Vymazané užívatelské účty. Pomôžte prosím LAIKOVI Vyřešeno

[Damned]

Složka: C:\WINDOWS.0 vznikne při nové instalaci Windows bez sformátování disku. Tedy v závislosti na počtu instalací Windows, vznikne složka C:\WINDOWS.0, pak C:\WINDOWS.1 atd.

Odinstaluj si BS Player Toolbar a ICQ6Toolbar.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[Reklama]

[dedko58]

Damned sakr ja nemam nainstalovane ani Bsp toolbar ani ICQ toolbar mám tu iba záznamy ICQ číslo ale odinstal nejde ked nie je nainstal

[dedko58]

MalwareBytes ešte pracuje ale to som Ti posielal v noci tak neviem

[Damned]

Potom tedy přilož/zkopíruj log.

[dedko58]

No tu je ten log!!!Malwarebytes' Anti-Malware 1.40
Verzia databázy: 2635
Windows 5.1.2600 Service Pack 3

16.8.2009 19:32:12
mbam-log-2009-08-16 (19-32-12).txt

Typ kontroly: Rýchla
Objektov kontrolovaných: 145863
Uplynutý cas: 16 minute(s), 55 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 0

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
(Žiadne škodlivé položky)

[Damned]

Výborně.

Vypni rezidentní štít antiviru (pokud máš tak i antispyware).
Stáhni si ComboFix (by sUBs)
nebo ComboFix (subs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[dedko58]

No to je síla tak taky odborník nie som

[dedko58]

To mám sa odhlásiť aj z IE???

[Damned]

Postupuj podle návodu, je to jednoduché.

Zavřít okna všech aplikací, které jsou spuštěny, tedy i IE.

[dedko58]

No neviem držal som sa pokinov aj navodu len Eng ja nerozumiem iba zaklady mno neviem ale z IEmi zmizol prekladač 2009 cz a nejde ani ho spustiť ale neva skusim ten log...ComboFix 09-08-10.06 - dedko 16.08.2009 21:11.2.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1029.18.767.471 [GMT 2:00]
Running from: c:\documents and settings\dedko\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090815-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-07-16 to 2009-08-16 )))))))))))))))))))))))))))))))
.

