po odvirování něco chybí
po odvirování něco chybí
Měl jsem trial NODa na 30 dní a 2 dny prošlej. PC se mi úplně zbláznil až na modrou obrazovku. Teď je relativně vše v pořádku až na 3 problémy. V Tento počítač se mi neobjeví ikona z jedné ze dvou CD-ROMek ani harddisk (C). Dále nemám v nabídce Start odkaz na Všechny programy a konečně-vedle hodin mám nápis VIRUS ALERT !. Jestli to nebude jak jsem se tady dočetl, že jsem nakažené soubory nedal do truhly , ale smazal. Prosím HELP ! Díky.
Re: po odvirování něco chybí
Dej sem log HJT (viz můj podpis).
Mrkněte a poraďte prosím
//příspěvek připojen k původnímu tématu. Příště pokračuj prosím v původním tématu a nezakládej nové.
fredik
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:58: VIRUS ALERT!, on 5.7.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\Mx-3 B-Cup Service.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: cj helper - {B552B8A4-76AC-4e8c-A469-C1585B111116} - C:\Program Files\IE Extensions\cj.v5.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: nqgpedlr - {EC4A1CF6-AE63-45C3-B7C7-E427DA6CBFD9} - C:\WINDOWS\nqgpedlr.dll
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\msconfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7D5DD829-6C90-42C5-B54C-2AFA82F988BA} (CLoader Object) - http://www.antivirusxp2008.com/tools/virusremover.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{5AEC8743-D169-4698-AEE5-2506613D811D}: NameServer = 172.27.12.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{5AEC8743-D169-4698-AEE5-2506613D811D}: NameServer = 172.27.12.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{5AEC8743-D169-4698-AEE5-2506613D811D}: NameServer = 172.27.12.254
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: iSecurity.cpl
O21 - SSODL: SunSys - {113eee5d-fd6f-4a69-a2c4-ade0c1053eff} - C:\WINDOWS\Resources\SunSys.dll
O21 - SSODL: PreBootCheck - {baab97f7-2b86-4028-9bda-da549bdd76a0} - C:\WINDOWS\Resources\SrvAvp.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MX-3 B-Cup XP (Mx-3 B-Cup Service) - n.v.t. MX-3 - C:\WINDOWS\system32\Mx-3 B-Cup Service.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 6712 bytes
fredik
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:58: VIRUS ALERT!, on 5.7.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\Mx-3 B-Cup Service.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: cj helper - {B552B8A4-76AC-4e8c-A469-C1585B111116} - C:\Program Files\IE Extensions\cj.v5.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: nqgpedlr - {EC4A1CF6-AE63-45C3-B7C7-E427DA6CBFD9} - C:\WINDOWS\nqgpedlr.dll
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\msconfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7D5DD829-6C90-42C5-B54C-2AFA82F988BA} (CLoader Object) - http://www.antivirusxp2008.com/tools/virusremover.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{5AEC8743-D169-4698-AEE5-2506613D811D}: NameServer = 172.27.12.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{5AEC8743-D169-4698-AEE5-2506613D811D}: NameServer = 172.27.12.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{5AEC8743-D169-4698-AEE5-2506613D811D}: NameServer = 172.27.12.254
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: iSecurity.cpl
O21 - SSODL: SunSys - {113eee5d-fd6f-4a69-a2c4-ade0c1053eff} - C:\WINDOWS\Resources\SunSys.dll
O21 - SSODL: PreBootCheck - {baab97f7-2b86-4028-9bda-da549bdd76a0} - C:\WINDOWS\Resources\SrvAvp.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MX-3 B-Cup XP (Mx-3 B-Cup Service) - n.v.t. MX-3 - C:\WINDOWS\system32\Mx-3 B-Cup Service.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 6712 bytes
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Re: Mrkněte a poraďte prosím
Vítej na fóru
Stáhni ComboFix (by sUBs) a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Stáhni ComboFix (by sUBs) a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
It may take a while to get a response, because the "HJT Team" are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.
Pokud máte nějaký problém, tak mi neposílejte SZ/PM zprávy s logy a dejte je do fóra. Na tyto SZ není možno odpovědět
Pokud máte nějaký problém, tak mi neposílejte SZ/PM zprávy s logy a dejte je do fóra. Na tyto SZ není možno odpovědět
Re: po odvirování něco chybí
Moc děkuju.Sice jsem ty svoje 3 problémy už vyřešil včera registrech, ale teď jsem hledal odpověď jak vyřešit : modré stínování u ikon na ploše a hlavně mě to nechtělo pustit do Vlastností na ploše ani v Zobrazení v Ovl.panelech(prý to zakázal Správce systému a to jsem já ?!) Teď už je ale vše jak bylo. Prosím Tě co to je za zázračný program ??? Ještě jednou dík a posílám ten log.
ComboFix 08-07-05.1 - Martin 2008-07-07 14:31:17.1 - NTFSx86
Running from: C:\Documents and Settings\Martin\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\.protected
C:\Program Files\IE Extensions
C:\WINDOWS\.protected
C:\WINDOWS\epnv.exe
C:\WINDOWS\privacy_danger
C:\WINDOWS\privacy_danger\images\capt.gif
C:\WINDOWS\privacy_danger\images\danger.jpg
C:\WINDOWS\privacy_danger\images\down.gif
C:\WINDOWS\privacy_danger\images\spacer.gif
C:\WINDOWS\privacy_danger\index.htm
C:\WINDOWS\system32\blphcac5j0en6e.scr
C:\WINDOWS\system32\drivers\etc\.protected
C:\WINDOWS\system32\phcac5j0en6e.bmp
.
((((((((((((((((((((((((( Files Created from 2008-06-07 to 2008-07-07 )))))))))))))))))))))))))))))))
.
2008-07-07 14:29 . 2008-07-07 14:28 1,981,576 --a------ C:\Documents and Settings\Martin\ComboFix.exe
2008-07-07 11:53 . 2004-08-17 15:49 153,088 --a------ C:\WINDOWS\SYSTEM32\irftp.exe
2008-07-07 11:53 . 2004-08-17 15:49 153,088 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\irftp.exe
2008-07-07 11:53 . 2004-08-17 15:49 26,624 --a------ C:\WINDOWS\SYSTEM32\irmon.dll
2008-07-07 11:53 . 2004-08-17 15:49 26,624 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\irmon.dll
2008-07-07 11:53 . 2004-08-17 15:49 8,192 --a------ C:\WINDOWS\SYSTEM32\wshirda.dll
2008-07-07 11:53 . 2004-08-17 15:49 8,192 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\wshirda.dll
2008-07-06 14:49 . 2008-07-06 14:50 <DIR> d-------- C:\Program Files\Booty Duty
2008-07-05 17:03 . 2008-07-05 17:03 4,309,545 --a------ C:\Program Files\SpywareTerminatorSetup.exe
2008-07-05 13:42 . 2008-07-05 13:48 <DIR> d-------- C:\Program Files\SuspenzorPC
2008-07-05 13:42 . 2008-07-05 13:42 <DIR> d-------- C:\Program Files\Common Files\SuspenzorPC
2008-07-05 13:42 . 2007-02-13 09:09 388,126 --a------ C:\WINDOWS\SYSTEM32\sqlite3.dll
2008-07-05 11:05 . 2008-07-05 11:05 1,160 --a------ C:\WINDOWS\mozver.dat
2008-07-04 22:18 . 2008-07-04 22:18 <DIR> d-------- C:\WINDOWS\SYSTEM32\cs-cz
2008-07-04 22:05 . 2008-07-04 22:05 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-04 20:23 . 2008-07-04 20:23 <DIR> d-------- C:\Program Files\Alwil Software
2008-07-04 17:58 . 2008-07-04 17:58 434,252 --a------ C:\WINDOWS\SYSTEM32\MSVCRTD.DLL
2008-07-04 17:58 . 2008-07-04 17:58 216,576 --a------ C:\WINDOWS\SYSTEM32\monln.dll
2008-07-04 17:58 . 2008-07-04 17:58 73,728 --a------ C:\WINDOWS\SYSTEM32\CavEmLSP.dll
2008-07-04 15:02 . 2008-07-04 21:18 <DIR> d-------- C:\WINDOWS\SYSTEM32\931928
2008-07-03 21:41 . 2008-07-03 21:41 1,047,552 --a------ C:\WINDOWS\SYSTEM32\mfc71u.dll
2008-07-03 21:25 . 2008-07-03 21:25 <DIR> d-------- C:\Program Files\Common Files\Softwin
2008-07-03 20:59 . 2008-07-03 20:59 132 --a------ C:\WINDOWS\ODBC.INI
2008-07-03 18:59 . 2004-08-03 22:32 571,392 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\tintlgnt.ime
2008-07-03 18:58 . 2004-08-03 22:31 482,304 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\pintlgnt.ime
2008-07-03 18:57 . 2001-10-25 14:00 1,875,968 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\msir3jp.lex
2008-07-03 18:56 . 2001-10-25 14:00 13,463,552 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\hwxjpn.dll
2008-07-03 18:55 . 2001-10-25 14:00 1,677,824 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\chsbrkr.dll
2008-07-03 18:54 . 2004-08-17 15:49 2,134,528 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\smtpsnap.dll
2008-07-03 18:53 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\fp4awel.dll
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\wuaucpl.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\sapi.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\nwc.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\ncpa.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 488 -rah----- C:\WINDOWS\SYSTEM32\logonui.exe.manifest
2008-07-03 18:43 . 2004-08-03 22:31 20,992 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.sys
2008-07-03 17:53 . 2004-08-17 16:46 1,086,058 -ra------ C:\WINDOWS\SET2F.tmp
2008-07-03 17:53 . 2004-08-17 16:50 1,014,483 -ra------ C:\WINDOWS\SET2C.tmp
2008-07-03 17:53 . 2004-08-17 16:46 14,043 -ra------ C:\WINDOWS\SET3B.tmp
2008-07-03 17:29 . 2004-10-07 14:39 89,088 --a------ C:\WINDOWS\SYSTEM32\atl71.dll
2008-07-03 16:50 . 2008-07-03 16:50 0 --a------ C:\WINDOWS\SYSTEM32\73B.tmp
2008-07-03 06:06 . 2008-07-04 21:18 <DIR> d-------- C:\WINDOWS\SYSTEM32\734914
2008-07-02 22:59 . 2008-07-02 22:59 0 --a------ C:\WINDOWS\SYSTEM32\466.tmp
2008-07-02 22:54 . 2008-07-02 22:54 0 --a------ C:\WINDOWS\SYSTEM32\264.tmp
2008-07-02 22:53 . 2008-07-02 22:53 0 --a------ C:\WINDOWS\SYSTEM32\263.tmp
2008-07-02 22:52 . 2008-07-02 22:52 0 --a------ C:\WINDOWS\SYSTEM32\443.tmp
2008-07-02 22:52 . 2008-07-02 22:52 0 --a------ C:\WINDOWS\SYSTEM32\442.tmp
2008-07-02 22:50 . 2008-07-02 22:50 0 --a------ C:\WINDOWS\SYSTEM32\262.tmp
2008-07-02 22:49 . 2008-07-02 22:49 0 --a------ C:\WINDOWS\SYSTEM32\261.tmp
2008-07-02 22:48 . 2008-07-02 22:48 0 --a------ C:\WINDOWS\SYSTEM32\437.tmp
2008-07-02 22:48 . 2008-07-02 22:48 0 --a------ C:\WINDOWS\SYSTEM32\260.tmp
2008-07-02 22:47 . 2008-07-02 22:47 0 --a------ C:\WINDOWS\SYSTEM32\434.tmp
2008-07-02 22:47 . 2008-07-02 22:47 0 --a------ C:\WINDOWS\SYSTEM32\432.tmp
2008-07-02 22:46 . 2008-07-02 22:46 0 --a------ C:\WINDOWS\SYSTEM32\25F.tmp
2008-07-02 22:45 . 2008-07-02 22:45 0 --a------ C:\WINDOWS\SYSTEM32\25D.tmp
2008-07-02 22:44 . 2008-07-02 22:44 0 --a------ C:\WINDOWS\SYSTEM32\25C.tmp
2008-07-02 22:43 . 2008-07-02 22:43 0 --a------ C:\WINDOWS\SYSTEM32\25A.tmp
2008-07-02 22:43 . 2008-07-02 22:43 0 --a------ C:\WINDOWS\SYSTEM32\259.tmp
2008-07-02 22:42 . 2008-07-02 22:42 0 --a------ C:\WINDOWS\SYSTEM32\257.tmp
2008-07-02 22:39 . 2008-07-02 22:39 0 --a------ C:\WINDOWS\SYSTEM32\253.tmp
2008-07-02 22:39 . 2008-07-02 22:39 0 --a------ C:\WINDOWS\SYSTEM32\252.tmp
2008-07-02 22:39 . 2008-07-02 22:39 0 --a------ C:\WINDOWS\SYSTEM32\250.tmp
2008-07-02 22:38 . 2008-07-02 22:38 0 --a------ C:\WINDOWS\SYSTEM32\41D.tmp
2008-07-02 22:38 . 2008-07-02 22:38 0 --a------ C:\WINDOWS\SYSTEM32\24F.tmp
2008-07-02 22:37 . 2008-07-02 22:37 0 --a------ C:\WINDOWS\SYSTEM32\41A.tmp
2008-07-02 22:37 . 2008-07-02 22:37 0 --a------ C:\WINDOWS\SYSTEM32\419.tmp
2008-07-02 22:35 . 2008-07-02 22:35 0 --a------ C:\WINDOWS\SYSTEM32\415.tmp
2008-07-02 22:35 . 2008-07-02 22:35 0 --a------ C:\WINDOWS\SYSTEM32\413.tmp
2008-07-02 22:34 . 2008-07-02 22:34 0 --a------ C:\WINDOWS\SYSTEM32\411.tmp
2008-07-02 22:34 . 2008-07-02 22:34 0 --a------ C:\WINDOWS\SYSTEM32\403.tmp
2008-07-02 22:33 . 2008-07-02 22:33 0 --a------ C:\WINDOWS\SYSTEM32\248.tmp
2008-07-02 22:32 . 2008-07-02 22:32 0 --a------ C:\WINDOWS\SYSTEM32\247.tmp
2008-07-02 22:31 . 2008-07-02 22:31 0 --a------ C:\WINDOWS\SYSTEM32\246.tmp
2008-07-02 22:30 . 2008-07-02 22:30 0 --a------ C:\WINDOWS\SYSTEM32\3EB.tmp
2008-07-02 22:29 . 2008-07-02 22:29 0 --a------ C:\WINDOWS\SYSTEM32\3E5.tmp
2008-07-02 22:29 . 2008-07-02 22:29 0 --a------ C:\WINDOWS\SYSTEM32\3E3.tmp
2008-07-02 22:07 . 2008-07-02 22:07 0 --a------ C:\WINDOWS\SYSTEM32\239.tmp
2008-07-02 22:05 . 2008-07-02 22:05 0 --a------ C:\WINDOWS\SYSTEM32\238.tmp
2008-07-02 22:02 . 2008-07-02 22:02 0 --a------ C:\WINDOWS\SYSTEM32\235.tmp
2008-07-02 22:02 . 2008-07-02 22:02 0 --a------ C:\WINDOWS\SYSTEM32\232.tmp
2008-07-02 22:01 . 2008-07-02 22:01 0 --a------ C:\WINDOWS\SYSTEM32\231.tmp
2008-07-02 22:01 . 2008-07-02 22:01 0 --a------ C:\WINDOWS\SYSTEM32\230.tmp
2008-07-02 22:01 . 2008-07-02 22:01 0 --a------ C:\WINDOWS\SYSTEM32\22F.tmp
2008-07-02 21:59 . 2008-07-02 21:59 0 --a------ C:\WINDOWS\SYSTEM32\3A9.tmp
2008-07-02 21:53 . 2008-07-02 18:30 180,224 --a------ C:\WINDOWS\axrfgvek.dll
2008-07-02 21:53 . 2008-07-02 18:30 155,648 --a------ C:\WINDOWS\nqgpedlr.dll
2008-07-02 21:53 . 2008-07-02 18:30 86,016 --a------ C:\WINDOWS\mrvtdpqe.exe
2008-07-02 19:35 . 2008-07-02 19:43 <DIR> d-------- C:\Apocalypto
2008-07-02 19:24 . 2008-07-02 19:31 <DIR> d-------- C:\Constantine
2008-07-01 18:35 . 2008-07-06 16:09 <DIR> d-------- C:\Games
2008-07-01 18:26 . 2008-07-01 18:26 <DIR> d-------- C:\Program Files\IrfanView
2008-07-01 16:55 . 2008-07-01 16:59 114,351 --a------ C:\WINDOWS\hpqins13.dat
2008-06-28 14:13 . 2008-06-28 15:23 <DIR> d-------- C:\Program Files\MediaCell Video Converter
2008-06-27 12:55 . 2008-06-27 12:55 <DIR> d-------- C:\Program Files\eDATA Unerase
2008-06-27 12:55 . 2004-03-16 08:35 49,152 --a------ C:\WINDOWS\SYSTEM32\OctaneARM.dll
2008-06-26 20:15 . 2008-06-26 20:15 <DIR> d-------- C:\Program Files\MyRealGames.com
2008-06-26 00:02 . 2008-04-17 10:45 9,341 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\filedisk.sys
2008-06-26 00:01 . 2008-06-26 00:01 74,703 --a------ C:\WINDOWS\SYSTEM32\mfc45.dll
2008-06-25 09:37 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\NABTSFEC.sys
2008-06-25 09:37 . 2004-08-03 23:10 19,328 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\WSTCODEC.SYS
2008-06-25 09:37 . 2004-08-03 23:10 17,024 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\CCDECODE.sys
2008-06-25 09:37 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.sys
2008-06-25 09:36 . 2004-08-17 15:49 91,136 --a------ C:\WINDOWS\SYSTEM32\kswdmcap.ax
2008-06-25 09:36 . 2004-08-17 15:49 61,952 --a------ C:\WINDOWS\SYSTEM32\kstvtune.ax
2008-06-25 09:36 . 2004-08-17 15:49 54,272 --a------ C:\WINDOWS\SYSTEM32\vfwwdm32.dll
2008-06-25 09:36 . 2005-01-14 09:32 53,248 --a------ C:\WINDOWS\SYSTEM32\PAStiSvc.exe
2008-06-25 09:36 . 2004-08-17 15:49 43,008 --a------ C:\WINDOWS\SYSTEM32\ksxbar.ax
2008-06-25 09:36 . 2004-08-17 15:49 28,672 --a------ C:\WINDOWS\SYSTEM32\vidcap.ax
2008-06-25 09:30 . 1998-09-02 10:28 38,160 --a------ C:\WINDOWS\SYSTEM32\LMRTREND.dll
2008-06-25 09:30 . 2008-07-02 21:10 645 --a------ C:\WINDOWS\videoimp.ini
2008-06-25 09:29 . 2008-06-25 09:29 <DIR> d-------- C:\Program Files\ArcSoft
2008-06-25 09:29 . 1999-05-26 09:46 212,480 --a------ C:\WINDOWS\pcdlib32.dll
2008-06-25 09:29 . 1998-09-02 10:02 194,320 --a------ C:\WINDOWS\SYSTEM32\qcut.dll
2008-06-25 09:29 . 1998-08-20 13:02 140,800 --a------ C:\WINDOWS\SYSTEM32\tm20dec.ax
2008-06-25 09:29 . 1998-09-02 10:28 63,488 --a------ C:\WINDOWS\SYSTEM32\unam4ie.exe
2008-06-25 09:29 . 1998-08-17 11:21 11,776 --a------ C:\WINDOWS\SYSTEM32\mciqtz.drv
2008-06-25 09:29 . 1998-08-17 11:21 10,240 --a------ C:\WINDOWS\SYSTEM32\vidx16.dll
2008-06-25 09:29 . 1998-08-17 11:21 5,672 --a------ C:\WINDOWS\SYSTEM32\quartz.vxd
2008-06-25 09:29 . 2008-06-25 09:29 4,608 --a------ C:\WINDOWS\SYSTEM32\w95inf32.dll
2008-06-25 09:29 . 2008-06-25 09:29 2,272 --a------ C:\WINDOWS\SYSTEM32\w95inf16.dll
2008-06-25 09:29 . 2001-06-20 11:04 21 --a------ C:\WINDOWS\VI_setup.ini
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\WINDOWS\PixArt
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\Program Files\Trust
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-07 09:54 715,454 ----a-w C:\WINDOWS\SYSTEM32\PerfStringBackup.TMP
2008-07-06 19:30 --------- d-----w C:\Program Files\Skype
2008-07-04 15:58 499,712 ----a-w C:\WINDOWS\SYSTEM32\msvcp71.dll
2008-07-04 15:58 348,160 ----a-w C:\WINDOWS\SYSTEM32\msvcr71.dll
2008-07-04 15:58 1,060,864 ----a-w C:\WINDOWS\SYSTEM32\MFC71.dll
2008-07-01 15:38 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-01 11:58 --------- d-----w C:\Program Files\ICQToolbar
2008-06-27 10:50 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-06-19 05:47 --------- d-----w C:\Program Files\Instalační průvodce
2008-06-13 17:57 --------- d-----w C:\Program Files\totalcmd
2008-06-10 20:21 --------- d-----w C:\Program Files\VideoLAN
2008-06-07 07:20 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-06 06:52 --------- d-----w C:\Program Files\DivX
2008-06-05 16:39 --------- d-----w C:\Program Files\ICQ6
2008-06-05 10:05 --------- d-----w C:\Program Files\cdkeys10
2008-06-05 08:37 159,933 ----a-w C:\WINDOWS\Wave@MP3 Uninstaller.exe
2008-06-05 08:37 --------- d-----w C:\Program Files\River Past
2008-06-05 08:37 --------- d-----w C:\Program Files\Common Files\River Past
2008-06-05 08:30 --------- d-----w C:\Program Files\DVD Decrypter
2008-06-05 08:19 --------- d-----w C:\Program Files\DVDStyler
2008-06-04 11:07 14,773,280 ----a-w C:\Program Files\IE7-WindowsXP-x86-csy.exe
2008-06-03 22:33 --------- d-----w C:\Program Files\QuickTime
2008-06-03 09:40 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-06-03 09:32 --------- d-----w C:\Program Files\Common Files\Ahead
2008-06-03 09:21 --------- d-----w C:\Program Files\Nero
2008-06-03 07:21 --------- d-----w C:\Program Files\Free Window Registry Repair
2008-06-03 07:08 --------- d-----w C:\Program Files\Seznam
2008-06-03 01:47 --------- d-----w C:\Program Files\ZipGenius 6
2008-06-03 01:37 --------- d-----w C:\Program Files\sdc213
2008-06-02 23:58 --------- d-----w C:\Program Files\Codec Pack - All In 1
2008-06-02 22:59 --------- d-----w C:\Program Files\MSConfig CleanUp
2008-06-02 22:50 --------- d-----w C:\Program Files\Movies To DVD
2008-06-02 22:25 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-06-02 22:21 --------- d-----w C:\Program Files\Xvid CZ
2008-06-02 22:19 --------- d-----w C:\Program Files\APlus Viewer
2008-06-02 22:03 --------- d-----w C:\Program Files\Common Files\Skype
2008-06-02 10:44 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-02 09:53 --------- d-----r C:\Program Files\Publikování v síti WWW
2008-06-01 19:32 --------- d-----w C:\Program Files\Java
2008-06-01 19:32 --------- d-----w C:\Program Files\Common Files\Java
2008-06-01 16:52 --------- d-----w C:\Program Files\BSP Multimedia
2008-06-01 13:26 5,166 --sh--w C:\SUHDLOG.DAT
2008-05-13 01:51 200,704 ----a-w C:\WINDOWS\SYSTEM32\ssldivx.dll
2008-05-13 01:51 1,044,480 ----a-w C:\WINDOWS\SYSTEM32\libdivx.dll
2001-06-01 13:34 266 --sh--w C:\Program Files\desktop.ini
2001-06-01 13:34 11,253 ---ha-w C:\Program Files\folder.htt
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EC4A1CF6-AE63-45C3-B7C7-E427DA6CBFD9}"= "C:\WINDOWS\nqgpedlr.dll" [2008-07-02 18:30 155648]
[HKEY_CLASSES_ROOT\clsid\{ec4a1cf6-ae63-45c3-b7c7-e427da6cbfd9}]
[HKEY_CLASSES_ROOT\nqgpedlr.1]
[HKEY_CLASSES_ROOT\TypeLib\{02BFD7DC-AB51-4B70-BD6B-D803566F6C17}]
[HKEY_CLASSES_ROOT\nqgpedlr]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 15:54 21718312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMail"="C:\Program Files\Seznam\Postak\Postak.exe" [2008-02-21 21:22 453936]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-17 17:49 159232]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 15:49 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 15:49 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.xvid"= xvid.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^.protected]
backup=C:\WINDOWS\pss\.protectedCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Martin^Nabídka Start^Programy^Po spuštění^.protected]
backup=C:\WINDOWS\pss\.protectedStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemDefender
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Schedule"=2 (0x2)
"mnmsrvc"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"ioloSystemService"=2 (0x2)
"ioloFileInfoList"=2 (0x2)
"SCardSvr"=3 (0x3)
"bdss"=2 (0x2)
"XCOMM"=2 (0x2)
"Spooler"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\Program Files\\Adobe\\Acrobat 5.0\\Reader\\AcroRd32.exe"=
"C:\\Program Files\\sdc213\\StrongDC.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 Mx-3 B-Cup Service;MX-3 B-Cup XP;C:\WINDOWS\system32\Mx-3 B-Cup Service.exe s []
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
S3 PAC207;Trust WB-1200p Mini Webcam;C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 12:29]
S4 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe []
S4 ioloSystemService;iolo System Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe []
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-07 14:42:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\SYSTEM32\rundll32.exe
C:\WINDOWS\SYSTEM32\Mx-3 B-Cup Service.exe
C:\WINDOWS\SYSTEM32\PAStiSvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Completion time: 2008-07-07 14:49:12 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-07 12:49:03
Adresářů: 12, Volných bajtů: 36,378,773,504
Adres ý…: 17, Volněch bajt…: 36,836,792,320
278 --- E O F --- 2008-06-03 01:23:18
ComboFix 08-07-05.1 - Martin 2008-07-07 14:31:17.1 - NTFSx86
Running from: C:\Documents and Settings\Martin\ComboFix.exe
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\.protected
C:\Program Files\IE Extensions
C:\WINDOWS\.protected
C:\WINDOWS\epnv.exe
C:\WINDOWS\privacy_danger
C:\WINDOWS\privacy_danger\images\capt.gif
C:\WINDOWS\privacy_danger\images\danger.jpg
C:\WINDOWS\privacy_danger\images\down.gif
C:\WINDOWS\privacy_danger\images\spacer.gif
C:\WINDOWS\privacy_danger\index.htm
C:\WINDOWS\system32\blphcac5j0en6e.scr
C:\WINDOWS\system32\drivers\etc\.protected
C:\WINDOWS\system32\phcac5j0en6e.bmp
.
