEnhance.ini
c:\program files\FlashGet Network\FlashGet universal\libupnp.dll
c:\program files\FlashGet Network\FlashGet universal\LiveUpdateUI.dll
c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\ComHelper.dll
c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Downstat.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\P4pclient.dll
c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\iexplorer.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.xml
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\search.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\subscribe.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\SearchTop.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Security\FunctionalRepair.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Scanning.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\Security\SECURITY.dll
c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.xml
c:\program files\FlashGet Network\FlashGet universal\modules\Security\SystemFix.bmp
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SamplerCli.dll
c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SnapShot.dll
c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\Info.ini
c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\tasknotifier.dll
c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini
c:\program files\FlashGet Network\FlashGet universal\P2PCore.dll
c:\program files\FlashGet Network\FlashGet universal\p2pprot.dll
c:\program files\FlashGet Network\FlashGet universal\p2snetio.dll
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.dll
c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\p2sprot.dll
c:\program files\FlashGet Network\FlashGet universal\p2spwrap.dll
c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini
c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat
c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat
c:\program files\FlashGet Network\FlashGet universal\Skins\close_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\close_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\close_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\max_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_default.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_press.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\min_select.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\notify.wav
c:\program files\FlashGet Network\FlashGet universal\Skins\notify_board.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\notify_icon.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Back.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Backward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\BrowserBarCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\FlashgetResource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Forward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Home.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Backward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\BrowserBarDisableCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Forward.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Home.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Available.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\CategoryTreeCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloaded.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloading.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Favorite.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Flashget.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Release.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Rubbish.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Search.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\Expbar.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\garage.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\transfer.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\BT.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\EM.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\GlobalOptionCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\HpFp.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Monitor.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Normal.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Notify.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Proxy.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\TaskDef.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Info.ini
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MainMenuCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveDownTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveUpTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\MainToolbarCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\About.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\DeleteTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Folder.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\MainToolbarDisableCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\NewTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Open.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Option.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\PauseTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Resource.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\StartTask.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\TaskProperties.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\InfoBkg.Bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\MonitorBkg.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Down.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Error.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Normal.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\OutpuLogCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Up.