((((((((((((((((((((((((( Files Created from 2008-06-07 to 2008-07-07 )))))))))))))))))))))))))))))))
.
2008-07-07 14:29 . 2008-07-07 14:28 1,981,576 --a------ C:\Documents and Settings\Martin\ComboFix.exe
2008-07-07 11:53 . 2004-08-17 15:49 153,088 --a------ C:\WINDOWS\SYSTEM32\irftp.exe
2008-07-07 11:53 . 2004-08-17 15:49 153,088 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\irftp.exe
2008-07-07 11:53 . 2004-08-17 15:49 26,624 --a------ C:\WINDOWS\SYSTEM32\irmon.dll
2008-07-07 11:53 . 2004-08-17 15:49 26,624 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\irmon.dll
2008-07-07 11:53 . 2004-08-17 15:49 8,192 --a------ C:\WINDOWS\SYSTEM32\wshirda.dll
2008-07-07 11:53 . 2004-08-17 15:49 8,192 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\wshirda.dll
2008-07-06 14:49 . 2008-07-06 14:50 <DIR> d-------- C:\Program Files\Booty Duty
2008-07-05 17:03 . 2008-07-05 17:03 4,309,545 --a------ C:\Program Files\SpywareTerminatorSetup.exe
2008-07-05 13:42 . 2008-07-05 13:48 <DIR> d-------- C:\Program Files\SuspenzorPC
2008-07-05 13:42 . 2008-07-05 13:42 <DIR> d-------- C:\Program Files\Common Files\SuspenzorPC
2008-07-05 13:42 . 2007-02-13 09:09 388,126 --a------ C:\WINDOWS\SYSTEM32\sqlite3.dll
2008-07-05 11:05 . 2008-07-05 11:05 1,160 --a------ C:\WINDOWS\mozver.dat
2008-07-04 22:18 . 2008-07-04 22:18 <DIR> d-------- C:\WINDOWS\SYSTEM32\cs-cz
2008-07-04 22:05 . 2008-07-04 22:05 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-04 20:23 . 2008-07-04 20:23 <DIR> d-------- C:\Program Files\Alwil Software
2008-07-04 17:58 . 2008-07-04 17:58 434,252 --a------ C:\WINDOWS\SYSTEM32\MSVCRTD.DLL
2008-07-04 17:58 . 2008-07-04 17:58 216,576 --a------ C:\WINDOWS\SYSTEM32\monln.dll
2008-07-04 17:58 . 2008-07-04 17:58 73,728 --a------ C:\WINDOWS\SYSTEM32\CavEmLSP.dll
2008-07-04 15:02 . 2008-07-04 21:18 <DIR> d-------- C:\WINDOWS\SYSTEM32\931928
2008-07-03 21:41 . 2008-07-03 21:41 1,047,552 --a------ C:\WINDOWS\SYSTEM32\mfc71u.dll
2008-07-03 21:25 . 2008-07-03 21:25 <DIR> d-------- C:\Program Files\Common Files\Softwin
2008-07-03 20:59 . 2008-07-03 20:59 132 --a------ C:\WINDOWS\ODBC.INI
2008-07-03 18:59 . 2004-08-03 22:32 571,392 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\tintlgnt.ime
2008-07-03 18:58 . 2004-08-03 22:31 482,304 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\pintlgnt.ime
2008-07-03 18:57 . 2001-10-25 14:00 1,875,968 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\msir3jp.lex
2008-07-03 18:56 . 2001-10-25 14:00 13,463,552 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\hwxjpn.dll
2008-07-03 18:55 . 2001-10-25 14:00 1,677,824 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\chsbrkr.dll
2008-07-03 18:54 . 2004-08-17 15:49 2,134,528 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\smtpsnap.dll
2008-07-03 18:53 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\fp4awel.dll
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\wuaucpl.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\sapi.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\nwc.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\ncpa.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 488 -rah----- C:\WINDOWS\SYSTEM32\logonui.exe.manifest
2008-07-03 18:43 . 2004-08-03 22:31 20,992 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.sys
2008-07-03 17:53 . 2004-08-17 16:46 1,086,058 -ra------ C:\WINDOWS\SET2F.tmp
2008-07-03 17:53 . 2004-08-17 16:50 1,014,483 -ra------ C:\WINDOWS\SET2C.tmp
2008-07-03 17:53 . 2004-08-17 16:46 14,043 -ra------ C:\WINDOWS\SET3B.tmp
2008-07-03 17:29 . 2004-10-07 14:39 89,088 --a------ C:\WINDOWS\SYSTEM32\atl71.dll
2008-07-03 16:50 . 2008-07-03 16:50 0 --a------ C:\WINDOWS\SYSTEM32\73B.tmp
2008-07-03 06:06 . 2008-07-04 21:18 <DIR> d-------- C:\WINDOWS\SYSTEM32\734914
2008-07-02 22:59 . 2008-07-02 22:59 0 --a------ C:\WINDOWS\SYSTEM32\466.tmp
2008-07-02 22:54 . 2008-07-02 22:54 0 --a------ C:\WINDOWS\SYSTEM32\264.tmp
2008-07-02 22:53 . 2008-07-02 22:53 0 --a------ C:\WINDOWS\SYSTEM32\263.tmp
2008-07-02 22:52 . 2008-07-02 22:52 0 --a------ C:\WINDOWS\SYSTEM32\443.tmp
2008-07-02 22:52 . 2008-07-02 22:52 0 --a------ C:\WINDOWS\SYSTEM32\442.tmp
2008-07-02 22:50 . 2008-07-02 22:50 0 --a------ C:\WINDOWS\SYSTEM32\262.tmp
2008-07-02 22:49 . 2008-07-02 22:49 0 --a------ C:\WINDOWS\SYSTEM32\261.tmp
2008-07-02 22:48 . 2008-07-02 22:48 0 --a------ C:\WINDOWS\SYSTEM32\437.tmp
2008-07-02 22:48 . 2008-07-02 22:48 0 --a------ C:\WINDOWS\SYSTEM32\260.tmp
2008-07-02 22:47 . 2008-07-02 22:47 0 --a------ C:\WINDOWS\SYSTEM32\434.tmp
2008-07-02 22:47 . 2008-07-02 22:47 0 --a------ C:\WINDOWS\SYSTEM32\432.tmp
2008-07-02 22:46 . 2008-07-02 22:46 0 --a------ C:\WINDOWS\SYSTEM32\25F.tmp
2008-07-02 22:45 . 2008-07-02 22:45 0 --a------ C:\WINDOWS\SYSTEM32\25D.tmp
2008-07-02 22:44 . 2008-07-02 22:44 0 --a------ C:\WINDOWS\SYSTEM32\25C.tmp
2008-07-02 22:43 . 2008-07-02 22:43 0 --a------ C:\WINDOWS\SYSTEM32\25A.tmp
2008-07-02 22:43 . 2008-07-02 22:43 0 --a------ C:\WINDOWS\SYSTEM32\259.tmp
2008-07-02 22:42 . 2008-07-02 22:42 0 --a------ C:\WINDOWS\SYSTEM32\257.tmp
2008-07-02 22:39 . 2008-07-02 22:39 0 --a------ C:\WINDOWS\SYSTEM32\253.tmp
2008-07-02 22:39 . 2008-07-02 22:39 0 --a------ C:\WINDOWS\SYSTEM32\252.tmp
2008-07-02 22:39 . 2008-07-02 22:39 0 --a------ C:\WINDOWS\SYSTEM32\250.tmp
2008-07-02 22:38 . 2008-07-02 22:38 0 --a------ C:\WINDOWS\SYSTEM32\41D.tmp
2008-07-02 22:38 . 2008-07-02 22:38 0 --a------ C:\WINDOWS\SYSTEM32\24F.tmp
2008-07-02 22:37 . 2008-07-02 22:37 0 --a------ C:\WINDOWS\SYSTEM32\41A.tmp
2008-07-02 22:37 . 2008-07-02 22:37 0 --a------ C:\WINDOWS\SYSTEM32\419.tmp
2008-07-02 22:35 . 2008-07-02 22:35 0 --a------ C:\WINDOWS\SYSTEM32\415.tmp
2008-07-02 22:35 . 2008-07-02 22:35 0 --a------ C:\WINDOWS\SYSTEM32\413.tmp
2008-07-02 22:34 . 2008-07-02 22:34 0 --a------ C:\WINDOWS\SYSTEM32\411.tmp
2008-07-02 22:34 . 2008-07-02 22:34 0 --a------ C:\WINDOWS\SYSTEM32\403.tmp
2008-07-02 22:33 . 2008-07-02 22:33 0 --a------ C:\WINDOWS\SYSTEM32\248.tmp
2008-07-02 22:32 . 2008-07-02 22:32 0 --a------ C:\WINDOWS\SYSTEM32\247.tmp
2008-07-02 22:31 . 2008-07-02 22:31 0 --a------ C:\WINDOWS\SYSTEM32\246.tmp
2008-07-02 22:30 . 2008-07-02 22:30 0 --a------ C:\WINDOWS\SYSTEM32\3EB.tmp
2008-07-02 22:29 . 2008-07-02 22:29 0 --a------ C:\WINDOWS\SYSTEM32\3E5.tmp
2008-07-02 22:29 . 2008-07-02 22:29 0 --a------ C:\WINDOWS\SYSTEM32\3E3.tmp
2008-07-02 22:07 . 2008-07-02 22:07 0 --a------ C:\WINDOWS\SYSTEM32\239.tmp
2008-07-02 22:05 . 2008-07-02 22:05 0 --a------ C:\WINDOWS\SYSTEM32\238.tmp
2008-07-02 22:02 . 2008-07-02 22:02 0 --a------ C:\WINDOWS\SYSTEM32\235.tmp
2008-07-02 22:02 . 2008-07-02 22:02 0 --a------ C:\WINDOWS\SYSTEM32\232.tmp
2008-07-02 22:01 . 2008-07-02 22:01 0 --a------ C:\WINDOWS\SYSTEM32\231.tmp
2008-07-02 22:01 . 2008-07-02 22:01 0 --a------ C:\WINDOWS\SYSTEM32\230.tmp
2008-07-02 22:01 . 2008-07-02 22:01 0 --a------ C:\WINDOWS\SYSTEM32\22F.tmp
2008-07-02 21:59 . 2008-07-02 21:59 0 --a------ C:\WINDOWS\SYSTEM32\3A9.tmp
2008-07-02 21:53 . 2008-07-02 18:30 180,224 --a------ C:\WINDOWS\axrfgvek.dll
2008-07-02 21:53 . 2008-07-02 18:30 155,648 --a------ C:\WINDOWS\nqgpedlr.dll
2008-07-02 21:53 . 2008-07-02 18:30 86,016 --a------ C:\WINDOWS\mrvtdpqe.exe
2008-07-02 19:35 . 2008-07-02 19:43 <DIR> d-------- C:\Apocalypto
2008-07-02 19:24 . 2008-07-02 19:31 <DIR> d-------- C:\Constantine
2008-07-01 18:35 . 2008-07-06 16:09 <DIR> d-------- C:\Games
2008-07-01 18:26 . 2008-07-01 18:26 <DIR> d-------- C:\Program Files\IrfanView
2008-07-01 16:55 . 2008-07-01 16:59 114,351 --a------ C:\WINDOWS\hpqins13.dat
2008-06-28 14:13 . 2008-06-28 15:23 <DIR> d-------- C:\Program Files\MediaCell Video Converter
2008-06-27 12:55 . 2008-06-27 12:55 <DIR> d-------- C:\Program Files\eDATA Unerase
2008-06-27 12:55 . 2004-03-16 08:35 49,152 --a------ C:\WINDOWS\SYSTEM32\OctaneARM.dll
2008-06-26 20:15 . 2008-06-26 20:15 <DIR> d-------- C:\Program Files\MyRealGames.com
2008-06-26 00:02 . 2008-04-17 10:45 9,341 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\filedisk.sys
2008-06-26 00:01 . 2008-06-26 00:01 74,703 --a------ C:\WINDOWS\SYSTEM32\mfc45.dll
2008-06-25 09:37 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\NABTSFEC.sys
2008-06-25 09:37 . 2004-08-03 23:10 19,328 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\WSTCODEC.SYS
2008-06-25 09:37 . 2004-08-03 23:10 17,024 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\CCDECODE.sys
2008-06-25 09:37 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.sys
2008-06-25 09:36 . 2004-08-17 15:49 91,136 --a------ C:\WINDOWS\SYSTEM32\kswdmcap.ax
2008-06-25 09:36 . 2004-08-17 15:49 61,952 --a------ C:\WINDOWS\SYSTEM32\kstvtune.ax
2008-06-25 09:36 . 2004-08-17 15:49 54,272 --a------ C:\WINDOWS\SYSTEM32\vfwwdm32.dll
2008-06-25 09:36 . 2005-01-14 09:32 53,248 --a------ C:\WINDOWS\SYSTEM32\PAStiSvc.exe
2008-06-25 09:36 . 2004-08-17 15:49 43,008 --a------ C:\WINDOWS\SYSTEM32\ksxbar.ax
2008-06-25 09:36 . 2004-08-17 15:49 28,672 --a------ C:\WINDOWS\SYSTEM32\vidcap.ax
2008-06-25 09:30 . 1998-09-02 10:28 38,160 --a------ C:\WINDOWS\SYSTEM32\LMRTREND.dll
2008-06-25 09:30 . 2008-07-02 21:10 645 --a------ C:\WINDOWS\videoimp.ini
2008-06-25 09:29 . 2008-06-25 09:29 <DIR> d-------- C:\Program Files\ArcSoft
2008-06-25 09:29 . 1999-05-26 09:46 212,480 --a------ C:\WINDOWS\pcdlib32.dll
2008-06-25 09:29 . 1998-09-02 10:02 194,320 --a------ C:\WINDOWS\SYSTEM32\qcut.dll
2008-06-25 09:29 . 1998-08-20 13:02 140,800 --a------ C:\WINDOWS\SYSTEM32\tm20dec.ax
2008-06-25 09:29 . 1998-09-02 10:28 63,488 --a------ C:\WINDOWS\SYSTEM32\unam4ie.exe
2008-06-25 09:29 . 1998-08-17 11:21 11,776 --a------ C:\WINDOWS\SYSTEM32\mciqtz.drv
2008-06-25 09:29 . 1998-08-17 11:21 10,240 --a------ C:\WINDOWS\SYSTEM32\vidx16.dll
2008-06-25 09:29 . 1998-08-17 11:21 5,672 --a------ C:\WINDOWS\SYSTEM32\quartz.vxd
2008-06-25 09:29 . 2008-06-25 09:29 4,608 --a------ C:\WINDOWS\SYSTEM32\w95inf32.dll
2008-06-25 09:29 . 2008-06-25 09:29 2,272 --a------ C:\WINDOWS\SYSTEM32\w95inf16.dll
2008-06-25 09:29 . 2001-06-20 11:04 21 --a------ C:\WINDOWS\VI_setup.ini
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\WINDOWS\PixArt
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\Program Files\Trust
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-07 09:54 715,454 ----a-w C:\WINDOWS\SYSTEM32\PerfStringBackup.TMP
2008-07-06 19:30 --------- d-----w C:\Program Files\Skype
2008-07-04 15:58 499,712 ----a-w C:\WINDOWS\SYSTEM32\msvcp71.dll
2008-07-04 15:58 348,160 ----a-w C:\WINDOWS\SYSTEM32\msvcr71.dll
2008-07-04 15:58 1,060,864 ----a-w C:\WINDOWS\SYSTEM32\MFC71.dll
2008-07-01 15:38 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-01 11:58 --------- d-----w C:\Program Files\ICQToolbar
2008-06-27 10:50 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-06-19 05:47 --------- d-----w C:\Program Files\Instalační průvodce
2008-06-13 17:57 --------- d-----w C:\Program Files\totalcmd
2008-06-10 20:21 --------- d-----w C:\Program Files\VideoLAN
2008-06-07 07:20 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-06 06:52 --------- d-----w C:\Program Files\DivX
2008-06-05 16:39 --------- d-----w C:\Program Files\ICQ6
2008-06-05 10:05 --------- d-----w C:\Program Files\cdkeys10
2008-06-05 08:37 159,933 ----a-w C:\WINDOWS\Wave@MP3 Uninstaller.exe
2008-06-05 08:37 --------- d-----w C:\Program Files\River Past
2008-06-05 08:37 --------- d-----w C:\Program Files\Common Files\River Past
2008-06-05 08:30 --------- d-----w C:\Program Files\DVD Decrypter
2008-06-05 08:19 --------- d-----w C:\Program Files\DVDStyler
2008-06-04 11:07 14,773,280 ----a-w C:\Program Files\IE7-WindowsXP-x86-csy.exe
2008-06-03 22:33 --------- d-----w C:\Program Files\QuickTime
2008-06-03 09:40 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-06-03 09:32 --------- d-----w C:\Program Files\Common Files\Ahead
2008-06-03 09:21 --------- d-----w C:\Program Files\Nero
2008-06-03 07:21 --------- d-----w C:\Program Files\Free Window Registry Repair
2008-06-03 07:08 --------- d-----w C:\Program Files\Seznam
2008-06-03 01:47 --------- d-----w C:\Program Files\ZipGenius 6
2008-06-03 01:37 --------- d-----w C:\Program Files\sdc213
2008-06-02 23:58 --------- d-----w C:\Program Files\Codec Pack - All In 1
2008-06-02 22:59 --------- d-----w C:\Program Files\MSConfig CleanUp
2008-06-02 22:50 --------- d-----w C:\Program Files\Movies To DVD
2008-06-02 22:25 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-06-02 22:21 --------- d-----w C:\Program Files\Xvid CZ
2008-06-02 22:19 --------- d-----w C:\Program Files\APlus Viewer
2008-06-02 22:03 --------- d-----w C:\Program Files\Common Files\Skype
2008-06-02 10:44 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-02 09:53 --------- d-----r C:\Program Files\Publikování v síti WWW
2008-06-01 19:32 --------- d-----w C:\Program Files\Java
2008-06-01 19:32 --------- d-----w C:\Program Files\Common Files\Java
2008-06-01 16:52 --------- d-----w C:\Program Files\BSP Multimedia
2008-06-01 13:26 5,166 --sh--w C:\SUHDLOG.DAT
2008-05-13 01:51 200,704 ----a-w C:\WINDOWS\SYSTEM32\ssldivx.dll
2008-05-13 01:51 1,044,480 ----a-w C:\WINDOWS\SYSTEM32\libdivx.dll
2001-06-01 13:34 266 --sh--w C:\Program Files\desktop.ini
2001-06-01 13:34 11,253 ---ha-w C:\Program Files\folder.htt
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EC4A1CF6-AE63-45C3-B7C7-E427DA6CBFD9}"= "C:\WINDOWS\nqgpedlr.dll" [2008-07-02 18:30 155648]
[HKEY_CLASSES_ROOT\clsid\{ec4a1cf6-ae63-45c3-b7c7-e427da6cbfd9}]
[HKEY_CLASSES_ROOT\nqgpedlr.1]
[HKEY_CLASSES_ROOT\TypeLib\{02BFD7DC-AB51-4B70-BD6B-D803566F6C17}]
[HKEY_CLASSES_ROOT\nqgpedlr]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 15:54 21718312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMail"="C:\Program Files\Seznam\Postak\Postak.exe" [2008-02-21 21:22 453936]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-17 17:49 159232]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 15:49 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 15:49 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.xvid"= xvid.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^.protected]
backup=C:\WINDOWS\pss\.protectedCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Martin^Nabídka Start^Programy^Po spuštění^.protected]
backup=C:\WINDOWS\pss\.protectedStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemDefender
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Schedule"=2 (0x2)
"mnmsrvc"=3 (0x3)
"Microsoft Office Groove Audit Service"=3 (0x3)
"ioloSystemService"=2 (0x2)
"ioloFileInfoList"=2 (0x2)
"SCardSvr"=3 (0x3)
"bdss"=2 (0x2)
"XCOMM"=2 (0x2)
"Spooler"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\Program Files\\Adobe\\Acrobat 5.0\\Reader\\AcroRd32.exe"=
"C:\\Program Files\\sdc213\\StrongDC.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 Mx-3 B-Cup Service;MX-3 B-Cup XP;C:\WINDOWS\system32\Mx-3 B-Cup Service.exe s []
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
S3 PAC207;Trust WB-1200p Mini Webcam;C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 12:29]
S4 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe []
S4 ioloSystemService;iolo System Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe []
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-07 14:42:14
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\SYSTEM32\rundll32.exe
C:\WINDOWS\SYSTEM32\Mx-3 B-Cup Service.exe
C:\WINDOWS\SYSTEM32\PAStiSvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Completion time: 2008-07-07 14:49:12 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-07 12:49:03
Adresářů: 12, Volných bajtů: 36,378,773,504
Adres ý…: 17, Volněch bajt…: 36,836,792,320
278 --- E O F --- 2008-06-03 01:23:18
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Re: po odvirování něco chybí
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok)
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
File::
C:\WINDOWS\SYSTEM32\73B.tmp
C:\WINDOWS\SYSTEM32\466.tmp
C:\WINDOWS\SYSTEM32\264.tmp
C:\WINDOWS\SYSTEM32\263.tmp
C:\WINDOWS\SYSTEM32\443.tmp
C:\WINDOWS\SYSTEM32\442.tmp
C:\WINDOWS\SYSTEM32\262.tmp
C:\WINDOWS\SYSTEM32\261.tmp
C:\WINDOWS\SYSTEM32\437.tmp
C:\WINDOWS\SYSTEM32\260.tmp
C:\WINDOWS\SYSTEM32\434.tmp
C:\WINDOWS\SYSTEM32\432.tmp
C:\WINDOWS\SYSTEM32\25F.tmp
C:\WINDOWS\SYSTEM32\25D.tmp
C:\WINDOWS\SYSTEM32\25C.tmp
C:\WINDOWS\SYSTEM32\25A.tmp
C:\WINDOWS\SYSTEM32\259.tmp
C:\WINDOWS\SYSTEM32\257.tmp
C:\WINDOWS\SYSTEM32\253.tmp
C:\WINDOWS\SYSTEM32\252.tmp
C:\WINDOWS\SYSTEM32\250.tmp
C:\WINDOWS\SYSTEM32\41D.tmp
C:\WINDOWS\SYSTEM32\24F.tmp
C:\WINDOWS\SYSTEM32\41A.tmp
C:\WINDOWS\SYSTEM32\419.tmp
C:\WINDOWS\SYSTEM32\415.tmp
C:\WINDOWS\SYSTEM32\413.tmp
C:\WINDOWS\SYSTEM32\411.tmp
C:\WINDOWS\SYSTEM32\403.tmp
C:\WINDOWS\SYSTEM32\248.tmp
C:\WINDOWS\SYSTEM32\247.tmp
C:\WINDOWS\SYSTEM32\246.tmp
C:\WINDOWS\SYSTEM32\3EB.tmp
C:\WINDOWS\SYSTEM32\3E5.tmp
C:\WINDOWS\SYSTEM32\3E3.tmp
C:\WINDOWS\SYSTEM32\239.tmp
C:\WINDOWS\SYSTEM32\238.tmp
C:\WINDOWS\SYSTEM32\235.tmp
C:\WINDOWS\SYSTEM32\232.tmp
C:\WINDOWS\SYSTEM32\231.tmp
C:\WINDOWS\SYSTEM32\230.tmp
C:\WINDOWS\SYSTEM32\22F.tmp
C:\WINDOWS\SYSTEM32\3A9.tmp
C:\WINDOWS\axrfgvek.dll
C:\WINDOWS\nqgpedlr.dll
C:\WINDOWS\mrvtdpqe.exe
Folder::
C:\Program Files\SuspenzorPC
C:\Program Files\Common Files\SuspenzorPC
C:\WINDOWS\SYSTEM32\931928
C:\WINDOWS\SYSTEM32\734914
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EC4A1CF6-AE63-45C3-B7C7-E427DA6CBFD9}"=-
[-HKEY_CLASSES_ROOT\clsid\{ec4a1cf6-ae63-45c3-b7c7-e427da6cbfd9}]
[-HKEY_CLASSES_ROOT\nqgpedlr.1]
[-HKEY_CLASSES_ROOT\TypeLib\{02BFD7DC-AB51-4B70-BD6B-D803566F6C17}]
[-HKEY_CLASSES_ROOT\nqgpedlr]
[-HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^.protected]
[-HKLM\~\startupfolder\C:^Documents and Settings^Martin^Nabídka Start^Programy^Po spuštění^.protected]Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT
It may take a while to get a response, because the "HJT Team" are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.
Pokud máte nějaký problém, tak mi neposílejte SZ/PM zprávy s logy a dejte je do fóra. Na tyto SZ není možno odpovědět
Pokud máte nějaký problém, tak mi neposílejte SZ/PM zprávy s logy a dejte je do fóra. Na tyto SZ není možno odpovědět
Re: po odvirování něco chybí
Děkuji za další pomoc, ale teď jsem asi trochu mimo, protože po 1.projetí v ComboFixu se vše vrátilo do původních kolejí. Tak nevím k čemu vlastně bude tento proces co mi píšeš ? Po tom zavirování jsem už spoustu věcí musel vyladit do původní podoby, ale vždycky ještě na něco příjdu. Teď myslím na to, že se dá určitě někde nastavit Autorun u CD-ROMek. Nějak mi nefunguje. Každopádně děkuju moc za všechny rady.
-
Pic
- Moderátor
-
Guru Level 13
- Příspěvky: 23292
- Registrován: září 06
- Bydliště: Východní Čechy
- Pohlaví:
- Stav:
Offline
Re: po odvirování něco chybí
Respektuj ve vlastním zájmu radu "fredika", dobře ví proč Ti to radí!
Přečti si pravidla tohoto fóra! Přečetl jsi si nejprve manuál? Piš tak, abychom Ti rozuměli! Na SZ neodpovídám na požadavky řešení Vašich problémů s PC!
Nic není dokonalé, ani člověk!
Nic není dokonalé, ani člověk!
Re: po odvirování něco chybí
ComboFix 08-07-05.1 - Martin 2008-07-08 19:27:20.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.94 [GMT 2:00]
Running from: C:\QooBox\ComboFix.exe
Command switches used :: C:\Documents and Settings\Martin\Plocha\CFScript.txt
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE ::
C:\WINDOWS\axrfgvek.dll
C:\WINDOWS\mrvtdpqe.exe
C:\WINDOWS\nqgpedlr.dll
C:\WINDOWS\SYSTEM32\22F.tmp
C:\WINDOWS\SYSTEM32\230.tmp
C:\WINDOWS\SYSTEM32\231.tmp
C:\WINDOWS\SYSTEM32\232.tmp
C:\WINDOWS\SYSTEM32\235.tmp
C:\WINDOWS\SYSTEM32\238.tmp
C:\WINDOWS\SYSTEM32\239.tmp
C:\WINDOWS\SYSTEM32\246.tmp
C:\WINDOWS\SYSTEM32\247.tmp
C:\WINDOWS\SYSTEM32\248.tmp
C:\WINDOWS\SYSTEM32\24F.tmp
C:\WINDOWS\SYSTEM32\250.tmp
C:\WINDOWS\SYSTEM32\252.tmp
C:\WINDOWS\SYSTEM32\253.tmp
C:\WINDOWS\SYSTEM32\257.tmp
C:\WINDOWS\SYSTEM32\259.tmp
C:\WINDOWS\SYSTEM32\25A.tmp
C:\WINDOWS\SYSTEM32\25C.tmp
C:\WINDOWS\SYSTEM32\25D.tmp
C:\WINDOWS\SYSTEM32\25F.tmp
C:\WINDOWS\SYSTEM32\260.tmp
C:\WINDOWS\SYSTEM32\261.tmp
C:\WINDOWS\SYSTEM32\262.tmp
C:\WINDOWS\SYSTEM32\263.tmp
C:\WINDOWS\SYSTEM32\264.tmp
C:\WINDOWS\SYSTEM32\3A9.tmp
C:\WINDOWS\SYSTEM32\3E3.tmp
C:\WINDOWS\SYSTEM32\3E5.tmp
C:\WINDOWS\SYSTEM32\3EB.tmp
C:\WINDOWS\SYSTEM32\403.tmp
C:\WINDOWS\SYSTEM32\411.tmp
C:\WINDOWS\SYSTEM32\413.tmp
C:\WINDOWS\SYSTEM32\415.tmp
C:\WINDOWS\SYSTEM32\419.tmp
C:\WINDOWS\SYSTEM32\41A.tmp
C:\WINDOWS\SYSTEM32\41D.tmp
C:\WINDOWS\SYSTEM32\432.tmp
C:\WINDOWS\SYSTEM32\434.tmp
C:\WINDOWS\SYSTEM32\437.tmp
C:\WINDOWS\SYSTEM32\442.tmp
C:\WINDOWS\SYSTEM32\443.tmp
C:\WINDOWS\SYSTEM32\466.tmp
C:\WINDOWS\SYSTEM32\73B.tmp
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Common Files\SuspenzorPC
C:\Program Files\SuspenzorPC
C:\Program Files\SuspenzorPC\config.ini
C:\Program Files\SuspenzorPC\data\application\7-Zip Compression Pgm.scr
C:\Program Files\SuspenzorPC\data\application\AbsoluteFTP.scr
C:\Program Files\SuspenzorPC\data\application\ACDSee32.scr
C:\Program Files\SuspenzorPC\data\application\Acoustica CD Label Maker.scr
C:\Program Files\SuspenzorPC\data\application\Ad-aware SE.scr
C:\Program Files\SuspenzorPC\data\application\Adaptec's Audio CD.scr
C:\Program Files\SuspenzorPC\data\application\Adaptec Easy CD Creator v4.scr
C:\Program Files\SuspenzorPC\data\application\Addsoft.scr
C:\Program Files\SuspenzorPC\data\application\AddWeb 3.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Acrobat Reader v3.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Acrobat Reader v3.1.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Acrobat Reader v4.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Acrobat Reader v5.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Acrobat Reader v6.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Acrobat Reader v7.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Photoshop v5.0 LE.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Photoshop v5.5.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Photoshop v6.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Photoshop v7.0.scr
C:\Program Files\SuspenzorPC\data\application\Advanced Disk Catalog.scr
C:\Program Files\SuspenzorPC\data\application\Advanced MP3 Catalog.scr
C:\Program Files\SuspenzorPC\data\application\Advanced Password Recovery.scr
C:\Program Files\SuspenzorPC\data\application\ahead cover designer.scr
C:\Program Files\SuspenzorPC\data\application\Albatros ADGaspect.scr
C:\Program Files\SuspenzorPC\data\application\Albatros ADGpano.scr
C:\Program Files\SuspenzorPC\data\application\Albatros ADGview.scr
C:\Program Files\SuspenzorPC\data\application\Alcohol MRU List.scr
C:\Program Files\SuspenzorPC\data\application\Animation Shop 1.x.scr
C:\Program Files\SuspenzorPC\data\application\Animation Shop 3.x.scr
C:\Program Files\SuspenzorPC\data\application\AOL - Spool.scr
C:\Program Files\SuspenzorPC\data\application\ASPack.scr
C:\Program Files\SuspenzorPC\data\application\Avant Browser.scr
C:\Program Files\SuspenzorPC\data\application\AX-Icons 4.x.scr
C:\Program Files\SuspenzorPC\data\application\Axialis Icon Workshop 5.x.scr
C:\Program Files\SuspenzorPC\data\application\Axialis Media Browser.scr
C:\Program Files\SuspenzorPC\data\application\Babylon Builder 2.2.scr
C:\Program Files\SuspenzorPC\data\application\Babylon Translator.scr
C:\Program Files\SuspenzorPC\data\application\BlazeDVD 2.0.scr
C:\Program Files\SuspenzorPC\data\application\Bookreader.scr
C:\Program Files\SuspenzorPC\data\application\C++ Builder.scr
C:\Program Files\SuspenzorPC\data\application\Cabinet Manager.scr
C:\Program Files\SuspenzorPC\data\application\Classify 98.scr
C:\Program Files\SuspenzorPC\data\application\Clicktionary 2000.scr
C:\Program Files\SuspenzorPC\data\application\CoffeeCup DirectFTP.scr
C:\Program Files\SuspenzorPC\data\application\CoffeeCup GIF Animator.scr
C:\Program Files\SuspenzorPC\data\application\Cool Edit 2000 1.1.scr
C:\Program Files\SuspenzorPC\data\application\Cool Edit Pro.scr
C:\Program Files\SuspenzorPC\data\application\Corel PhotoPaint 8.scr
C:\Program Files\SuspenzorPC\data\application\CrissCross.scr
C:\Program Files\SuspenzorPC\data\application\CRT 2.x.scr
C:\Program Files\SuspenzorPC\data\application\Cute FTP v3.0.scr
C:\Program Files\SuspenzorPC\data\application\Cute FTP v4.0.scr
C:\Program Files\SuspenzorPC\data\application\CuteFTP.scr
C:\Program Files\SuspenzorPC\data\application\CuteHTML.scr
C:\Program Files\SuspenzorPC\data\application\DataRescue_IDA.scr
C:\Program Files\SuspenzorPC\data\application\Delphi v3.scr
C:\Program Files\SuspenzorPC\data\application\Delphi v4.scr
C:\Program Files\SuspenzorPC\data\application\Delphi v5.scr
C:\Program Files\SuspenzorPC\data\application\Delphi v7.scr
C:\Program Files\SuspenzorPC\data\application\Disk Explorer Professional 3.scr
C:\Program Files\SuspenzorPC\data\application\Diskeeper 5.0.scr
C:\Program Files\SuspenzorPC\data\application\DivX Player.scr
C:\Program Files\SuspenzorPC\data\application\Download Accelerator.scr
C:\Program Files\SuspenzorPC\data\application\Ebay Toolbar.scr
C:\Program Files\SuspenzorPC\data\application\EditPad.scr
C:\Program Files\SuspenzorPC\data\application\EditPlus 2.scr
C:\Program Files\SuspenzorPC\data\application\edonkey2000.scr
C:\Program Files\SuspenzorPC\data\application\eMule.scr
C:\Program Files\SuspenzorPC\data\application\Enfish Onespace.scr
C:\Program Files\SuspenzorPC\data\application\Enigma Browser.scr
C:\Program Files\SuspenzorPC\data\application\F-Secure SSH 2.x.scr
C:\Program Files\SuspenzorPC\data\application\Fix-It 2000.scr
C:\Program Files\SuspenzorPC\data\application\FlashGet.scr
C:\Program Files\SuspenzorPC\data\application\FotoCanvas 2.0.scr
C:\Program Files\SuspenzorPC\data\application\Fotostation 4.0.scr
C:\Program Files\SuspenzorPC\data\application\foxit reader.scr
C:\Program Files\SuspenzorPC\data\application\Free Download Manager 1.x.scr
C:\Program Files\SuspenzorPC\data\application\FTP Explorer.scr
C:\Program Files\SuspenzorPC\data\application\FTP Voyager.scr
C:\Program Files\SuspenzorPC\data\application\Gator.scr
C:\Program Files\SuspenzorPC\data\application\GeoVid Video to Flash Batch Converter.scr
C:\Program Files\SuspenzorPC\data\application\GetRight ExplorerBar.scr
C:\Program Files\SuspenzorPC\data\application\GetRight.scr
C:\Program Files\SuspenzorPC\data\application\Go!Zilla.scr
C:\Program Files\SuspenzorPC\data\application\Google Deskbar.scr
C:\Program Files\SuspenzorPC\data\application\Google Desktop Search History.scr
C:\Program Files\SuspenzorPC\data\application\Google Toolbar.scr
C:\Program Files\SuspenzorPC\data\application\Google Video Player 1.x.scr
C:\Program Files\SuspenzorPC\data\application\GoZilla.scr
C:\Program Files\SuspenzorPC\data\application\Gravity Newsreader.scr
C:\Program Files\SuspenzorPC\data\application\hardcopy.scr
C:\Program Files\SuspenzorPC\data\application\Helios TextPad v3.scr
C:\Program Files\SuspenzorPC\data\application\Helios TextPad v4.scr
C:\Program Files\SuspenzorPC\data\application\HelpWriter.scr
C:\Program Files\SuspenzorPC\data\application\hexworkshop.scr
C:\Program Files\SuspenzorPC\data\application\Homesite 4.0.scr
C:\Program Files\SuspenzorPC\data\application\Hotbar 3.0.scr
C:\Program Files\SuspenzorPC\data\application\HotJava Browser.scr
C:\Program Files\SuspenzorPC\data\application\HTML Help Workshop.scr
C:\Program Files\SuspenzorPC\data\application\Chameleon Web Browser.scr
C:\Program Files\SuspenzorPC\data\application\Icon Extractor.scr
C:\Program Files\SuspenzorPC\data\application\iMesh.scr
C:\Program Files\SuspenzorPC\data\application\InoculatelT PE Antivirus.scr
C:\Program Files\SuspenzorPC\data\application\InstallShield Express.scr
C:\Program Files\SuspenzorPC\data\application\InterQuick.scr
C:\Program Files\SuspenzorPC\data\application\Irfanview.scr
C:\Program Files\SuspenzorPC\data\application\Iso Buster.scr
C:\Program Files\SuspenzorPC\data\application\Jasc Animation Shop 3.scr
C:\Program Files\SuspenzorPC\data\application\JASC Paintshop Pro v5.scr
C:\Program Files\SuspenzorPC\data\application\JASC Paintshop Pro v6.scr
C:\Program Files\SuspenzorPC\data\application\JASC Paintshop Pro v7.scr
C:\Program Files\SuspenzorPC\data\application\JASC Paintshop Pro v8.scr
C:\Program Files\SuspenzorPC\data\application\Jet Photo Shell.scr
C:\Program Files\SuspenzorPC\data\application\juno.scr
C:\Program Files\SuspenzorPC\data\application\K-Lite Codec Pack.scr
C:\Program Files\SuspenzorPC\data\application\Kazaa Media Desktop.scr
C:\Program Files\SuspenzorPC\data\application\Kodak Imaging.scr
C:\Program Files\SuspenzorPC\data\application\LeapFTP 2.6.scr
C:\Program Files\SuspenzorPC\data\application\LeechFTP.scr
C:\Program Files\SuspenzorPC\data\application\Letterbox.scr
C:\Program Files\SuspenzorPC\data\application\LViewPro 2.x.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Dreamweaver MX.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Dreamweaver Ultradev 4.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Firework MX.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Fireworks 3.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Flash MX.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Flash Player.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Flash v4.0.scr
C:\Program Files\SuspenzorPC\data\application\Magic ISO Maker 4.6.scr
C:\Program Files\SuspenzorPC\data\application\mapinfo mapmarker.scr
C:\Program Files\SuspenzorPC\data\application\Mass Download.scr
C:\Program Files\SuspenzorPC\data\application\MasterSplitter v2.1.scr
C:\Program Files\SuspenzorPC\data\application\McAfee Virus Scan.scr
C:\Program Files\SuspenzorPC\data\application\MEDA MP3 Splitter.scr
C:\Program Files\SuspenzorPC\data\application\Metapad.scr
C:\Program Files\SuspenzorPC\data\application\MGI PHOTOSUITE SE 1.x.scr
C:\Program Files\SuspenzorPC\data\application\MGUSOFT Setup Builder.scr
C:\Program Files\SuspenzorPC\data\application\Microangelo 98.scr
C:\Program Files\SuspenzorPC\data\application\MicroAngelo.scr
C:\Program Files\SuspenzorPC\data\application\Micrografx Picture Publisher v7.scr
C:\Program Files\SuspenzorPC\data\application\Micrografx Picture Publisher v8.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft FrontPage Express.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft FrontPage.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Help Workshop.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft HTML Help.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Imaging.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Managemant Console.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Netmeeting.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Office 2000.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Office 2003.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Office 97.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Office InfoPath 2003.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Office XP.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Office.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Outlook Express 5.0.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Photo Editor 3.x.scr
C:\Program Files\SuspenzorPC\data\application\MicroSoft PhotoDraw.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Picture It Publishing.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Publisher 2000.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Visual Studio 6.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Windows Paint.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Windows WordPad.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Word 2000.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Word Backup Files.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Works 4.0.scr
C:\Program Files\SuspenzorPC\data\application\Mijenix Powerdesk 4.0.scr
C:\Program Files\SuspenzorPC\data\application\MIRC.scr
C:\Program Files\SuspenzorPC\data\application\miroMEDIA PCTV.scr
C:\Program Files\SuspenzorPC\data\application\mixmeister.scr
C:\Program Files\SuspenzorPC\data\application\Morpheus.scr
C:\Program Files\SuspenzorPC\data\application\MovieXone 1.0.scr
C:\Program Files\SuspenzorPC\data\application\Mozart 4.0.scr
C:\Program Files\SuspenzorPC\data\application\ms autoroute express.scr
C:\Program Files\SuspenzorPC\data\application\MSE.scr
C:\Program Files\SuspenzorPC\data\application\MSN Toolbar.scr
C:\Program Files\SuspenzorPC\data\application\Music Match Jukebox.scr
C:\Program Files\SuspenzorPC\data\application\MyWay Advertising.scr
C:\Program Files\SuspenzorPC\data\application\Napster Music Community.scr
C:\Program Files\SuspenzorPC\data\application\Naviscope.scr
C:\Program Files\SuspenzorPC\data\application\NEATO Labels.scr
C:\Program Files\SuspenzorPC\data\application\nero burning rom.scr
C:\Program Files\SuspenzorPC\data\application\Nero Vision.scr
C:\Program Files\SuspenzorPC\data\application\Net Vampire 3.x.scr
C:\Program Files\SuspenzorPC\data\application\netants.scr
C:\Program Files\SuspenzorPC\data\application\NetCaptor.scr
C:\Program Files\SuspenzorPC\data\application\netmeeting.scr
C:\Program Files\SuspenzorPC\data\application\Netsonic.scr
C:\Program Files\SuspenzorPC\data\application\Netzip Download Demon 3.x.scr
C:\Program Files\SuspenzorPC\data\application\NewsBin Pro 4.scr
C:\Program Files\SuspenzorPC\data\application\Norton AntiVirus 2000 (v6).scr
C:\Program Files\SuspenzorPC\data\application\Norton AntiVirus 2003.scr
C:\Program Files\SuspenzorPC\data\application\Norton Commander.scr
C:\Program Files\SuspenzorPC\data\application\Norton File Manager.scr
C:\Program Files\SuspenzorPC\data\application\Norton Firewall.scr
C:\Program Files\SuspenzorPC\data\application\Norton Internet Security.scr
C:\Program Files\SuspenzorPC\data\application\Norton LiveUpdate.scr
C:\Program Files\SuspenzorPC\data\application\Norton Utilities 2000.scr
C:\Program Files\SuspenzorPC\data\application\NotePad Plus.scr
C:\Program Files\SuspenzorPC\data\application\notetab lite.scr
C:\Program Files\SuspenzorPC\data\application\NoteTab Pro.scr
C:\Program Files\SuspenzorPC\data\application\Object Rescue.scr
C:\Program Files\SuspenzorPC\data\application\OmniPage 10.0.scr
C:\Program Files\SuspenzorPC\data\application\OnTrack Powerdesk 4.scr
C:\Program Files\SuspenzorPC\data\application\Ontrack PowerDesk 5.scr
C:\Program Files\SuspenzorPC\data\application\PackageForTheWeb.scr
C:\Program Files\SuspenzorPC\data\application\Paint Shop Pro 5.0.scr
C:\Program Files\SuspenzorPC\data\application\Paint Shop Pro 7.0.scr
C:\Program Files\SuspenzorPC\data\application\Password Safe.scr
C:\Program Files\SuspenzorPC\data\application\PE Explorer 1.95.scr
C:\Program Files\SuspenzorPC\data\application\Personal Ancestral File.scr
C:\Program Files\SuspenzorPC\data\application\photo magic 4.0.scr
C:\Program Files\SuspenzorPC\data\application\PhotoCanvas 2.0.scr