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\All.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Book.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Bt.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Game.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Movie.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Music.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Phone.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Picture.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\SobarIconCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Software.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Error.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\hashing.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\OK.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pause.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pin.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Schedule.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Start.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\TaskListCT.xml
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Upload.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Wait.bmp
c:\program files\FlashGet Network\FlashGet universal\Skins\Thumbs.db
c:\program files\FlashGet Network\FlashGet universal\storage.dll
c:\program files\FlashGet Network\FlashGet universal\SysOpt.exe
c:\program files\FlashGet Network\FlashGet universal\transaction.log
c:\program files\FlashGet Network\FlashGet universal\uninst.exe
c:\program files\FlashGet Network\FlashGet universal\zlib.dll
c:\windows\system32\inst.dat
c:\windows\system32\vbzlib1.dll
c:\windows\wpe pro.INI
.
((((((((((((((((((((((((( Files Created from 2010-07-27 to 2010-08-27 )))))))))))))))))))))))))))))))
.
2010-08-26 19:27 . 2010-08-26 19:27 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-08-26 19:24 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\82540962.sys
2010-08-26 19:24 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\8254096.sys
2010-08-26 19:24 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\82540961.sys
2010-08-26 18:47 . 2010-08-26 19:22 -------- d-----w- c:\program files\trend micro
2010-08-26 18:47 . 2010-08-26 18:47 -------- d-----w- C:\rsit
2010-08-25 19:25 . 2010-08-25 19:25 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-25 18:56 . 2010-08-25 19:20 -------- d-----w- c:\program files\Phoenix
2010-08-17 16:17 . 2006-11-07 07:42 88560 ----a-r- c:\windows\system32\drivers\w200mgmt.sys
2010-08-17 16:17 . 2006-11-07 07:42 86368 ----a-r- c:\windows\system32\drivers\w200obex.sys
2010-08-17 16:17 . 2006-11-07 07:42 97056 ----a-r- c:\windows\system32\drivers\w200mdm.sys
2010-08-17 16:17 . 2006-11-07 07:42 9328 ----a-r- c:\windows\system32\drivers\w200mdfl.sys
2010-08-17 16:17 . 2006-11-07 07:42 6208 ----a-r- c:\windows\system32\drivers\w200cmnt.sys
2010-08-17 16:17 . 2006-11-07 07:42 6208 ----a-r- c:\windows\system32\drivers\w200cm.sys
2010-08-17 16:17 . 2006-11-07 07:42 5840 ----a-r- c:\windows\system32\drivers\w200whnt.sys
2010-08-17 16:17 . 2006-11-07 07:42 5840 ----a-r- c:\windows\system32\drivers\w200wh.sys
2010-08-17 16:17 . 2006-11-07 07:42 61504 ----a-r- c:\windows\system32\drivers\w200bus.sys
2010-08-17 16:14 . 2010-08-17 16:14 -------- d-----w- c:\documents and settings\All Users\Documents
2010-08-17 15:27 . 2007-04-24 09:33 100488 ----a-r- c:\windows\system32\drivers\s125mgmt.sys
2010-08-17 15:27 . 2007-04-24 09:33 98696 ----a-r- c:\windows\system32\drivers\s125obex.sys
2010-08-17 15:25 . 2007-04-24 09:33 108680 ----a-r- c:\windows\system32\drivers\s125mdm.sys
2010-08-17 15:25 . 2007-04-24 09:33 15112 ----a-r- c:\windows\system32\drivers\s125mdfl.sys
2010-08-17 15:25 . 2007-04-24 09:33 12424 ----a-r- c:\windows\system32\drivers\s125cmnt.sys
2010-08-17 15:25 . 2007-04-24 09:33 12424 ----a-r- c:\windows\system32\drivers\s125cm.sys
2010-08-17 15:25 . 2007-04-24 09:33 12424 ----a-r- c:\windows\system32\drivers\s125whnt.sys
2010-08-17 15:25 . 2007-04-24 09:33 12424 ----a-r- c:\windows\system32\drivers\s125wh.sys
2010-08-17 15:25 . 2007-04-24 09:33 83336 ----a-r- c:\windows\system32\drivers\s125bus.sys
2010-08-17 15:22 . 2010-08-17 16:22 -------- d-----w- c:\program files\Common Files\Teleca Shared
2010-08-10 08:59 . 2002-01-05 13:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2010-08-02 09:56 . 2010-08-02 09:56 -------- d-----w- c:\windows\RailWorks
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-27 14:16 . 2001-10-25 12:00 83446 ----a-w- c:\windows\system32\perfc005.dat
2010-08-27 14:16 . 2001-10-25 12:00 440082 ----a-w- c:\windows\system32\perfh005.dat
2010-08-26 17:56 . 2009-11-13 13:50 -------- d-----w- c:\program files\Steam
2010-08-17 16:14 . 2010-05-22 07:33 -------- d-----w- c:\program files\Sony Ericsson
2010-08-17 15:54 . 2010-01-09 17:03 219128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-08-09 08:11 . 2009-08-05 00:36 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-07 11:36 . 2009-08-10 14:25 138592 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-08-05 09:04 . 2009-11-08 14:47 -------- d-----w- c:\program files\AV Vcs 6.0 DIAMOND
2010-08-04 11:21 . 2010-06-04 13:54 -------- d-----w- c:\program files\Garena
2010-07-26 10:44 . 2009-08-21 08:35 -------- d-----w- c:\program files\CCleaner
2010-07-17 19:18 . 2010-07-17 19:17 -------- d-----w- c:\program files\Pokec
2010-06-30 12:33 . 2008-04-14 06:51 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-30 12:30 . 2010-06-16 10:56 -------- d-----w- c:\program files\Cheat Engine
2010-06-29 09:45 . 2009-08-08 08:29 -------- d-----w- c:\program files\ICQ6.5
2010-06-28 19:13 . 2009-11-29 11:42 -------- d-----w- c:\program files\Xilisoft
2010-06-28 16:06 . 2010-06-28 16:06 -------- d-----w- c:\program files\WinPcap
2010-06-28 16:06 . 2010-06-28 16:06 -------- d-----w- c:\program files\DsNET Corp