C:\Program Files\SuspenzorPC\data\application\Photodex Compupic Pro.scr
C:\Program Files\SuspenzorPC\data\application\PhotoDraw 2000.scr
C:\Program Files\SuspenzorPC\data\application\PhotoImpact 8.0.scr
C:\Program Files\SuspenzorPC\data\application\PhotoImpact Viewer 4.0.scr
C:\Program Files\SuspenzorPC\data\application\PicoZip.scr
C:\Program Files\SuspenzorPC\data\application\PictureIt Digital Image Pro 7.0.scr
C:\Program Files\SuspenzorPC\data\application\PKZip for Windows v2.60.03+.scr
C:\Program Files\SuspenzorPC\data\application\PolyView.scr
C:\Program Files\SuspenzorPC\data\application\Popup Purger.scr
C:\Program Files\SuspenzorPC\data\application\PopUpCop.scr
C:\Program Files\SuspenzorPC\data\application\Power archiver.scr
C:\Program Files\SuspenzorPC\data\application\PowerArc.scr
C:\Program Files\SuspenzorPC\data\application\PowerDVD.scr
C:\Program Files\SuspenzorPC\data\application\PowerZip.scr
C:\Program Files\SuspenzorPC\data\application\Privacy Eraser Pro.scr
C:\Program Files\SuspenzorPC\data\application\Putty hostkeys.scr
C:\Program Files\SuspenzorPC\data\application\PYTHON.scr
C:\Program Files\SuspenzorPC\data\application\QuickTime.scr
C:\Program Files\SuspenzorPC\data\application\Real Audio Player v6 v7 v8.scr
C:\Program Files\SuspenzorPC\data\application\Real Download v4.scr
C:\Program Files\SuspenzorPC\data\application\RealNetworks Real Download.scr
C:\Program Files\SuspenzorPC\data\application\RealOne & RealPlayer.scr
C:\Program Files\SuspenzorPC\data\application\RealVNC.scr
C:\Program Files\SuspenzorPC\data\application\RegEdit.scr
C:\Program Files\SuspenzorPC\data\application\Roxio Easy CD Creator.scr
C:\Program Files\SuspenzorPC\data\application\Save Now.scr
C:\Program Files\SuspenzorPC\data\application\Scour Exchange.scr
C:\Program Files\SuspenzorPC\data\application\Seal Module Mlayer.scr
C:\Program Files\SuspenzorPC\data\application\SearchAndBrowse.scr
C:\Program Files\SuspenzorPC\data\application\SearchAnt.scr
C:\Program Files\SuspenzorPC\data\application\SearchV.scr
C:\Program Files\SuspenzorPC\data\application\SearchWolf.scr
C:\Program Files\SuspenzorPC\data\application\SearchWWW.scr
C:\Program Files\SuspenzorPC\data\application\SideStep.scr
C:\Program Files\SuspenzorPC\data\application\Skype.scr
C:\Program Files\SuspenzorPC\data\application\Smart Explorer.scr
C:\Program Files\SuspenzorPC\data\application\SmartDraw 6.scr
C:\Program Files\SuspenzorPC\data\application\smartftp.scr
C:\Program Files\SuspenzorPC\data\application\SmartPops.scr
C:\Program Files\SuspenzorPC\data\application\Sonic Foundry's Acid 2.0.scr
C:\Program Files\SuspenzorPC\data\application\Sonique Player.scr
C:\Program Files\SuspenzorPC\data\application\Spinner Plus.scr
C:\Program Files\SuspenzorPC\data\application\SpotOn Browser plugin.scr
C:\Program Files\SuspenzorPC\data\application\Staff-FTP.scr
C:\Program Files\SuspenzorPC\data\application\Star Downloader.scr
C:\Program Files\SuspenzorPC\data\application\Stardialer.scr
C:\Program Files\SuspenzorPC\data\application\StarOffice 5.x.scr
C:\Program Files\SuspenzorPC\data\application\SubmitWolf Pro.scr
C:\Program Files\SuspenzorPC\data\application\Sun Java Cache.scr
C:\Program Files\SuspenzorPC\data\application\SureThing CD Labeler.scr
C:\Program Files\SuspenzorPC\data\application\SVAPlayer.scr
C:\Program Files\SuspenzorPC\data\application\SWiSH 2.0.scr
C:\Program Files\SuspenzorPC\data\application\Teleport Pro.scr
C:\Program Files\SuspenzorPC\data\application\Telnet.scr
C:\Program Files\SuspenzorPC\data\application\Text Pad 4.x.scr
C:\Program Files\SuspenzorPC\data\application\The Playa.scr
C:\Program Files\SuspenzorPC\data\application\Third Voice 1.x.scr
C:\Program Files\SuspenzorPC\data\application\Thumbs Plus 4.scr
C:\Program Files\SuspenzorPC\data\application\Timesink.scr
C:\Program Files\SuspenzorPC\data\application\TinyBar.scr
C:\Program Files\SuspenzorPC\data\application\TOPicks.scr
C:\Program Files\SuspenzorPC\data\application\Total Commander.scr
C:\Program Files\SuspenzorPC\data\application\transponder.scr
C:\Program Files\SuspenzorPC\data\application\Trellians Classify 98.scr
C:\Program Files\SuspenzorPC\data\application\Tribal Voice's PowWow.scr
C:\Program Files\SuspenzorPC\data\application\Trojan Remover.scr
C:\Program Files\SuspenzorPC\data\application\TSADBOT.scr
C:\Program Files\SuspenzorPC\data\application\UCmore toolbar.scr
C:\Program Files\SuspenzorPC\data\application\Ulead Gif Animator v4.0.scr
C:\Program Files\SuspenzorPC\data\application\Ulead GIF Animator v5.0.scr
C:\Program Files\SuspenzorPC\data\application\Ulead Photo Explorer v4.2.scr
C:\Program Files\SuspenzorPC\data\application\Ulead Photo Express.scr
C:\Program Files\SuspenzorPC\data\application\Ulead PhotoImpact v5.scr
C:\Program Files\SuspenzorPC\data\application\Ulead VideoStudio 4.0.scr
C:\Program Files\SuspenzorPC\data\application\Ultimate Paint.scr
C:\Program Files\SuspenzorPC\data\application\ULTImate Technology BV v5.5.scr
C:\Program Files\SuspenzorPC\data\application\UltraEdit v4.scr
C:\Program Files\SuspenzorPC\data\application\UltraEdit v7.scr
C:\Program Files\SuspenzorPC\data\application\UltraEdit.scr
C:\Program Files\SuspenzorPC\data\application\UltraISO 7.x.scr
C:\Program Files\SuspenzorPC\data\application\uTorrent 1.x.scr
C:\Program Files\SuspenzorPC\data\application\VBoxEdit.scr
C:\Program Files\SuspenzorPC\data\application\VirtualDub.scr
C:\Program Files\SuspenzorPC\data\application\VMWARE.scr
C:\Program Files\SuspenzorPC\data\application\Vueprint.scr
C:\Program Files\SuspenzorPC\data\application\VX2 Respondmiter.scr
C:\Program Files\SuspenzorPC\data\application\W32Dasm.scr
C:\Program Files\SuspenzorPC\data\application\Web Ferret v3.scr
C:\Program Files\SuspenzorPC\data\application\WebFerret.scr
C:\Program Files\SuspenzorPC\data\application\webhancer.scr
C:\Program Files\SuspenzorPC\data\application\Wildstylz.scr
C:\Program Files\SuspenzorPC\data\application\WildTangent.scr
C:\Program Files\SuspenzorPC\data\application\WinAce.scr
C:\Program Files\SuspenzorPC\data\application\winamp.scr
C:\Program Files\SuspenzorPC\data\application\Windows Commander.scr
C:\Program Files\SuspenzorPC\data\application\WinHTTrack Website Copier.scr
C:\Program Files\SuspenzorPC\data\application\WinOnCD.scr
C:\Program Files\SuspenzorPC\data\application\WinRar.scr
C:\Program Files\SuspenzorPC\data\application\Winshow.scr
C:\Program Files\SuspenzorPC\data\application\WinUAE.scr
C:\Program Files\SuspenzorPC\data\application\Winupie.scr
C:\Program Files\SuspenzorPC\data\application\WinVNC.scr
C:\Program Files\SuspenzorPC\data\application\WinZip v8.scr
C:\Program Files\SuspenzorPC\data\application\Wise Installer.scr
C:\Program Files\SuspenzorPC\data\application\Worm.Sobig.scr
C:\Program Files\SuspenzorPC\data\application\WurldMedia.scr
C:\Program Files\SuspenzorPC\data\application\Xara 3D v4.x.scr
C:\Program Files\SuspenzorPC\data\application\Xara Webstyle.scr
C:\Program Files\SuspenzorPC\data\application\XDialer.scr
C:\Program Files\SuspenzorPC\data\application\XING MP3 PLAYER.scr
C:\Program Files\SuspenzorPC\data\application\XLoader.scr
C:\Program Files\SuspenzorPC\data\application\Xolox.scr
C:\Program Files\SuspenzorPC\data\application\Xrenoder.scr
C:\Program Files\SuspenzorPC\data\application\Xupiter toolbar.scr
C:\Program Files\SuspenzorPC\data\application\Xzoomy.scr
C:\Program Files\SuspenzorPC\data\application\Yahoo Player.scr
C:\Program Files\SuspenzorPC\data\application\Yahoo! Toolbar.scr
C:\Program Files\SuspenzorPC\data\application\Yamaha S-YXG100.scr
C:\Program Files\SuspenzorPC\data\application\ZeroPopup.scr
C:\Program Files\SuspenzorPC\data\application\ZipMagic 2000.scr
C:\Program Files\SuspenzorPC\data\application\Zone Alarm.scr
C:\Program Files\SuspenzorPC\data\brand.dat
C:\Program Files\SuspenzorPC\data\firefox\Firefox - cache.scr
C:\Program Files\SuspenzorPC\data\firefox\Firefox - cookies.scr
C:\Program Files\SuspenzorPC\data\firefox\Firefox - history.scr
C:\Program Files\SuspenzorPC\data\ie\ie cookies.scr
C:\Program Files\SuspenzorPC\data\ie\ie internet cache.scr
C:\Program Files\SuspenzorPC\data\ie\ie privacy history.scr
C:\Program Files\SuspenzorPC\data\ie\ie typed urls.scr
C:\Program Files\SuspenzorPC\data\ie\ie url history.scr
C:\Program Files\SuspenzorPC\data\ie\windows autocomplete.scr
C:\Program Files\SuspenzorPC\data\ie\windows downloaded files.scr
C:\Program Files\SuspenzorPC\data\ie\windows favorites order.scr
C:\Program Files\SuspenzorPC\data\ie\windows passwords.scr
C:\Program Files\SuspenzorPC\data\messanger\aim.scr
C:\Program Files\SuspenzorPC\data\messanger\AOL Bart.scr
C:\Program Files\SuspenzorPC\data\messanger\AOL Instant Messenger.scr
C:\Program Files\SuspenzorPC\data\messanger\aolim.scr
C:\Program Files\SuspenzorPC\data\messanger\icq - download.scr
C:\Program Files\SuspenzorPC\data\messanger\icq - logs.scr
C:\Program Files\SuspenzorPC\data\messanger\Miranda ICQ.scr
C:\Program Files\SuspenzorPC\data\messanger\MSN Messenger User Account.scr
C:\Program Files\SuspenzorPC\data\messanger\Trillian cache.scr
C:\Program Files\SuspenzorPC\data\messanger\trillian downloads.scr
C:\Program Files\SuspenzorPC\data\messanger\trillian logs.scr
C:\Program Files\SuspenzorPC\data\messanger\yahoo messenger logs.scr
C:\Program Files\SuspenzorPC\data\messanger\Yahoo! Messenger.scr
C:\Program Files\SuspenzorPC\data\mozilla\mozilla - autocomplete.scr
C:\Program Files\SuspenzorPC\data\mozilla\mozilla - cache.scr
C:\Program Files\SuspenzorPC\data\mozilla\mozilla - cookies.scr
C:\Program Files\SuspenzorPC\data\mozilla\Mozilla - history.scr
C:\Program Files\SuspenzorPC\data\mozilla\mozilla - saved passwords.scr
C:\Program Files\SuspenzorPC\data\mozilla\Mozilla - typed urls.scr
C:\Program Files\SuspenzorPC\data\netscape\netscape - cache.scr
C:\Program Files\SuspenzorPC\data\netscape\netscape - cookies.scr
C:\Program Files\SuspenzorPC\data\netscape\netscape - history.scr
C:\Program Files\SuspenzorPC\data\netscape\Netscape Navigator - last trusted apps.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - cache.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - cookies.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - Download.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - history.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - misc.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - mru.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - visited.scr
C:\Program Files\SuspenzorPC\data\sfl.dat
C:\Program Files\SuspenzorPC\data\skin.skn
C:\Program Files\SuspenzorPC\data\srl.dat
C:\Program Files\SuspenzorPC\data\windows\Direct Draw.scr
C:\Program Files\SuspenzorPC\data\windows\direct input.scr
C:\Program Files\SuspenzorPC\data\windows\last files.scr
C:\Program Files\SuspenzorPC\data\windows\Microsoft Send-To Extensions.scr
C:\Program Files\SuspenzorPC\data\windows\windows applog.scr
C:\Program Files\SuspenzorPC\data\windows\windows documents.scr
C:\Program Files\SuspenzorPC\data\windows\Windows Downloaded Installations.scr
C:\Program Files\SuspenzorPC\data\windows\Windows Empty Recycle Bin.scr
C:\Program Files\SuspenzorPC\data\windows\Windows Explorer User Assistant history.scr
C:\Program Files\SuspenzorPC\data\windows\windows findfile.scr
C:\Program Files\SuspenzorPC\data\windows\Windows FTP Accounts.scr
C:\Program Files\SuspenzorPC\data\windows\windows hotfix uninstall.scr
C:\Program Files\SuspenzorPC\data\windows\windows logfiles.scr
C:\Program Files\SuspenzorPC\data\windows\Windows Mapped Drives.scr
C:\Program Files\SuspenzorPC\data\windows\windows media player 7.scr
C:\Program Files\SuspenzorPC\data\windows\windows minidump.scr
C:\Program Files\SuspenzorPC\data\windows\windows MUICache.scr
C:\Program Files\SuspenzorPC\data\windows\windows network links.scr
C:\Program Files\SuspenzorPC\data\windows\windows opensave.scr
C:\Program Files\SuspenzorPC\data\windows\windows openwith.scr
C:\Program Files\SuspenzorPC\data\windows\windows prefetch.scr
C:\Program Files\SuspenzorPC\data\windows\windows reg history.scr
C:\Program Files\SuspenzorPC\data\windows\windows run history.scr
C:\Program Files\SuspenzorPC\data\windows\windows search.scr
C:\Program Files\SuspenzorPC\data\windows\windows start menu order.scr
C:\Program Files\SuspenzorPC\data\windows\windows stream history.scr
C:\Program Files\SuspenzorPC\data\windows\windows temp.scr
C:\Program Files\SuspenzorPC\data\windows\windows update.scr
C:\Program Files\SuspenzorPC\data\windows\Windows XP Unread Mail Count.scr
C:\Program Files\SuspenzorPC\default.ini
C:\Program Files\SuspenzorPC\GDC.exe
C:\Program Files\SuspenzorPC\GDCCZ.url
C:\Program Files\SuspenzorPC\gfx\button_arrow.bmp
C:\Program Files\SuspenzorPC\gfx\button_arrow2.bmp
C:\Program Files\SuspenzorPC\gfx\buy.bmp
C:\Program Files\SuspenzorPC\gfx\custom.bmp
C:\Program Files\SuspenzorPC\gfx\customcleanup.bmp
C:\Program Files\SuspenzorPC\gfx\header.bmp
C:\Program Files\SuspenzorPC\gfx\checked.bmp
C:\Program Files\SuspenzorPC\gfx\icon.ico
C:\Program Files\SuspenzorPC\gfx\icon_about.ico
C:\Program Files\SuspenzorPC\gfx\icon_grayed.ico
C:\Program Files\SuspenzorPC\gfx\icon_checked.ico
C:\Program Files\SuspenzorPC\gfx\icon_link.ico
C:\Program Files\SuspenzorPC\gfx\icon_manual.ico
C:\Program Files\SuspenzorPC\gfx\icon_quit.ico
C:\Program Files\SuspenzorPC\gfx\icon_support.ico
C:\Program Files\SuspenzorPC\gfx\icon_unchecked.ico
C:\Program Files\SuspenzorPC\gfx\icon_uncheked.ico
C:\Program Files\SuspenzorPC\gfx\icon_uninstall.ico
C:\Program Files\SuspenzorPC\gfx\icon_update.ico
C:\Program Files\SuspenzorPC\gfx\log.bmp
C:\Program Files\SuspenzorPC\gfx\logo.bmp
C:\Program Files\SuspenzorPC\gfx\register.bmp
C:\Program Files\SuspenzorPC\gfx\settings.bmp
C:\Program Files\SuspenzorPC\gfx\sign_green.bmp
C:\Program Files\SuspenzorPC\gfx\sign_green_big.bmp
C:\Program Files\SuspenzorPC\gfx\sign_red.bmp
C:\Program Files\SuspenzorPC\gfx\sign_red_big.bmp
C:\Program Files\SuspenzorPC\gfx\sign_yellow.bmp
C:\Program Files\SuspenzorPC\gfx\splash.bmp
C:\Program Files\SuspenzorPC\gfx\status_good.bmp
C:\Program Files\SuspenzorPC\gfx\status_risk.bmp
C:\Program Files\SuspenzorPC\gfx\support.bmp
C:\Program Files\SuspenzorPC\gfx\sys_shield.bmp
C:\Program Files\SuspenzorPC\gfx\sys_update.bmp
C:\Program Files\SuspenzorPC\gfx\sysstatus.bmp
C:\Program Files\SuspenzorPC\gfx\unchecked.bmp
C:\Program Files\SuspenzorPC\gfx\update.bmp
C:\Program Files\SuspenzorPC\gfx\WindowsIconsMini.ico
C:\Program Files\SuspenzorPC\itemlist.txt
C:\Program Files\SuspenzorPC\lang\Arabic.lng
C:\Program Files\SuspenzorPC\lang\Brazilian.lng
C:\Program Files\SuspenzorPC\lang\Catalan.lng
C:\Program Files\SuspenzorPC\lang\Czech.lng
C:\Program Files\SuspenzorPC\lang\Danish.lng
C:\Program Files\SuspenzorPC\lang\Dutch.lng
C:\Program Files\SuspenzorPC\lang\English.lng
C:\Program Files\SuspenzorPC\lang\Finnish.lng
C:\Program Files\SuspenzorPC\lang\French.lng
C:\Program Files\SuspenzorPC\lang\German.lng
C:\Program Files\SuspenzorPC\lang\Greek.lng
C:\Program Files\SuspenzorPC\lang\Hebrew.lng
C:\Program Files\SuspenzorPC\lang\Chinese.lng
C:\Program Files\SuspenzorPC\lang\Italian.lng
C:\Program Files\SuspenzorPC\lang\Japanese.lng
C:\Program Files\SuspenzorPC\lang\Malayan.lng
C:\Program Files\SuspenzorPC\lang\Norwegian.lng
C:\Program Files\SuspenzorPC\lang\Polish.lng
C:\Program Files\SuspenzorPC\lang\Portuguese.lng
C:\Program Files\SuspenzorPC\lang\Russian.lng
C:\Program Files\SuspenzorPC\lang\Slovenian.lng
C:\Program Files\SuspenzorPC\lang\Spanish.lng
C:\Program Files\SuspenzorPC\lang\Swedish.lng
C:\Program Files\SuspenzorPC\lang\Thai.lng
C:\Program Files\SuspenzorPC\lang\Turkish.lng
C:\Program Files\SuspenzorPC\License.rtf
C:\Program Files\SuspenzorPC\plug\GDCPatch.exe
C:\Program Files\SuspenzorPC\plug\GDCW.exe
C:\Program Files\SuspenzorPC\plug\stpHlpr.dll
C:\Program Files\SuspenzorPC\Readme.rtf
C:\Program Files\SuspenzorPC\runtime
C:\Program Files\SuspenzorPC\Scan_report.htm
C:\Program Files\SuspenzorPC\support.url
C:\Program Files\SuspenzorPC\unins000.dat
C:\Program Files\SuspenzorPC\unins000.exe
C:\Program Files\SuspenzorPC\updater.dat
C:\Program Files\SuspenzorPC\updater.exe
C:\Program Files\SuspenzorPC\ver.dat
C:\WINDOWS\axrfgvek.dll
C:\WINDOWS\mrvtdpqe.exe
C:\WINDOWS\nqgpedlr.dll
C:\WINDOWS\SYSTEM32\22F.tmp
C:\WINDOWS\SYSTEM32\230.tmp
C:\WINDOWS\SYSTEM32\231.tmp
C:\WINDOWS\SYSTEM32\232.tmp
C:\WINDOWS\SYSTEM32\235.tmp
C:\WINDOWS\SYSTEM32\238.tmp
C:\WINDOWS\SYSTEM32\239.tmp
C:\WINDOWS\SYSTEM32\246.tmp
C:\WINDOWS\SYSTEM32\247.tmp
C:\WINDOWS\SYSTEM32\248.tmp
C:\WINDOWS\SYSTEM32\24F.tmp
C:\WINDOWS\SYSTEM32\250.tmp
C:\WINDOWS\SYSTEM32\252.tmp
C:\WINDOWS\SYSTEM32\253.tmp
C:\WINDOWS\SYSTEM32\257.tmp
C:\WINDOWS\SYSTEM32\259.tmp
C:\WINDOWS\SYSTEM32\25A.tmp
C:\WINDOWS\SYSTEM32\25C.tmp
C:\WINDOWS\SYSTEM32\25D.tmp
C:\WINDOWS\SYSTEM32\25F.tmp
C:\WINDOWS\SYSTEM32\260.tmp
C:\WINDOWS\SYSTEM32\261.tmp
C:\WINDOWS\SYSTEM32\262.tmp
C:\WINDOWS\SYSTEM32\263.tmp
C:\WINDOWS\SYSTEM32\264.tmp
C:\WINDOWS\SYSTEM32\3A9.tmp
C:\WINDOWS\SYSTEM32\3E3.tmp
C:\WINDOWS\SYSTEM32\3E5.tmp
C:\WINDOWS\SYSTEM32\3EB.tmp
C:\WINDOWS\SYSTEM32\403.tmp
C:\WINDOWS\SYSTEM32\411.tmp
C:\WINDOWS\SYSTEM32\413.tmp
C:\WINDOWS\SYSTEM32\415.tmp
C:\WINDOWS\SYSTEM32\419.tmp
C:\WINDOWS\SYSTEM32\41A.tmp
C:\WINDOWS\SYSTEM32\41D.tmp
C:\WINDOWS\SYSTEM32\432.tmp
C:\WINDOWS\SYSTEM32\434.tmp
C:\WINDOWS\SYSTEM32\437.tmp
C:\WINDOWS\SYSTEM32\442.tmp
C:\WINDOWS\SYSTEM32\443.tmp
C:\WINDOWS\SYSTEM32\466.tmp
C:\WINDOWS\SYSTEM32\734914
C:\WINDOWS\SYSTEM32\73B.tmp
C:\WINDOWS\SYSTEM32\931928
.
((((((((((((((((((((((((( Files Created from 2008-06-08 to 2008-07-08 )))))))))))))))))))))))))))))))
.
2008-07-08 14:41 . 2008-07-08 14:41 108,144 --a------ C:\WINDOWS\SYSTEM32\CmdLineExt.dll
2008-07-08 14:33 . 2008-07-08 15:09 123 --a------ C:\WINDOWS\disney.ini
2008-07-08 09:18 . 2008-07-08 09:18 65,536 --a------ C:\WINDOWS\IFinst27.exe
2008-07-07 11:53 . 2004-08-17 15:49 153,088 --a------ C:\WINDOWS\SYSTEM32\irftp.exe
2008-07-07 11:53 . 2004-08-17 15:49 153,088 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\irftp.exe
2008-07-07 11:53 . 2004-08-17 15:49 26,624 --a------ C:\WINDOWS\SYSTEM32\irmon.dll
2008-07-07 11:53 . 2004-08-17 15:49 26,624 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\irmon.dll
2008-07-07 11:53 . 2004-08-17 15:49 8,192 --a------ C:\WINDOWS\SYSTEM32\wshirda.dll
2008-07-07 11:53 . 2004-08-17 15:49 8,192 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\wshirda.dll
2008-07-05 17:03 . 2008-07-05 17:03 4,309,545 --a------ C:\Program Files\SpywareTerminatorSetup.exe
2008-07-05 13:42 . 2007-02-13 09:09 388,126 --a------ C:\WINDOWS\SYSTEM32\sqlite3.dll
2008-07-05 11:05 . 2008-07-05 11:05 1,160 --a------ C:\WINDOWS\mozver.dat
2008-07-04 22:18 . 2008-07-04 22:18 <DIR> d-------- C:\WINDOWS\SYSTEM32\cs-cz
2008-07-04 22:05 . 2008-07-04 22:05 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-04 20:23 . 2008-07-04 20:23 <DIR> d-------- C:\Program Files\Alwil Software
2008-07-04 17:58 . 2008-07-04 17:58 434,252 --a------ C:\WINDOWS\SYSTEM32\MSVCRTD.DLL
2008-07-04 17:58 . 2008-07-04 17:58 216,576 --a------ C:\WINDOWS\SYSTEM32\monln.dll
2008-07-04 17:58 . 2008-07-04 17:58 73,728 --a------ C:\WINDOWS\SYSTEM32\CavEmLSP.dll
2008-07-03 21:41 . 2008-07-03 21:41 1,047,552 --a------ C:\WINDOWS\SYSTEM32\mfc71u.dll
2008-07-03 21:25 . 2008-07-03 21:25 <DIR> d-------- C:\Program Files\Common Files\Softwin
2008-07-03 20:59 . 2008-07-03 20:59 132 --a------ C:\WINDOWS\ODBC.INI
2008-07-03 18:59 . 2004-08-03 22:32 571,392 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\tintlgnt.ime
2008-07-03 18:58 . 2004-08-03 22:31 482,304 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\pintlgnt.ime
2008-07-03 18:57 . 2001-10-25 14:00 1,875,968 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\msir3jp.lex
2008-07-03 18:56 . 2001-10-25 14:00 13,463,552 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\hwxjpn.dll
2008-07-03 18:55 . 2001-10-25 14:00 1,677,824 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\chsbrkr.dll
2008-07-03 18:54 . 2004-08-17 15:49 2,134,528 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\smtpsnap.dll
2008-07-03 18:53 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\fp4awel.dll
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\wuaucpl.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\sapi.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\nwc.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\ncpa.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 488 -rah----- C:\WINDOWS\SYSTEM32\logonui.exe.manifest
2008-07-03 18:43 . 2004-08-03 22:31 20,992 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.sys
2008-07-03 17:53 . 2004-08-17 16:46 1,086,058 -ra------ C:\WINDOWS\SET2F.tmp
2008-07-03 17:53 . 2004-08-17 16:50 1,014,483 -ra------ C:\WINDOWS\SET2C.tmp
2008-07-03 17:53 . 2004-08-17 16:46 14,043 -ra------ C:\WINDOWS\SET3B.tmp
2008-07-03 17:29 . 2004-10-07 14:39 89,088 --a------ C:\WINDOWS\SYSTEM32\atl71.dll
2008-07-01 18:35 . 2008-07-08 08:13 <DIR> d-------- C:\Games
2008-07-01 18:26 . 2008-07-01 18:26 <DIR> d-------- C:\Program Files\IrfanView
2008-07-01 16:55 . 2008-07-01 16:59 114,351 --a------ C:\WINDOWS\hpqins13.dat
2008-06-28 14:13 . 2008-06-28 15:23 <DIR> d-------- C:\Program Files\MediaCell Video Converter
2008-06-27 12:55 . 2008-06-27 12:55 <DIR> d-------- C:\Program Files\eDATA Unerase
2008-06-27 12:55 . 2004-03-16 08:35 49,152 --a------ C:\WINDOWS\SYSTEM32\OctaneARM.dll
2008-06-26 20:15 . 2008-06-26 20:15 <DIR> d-------- C:\Program Files\MyRealGames.com
2008-06-26 00:02 . 2008-04-17 10:45 9,341 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\filedisk.sys
2008-06-26 00:01 . 2008-06-26 00:01 74,703 --a------ C:\WINDOWS\SYSTEM32\mfc45.dll
2008-06-25 09:37 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\NABTSFEC.sys
2008-06-25 09:37 . 2004-08-03 23:10 19,328 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\WSTCODEC.SYS
2008-06-25 09:37 . 2004-08-03 23:10 17,024 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\CCDECODE.sys
2008-06-25 09:37 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.sys
2008-06-25 09:36 . 2004-08-17 15:49 91,136 --a------ C:\WINDOWS\SYSTEM32\kswdmcap.ax
2008-06-25 09:36 . 2004-08-17 15:49 61,952 --a------ C:\WINDOWS\SYSTEM32\kstvtune.ax
2008-06-25 09:36 . 2004-08-17 15:49 54,272 --a------ C:\WINDOWS\SYSTEM32\vfwwdm32.dll
2008-06-25 09:36 . 2005-01-14 09:32 53,248 --a------ C:\WINDOWS\SYSTEM32\PAStiSvc.exe
2008-06-25 09:36 . 2004-08-17 15:49 43,008 --a------ C:\WINDOWS\SYSTEM32\ksxbar.ax
2008-06-25 09:36 . 2004-08-17 15:49 28,672 --a------ C:\WINDOWS\SYSTEM32\vidcap.ax
2008-06-25 09:30 . 1998-09-02 10:28 38,160 --a------ C:\WINDOWS\SYSTEM32\LMRTREND.dll
2008-06-25 09:30 . 2008-07-02 21:10 645 --a------ C:\WINDOWS\videoimp.ini
2008-06-25 09:29 . 2008-06-25 09:29 <DIR> d-------- C:\Program Files\ArcSoft
2008-06-25 09:29 . 1999-05-26 09:46 212,480 --a------ C:\WINDOWS\pcdlib32.dll
2008-06-25 09:29 . 1998-09-02 10:02 194,320 --a------ C:\WINDOWS\SYSTEM32\qcut.dll
2008-06-25 09:29 . 1998-08-20 13:02 140,800 --a------ C:\WINDOWS\SYSTEM32\tm20dec.ax
2008-06-25 09:29 . 1998-09-02 10:28 63,488 --a------ C:\WINDOWS\SYSTEM32\unam4ie.exe
2008-06-25 09:29 . 1998-08-17 11:21 11,776 --a------ C:\WINDOWS\SYSTEM32\mciqtz.drv
2008-06-25 09:29 . 1998-08-17 11:21 10,240 --a------ C:\WINDOWS\SYSTEM32\vidx16.dll
2008-06-25 09:29 . 1998-08-17 11:21 5,672 --a------ C:\WINDOWS\SYSTEM32\quartz.vxd
2008-06-25 09:29 . 2008-06-25 09:29 4,608 --a------ C:\WINDOWS\SYSTEM32\w95inf32.dll
2008-06-25 09:29 . 2008-06-25 09:29 2,272 --a------ C:\WINDOWS\SYSTEM32\w95inf16.dll
2008-06-25 09:29 . 2001-06-20 11:04 21 --a------ C:\WINDOWS\VI_setup.ini
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\WINDOWS\PixArt
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\Program Files\Trust
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\Program Files\Common Files\PCCamera
2008-06-24 13:13 . 2008-06-24 13:13 <DIR> d-------- C:\Program Files\VSO
2008-06-23 15:07 . 2008-07-07 15:29 <DIR> d-------- C:\Documents and Settings\Administrator\ćablony
2008-06-23 15:07 . 2008-06-24 00:24 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikacˇ
2008-06-23 15:07 . 2008-06-24 00:24 <DIR> d---s---- C:\Documents and Settings\Administrator
2008-06-19 16:16 . 2008-06-19 16:18 <DIR> d-------- C:\Program Files\Microsoft Office Enterprise 2007
2008-06-19 10:29 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\SYSTEM32\msonpmon.dll
2008-06-19 10:27 . 2008-06-19 10:27 <DIR> d-------- C:\Program Files\Microsoft Works
2008-06-19 10:26 . 2008-06-19 10:26 <DIR> d-------- C:\Program Files\MSBuild
2008-06-19 10:18 . 2008-06-19 10:18 <DIR> dr-h----- C:\MSOCache
2008-06-19 07:51 . 2008-06-19 07:51 434,688 --a------ C:\WINDOWS\SYSTEM32\ss2uinst.exe
2008-06-18 19:43 . 2008-06-19 07:47 <DIR> d-------- C:\Program Files\Instalaźnˇ pr…vodce
2008-06-18 19:43 . 2008-06-18 19:43 <DIR> d-------- C:\Program Files\5ba1af200b5ce5bbd0f3c018
2008-06-18 19:42 . 2008-06-18 19:42 <DIR> d-------- C:\Program Files\ed00c72403268d86046b101e8f93
2008-06-18 19:42 . 2008-06-18 19:42 <DIR> d-------- C:\Program Files\b9e05d4b4117e7a78979
2008-06-17 20:25 . 2008-06-24 00:24 <DIR> d-------- C:\Program Files\Windows_Installer_4.5_Redistributable
2008-06-17 20:00 . 2008-06-17 20:00 <DIR> d-------- C:\Program Files\pruvodce
2008-06-15 15:40 . 2008-07-06 10:26 <DIR> d-------- C:\WINDOWS\SYSTEM32\NtmsData
2008-06-15 15:19 . 2008-07-07 15:24 <DIR> d-------- C:\Z loha
2008-06-15 08:10 . 2008-07-08 08:22 <DIR> d-------- C:\Program Files\eMule
2008-06-12 19:28 . 2008-06-12 19:28 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-10 19:02 . 2008-06-10 19:02 <DIR> d-------- C:\Program Files\FLVPlayer
2008-06-10 16:53 . 2008-06-10 16:53 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-06-09 19:17 . 2008-06-09 19:17 131,584 --a------ C:\WINDOWS\SYSTEM32\SpoonUninstall.exe
2008-06-09 19:17 . 2008-06-09 19:17 34,358 --a------ C:\WINDOWS\SYSTEM32\SpoonUninstall-Toy Balls.bmp
2008-06-09 19:17 . 2008-06-09 19:17 13,687 --a------ C:\WINDOWS\SYSTEM32\SpoonUninstall-Toy Balls.dat
2008-06-08 22:17 . 2008-06-15 15:22 <DIR> d-------- C:\WINDOWS\Logs
2008-06-08 22:17 . 2008-06-08 22:17 216,064 --a------ C:\WINDOWS\SYSTEM32\B-CupXP.cpl
2008-06-08 22:17 . 2008-06-08 22:17 124,928 --a------ C:\WINDOWS\SYSTEM32\Mx-3 B-Cup Service.exe
2008-06-08 09:42 . 2008-06-13 20:16 <DIR> d-------- C:\Program Files\GetData
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-08 13:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-08 12:28 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-07-07 14:42 715,454 ----a-w C:\WINDOWS\SYSTEM32\PerfStringBackup.TMP
2008-07-07 13:32 --------- d-----w C:\Program Files\ICQToolbar
2008-07-06 19:30 --------- d-----w C:\Program Files\Skype
2008-07-04 18:08 --------- d-----w C:\Program Files\Unlocker
2008-07-04 15:58 499,712 ----a-w C:\WINDOWS\SYSTEM32\msvcp71.dll
2008-07-04 15:58 348,160 ----a-w C:\WINDOWS\SYSTEM32\msvcr71.dll
2008-07-04 15:58 1,060,864 ----a-w C:\WINDOWS\SYSTEM32\MFC71.dll
2008-06-19 05:47 --------- d-----w C:\Program Files\Instalační průvodce
2008-06-13 17:57 --------- d-----w C:\Program Files\totalcmd
2008-06-10 20:21 --------- d-----w C:\Program Files\VideoLAN
2008-06-07 15:54 --------- d-----w C:\Program Files\encodings
2008-06-07 14:22 --------- d-----w C:\Program Files\Seznam DVD 2008
2008-06-07 07:20 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-06 06:52 --------- d-----w C:\Program Files\DivX
2008-06-05 16:39 --------- d-----w C:\Program Files\ICQ6
2008-06-05 10:05 --------- d-----w C:\Program Files\cdkeys10
2008-06-05 08:37 159,933 ----a-w C:\WINDOWS\Wave@MP3 Uninstaller.exe
2008-06-05 08:37 --------- d-----w C:\Program Files\River Past
2008-06-05 08:37 --------- d-----w C:\Program Files\Common Files\River Past
2008-06-05 08:30 --------- d-----w C:\Program Files\DVD Decrypter
2008-06-05 08:19 --------- d-----w C:\Program Files\DVDStyler
2008-06-04 11:07 14,773,280 ----a-w C:\Program Files\IE7-WindowsXP-x86-csy.exe
2008-06-03 22:33 --------- d-----w C:\Program Files\QuickTime
2008-06-03 09:40 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-06-03 09:32 --------- d-----w C:\Program Files\Common Files\Ahead
2008-06-03 09:21 --------- d-----w C:\Program Files\Nero
2008-06-03 07:21 --------- d-----w C:\Program Files\Free Window Registry Repair
2008-06-03 07:08 --------- d-----w C:\Program Files\Seznam
2008-06-03 01:47 --------- d-----w C:\Program Files\ZipGenius 6
2008-06-03 01:37 --------- d-----w C:\Program Files\sdc213
2008-06-02 23:58 --------- d-----w C:\Program Files\Codec Pack - All In 1
2008-06-02 22:59 --------- d-----w C:\Program Files\MSConfig CleanUp
2008-06-02 22:50 --------- d-----w C:\Program Files\Movies To DVD
2008-06-02 22:25 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-06-02 22:21 --------- d-----w C:\Program Files\Xvid CZ
2008-06-02 22:19 --------- d-----w C:\Program Files\APlus Viewer
2008-06-02 22:03 --------- d-----w C:\Program Files\Common Files\Skype
2008-06-02 10:44 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-02 09:53 --------- d-----r C:\Program Files\Publikování v síti WWW
2008-06-01 19:32 --------- d-----w C:\Program Files\Java
2008-06-01 19:32 --------- d-----w C:\Program Files\Common Files\Java
2008-06-01 16:52 --------- d-----w C:\Program Files\BSP Multimedia
2008-06-01 13:26 5,166 --sh--w C:\SUHDLOG.DAT
2008-05-13 01:51 200,704 ----a-w C:\WINDOWS\SYSTEM32\ssldivx.dll
2008-05-13 01:51 1,044,480 ----a-w C:\WINDOWS\SYSTEM32\libdivx.dll
2001-06-01 13:34 266 --sh--w C:\Program Files\desktop.ini
2001-06-01 13:34 11,253 ---ha-w C:\Program Files\folder.htt
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 15:54 21718312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMail"="C:\Program Files\Seznam\Postak\Postak.exe" [2008-02-21 21:22 453936]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 15:49 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 15:49 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.xvid"= xvid.dll
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemDefender
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"mnmsrvc"=3 (0x3)
"ioloSystemService"=2 (0x2)
"ioloFileInfoList"=2 (0x2)
"bdss"=2 (0x2)
"XCOMM"=2 (0x2)
"wscsvc"=2 (0x2)
"RemoteRegistry"=2 (0x2)
"Browser"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\Program Files\\Adobe\\Acrobat 5.0\\Reader\\AcroRd32.exe"=
"C:\\Program Files\\sdc213\\StrongDC.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 Mx-3 B-Cup Service;MX-3 B-Cup XP;C:\WINDOWS\system32\Mx-3 B-Cup Service.exe s []
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
S3 PAC207;Trust WB-1200p Mini Webcam;C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 12:29]
S4 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe []
S4 ioloSystemService;iolo System Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe []
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-08 19:36:27
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\SYSTEM32\Mx-3 B-Cup Service.exe
C:\WINDOWS\SYSTEM32\PAStiSvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SYSTEM32\rundll32.exe
.