2010-06-24 12:12 . 2008-04-14 06:52 668160 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 12:12 . 2008-04-14 06:51 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-06-24 09:02 . 2008-04-14 05:45 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-22 11:34 . 2009-08-05 14:22 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-06-22 11:34 . 2010-06-22 11:34 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-06-22 11:34 . 2009-10-28 13:28 25168 ----a-w- c:\windows\system32\drivers\AVGIDSxx.sys
2010-06-22 11:33 . 2009-08-05 14:22 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-06-21 15:27 . 2008-04-13 22:45 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2008-04-14 06:51 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2009-08-04 23:11 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:43 . 2008-04-14 06:51 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-06-01 11:00 . 2009-08-05 14:22 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]
[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2010-04-19 08:25 2117704 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
2009-04-08 15:05 739688 ----a-w- c:\progra~1\MICROS~2\Office14\URLREDIR.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-04-19 2117704]
[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]
"CursorFX"="c:\program files\Stardock\CursorFX\CursorFX.exe" [2008-07-07 416768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"LchDrvKey"="LchDrvKey.exe" [2007-03-28 36864]
"HKExt3"="HKExt3.exe" [2008-09-16 313856]
"PAC7311_Monitor"="c:\windows\PixArt\PAC7311\Monitor.exe" [2006-11-03 319488]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-22 2065760]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\xxx\Nabˇdka Start\Programy\Po spuçtŘnˇ\
setup_9.0.0.722_26.08.2010_22-15.lnk - c:\documents and settings\xxx\Plocha\Virus Removal Tool\setup_9.0.0.722_26.08.2010_22-15\startup.exe [2010-8-26 72208]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-06-22 11:34 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^OfficeSAS.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\OfficeSAS.lnk
backup=c:\windows\pss\OfficeSAS.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^xxx^Nabídka Start^Programy^Po spuštění^Adobe Gamma.lnk]
path=c:\documents and settings\xxx\Nabídka Start\Programy\Po spuštění\Adobe Gamma.lnk
backup=c:\windows\pss\Adobe Gamma.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
2008-08-14 06:58 611712 ----a-w- c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2009-04-25 17:00 58216 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2008-03-21 08:21 91432 ----a-w- c:\program files\CyberLink\Shared Files\brs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
2007-06-29 14:03 36864 ----a-w- c:\program files\GameSpy\Comrade\Comrade.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-04-23 13:51 691656 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
2009-09-03 21:17 3342336 ----a-w- c:\program files\Electronic Arts\EADM\Core.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-04-25 17:18 875392 ----a-w- c:\progra~1\MICROS~2\Office14\GROOVEMN.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2008-12-31 07:38 33546240 ----a-r- c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-02-19 00:41 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-07-13 12:03 292128 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2008-02-18 14:29 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-02-28 07:59 570664 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
2007-12-14 09:36 50472 ------w- c:\program files\CyberLink\PowerDVD8\Language\Language.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 15:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
2008-03-20 18:23 83240 ------w- c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
2009-12-08 12:51 774144 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2005-10-26 14:17 159744 ----a-r- c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2009-11-13 13:50 1217808 ----a-w- c:\program files\Steam\steam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-07-01 16:37 37888 ----a-w- c:\program files\Winamp\winampa.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"f:\\Hry\\Call of Duty 4\\iw3mp.exe"=
"c:\\Program Files\\FlashFXP\\FlashFXP.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"f:\\Hry\\GTA IV\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"f:\\Hry\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
"f:\\Hry\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
"f:\\Hry\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgam.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"f:\\Hry\\Pro Evolution Soccer 2010\\pes2010.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"f:\\Hry\\FarCry2\\Far Cry 2\\bin\\FarCry2.exe"=
"f:\\Hry\\FarCry2\\Far Cry 2\\bin\\FC2Launcher.exe"=
"f:\\Hry\\FarCry2\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"f:\\Hry\\Call of Duty - World at War\\CoDWaW.exe"=
"f:\\Hry\\Call of Duty - World at War\\CoDWaWmp.exe"=
"f:\\Hry\\Crysis\\Bin32\\Crysis.exe"=
"f:\\Hry\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"f:\\Hry\\Company of Heroes Tales Of Valor\\RelicCOH.exe"=
"f:\\Hry\\Company of Heroes Tales Of Valor\\RelicDownloader\\RelicDownloader.exe"=
"f:\\Hry\\Neverwinter Nights 2\\nwn2main.exe"=
"f:\\Hry\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"f:\\Hry\\Neverwinter Nights 2\\nwupdate.exe"=
"f:\\Hry\\Neverwinter Nights 2\\nwn2server.exe"=
"f:\\Hry\\GRID\\GRID.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R0 82540962;82540962 Boot Guard Driver;c:\windows\system32\drivers\82540962.sys [26. 8. 2010 21:24 37392]
R0 AVGIDSErHrxpx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSxx.sys [28. 10. 2009 15:28 25168]
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [5. 8. 2009 16:22 52872]