**************************************************************************
.
Completion time: 2008-07-08 19:43:41 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-08 17:43:32
ComboFix.txt 2008-07-07 12:49:14
Adresářů: 6, Volných bajtů: 43,212,779,520
Adres ý…: 11, Volněch bajt…: 43,309,182,976
824 --- E O F --- 2008-06-03 01:23:18
HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:53:02, on 8.7.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\Mx-3 B-Cup Service.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 5413263270
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7D5DD829-6C90-42C5-B54C-2AFA82F988BA} (CLoader Object) - http://www.antivirusxp2008.com/tools/virusremover.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{5AEC8743-D169-4698-AEE5-2506613D811D}: NameServer = 172.27.12.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{5AEC8743-D169-4698-AEE5-2506613D811D}: NameServer = 172.27.12.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{5AEC8743-D169-4698-AEE5-2506613D811D}: NameServer = 172.27.12.254
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MX-3 B-Cup XP (Mx-3 B-Cup Service) - n.v.t. MX-3 - C:\WINDOWS\system32\Mx-3 B-Cup Service.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 6381 bytes
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.94 [GMT 2:00]
Running from: C:\QooBox\ComboFix.exe
Command switches used :: C:\Documents and Settings\Martin\Plocha\CFScript.txt
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE ::
C:\WINDOWS\axrfgvek.dll
C:\WINDOWS\mrvtdpqe.exe
C:\WINDOWS\nqgpedlr.dll
C:\WINDOWS\SYSTEM32\22F.tmp
C:\WINDOWS\SYSTEM32\230.tmp
C:\WINDOWS\SYSTEM32\231.tmp
C:\WINDOWS\SYSTEM32\232.tmp
C:\WINDOWS\SYSTEM32\235.tmp
C:\WINDOWS\SYSTEM32\238.tmp
C:\WINDOWS\SYSTEM32\239.tmp
C:\WINDOWS\SYSTEM32\246.tmp
C:\WINDOWS\SYSTEM32\247.tmp
C:\WINDOWS\SYSTEM32\248.tmp
C:\WINDOWS\SYSTEM32\24F.tmp
C:\WINDOWS\SYSTEM32\250.tmp
C:\WINDOWS\SYSTEM32\252.tmp
C:\WINDOWS\SYSTEM32\253.tmp
C:\WINDOWS\SYSTEM32\257.tmp
C:\WINDOWS\SYSTEM32\259.tmp
C:\WINDOWS\SYSTEM32\25A.tmp
C:\WINDOWS\SYSTEM32\25C.tmp
C:\WINDOWS\SYSTEM32\25D.tmp
C:\WINDOWS\SYSTEM32\25F.tmp
C:\WINDOWS\SYSTEM32\260.tmp
C:\WINDOWS\SYSTEM32\261.tmp
C:\WINDOWS\SYSTEM32\262.tmp
C:\WINDOWS\SYSTEM32\263.tmp
C:\WINDOWS\SYSTEM32\264.tmp
C:\WINDOWS\SYSTEM32\3A9.tmp
C:\WINDOWS\SYSTEM32\3E3.tmp
C:\WINDOWS\SYSTEM32\3E5.tmp
C:\WINDOWS\SYSTEM32\3EB.tmp
C:\WINDOWS\SYSTEM32\403.tmp
C:\WINDOWS\SYSTEM32\411.tmp
C:\WINDOWS\SYSTEM32\413.tmp
C:\WINDOWS\SYSTEM32\415.tmp
C:\WINDOWS\SYSTEM32\419.tmp
C:\WINDOWS\SYSTEM32\41A.tmp
C:\WINDOWS\SYSTEM32\41D.tmp
C:\WINDOWS\SYSTEM32\432.tmp
C:\WINDOWS\SYSTEM32\434.tmp
C:\WINDOWS\SYSTEM32\437.tmp
C:\WINDOWS\SYSTEM32\442.tmp
C:\WINDOWS\SYSTEM32\443.tmp
C:\WINDOWS\SYSTEM32\466.tmp
C:\WINDOWS\SYSTEM32\73B.tmp
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Common Files\SuspenzorPC
C:\Program Files\SuspenzorPC
C:\Program Files\SuspenzorPC\config.ini
C:\Program Files\SuspenzorPC\data\application\7-Zip Compression Pgm.scr
C:\Program Files\SuspenzorPC\data\application\AbsoluteFTP.scr
C:\Program Files\SuspenzorPC\data\application\ACDSee32.scr
C:\Program Files\SuspenzorPC\data\application\Acoustica CD Label Maker.scr
C:\Program Files\SuspenzorPC\data\application\Ad-aware SE.scr
C:\Program Files\SuspenzorPC\data\application\Adaptec's Audio CD.scr
C:\Program Files\SuspenzorPC\data\application\Adaptec Easy CD Creator v4.scr
C:\Program Files\SuspenzorPC\data\application\Addsoft.scr
C:\Program Files\SuspenzorPC\data\application\AddWeb 3.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Acrobat Reader v3.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Acrobat Reader v3.1.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Acrobat Reader v4.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Acrobat Reader v5.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Acrobat Reader v6.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Acrobat Reader v7.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Photoshop v5.0 LE.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Photoshop v5.5.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Photoshop v6.0.scr
C:\Program Files\SuspenzorPC\data\application\Adobe Photoshop v7.0.scr
C:\Program Files\SuspenzorPC\data\application\Advanced Disk Catalog.scr
C:\Program Files\SuspenzorPC\data\application\Advanced MP3 Catalog.scr
C:\Program Files\SuspenzorPC\data\application\Advanced Password Recovery.scr
C:\Program Files\SuspenzorPC\data\application\ahead cover designer.scr
C:\Program Files\SuspenzorPC\data\application\Albatros ADGaspect.scr
C:\Program Files\SuspenzorPC\data\application\Albatros ADGpano.scr
C:\Program Files\SuspenzorPC\data\application\Albatros ADGview.scr
C:\Program Files\SuspenzorPC\data\application\Alcohol MRU List.scr
C:\Program Files\SuspenzorPC\data\application\Animation Shop 1.x.scr
C:\Program Files\SuspenzorPC\data\application\Animation Shop 3.x.scr
C:\Program Files\SuspenzorPC\data\application\AOL - Spool.scr
C:\Program Files\SuspenzorPC\data\application\ASPack.scr
C:\Program Files\SuspenzorPC\data\application\Avant Browser.scr
C:\Program Files\SuspenzorPC\data\application\AX-Icons 4.x.scr
C:\Program Files\SuspenzorPC\data\application\Axialis Icon Workshop 5.x.scr
C:\Program Files\SuspenzorPC\data\application\Axialis Media Browser.scr
C:\Program Files\SuspenzorPC\data\application\Babylon Builder 2.2.scr
C:\Program Files\SuspenzorPC\data\application\Babylon Translator.scr
C:\Program Files\SuspenzorPC\data\application\BlazeDVD 2.0.scr
C:\Program Files\SuspenzorPC\data\application\Bookreader.scr
C:\Program Files\SuspenzorPC\data\application\C++ Builder.scr
C:\Program Files\SuspenzorPC\data\application\Cabinet Manager.scr
C:\Program Files\SuspenzorPC\data\application\Classify 98.scr
C:\Program Files\SuspenzorPC\data\application\Clicktionary 2000.scr
C:\Program Files\SuspenzorPC\data\application\CoffeeCup DirectFTP.scr
C:\Program Files\SuspenzorPC\data\application\CoffeeCup GIF Animator.scr
C:\Program Files\SuspenzorPC\data\application\Cool Edit 2000 1.1.scr
C:\Program Files\SuspenzorPC\data\application\Cool Edit Pro.scr
C:\Program Files\SuspenzorPC\data\application\Corel PhotoPaint 8.scr
C:\Program Files\SuspenzorPC\data\application\CrissCross.scr
C:\Program Files\SuspenzorPC\data\application\CRT 2.x.scr
C:\Program Files\SuspenzorPC\data\application\Cute FTP v3.0.scr
C:\Program Files\SuspenzorPC\data\application\Cute FTP v4.0.scr
C:\Program Files\SuspenzorPC\data\application\CuteFTP.scr
C:\Program Files\SuspenzorPC\data\application\CuteHTML.scr
C:\Program Files\SuspenzorPC\data\application\DataRescue_IDA.scr
C:\Program Files\SuspenzorPC\data\application\Delphi v3.scr
C:\Program Files\SuspenzorPC\data\application\Delphi v4.scr
C:\Program Files\SuspenzorPC\data\application\Delphi v5.scr
C:\Program Files\SuspenzorPC\data\application\Delphi v7.scr
C:\Program Files\SuspenzorPC\data\application\Disk Explorer Professional 3.scr
C:\Program Files\SuspenzorPC\data\application\Diskeeper 5.0.scr
C:\Program Files\SuspenzorPC\data\application\DivX Player.scr
C:\Program Files\SuspenzorPC\data\application\Download Accelerator.scr
C:\Program Files\SuspenzorPC\data\application\Ebay Toolbar.scr
C:\Program Files\SuspenzorPC\data\application\EditPad.scr
C:\Program Files\SuspenzorPC\data\application\EditPlus 2.scr
C:\Program Files\SuspenzorPC\data\application\edonkey2000.scr
C:\Program Files\SuspenzorPC\data\application\eMule.scr
C:\Program Files\SuspenzorPC\data\application\Enfish Onespace.scr
C:\Program Files\SuspenzorPC\data\application\Enigma Browser.scr
C:\Program Files\SuspenzorPC\data\application\F-Secure SSH 2.x.scr
C:\Program Files\SuspenzorPC\data\application\Fix-It 2000.scr
C:\Program Files\SuspenzorPC\data\application\FlashGet.scr
C:\Program Files\SuspenzorPC\data\application\FotoCanvas 2.0.scr
C:\Program Files\SuspenzorPC\data\application\Fotostation 4.0.scr
C:\Program Files\SuspenzorPC\data\application\foxit reader.scr
C:\Program Files\SuspenzorPC\data\application\Free Download Manager 1.x.scr
C:\Program Files\SuspenzorPC\data\application\FTP Explorer.scr
C:\Program Files\SuspenzorPC\data\application\FTP Voyager.scr
C:\Program Files\SuspenzorPC\data\application\Gator.scr
C:\Program Files\SuspenzorPC\data\application\GeoVid Video to Flash Batch Converter.scr
C:\Program Files\SuspenzorPC\data\application\GetRight ExplorerBar.scr
C:\Program Files\SuspenzorPC\data\application\GetRight.scr
C:\Program Files\SuspenzorPC\data\application\Go!Zilla.scr
C:\Program Files\SuspenzorPC\data\application\Google Deskbar.scr
C:\Program Files\SuspenzorPC\data\application\Google Desktop Search History.scr
C:\Program Files\SuspenzorPC\data\application\Google Toolbar.scr
C:\Program Files\SuspenzorPC\data\application\Google Video Player 1.x.scr
C:\Program Files\SuspenzorPC\data\application\GoZilla.scr
C:\Program Files\SuspenzorPC\data\application\Gravity Newsreader.scr
C:\Program Files\SuspenzorPC\data\application\hardcopy.scr
C:\Program Files\SuspenzorPC\data\application\Helios TextPad v3.scr
C:\Program Files\SuspenzorPC\data\application\Helios TextPad v4.scr
C:\Program Files\SuspenzorPC\data\application\HelpWriter.scr
C:\Program Files\SuspenzorPC\data\application\hexworkshop.scr
C:\Program Files\SuspenzorPC\data\application\Homesite 4.0.scr
C:\Program Files\SuspenzorPC\data\application\Hotbar 3.0.scr
C:\Program Files\SuspenzorPC\data\application\HotJava Browser.scr
C:\Program Files\SuspenzorPC\data\application\HTML Help Workshop.scr
C:\Program Files\SuspenzorPC\data\application\Chameleon Web Browser.scr
C:\Program Files\SuspenzorPC\data\application\Icon Extractor.scr
C:\Program Files\SuspenzorPC\data\application\iMesh.scr
C:\Program Files\SuspenzorPC\data\application\InoculatelT PE Antivirus.scr
C:\Program Files\SuspenzorPC\data\application\InstallShield Express.scr
C:\Program Files\SuspenzorPC\data\application\InterQuick.scr
C:\Program Files\SuspenzorPC\data\application\Irfanview.scr
C:\Program Files\SuspenzorPC\data\application\Iso Buster.scr
C:\Program Files\SuspenzorPC\data\application\Jasc Animation Shop 3.scr
C:\Program Files\SuspenzorPC\data\application\JASC Paintshop Pro v5.scr
C:\Program Files\SuspenzorPC\data\application\JASC Paintshop Pro v6.scr
C:\Program Files\SuspenzorPC\data\application\JASC Paintshop Pro v7.scr
C:\Program Files\SuspenzorPC\data\application\JASC Paintshop Pro v8.scr
C:\Program Files\SuspenzorPC\data\application\Jet Photo Shell.scr
C:\Program Files\SuspenzorPC\data\application\juno.scr
C:\Program Files\SuspenzorPC\data\application\K-Lite Codec Pack.scr
C:\Program Files\SuspenzorPC\data\application\Kazaa Media Desktop.scr
C:\Program Files\SuspenzorPC\data\application\Kodak Imaging.scr
C:\Program Files\SuspenzorPC\data\application\LeapFTP 2.6.scr
C:\Program Files\SuspenzorPC\data\application\LeechFTP.scr
C:\Program Files\SuspenzorPC\data\application\Letterbox.scr
C:\Program Files\SuspenzorPC\data\application\LViewPro 2.x.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Dreamweaver MX.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Dreamweaver Ultradev 4.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Firework MX.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Fireworks 3.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Flash MX.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Flash Player.scr
C:\Program Files\SuspenzorPC\data\application\Macromedia Flash v4.0.scr
C:\Program Files\SuspenzorPC\data\application\Magic ISO Maker 4.6.scr
C:\Program Files\SuspenzorPC\data\application\mapinfo mapmarker.scr
C:\Program Files\SuspenzorPC\data\application\Mass Download.scr
C:\Program Files\SuspenzorPC\data\application\MasterSplitter v2.1.scr
C:\Program Files\SuspenzorPC\data\application\McAfee Virus Scan.scr
C:\Program Files\SuspenzorPC\data\application\MEDA MP3 Splitter.scr
C:\Program Files\SuspenzorPC\data\application\Metapad.scr
C:\Program Files\SuspenzorPC\data\application\MGI PHOTOSUITE SE 1.x.scr
C:\Program Files\SuspenzorPC\data\application\MGUSOFT Setup Builder.scr
C:\Program Files\SuspenzorPC\data\application\Microangelo 98.scr
C:\Program Files\SuspenzorPC\data\application\MicroAngelo.scr
C:\Program Files\SuspenzorPC\data\application\Micrografx Picture Publisher v7.scr
C:\Program Files\SuspenzorPC\data\application\Micrografx Picture Publisher v8.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft FrontPage Express.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft FrontPage.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Help Workshop.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft HTML Help.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Imaging.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Managemant Console.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Netmeeting.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Office 2000.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Office 2003.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Office 97.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Office InfoPath 2003.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Office XP.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Office.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Outlook Express 5.0.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Photo Editor 3.x.scr
C:\Program Files\SuspenzorPC\data\application\MicroSoft PhotoDraw.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Picture It Publishing.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Publisher 2000.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Visual Studio 6.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Windows Paint.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Windows WordPad.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Word 2000.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Word Backup Files.scr
C:\Program Files\SuspenzorPC\data\application\Microsoft Works 4.0.scr
C:\Program Files\SuspenzorPC\data\application\Mijenix Powerdesk 4.0.scr
C:\Program Files\SuspenzorPC\data\application\MIRC.scr
C:\Program Files\SuspenzorPC\data\application\miroMEDIA PCTV.scr
C:\Program Files\SuspenzorPC\data\application\mixmeister.scr
C:\Program Files\SuspenzorPC\data\application\Morpheus.scr
C:\Program Files\SuspenzorPC\data\application\MovieXone 1.0.scr
C:\Program Files\SuspenzorPC\data\application\Mozart 4.0.scr
C:\Program Files\SuspenzorPC\data\application\ms autoroute express.scr
C:\Program Files\SuspenzorPC\data\application\MSE.scr
C:\Program Files\SuspenzorPC\data\application\MSN Toolbar.scr
C:\Program Files\SuspenzorPC\data\application\Music Match Jukebox.scr
C:\Program Files\SuspenzorPC\data\application\MyWay Advertising.scr
C:\Program Files\SuspenzorPC\data\application\Napster Music Community.scr
C:\Program Files\SuspenzorPC\data\application\Naviscope.scr
C:\Program Files\SuspenzorPC\data\application\NEATO Labels.scr
C:\Program Files\SuspenzorPC\data\application\nero burning rom.scr
C:\Program Files\SuspenzorPC\data\application\Nero Vision.scr
C:\Program Files\SuspenzorPC\data\application\Net Vampire 3.x.scr
C:\Program Files\SuspenzorPC\data\application\netants.scr
C:\Program Files\SuspenzorPC\data\application\NetCaptor.scr
C:\Program Files\SuspenzorPC\data\application\netmeeting.scr
C:\Program Files\SuspenzorPC\data\application\Netsonic.scr
C:\Program Files\SuspenzorPC\data\application\Netzip Download Demon 3.x.scr
C:\Program Files\SuspenzorPC\data\application\NewsBin Pro 4.scr
C:\Program Files\SuspenzorPC\data\application\Norton AntiVirus 2000 (v6).scr
C:\Program Files\SuspenzorPC\data\application\Norton AntiVirus 2003.scr
C:\Program Files\SuspenzorPC\data\application\Norton Commander.scr
C:\Program Files\SuspenzorPC\data\application\Norton File Manager.scr
C:\Program Files\SuspenzorPC\data\application\Norton Firewall.scr
C:\Program Files\SuspenzorPC\data\application\Norton Internet Security.scr
C:\Program Files\SuspenzorPC\data\application\Norton LiveUpdate.scr
C:\Program Files\SuspenzorPC\data\application\Norton Utilities 2000.scr
C:\Program Files\SuspenzorPC\data\application\NotePad Plus.scr
C:\Program Files\SuspenzorPC\data\application\notetab lite.scr
C:\Program Files\SuspenzorPC\data\application\NoteTab Pro.scr
C:\Program Files\SuspenzorPC\data\application\Object Rescue.scr
C:\Program Files\SuspenzorPC\data\application\OmniPage 10.0.scr
C:\Program Files\SuspenzorPC\data\application\OnTrack Powerdesk 4.scr
C:\Program Files\SuspenzorPC\data\application\Ontrack PowerDesk 5.scr
C:\Program Files\SuspenzorPC\data\application\PackageForTheWeb.scr
C:\Program Files\SuspenzorPC\data\application\Paint Shop Pro 5.0.scr
C:\Program Files\SuspenzorPC\data\application\Paint Shop Pro 7.0.scr
C:\Program Files\SuspenzorPC\data\application\Password Safe.scr
C:\Program Files\SuspenzorPC\data\application\PE Explorer 1.95.scr
C:\Program Files\SuspenzorPC\data\application\Personal Ancestral File.scr
C:\Program Files\SuspenzorPC\data\application\photo magic 4.0.scr
C:\Program Files\SuspenzorPC\data\application\PhotoCanvas 2.0.scr
C:\Program Files\SuspenzorPC\data\application\Photodex Compupic Pro.scr
C:\Program Files\SuspenzorPC\data\application\PhotoDraw 2000.scr
C:\Program Files\SuspenzorPC\data\application\PhotoImpact 8.0.scr
C:\Program Files\SuspenzorPC\data\application\PhotoImpact Viewer 4.0.scr
C:\Program Files\SuspenzorPC\data\application\PicoZip.scr
C:\Program Files\SuspenzorPC\data\application\PictureIt Digital Image Pro 7.0.scr
C:\Program Files\SuspenzorPC\data\application\PKZip for Windows v2.60.03+.scr
C:\Program Files\SuspenzorPC\data\application\PolyView.scr
C:\Program Files\SuspenzorPC\data\application\Popup Purger.scr
C:\Program Files\SuspenzorPC\data\application\PopUpCop.scr
C:\Program Files\SuspenzorPC\data\application\Power archiver.scr
C:\Program Files\SuspenzorPC\data\application\PowerArc.scr
C:\Program Files\SuspenzorPC\data\application\PowerDVD.scr
C:\Program Files\SuspenzorPC\data\application\PowerZip.scr
C:\Program Files\SuspenzorPC\data\application\Privacy Eraser Pro.scr
C:\Program Files\SuspenzorPC\data\application\Putty hostkeys.scr
C:\Program Files\SuspenzorPC\data\application\PYTHON.scr
C:\Program Files\SuspenzorPC\data\application\QuickTime.scr
C:\Program Files\SuspenzorPC\data\application\Real Audio Player v6 v7 v8.scr
C:\Program Files\SuspenzorPC\data\application\Real Download v4.scr
C:\Program Files\SuspenzorPC\data\application\RealNetworks Real Download.scr
C:\Program Files\SuspenzorPC\data\application\RealOne & RealPlayer.scr
C:\Program Files\SuspenzorPC\data\application\RealVNC.scr
C:\Program Files\SuspenzorPC\data\application\RegEdit.scr
C:\Program Files\SuspenzorPC\data\application\Roxio Easy CD Creator.scr
C:\Program Files\SuspenzorPC\data\application\Save Now.scr
C:\Program Files\SuspenzorPC\data\application\Scour Exchange.scr
C:\Program Files\SuspenzorPC\data\application\Seal Module Mlayer.scr
C:\Program Files\SuspenzorPC\data\application\SearchAndBrowse.scr
C:\Program Files\SuspenzorPC\data\application\SearchAnt.scr
C:\Program Files\SuspenzorPC\data\application\SearchV.scr
C:\Program Files\SuspenzorPC\data\application\SearchWolf.scr
C:\Program Files\SuspenzorPC\data\application\SearchWWW.scr
C:\Program Files\SuspenzorPC\data\application\SideStep.scr
C:\Program Files\SuspenzorPC\data\application\Skype.scr
C:\Program Files\SuspenzorPC\data\application\Smart Explorer.scr
C:\Program Files\SuspenzorPC\data\application\SmartDraw 6.scr
C:\Program Files\SuspenzorPC\data\application\smartftp.scr
C:\Program Files\SuspenzorPC\data\application\SmartPops.scr
C:\Program Files\SuspenzorPC\data\application\Sonic Foundry's Acid 2.0.scr
C:\Program Files\SuspenzorPC\data\application\Sonique Player.scr
C:\Program Files\SuspenzorPC\data\application\Spinner Plus.scr
C:\Program Files\SuspenzorPC\data\application\SpotOn Browser plugin.scr
C:\Program Files\SuspenzorPC\data\application\Staff-FTP.scr
C:\Program Files\SuspenzorPC\data\application\Star Downloader.scr
C:\Program Files\SuspenzorPC\data\application\Stardialer.scr
C:\Program Files\SuspenzorPC\data\application\StarOffice 5.x.scr
C:\Program Files\SuspenzorPC\data\application\SubmitWolf Pro.scr
C:\Program Files\SuspenzorPC\data\application\Sun Java Cache.scr
C:\Program Files\SuspenzorPC\data\application\SureThing CD Labeler.scr
C:\Program Files\SuspenzorPC\data\application\SVAPlayer.scr
C:\Program Files\SuspenzorPC\data\application\SWiSH 2.0.scr
C:\Program Files\SuspenzorPC\data\application\Teleport Pro.scr
C:\Program Files\SuspenzorPC\data\application\Telnet.scr
C:\Program Files\SuspenzorPC\data\application\Text Pad 4.x.scr
C:\Program Files\SuspenzorPC\data\application\The Playa.scr
C:\Program Files\SuspenzorPC\data\application\Third Voice 1.x.scr
C:\Program Files\SuspenzorPC\data\application\Thumbs Plus 4.scr
C:\Program Files\SuspenzorPC\data\application\Timesink.scr
C:\Program Files\SuspenzorPC\data\application\TinyBar.scr
C:\Program Files\SuspenzorPC\data\application\TOPicks.scr
C:\Program Files\SuspenzorPC\data\application\Total Commander.scr
C:\Program Files\SuspenzorPC\data\application\transponder.scr
C:\Program Files\SuspenzorPC\data\application\Trellians Classify 98.scr
C:\Program Files\SuspenzorPC\data\application\Tribal Voice's PowWow.scr
C:\Program Files\SuspenzorPC\data\application\Trojan Remover.scr
C:\Program Files\SuspenzorPC\data\application\TSADBOT.scr
C:\Program Files\SuspenzorPC\data\application\UCmore toolbar.scr
C:\Program Files\SuspenzorPC\data\application\Ulead Gif Animator v4.0.scr
C:\Program Files\SuspenzorPC\data\application\Ulead GIF Animator v5.0.scr
C:\Program Files\SuspenzorPC\data\application\Ulead Photo Explorer v4.2.scr
C:\Program Files\SuspenzorPC\data\application\Ulead Photo Express.scr
C:\Program Files\SuspenzorPC\data\application\Ulead PhotoImpact v5.scr
C:\Program Files\SuspenzorPC\data\application\Ulead VideoStudio 4.0.scr
C:\Program Files\SuspenzorPC\data\application\Ultimate Paint.scr
C:\Program Files\SuspenzorPC\data\application\ULTImate Technology BV v5.5.scr
C:\Program Files\SuspenzorPC\data\application\UltraEdit v4.scr
C:\Program Files\SuspenzorPC\data\application\UltraEdit v7.scr
C:\Program Files\SuspenzorPC\data\application\UltraEdit.scr
C:\Program Files\SuspenzorPC\data\application\UltraISO 7.x.scr
C:\Program Files\SuspenzorPC\data\application\uTorrent 1.x.scr
C:\Program Files\SuspenzorPC\data\application\VBoxEdit.scr
C:\Program Files\SuspenzorPC\data\application\VirtualDub.scr
C:\Program Files\SuspenzorPC\data\application\VMWARE.scr
C:\Program Files\SuspenzorPC\data\application\Vueprint.scr
C:\Program Files\SuspenzorPC\data\application\VX2 Respondmiter.scr
C:\Program Files\SuspenzorPC\data\application\W32Dasm.scr
C:\Program Files\SuspenzorPC\data\application\Web Ferret v3.scr
C:\Program Files\SuspenzorPC\data\application\WebFerret.scr
C:\Program Files\SuspenzorPC\data\application\webhancer.scr
C:\Program Files\SuspenzorPC\data\application\Wildstylz.scr
C:\Program Files\SuspenzorPC\data\application\WildTangent.scr
C:\Program Files\SuspenzorPC\data\application\WinAce.scr
C:\Program Files\SuspenzorPC\data\application\winamp.scr
C:\Program Files\SuspenzorPC\data\application\Windows Commander.scr
C:\Program Files\SuspenzorPC\data\application\WinHTTrack Website Copier.scr
C:\Program Files\SuspenzorPC\data\application\WinOnCD.scr
C:\Program Files\SuspenzorPC\data\application\WinRar.scr
C:\Program Files\SuspenzorPC\data\application\Winshow.scr
C:\Program Files\SuspenzorPC\data\application\WinUAE.scr
C:\Program Files\SuspenzorPC\data\application\Winupie.scr
C:\Program Files\SuspenzorPC\data\application\WinVNC.scr
C:\Program Files\SuspenzorPC\data\application\WinZip v8.scr
C:\Program Files\SuspenzorPC\data\application\Wise Installer.scr
C:\Program Files\SuspenzorPC\data\application\Worm.Sobig.scr
C:\Program Files\SuspenzorPC\data\application\WurldMedia.scr
C:\Program Files\SuspenzorPC\data\application\Xara 3D v4.x.scr
C:\Program Files\SuspenzorPC\data\application\Xara Webstyle.scr
C:\Program Files\SuspenzorPC\data\application\XDialer.scr
C:\Program Files\SuspenzorPC\data\application\XING MP3 PLAYER.scr
C:\Program Files\SuspenzorPC\data\application\XLoader.scr
C:\Program Files\SuspenzorPC\data\application\Xolox.scr
C:\Program Files\SuspenzorPC\data\application\Xrenoder.scr
C:\Program Files\SuspenzorPC\data\application\Xupiter toolbar.scr
C:\Program Files\SuspenzorPC\data\application\Xzoomy.scr
C:\Program Files\SuspenzorPC\data\application\Yahoo Player.scr
C:\Program Files\SuspenzorPC\data\application\Yahoo! Toolbar.scr
C:\Program Files\SuspenzorPC\data\application\Yamaha S-YXG100.scr
C:\Program Files\SuspenzorPC\data\application\ZeroPopup.scr
C:\Program Files\SuspenzorPC\data\application\ZipMagic 2000.scr
C:\Program Files\SuspenzorPC\data\application\Zone Alarm.scr
C:\Program Files\SuspenzorPC\data\brand.dat
C:\Program Files\SuspenzorPC\data\firefox\Firefox - cache.scr
C:\Program Files\SuspenzorPC\data\firefox\Firefox - cookies.scr
C:\Program Files\SuspenzorPC\data\firefox\Firefox - history.scr
C:\Program Files\SuspenzorPC\data\ie\ie cookies.scr
C:\Program Files\SuspenzorPC\data\ie\ie internet cache.scr
C:\Program Files\SuspenzorPC\data\ie\ie privacy history.scr
C:\Program Files\SuspenzorPC\data\ie\ie typed urls.scr
C:\Program Files\SuspenzorPC\data\ie\ie url history.scr
C:\Program Files\SuspenzorPC\data\ie\windows autocomplete.scr
C:\Program Files\SuspenzorPC\data\ie\windows downloaded files.scr
C:\Program Files\SuspenzorPC\data\ie\windows favorites order.scr
C:\Program Files\SuspenzorPC\data\ie\windows passwords.scr
C:\Program Files\SuspenzorPC\data\messanger\aim.scr
C:\Program Files\SuspenzorPC\data\messanger\AOL Bart.scr
C:\Program Files\SuspenzorPC\data\messanger\AOL Instant Messenger.scr
C:\Program Files\SuspenzorPC\data\messanger\aolim.scr
C:\Program Files\SuspenzorPC\data\messanger\icq - download.scr
C:\Program Files\SuspenzorPC\data\messanger\icq - logs.scr
C:\Program Files\SuspenzorPC\data\messanger\Miranda ICQ.scr
C:\Program Files\SuspenzorPC\data\messanger\MSN Messenger User Account.scr
C:\Program Files\SuspenzorPC\data\messanger\Trillian cache.scr
C:\Program Files\SuspenzorPC\data\messanger\trillian downloads.scr
C:\Program Files\SuspenzorPC\data\messanger\trillian logs.scr
C:\Program Files\SuspenzorPC\data\messanger\yahoo messenger logs.scr
C:\Program Files\SuspenzorPC\data\messanger\Yahoo! Messenger.scr
C:\Program Files\SuspenzorPC\data\mozilla\mozilla - autocomplete.scr
C:\Program Files\SuspenzorPC\data\mozilla\mozilla - cache.scr
C:\Program Files\SuspenzorPC\data\mozilla\mozilla - cookies.scr
C:\Program Files\SuspenzorPC\data\mozilla\Mozilla - history.scr
C:\Program Files\SuspenzorPC\data\mozilla\mozilla - saved passwords.scr
C:\Program Files\SuspenzorPC\data\mozilla\Mozilla - typed urls.scr
C:\Program Files\SuspenzorPC\data\netscape\netscape - cache.scr
C:\Program Files\SuspenzorPC\data\netscape\netscape - cookies.scr
C:\Program Files\SuspenzorPC\data\netscape\netscape - history.scr
C:\Program Files\SuspenzorPC\data\netscape\Netscape Navigator - last trusted apps.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - cache.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - cookies.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - Download.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - history.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - misc.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - mru.scr
C:\Program Files\SuspenzorPC\data\opera\Opera Browser - visited.scr
C:\Program Files\SuspenzorPC\data\sfl.dat
C:\Program Files\SuspenzorPC\data\skin.skn
C:\Program Files\SuspenzorPC\data\srl.dat
C:\Program Files\SuspenzorPC\data\windows\Direct Draw.scr
C:\Program Files\SuspenzorPC\data\windows\direct input.scr
C:\Program Files\SuspenzorPC\data\windows\last files.scr
C:\Program Files\SuspenzorPC\data\windows\Microsoft Send-To Extensions.scr
C:\Program Files\SuspenzorPC\data\windows\windows applog.scr
C:\Program Files\SuspenzorPC\data\windows\windows documents.scr
C:\Program Files\SuspenzorPC\data\windows\Windows Downloaded Installations.scr
C:\Program Files\SuspenzorPC\data\windows\Windows Empty Recycle Bin.scr
C:\Program Files\SuspenzorPC\data\windows\Windows Explorer User Assistant history.scr
C:\Program Files\SuspenzorPC\data\windows\windows findfile.scr
C:\Program Files\SuspenzorPC\data\windows\Windows FTP Accounts.scr
C:\Program Files\SuspenzorPC\data\windows\windows hotfix uninstall.scr
C:\Program Files\SuspenzorPC\data\windows\windows logfiles.scr
C:\Program Files\SuspenzorPC\data\windows\Windows Mapped Drives.scr
C:\Program Files\SuspenzorPC\data\windows\windows media player 7.scr
C:\Program Files\SuspenzorPC\data\windows\windows minidump.scr
C:\Program Files\SuspenzorPC\data\windows\windows MUICache.scr
C:\Program Files\SuspenzorPC\data\windows\windows network links.scr
C:\Program Files\SuspenzorPC\data\windows\windows opensave.scr
C:\Program Files\SuspenzorPC\data\windows\windows openwith.scr
C:\Program Files\SuspenzorPC\data\windows\windows prefetch.scr
C:\Program Files\SuspenzorPC\data\windows\windows reg history.scr
C:\Program Files\SuspenzorPC\data\windows\windows run history.scr
C:\Program Files\SuspenzorPC\data\windows\windows search.scr
C:\Program Files\SuspenzorPC\data\windows\windows start menu order.scr
C:\Program Files\SuspenzorPC\data\windows\windows stream history.scr
C:\Program Files\SuspenzorPC\data\windows\windows temp.scr
C:\Program Files\SuspenzorPC\data\windows\windows update.scr
C:\Program Files\SuspenzorPC\data\windows\Windows XP Unread Mail Count.scr
C:\Program Files\SuspenzorPC\default.ini
C:\Program Files\SuspenzorPC\GDC.exe
C:\Program Files\SuspenzorPC\GDCCZ.url
C:\Program Files\SuspenzorPC\gfx\button_arrow.bmp
C:\Program Files\SuspenzorPC\gfx\button_arrow2.bmp
C:\Program Files\SuspenzorPC\gfx\buy.bmp
C:\Program Files\SuspenzorPC\gfx\custom.bmp
C:\Program Files\SuspenzorPC\gfx\customcleanup.bmp
C:\Program Files\SuspenzorPC\gfx\header.bmp
C:\Program Files\SuspenzorPC\gfx\checked.bmp
C:\Program Files\SuspenzorPC\gfx\icon.ico
C:\Program Files\SuspenzorPC\gfx\icon_about.ico
C:\Program Files\SuspenzorPC\gfx\icon_grayed.ico
C:\Program Files\SuspenzorPC\gfx\icon_checked.ico
C:\Program Files\SuspenzorPC\gfx\icon_link.ico
C:\Program Files\SuspenzorPC\gfx\icon_manual.ico
C:\Program Files\SuspenzorPC\gfx\icon_quit.ico
C:\Program Files\SuspenzorPC\gfx\icon_support.ico
C:\Program Files\SuspenzorPC\gfx\icon_unchecked.ico
C:\Program Files\SuspenzorPC\gfx\icon_uncheked.ico
C:\Program Files\SuspenzorPC\gfx\icon_uninstall.ico
C:\Program Files\SuspenzorPC\gfx\icon_update.ico
C:\Program Files\SuspenzorPC\gfx\log.bmp
C:\Program Files\SuspenzorPC\gfx\logo.bmp
C:\Program Files\SuspenzorPC\gfx\register.bmp
C:\Program Files\SuspenzorPC\gfx\settings.bmp
C:\Program Files\SuspenzorPC\gfx\sign_green.bmp
C:\Program Files\SuspenzorPC\gfx\sign_green_big.bmp
C:\Program Files\SuspenzorPC\gfx\sign_red.bmp
C:\Program Files\SuspenzorPC\gfx\sign_red_big.bmp
C:\Program Files\SuspenzorPC\gfx\sign_yellow.bmp
C:\Program Files\SuspenzorPC\gfx\splash.bmp
C:\Program Files\SuspenzorPC\gfx\status_good.bmp
C:\Program Files\SuspenzorPC\gfx\status_risk.bmp
C:\Program Files\SuspenzorPC\gfx\support.bmp
C:\Program Files\SuspenzorPC\gfx\sys_shield.bmp
C:\Program Files\SuspenzorPC\gfx\sys_update.bmp
C:\Program Files\SuspenzorPC\gfx\sysstatus.bmp
C:\Program Files\SuspenzorPC\gfx\unchecked.bmp
C:\Program Files\SuspenzorPC\gfx\update.bmp
C:\Program Files\SuspenzorPC\gfx\WindowsIconsMini.ico
C:\Program Files\SuspenzorPC\itemlist.txt
C:\Program Files\SuspenzorPC\lang\Arabic.lng
C:\Program Files\SuspenzorPC\lang\Brazilian.lng
C:\Program Files\SuspenzorPC\lang\Catalan.lng
C:\Program Files\SuspenzorPC\lang\Czech.lng
C:\Program Files\SuspenzorPC\lang\Danish.lng
C:\Program Files\SuspenzorPC\lang\Dutch.lng
C:\Program Files\SuspenzorPC\lang\English.lng
C:\Program Files\SuspenzorPC\lang\Finnish.lng
C:\Program Files\SuspenzorPC\lang\French.lng
C:\Program Files\SuspenzorPC\lang\German.lng
C:\Program Files\SuspenzorPC\lang\Greek.lng
C:\Program Files\SuspenzorPC\lang\Hebrew.lng
C:\Program Files\SuspenzorPC\lang\Chinese.lng
C:\Program Files\SuspenzorPC\lang\Italian.lng
C:\Program Files\SuspenzorPC\lang\Japanese.lng
C:\Program Files\SuspenzorPC\lang\Malayan.lng
C:\Program Files\SuspenzorPC\lang\Norwegian.lng
C:\Program Files\SuspenzorPC\lang\Polish.lng
C:\Program Files\SuspenzorPC\lang\Portuguese.lng
C:\Program Files\SuspenzorPC\lang\Russian.lng
C:\Program Files\SuspenzorPC\lang\Slovenian.lng
C:\Program Files\SuspenzorPC\lang\Spanish.lng
C:\Program Files\SuspenzorPC\lang\Swedish.lng
C:\Program Files\SuspenzorPC\lang\Thai.lng
C:\Program Files\SuspenzorPC\lang\Turkish.lng
C:\Program Files\SuspenzorPC\License.rtf
C:\Program Files\SuspenzorPC\plug\GDCPatch.exe
C:\Program Files\SuspenzorPC\plug\GDCW.exe
C:\Program Files\SuspenzorPC\plug\stpHlpr.dll
C:\Program Files\SuspenzorPC\Readme.rtf
C:\Program Files\SuspenzorPC\runtime
C:\Program Files\SuspenzorPC\Scan_report.htm
C:\Program Files\SuspenzorPC\support.url
C:\Program Files\SuspenzorPC\unins000.dat
C:\Program Files\SuspenzorPC\unins000.exe
C:\Program Files\SuspenzorPC\updater.dat
C:\Program Files\SuspenzorPC\updater.exe
C:\Program Files\SuspenzorPC\ver.dat
C:\WINDOWS\axrfgvek.dll
C:\WINDOWS\mrvtdpqe.exe
C:\WINDOWS\nqgpedlr.dll
C:\WINDOWS\SYSTEM32\22F.tmp
C:\WINDOWS\SYSTEM32\230.tmp
C:\WINDOWS\SYSTEM32\231.tmp
C:\WINDOWS\SYSTEM32\232.tmp
C:\WINDOWS\SYSTEM32\235.tmp
C:\WINDOWS\SYSTEM32\238.tmp
C:\WINDOWS\SYSTEM32\239.tmp
C:\WINDOWS\SYSTEM32\246.tmp
C:\WINDOWS\SYSTEM32\247.tmp
C:\WINDOWS\SYSTEM32\248.tmp
C:\WINDOWS\SYSTEM32\24F.tmp
C:\WINDOWS\SYSTEM32\250.tmp
C:\WINDOWS\SYSTEM32\252.tmp
C:\WINDOWS\SYSTEM32\253.tmp
C:\WINDOWS\SYSTEM32\257.tmp
C:\WINDOWS\SYSTEM32\259.tmp
C:\WINDOWS\SYSTEM32\25A.tmp
C:\WINDOWS\SYSTEM32\25C.tmp
C:\WINDOWS\SYSTEM32\25D.tmp
C:\WINDOWS\SYSTEM32\25F.tmp
C:\WINDOWS\SYSTEM32\260.tmp
C:\WINDOWS\SYSTEM32\261.tmp
C:\WINDOWS\SYSTEM32\262.tmp
C:\WINDOWS\SYSTEM32\263.tmp
C:\WINDOWS\SYSTEM32\264.tmp
C:\WINDOWS\SYSTEM32\3A9.tmp
C:\WINDOWS\SYSTEM32\3E3.tmp
C:\WINDOWS\SYSTEM32\3E5.tmp
C:\WINDOWS\SYSTEM32\3EB.tmp
C:\WINDOWS\SYSTEM32\403.tmp
C:\WINDOWS\SYSTEM32\411.tmp
C:\WINDOWS\SYSTEM32\413.tmp
C:\WINDOWS\SYSTEM32\415.tmp
C:\WINDOWS\SYSTEM32\419.tmp
C:\WINDOWS\SYSTEM32\41A.tmp
C:\WINDOWS\SYSTEM32\41D.tmp
C:\WINDOWS\SYSTEM32\432.tmp
C:\WINDOWS\SYSTEM32\434.tmp
C:\WINDOWS\SYSTEM32\437.tmp
C:\WINDOWS\SYSTEM32\442.tmp
C:\WINDOWS\SYSTEM32\443.tmp
C:\WINDOWS\SYSTEM32\466.tmp
C:\WINDOWS\SYSTEM32\734914
C:\WINDOWS\SYSTEM32\73B.tmp
C:\WINDOWS\SYSTEM32\931928
.
((((((((((((((((((((((((( Files Created from 2008-06-08 to 2008-07-08 )))))))))))))))))))))))))))))))
.