R0 sfdrv02;FrontLine Environment Driver (v2);c:\windows\system32\drivers\sfdrv02.sys [11. 9. 2006 13:57 67960]
R0 sfsync05;FrontLine Synchronization Driver (v5);c:\windows\system32\drivers\sfsync05.sys [11. 8. 2006 18:09 59776]
R1 82540961;82540961;c:\windows\system32\drivers\82540961.sys [26. 8. 2010 21:24 128016]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5. 8. 2009 16:22 216400]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5. 8. 2009 16:22 243024]
R1 setup_9.0.0.722_26.08.2010_22-15drv;setup_9.0.0.722_26.08.2010_22-15drv;c:\windows\system32\drivers\8254096.sys [26. 8. 2010 21:24 315408]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [1. 2. 2008 17:24 41456]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [22. 6. 2010 13:34 308136]
R2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [22. 6. 2010 13:33 2331032]
R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [22. 6. 2010 13:33 5897808]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [8. 8. 2009 10:30 222456]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16. 11. 2009 18:33 50704]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [5. 8. 2009 16:22 30104]
R3 AVGIDSDriverxpx;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSDriver.sys [28. 10. 2009 15:28 122448]
R3 AVGIDSFilterxpx;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSFilter.sys [28. 10. 2009 15:28 30288]
R3 AVGIDSShimxpx;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_XP\AVGIDSShim.sys [28. 10. 2009 15:28 26192]
R3 PAC7311;Trust Webcam Live;c:\windows\system32\drivers\PA707UCM.SYS [14. 3. 2007 10:57 449024]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [22. 5. 2010 9:41 27632]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [5. 8. 2009 2:44 993280]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29. 11. 2009 12:31 135664]
S3 ATICDSDr;ATICDSDr;\??\c:\docume~1\xxx\LOCALS~1\Temp\ATICDSDr.sys --> c:\docume~1\xxx\LOCALS~1\Temp\ATICDSDr.sys [?]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [5. 8. 2009 16:22 30104]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\xxx\LOCALS~1\Temp\PEX6.tmp --> c:\docume~1\xxx\LOCALS~1\Temp\PEX6.tmp [?]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [22. 5. 2010 9:40 13224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [25. 4. 2009 19:18 33480048]
S4 osppsvc;Office Software Protection Platform;c:\windows\system32\OSPPSVC.EXE [8. 4. 2009 16:37 4319136]
S4 sfrem02;FrontLine Drivers Auto Removal (v2);c:\windows\system32\sfrem02.exe svc --> c:\windows\system32\sfrem02.exe svc [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6. 8. 2009 21:32 721904]
.
Contents of the 'Scheduled Tasks' folder
2010-08-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 10:34]
2010-08-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-29 10:31]
2010-08-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-29 10:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://flvdirect.iamwired.net/
IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: S&end to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
FF - ProfilePath - c:\documents and settings\xxx\Data aplikací\Mozilla\Firefox\Profiles\0o6u9z0s.default\
FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_us&p=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Web Platform Installer\NPWPIDetector.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPDEMON.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
FF - user.js: network.proxy.http_port - 0
FF - user.js: network.proxy.ssl -
FF - user.js: network.proxy.ssl_port - 0
FF - user.js: network.proxy.ftp -
FF - user.js: network.proxy.ftp_port - 0
FF - user.js: network.proxy.gopher -
FF - user.js: network.proxy.gopher_port - 0
FF - user.js: network.proxy.socks_version - 5
FF - user.js: network.proxy.socks -
FF - user.js: network.proxy.socks_port - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-AdobeBridge - (no file)
AddRemove-FlashGet 2.0 - c:\program files\FlashGet Network\FlashGet universal\uninst.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-27 16:17
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8A6D1820]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf74cbf28
\Driver\ACPI -> ACPI.sys @ 0xf735ecb8
\Driver\atapi -> 0x8a6d1820
IoDeviceObjectType -> SecurityProcedure -> ntkrnlpa.exe @ 0x80583d4a
\Device\Harddisk0\DR0 -> SecurityProcedure -> ntkrnlpa.exe @ 0x80583d4a
NDIS: Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xf71d6bb0
PacketIndicateHandler -> NDIS.sys @ 0xf71e3a21
SendHandler -> NDIS.sys @ 0xf71c187b
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\xxx\LOCALS~1\Temp\PEX6.tmp"
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-602162358-113007714-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:f4,80,40,c2,1a,4e,1b,ae,96,62,ac,d9,f0,5b,18,79,c1,6f,e0,94,55,d5,25,
1a,45,39,fc,b4,76,1a,99,7a,d9,ae,46,89,c8,5c,ff,b0,14,e4,a3,33,b8,af,a4,b0,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
[HKEY_USERS\S-1-5-21-602162358-113007714-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:f5,f9,57,fd,35,1a,ee,8a,ae,3c,20,bb,87,9d,7d,51,f9,82,f0,fc,8e,
8e,62,bb,44,86,5e,53,c0,d6,85,4b,bc,b9,77,82,7d,29,ab,79,db,dd,24,a3,50,2d,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1104)
c:\windows\system32\Ati2evxx.dll
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Completion time: 2010-08-27 16:19:00
ComboFix-quarantined-files.txt 2010-08-27 14:18
Pre-Run: Volných bajtů: 49 345 957 888
Post-Run: Volných bajtů: 49 413 951 488
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
;
;Warning: Boot.ini is used on Windows XP and earlier operating systems.
;Warning: Use BCDEDIT.exe to modify Windows Vista boot options.
;
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /NOEXECUTE=OPTIN /FASTDETECT /USEPMTIMER
- - End Of File - - 74887B72157665205C132E9007C4CA82
Sorry