2008-07-08 14:41 . 2008-07-08 14:41 108,144 --a------ C:\WINDOWS\SYSTEM32\CmdLineExt.dll
2008-07-08 14:33 . 2008-07-08 15:09 123 --a------ C:\WINDOWS\disney.ini
2008-07-08 09:18 . 2008-07-08 09:18 65,536 --a------ C:\WINDOWS\IFinst27.exe
2008-07-07 11:53 . 2004-08-17 15:49 153,088 --a------ C:\WINDOWS\SYSTEM32\irftp.exe
2008-07-07 11:53 . 2004-08-17 15:49 153,088 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\irftp.exe
2008-07-07 11:53 . 2004-08-17 15:49 26,624 --a------ C:\WINDOWS\SYSTEM32\irmon.dll
2008-07-07 11:53 . 2004-08-17 15:49 26,624 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\irmon.dll
2008-07-07 11:53 . 2004-08-17 15:49 8,192 --a------ C:\WINDOWS\SYSTEM32\wshirda.dll
2008-07-07 11:53 . 2004-08-17 15:49 8,192 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\wshirda.dll
2008-07-05 17:03 . 2008-07-05 17:03 4,309,545 --a------ C:\Program Files\SpywareTerminatorSetup.exe
2008-07-05 13:42 . 2007-02-13 09:09 388,126 --a------ C:\WINDOWS\SYSTEM32\sqlite3.dll
2008-07-05 11:05 . 2008-07-05 11:05 1,160 --a------ C:\WINDOWS\mozver.dat
2008-07-04 22:18 . 2008-07-04 22:18 <DIR> d-------- C:\WINDOWS\SYSTEM32\cs-cz
2008-07-04 22:05 . 2008-07-04 22:05 0 --a------ C:\WINDOWS\nsreg.dat
2008-07-04 20:23 . 2008-07-04 20:23 <DIR> d-------- C:\Program Files\Alwil Software
2008-07-04 17:58 . 2008-07-04 17:58 434,252 --a------ C:\WINDOWS\SYSTEM32\MSVCRTD.DLL
2008-07-04 17:58 . 2008-07-04 17:58 216,576 --a------ C:\WINDOWS\SYSTEM32\monln.dll
2008-07-04 17:58 . 2008-07-04 17:58 73,728 --a------ C:\WINDOWS\SYSTEM32\CavEmLSP.dll
2008-07-03 21:41 . 2008-07-03 21:41 1,047,552 --a------ C:\WINDOWS\SYSTEM32\mfc71u.dll
2008-07-03 21:25 . 2008-07-03 21:25 <DIR> d-------- C:\Program Files\Common Files\Softwin
2008-07-03 20:59 . 2008-07-03 20:59 132 --a------ C:\WINDOWS\ODBC.INI
2008-07-03 18:59 . 2004-08-03 22:32 571,392 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\tintlgnt.ime
2008-07-03 18:58 . 2004-08-03 22:31 482,304 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\pintlgnt.ime
2008-07-03 18:57 . 2001-10-25 14:00 1,875,968 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\msir3jp.lex
2008-07-03 18:56 . 2001-10-25 14:00 13,463,552 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\hwxjpn.dll
2008-07-03 18:55 . 2001-10-25 14:00 1,677,824 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\chsbrkr.dll
2008-07-03 18:54 . 2004-08-17 15:49 2,134,528 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\smtpsnap.dll
2008-07-03 18:53 . 2004-05-13 00:39 876,653 --a--c--- C:\WINDOWS\SYSTEM32\dllcache\fp4awel.dll
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\wuaucpl.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\sapi.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\nwc.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 749 -rah----- C:\WINDOWS\SYSTEM32\ncpa.cpl.manifest
2008-07-03 18:51 . 2008-07-03 18:51 488 -rah----- C:\WINDOWS\SYSTEM32\logonui.exe.manifest
2008-07-03 18:43 . 2004-08-03 22:31 20,992 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\RTL8139.sys
2008-07-03 17:53 . 2004-08-17 16:46 1,086,058 -ra------ C:\WINDOWS\SET2F.tmp
2008-07-03 17:53 . 2004-08-17 16:50 1,014,483 -ra------ C:\WINDOWS\SET2C.tmp
2008-07-03 17:53 . 2004-08-17 16:46 14,043 -ra------ C:\WINDOWS\SET3B.tmp
2008-07-03 17:29 . 2004-10-07 14:39 89,088 --a------ C:\WINDOWS\SYSTEM32\atl71.dll
2008-07-01 18:35 . 2008-07-08 08:13 <DIR> d-------- C:\Games
2008-07-01 18:26 . 2008-07-01 18:26 <DIR> d-------- C:\Program Files\IrfanView
2008-07-01 16:55 . 2008-07-01 16:59 114,351 --a------ C:\WINDOWS\hpqins13.dat
2008-06-28 14:13 . 2008-06-28 15:23 <DIR> d-------- C:\Program Files\MediaCell Video Converter
2008-06-27 12:55 . 2008-06-27 12:55 <DIR> d-------- C:\Program Files\eDATA Unerase
2008-06-27 12:55 . 2004-03-16 08:35 49,152 --a------ C:\WINDOWS\SYSTEM32\OctaneARM.dll
2008-06-26 20:15 . 2008-06-26 20:15 <DIR> d-------- C:\Program Files\MyRealGames.com
2008-06-26 00:02 . 2008-04-17 10:45 9,341 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\filedisk.sys
2008-06-26 00:01 . 2008-06-26 00:01 74,703 --a------ C:\WINDOWS\SYSTEM32\mfc45.dll
2008-06-25 09:37 . 2004-08-03 23:10 85,376 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\NABTSFEC.sys
2008-06-25 09:37 . 2004-08-03 23:10 19,328 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\WSTCODEC.SYS
2008-06-25 09:37 . 2004-08-03 23:10 17,024 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\CCDECODE.sys
2008-06-25 09:37 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.sys
2008-06-25 09:36 . 2004-08-17 15:49 91,136 --a------ C:\WINDOWS\SYSTEM32\kswdmcap.ax
2008-06-25 09:36 . 2004-08-17 15:49 61,952 --a------ C:\WINDOWS\SYSTEM32\kstvtune.ax
2008-06-25 09:36 . 2004-08-17 15:49 54,272 --a------ C:\WINDOWS\SYSTEM32\vfwwdm32.dll
2008-06-25 09:36 . 2005-01-14 09:32 53,248 --a------ C:\WINDOWS\SYSTEM32\PAStiSvc.exe
2008-06-25 09:36 . 2004-08-17 15:49 43,008 --a------ C:\WINDOWS\SYSTEM32\ksxbar.ax
2008-06-25 09:36 . 2004-08-17 15:49 28,672 --a------ C:\WINDOWS\SYSTEM32\vidcap.ax
2008-06-25 09:30 . 1998-09-02 10:28 38,160 --a------ C:\WINDOWS\SYSTEM32\LMRTREND.dll
2008-06-25 09:30 . 2008-07-02 21:10 645 --a------ C:\WINDOWS\videoimp.ini
2008-06-25 09:29 . 2008-06-25 09:29 <DIR> d-------- C:\Program Files\ArcSoft
2008-06-25 09:29 . 1999-05-26 09:46 212,480 --a------ C:\WINDOWS\pcdlib32.dll
2008-06-25 09:29 . 1998-09-02 10:02 194,320 --a------ C:\WINDOWS\SYSTEM32\qcut.dll
2008-06-25 09:29 . 1998-08-20 13:02 140,800 --a------ C:\WINDOWS\SYSTEM32\tm20dec.ax
2008-06-25 09:29 . 1998-09-02 10:28 63,488 --a------ C:\WINDOWS\SYSTEM32\unam4ie.exe
2008-06-25 09:29 . 1998-08-17 11:21 11,776 --a------ C:\WINDOWS\SYSTEM32\mciqtz.drv
2008-06-25 09:29 . 1998-08-17 11:21 10,240 --a------ C:\WINDOWS\SYSTEM32\vidx16.dll
2008-06-25 09:29 . 1998-08-17 11:21 5,672 --a------ C:\WINDOWS\SYSTEM32\quartz.vxd
2008-06-25 09:29 . 2008-06-25 09:29 4,608 --a------ C:\WINDOWS\SYSTEM32\w95inf32.dll
2008-06-25 09:29 . 2008-06-25 09:29 2,272 --a------ C:\WINDOWS\SYSTEM32\w95inf16.dll
2008-06-25 09:29 . 2001-06-20 11:04 21 --a------ C:\WINDOWS\VI_setup.ini
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\WINDOWS\PixArt
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\Program Files\Trust
2008-06-25 09:28 . 2008-06-25 09:28 <DIR> d-------- C:\Program Files\Common Files\PCCamera
2008-06-24 13:13 . 2008-06-24 13:13 <DIR> d-------- C:\Program Files\VSO
2008-06-23 15:07 . 2008-07-07 15:29 <DIR> d-------- C:\Documents and Settings\Administrator\ćablony
2008-06-23 15:07 . 2008-06-24 00:24 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikacˇ
2008-06-23 15:07 . 2008-06-24 00:24 <DIR> d---s---- C:\Documents and Settings\Administrator
2008-06-19 16:16 . 2008-06-19 16:18 <DIR> d-------- C:\Program Files\Microsoft Office Enterprise 2007
2008-06-19 10:29 . 2006-10-26 19:56 32,592 --a------ C:\WINDOWS\SYSTEM32\msonpmon.dll
2008-06-19 10:27 . 2008-06-19 10:27 <DIR> d-------- C:\Program Files\Microsoft Works
2008-06-19 10:26 . 2008-06-19 10:26 <DIR> d-------- C:\Program Files\MSBuild
2008-06-19 10:18 . 2008-06-19 10:18 <DIR> dr-h----- C:\MSOCache
2008-06-19 07:51 . 2008-06-19 07:51 434,688 --a------ C:\WINDOWS\SYSTEM32\ss2uinst.exe
2008-06-18 19:43 . 2008-06-19 07:47 <DIR> d-------- C:\Program Files\Instalaźnˇ pr…vodce
2008-06-18 19:43 . 2008-06-18 19:43 <DIR> d-------- C:\Program Files\5ba1af200b5ce5bbd0f3c018
2008-06-18 19:42 . 2008-06-18 19:42 <DIR> d-------- C:\Program Files\ed00c72403268d86046b101e8f93
2008-06-18 19:42 . 2008-06-18 19:42 <DIR> d-------- C:\Program Files\b9e05d4b4117e7a78979
2008-06-17 20:25 . 2008-06-24 00:24 <DIR> d-------- C:\Program Files\Windows_Installer_4.5_Redistributable
2008-06-17 20:00 . 2008-06-17 20:00 <DIR> d-------- C:\Program Files\pruvodce
2008-06-15 15:40 . 2008-07-06 10:26 <DIR> d-------- C:\WINDOWS\SYSTEM32\NtmsData
2008-06-15 15:19 . 2008-07-07 15:24 <DIR> d-------- C:\Z loha
2008-06-15 08:10 . 2008-07-08 08:22 <DIR> d-------- C:\Program Files\eMule
2008-06-12 19:28 . 2008-06-12 19:28 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-10 19:02 . 2008-06-10 19:02 <DIR> d-------- C:\Program Files\FLVPlayer
2008-06-10 16:53 . 2008-06-10 16:53 <DIR> d--hs---- C:\WINDOWS\ftpcache
2008-06-09 19:17 . 2008-06-09 19:17 131,584 --a------ C:\WINDOWS\SYSTEM32\SpoonUninstall.exe
2008-06-09 19:17 . 2008-06-09 19:17 34,358 --a------ C:\WINDOWS\SYSTEM32\SpoonUninstall-Toy Balls.bmp
2008-06-09 19:17 . 2008-06-09 19:17 13,687 --a------ C:\WINDOWS\SYSTEM32\SpoonUninstall-Toy Balls.dat
2008-06-08 22:17 . 2008-06-15 15:22 <DIR> d-------- C:\WINDOWS\Logs
2008-06-08 22:17 . 2008-06-08 22:17 216,064 --a------ C:\WINDOWS\SYSTEM32\B-CupXP.cpl
2008-06-08 22:17 . 2008-06-08 22:17 124,928 --a------ C:\WINDOWS\SYSTEM32\Mx-3 B-Cup Service.exe
2008-06-08 09:42 . 2008-06-13 20:16 <DIR> d-------- C:\Program Files\GetData
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-08 13:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-08 12:28 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-07-07 14:42 715,454 ----a-w C:\WINDOWS\SYSTEM32\PerfStringBackup.TMP
2008-07-07 13:32 --------- d-----w C:\Program Files\ICQToolbar
2008-07-06 19:30 --------- d-----w C:\Program Files\Skype
2008-07-04 18:08 --------- d-----w C:\Program Files\Unlocker
2008-07-04 15:58 499,712 ----a-w C:\WINDOWS\SYSTEM32\msvcp71.dll
2008-07-04 15:58 348,160 ----a-w C:\WINDOWS\SYSTEM32\msvcr71.dll
2008-07-04 15:58 1,060,864 ----a-w C:\WINDOWS\SYSTEM32\MFC71.dll
2008-06-19 05:47 --------- d-----w C:\Program Files\Instalační průvodce
2008-06-13 17:57 --------- d-----w C:\Program Files\totalcmd
2008-06-10 20:21 --------- d-----w C:\Program Files\VideoLAN
2008-06-07 15:54 --------- d-----w C:\Program Files\encodings
2008-06-07 14:22 --------- d-----w C:\Program Files\Seznam DVD 2008
2008-06-07 07:20 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-06 06:52 --------- d-----w C:\Program Files\DivX
2008-06-05 16:39 --------- d-----w C:\Program Files\ICQ6
2008-06-05 10:05 --------- d-----w C:\Program Files\cdkeys10
2008-06-05 08:37 159,933 ----a-w C:\WINDOWS\Wave@MP3 Uninstaller.exe
2008-06-05 08:37 --------- d-----w C:\Program Files\River Past
2008-06-05 08:37 --------- d-----w C:\Program Files\Common Files\River Past
2008-06-05 08:30 --------- d-----w C:\Program Files\DVD Decrypter
2008-06-05 08:19 --------- d-----w C:\Program Files\DVDStyler
2008-06-04 11:07 14,773,280 ----a-w C:\Program Files\IE7-WindowsXP-x86-csy.exe
2008-06-03 22:33 --------- d-----w C:\Program Files\QuickTime
2008-06-03 09:40 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-06-03 09:32 --------- d-----w C:\Program Files\Common Files\Ahead
2008-06-03 09:21 --------- d-----w C:\Program Files\Nero
2008-06-03 07:21 --------- d-----w C:\Program Files\Free Window Registry Repair
2008-06-03 07:08 --------- d-----w C:\Program Files\Seznam
2008-06-03 01:47 --------- d-----w C:\Program Files\ZipGenius 6
2008-06-03 01:37 --------- d-----w C:\Program Files\sdc213
2008-06-02 23:58 --------- d-----w C:\Program Files\Codec Pack - All In 1
2008-06-02 22:59 --------- d-----w C:\Program Files\MSConfig CleanUp
2008-06-02 22:50 --------- d-----w C:\Program Files\Movies To DVD
2008-06-02 22:25 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-06-02 22:21 --------- d-----w C:\Program Files\Xvid CZ
2008-06-02 22:19 --------- d-----w C:\Program Files\APlus Viewer
2008-06-02 22:03 --------- d-----w C:\Program Files\Common Files\Skype
2008-06-02 10:44 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-02 09:53 --------- d-----r C:\Program Files\Publikování v síti WWW
2008-06-01 19:32 --------- d-----w C:\Program Files\Java
2008-06-01 19:32 --------- d-----w C:\Program Files\Common Files\Java
2008-06-01 16:52 --------- d-----w C:\Program Files\BSP Multimedia
2008-06-01 13:26 5,166 --sh--w C:\SUHDLOG.DAT
2008-05-13 01:51 200,704 ----a-w C:\WINDOWS\SYSTEM32\ssldivx.dll
2008-05-13 01:51 1,044,480 ----a-w C:\WINDOWS\SYSTEM32\libdivx.dll
2001-06-01 13:34 266 --sh--w C:\Program Files\desktop.ini
2001-06-01 13:34 11,253 ---ha-w C:\Program Files\folder.htt
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 15:49 15360]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-05-30 15:54 21718312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SMail"="C:\Program Files\Seznam\Postak\Postak.exe" [2008-02-21 21:22 453936]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 15:49 110592 C:\WINDOWS\SYSTEM32\bthprops.cpl]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 15:49 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.xvid"= xvid.dll
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemDefender
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"mnmsrvc"=3 (0x3)
"ioloSystemService"=2 (0x2)
"ioloFileInfoList"=2 (0x2)
"bdss"=2 (0x2)
"XCOMM"=2 (0x2)
"wscsvc"=2 (0x2)
"RemoteRegistry"=2 (0x2)
"Browser"=2 (0x2)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"C:\\Program Files\\Adobe\\Acrobat 5.0\\Reader\\AcroRd32.exe"=
"C:\\Program Files\\sdc213\\StrongDC.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 Mx-3 B-Cup Service;MX-3 B-Cup XP;C:\WINDOWS\system32\Mx-3 B-Cup Service.exe s []
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
S3 PAC207;Trust WB-1200p Mini Webcam;C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 12:29]
S4 ioloFileInfoList;iolo FileInfoList Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe []
S4 ioloSystemService;iolo System Service;C:\Program Files\iolo\common\lib\ioloServiceManager.exe []
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-08 19:36:27
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\SYSTEM32\Mx-3 B-Cup Service.exe
C:\WINDOWS\SYSTEM32\PAStiSvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SYSTEM32\rundll32.exe
.
**************************************************************************
.
Completion time: 2008-07-08 19:43:41 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-08 17:43:32
ComboFix.txt 2008-07-07 12:49:14
Adresářů: 6, Volných bajtů: 43,212,779,520
Adres ý…: 11, Volněch bajt…: 43,309,182,976
824 --- E O F --- 2008-06-03 01:23:18
HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:53:02, on 8.7.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\Mx-3 B-Cup Service.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Seznam\Postak\Postak.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O4 - HKLM\..\Run: [SMail] "C:\Program Files\Seznam\Postak\Postak.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 5413263270
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7D5DD829-6C90-42C5-B54C-2AFA82F988BA} (CLoader Object) - http://www.antivirusxp2008.com/tools/virusremover.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{5AEC8743-D169-4698-AEE5-2506613D811D}: NameServer = 172.27.12.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{5AEC8743-D169-4698-AEE5-2506613D811D}: NameServer = 172.27.12.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{5AEC8743-D169-4698-AEE5-2506613D811D}: NameServer = 172.27.12.254
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MX-3 B-Cup XP (Mx-3 B-Cup Service) - n.v.t. MX-3 - C:\WINDOWS\system32\Mx-3 B-Cup Service.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 6381 bytes
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Re: po odvirování něco chybí
Můžeš smazat tyto adresáře/složky:
C:\Program Files\5ba1af200b5ce5bbd0f3c018
C:\Program Files\ed00c72403268d86046b101e8f93
C:\Program Files\b9e05d4b4117e7a78979
Fixni v HJT tyto položky:
Spusť znovu HijackThis a zaškrtni v něm okénka před řádky:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O16 - DPF: {7D5DD829-6C90-42C5-B54C-2AFA82F988BA} (CLoader Object) - http://www.antivirusxp2008.com/tools/virusremover.dll
po zaškrtnutí klikni na tlačítko Fix Checked
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok)
Zkopíruj do něj následující text označený zeleně:
Poznámka: Nepoužij k označení funkci VYBRAT VŠE
Pak dej Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: fix.reg
Uložit jako typ: tak tam vyber Všechny soubory
Ulož si daný soubor na plochu
Na ploše by se měl objevit soubor
fix.reg
- spusť ho vyskočí hláška kde odklikni Ano poté je další hláška kde odklikni OK
Restartuj Pc, mrkni se a dej vědět co máš ještě konkrétně za problémy (nezobrazují se disky, ...)
C:\Program Files\5ba1af200b5ce5bbd0f3c018
C:\Program Files\ed00c72403268d86046b101e8f93
C:\Program Files\b9e05d4b4117e7a78979
Fixni v HJT tyto položky:
Spusť znovu HijackThis a zaškrtni v něm okénka před řádky:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O16 - DPF: {7D5DD829-6C90-42C5-B54C-2AFA82F988BA} (CLoader Object) - http://www.antivirusxp2008.com/tools/virusremover.dll
po zaškrtnutí klikni na tlačítko Fix Checked
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok)
Zkopíruj do něj následující text označený zeleně:
Poznámka: Nepoužij k označení funkci VYBRAT VŠE
Kód: Vybrat vše
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\\Program Files\\Alwil Software\\Avast4\\ashDisp.exe"
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SystemDefender]Pak dej Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: fix.reg
Uložit jako typ: tak tam vyber Všechny soubory
Ulož si daný soubor na plochu
Na ploše by se měl objevit soubor
fix.reg - spusť ho vyskočí hláška kde odklikni Ano poté je další hláška kde odklikni OK
Restartuj Pc, mrkni se a dej vědět co máš ještě konkrétně za problémy (nezobrazují se disky, ...)
It may take a while to get a response, because the "HJT Team" are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.
Pokud máte nějaký problém, tak mi neposílejte SZ/PM zprávy s logy a dejte je do fóra. Na tyto SZ není možno odpovědět
Pokud máte nějaký problém, tak mi neposílejte SZ/PM zprávy s logy a dejte je do fóra. Na tyto SZ není možno odpovědět
Re: po odvirování něco chybí
dle tvých příkazů jsem všechno provedl, ale při přidávání souboru fix.reg mi hláška v druhém okně oznamovala, že to nemůže být do registru přidáno, ale přesto jsem to odklik a PC restartoval. Teď ž mi chybí snad jen ten Autorun CD-ROMek jak jsem psal výše.
-
fredik
- člen Security týmu
-
Master Level 7
- Příspěvky: 4680
- Registrován: červenec 06
- Pohlaví:
- Stav:
Offline
Re: po odvirování něco chybí
mrkneme se jestli je to v pořádku:
Stáhni si Deckard's System Scanner (DSS) a ulož si ho na plochu
Jdi přes Start -> Spustit... a napiš do okna tento příkaz označený modře:
"%userprofile%\plocha\dss.exe" /config
- Otevře se ti okno kde v sekci Main Log zruš všechny zatržené položky a nech zatržené/zatrhni jen tyto (ostatní části nech jak jsou):
Za chvíli se ti objeví log main.txt tak sem vlož jeho obsah (jinak ho najdeš zde: C:\Deckard\System Scanner\main.txt)
Vypnutí autorun je prevence proti virům které se šíří přes výměnná zařízení. Pokud budeš tedy chtít ho zapnout tak to uděláme.
Stáhni si Deckard's System Scanner (DSS) a ulož si ho na plochu
Jdi přes Start -> Spustit... a napiš do okna tento příkaz označený modře:
"%userprofile%\plocha\dss.exe" /config
- Otevře se ti okno kde v sekci Main Log zruš všechny zatržené položky a nech zatržené/zatrhni jen tyto (ostatní části nech jak jsou):
- HijackThis
File Associations
Drivers
Services
Registry Dump
Za chvíli se ti objeví log main.txt tak sem vlož jeho obsah (jinak ho najdeš zde: C:\Deckard\System Scanner\main.txt)
Vypnutí autorun je prevence proti virům které se šíří přes výměnná zařízení. Pokud budeš tedy chtít ho zapnout tak to uděláme.
It may take a while to get a response, because the "HJT Team" are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.
Pokud máte nějaký problém, tak mi neposílejte SZ/PM zprávy s logy a dejte je do fóra. Na tyto SZ není možno odpovědět
Pokud máte nějaký problém, tak mi neposílejte SZ/PM zprávy s logy a dejte je do fóra. Na tyto SZ není možno odpovědět
Zpět na “Viry, antiviry, firewally…”
Kdo je online
Uživatelé prohlížející si toto fórum: Google [Bot] a 3 hosti