2009-08-16 17:29 . 2009-08-16 17:29 -------- d-----w- c:\docume~1\dedko\DATAAP~1\FTWeak
2009-08-16 17:29 . 2009-08-16 17:29 -------- d-----w- c:\documents and settings\All Users.WINDOWS.0\Application Data\FTWeak
2009-08-16 17:29 . 2009-08-16 17:40 -------- d-----w- c:\program files\FCleaner
2009-08-16 17:02 . 2009-08-16 17:02 -------- d-----w- c:\documents and settings\All Users.WINDOWS.0\Application Data\LangSoft
2009-08-16 16:34 . 2009-08-16 16:34 -------- d-----w- c:\program files\Trend Micro
2009-08-16 15:19 . 2009-08-16 15:19 -------- d-----w- c:\documents and settings\All Users.WINDOWS.0\Application Data\IObit
2009-08-15 19:48 . 2009-07-13 08:08 5537792 -c----w- c:\windows.0\system32\dllcache\wmp.dll
2009-08-15 09:56 . 2009-07-03 16:59 55296 -c----w- c:\windows.0\system32\dllcache\msfeedsbs.dll
2009-08-15 09:56 . 2009-07-03 16:59 246272 -c----w- c:\windows.0\system32\dllcache\ieproxy.dll
2009-08-15 09:56 . 2009-07-03 16:59 12800 -c----w- c:\windows.0\system32\dllcache\xpshims.dll
2009-08-15 09:56 . 2009-07-03 16:59 1985536 -c----w- c:\windows.0\system32\dllcache\iertutil.dll
2009-08-15 09:56 . 2009-07-03 16:59 594432 -c----w- c:\windows.0\system32\dllcache\msfeeds.dll
2009-08-15 08:02 . 2008-06-24 16:44 74240 -c----w- c:\windows.0\system32\dllcache\mscms.dll
2009-08-15 06:26 . 2009-08-15 06:26 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft
2009-08-14 23:51 . 2008-04-14 02:30 80896 -c----w- c:\windows.0\system32\dllcache\msxml6r.dll
2009-08-14 23:51 . 2008-04-14 03:21 1306624 -c----w- c:\windows.0\system32\dllcache\msxml6.dll
2009-08-14 17:18 . 2009-08-14 17:18 -------- d-----w- c:\documents and settings\All Users.WINDOWS.0\Application Data\Malwarebytes
2009-08-14 16:33 . 2008-06-14 17:35 272128 -c----w- c:\windows.0\system32\dllcache\bthport.sys
2009-08-14 16:32 . 2008-08-14 10:04 138496 -c----w- c:\windows.0\system32\dllcache\afd.sys
2009-08-14 16:32 . 2009-06-15 10:45 78336 -c----w- c:\windows.0\system32\dllcache\telnet.exe
2009-08-14 16:31 . 2009-06-10 06:16 132096 -c----w- c:\windows.0\system32\dllcache\wkssvc.dll
2009-08-14 16:31 . 2009-06-10 14:15 84992 -c----w- c:\windows.0\system32\dllcache\avifil32.dll
2009-08-14 16:30 . 2009-02-06 10:10 227840 -c----w- c:\windows.0\system32\dllcache\wmiprvse.exe
2009-08-14 16:30 . 2009-02-09 11:26 2191232 -c----w- c:\windows.0\system32\dllcache\ntoskrnl.exe
2009-08-14 16:30 . 2009-03-06 14:23 284160 -c----w- c:\windows.0\system32\dllcache\pdh.dll
2009-08-14 16:30 . 2009-02-09 11:25 111104 -c----w- c:\windows.0\system32\dllcache\services.exe
2009-08-14 16:30 . 2009-02-09 10:56 401408 -c----w- c:\windows.0\system32\dllcache\rpcss.dll
2009-08-14 16:30 . 2009-02-09 10:56 473600 -c----w- c:\windows.0\system32\dllcache\fastprox.dll
2009-08-14 16:30 . 2009-02-09 10:56 684032 -c----w- c:\windows.0\system32\dllcache\advapi32.dll
2009-08-14 16:30 . 2009-02-09 10:56 453120 -c----w- c:\windows.0\system32\dllcache\wmiprvsd.dll
2009-08-14 16:30 . 2009-02-09 10:56 709632 -c----w- c:\windows.0\system32\dllcache\ntdll.dll
2009-08-14 16:30 . 2009-02-09 11:26 2147328 -c----w- c:\windows.0\system32\dllcache\ntkrnlmp.exe
2009-08-14 16:30 . 2009-02-09 11:26 2025984 -c----w- c:\windows.0\system32\dllcache\ntkrpamp.exe
2009-08-14 16:27 . 2009-07-17 19:04 58880 -c----w- c:\windows.0\system32\dllcache\atl.dll
2009-08-14 16:26 . 2008-05-08 14:02 203136 -c----w- c:\windows.0\system32\dllcache\rmcast.sys
2009-08-14 16:26 . 2008-12-11 10:57 333952 -c----w- c:\windows.0\system32\dllcache\srv.sys
2009-08-14 16:26 . 2008-05-01 14:37 331776 -c----w- c:\windows.0\system32\dllcache\msadce.dll
2009-08-14 16:26 . 2008-04-11 19:06 691712 -c----w- c:\windows.0\system32\dllcache\inetcomm.dll
2009-08-14 16:25 . 2008-10-24 11:21 455296 -c----w- c:\windows.0\system32\dllcache\mrxsmb.sys
2009-08-14 16:24 . 2009-08-05 09:01 205312 -c----w- c:\windows.0\system32\dllcache\mswebdvd.dll
2009-08-14 16:24 . 2008-10-15 16:38 337408 -c----w- c:\windows.0\system32\dllcache\netapi32.dll
2009-08-14 16:24 . 2008-09-04 17:17 1106944 -c----w- c:\windows.0\system32\dllcache\msxml3.dll
2009-08-14 16:23 . 2009-07-10 13:28 1315328 -c----w- c:\windows.0\system32\dllcache\msoe.dll
2009-08-14 16:22 . 2008-04-21 21:15 216576 -c----w- c:\windows.0\system32\dllcache\wordpad.exe
2009-08-14 15:00 . 2009-08-14 15:00 -------- d-sh--w- c:\documents and settings\dedko\UserData
2009-08-14 14:55 . 2009-08-14 14:55 -------- d-----w- c:\documents and settings\All Users.WINDOWS.0\Application Data\Skype
2009-08-14 14:53 . 2009-08-14 14:53 -------- d-----w- c:\documents and settings\All Users.WINDOWS.0\Application Data\nView_Profiles
2009-08-14 13:03 . 2009-08-14 13:03 -------- d-----w- c:\documents and settings\All Users.WINDOWS.0\Application Data\TuneUp Software
2009-08-14 12:55 . 2008-04-14 03:20 10240 -c--a-w- c:\windows.0\system32\dllcache\tmigrate.dll
2009-08-14 12:54 . 2004-08-18 12:00 16896 -c--a-w- c:\windows.0\system32\dllcache\quser.exe
2009-08-14 12:54 . 2004-08-18 12:00 9728 -c--a-w- c:\windows.0\system32\dllcache\query.exe
2009-08-14 12:54 . 2004-08-18 12:00 6144 -c--a-w- c:\windows.0\system32\dllcache\pmxgl.dll
2009-08-14 12:54 . 2004-08-18 12:00 131584 -c--a-w- c:\windows.0\system32\dllcache\pmxviceo.dll
2009-08-14 12:54 . 2004-08-18 12:00 11264 -c--a-w- c:\windows.0\system32\dllcache\pmxmcro.dll
2009-08-14 12:54 . 2008-04-14 03:19 67584 -c--a-w- c:\windows.0\system32\dllcache\pmigrate.dll
2009-08-14 12:54 . 2008-04-13 16:43 70144 -c--a-w- c:\windows.0\system32\dllcache\pintlphr.exe
2009-08-14 12:54 . 2004-08-18 12:00 36927 -c--a-w- c:\windows.0\system32\dllcache\padrs411.dll
2009-08-14 12:54 . 2004-08-18 12:00 14336 -c--a-w- c:\windows.0\system32\dllcache\padrs412.dll
2009-08-14 12:54 . 2001-10-24 10:24 38912 -c--a-w- c:\windows.0\system32\dllcache\EXCH_ntfsdrv.dll
2009-08-14 12:54 . 2004-08-18 12:00 229439 -c--a-w- c:\windows.0\system32\dllcache\multibox.dll
2009-08-14 12:54 . 2004-08-18 12:00 98304 -c--a-w- c:\windows.0\system32\dllcache\msir3jp.dll
2009-08-14 12:54 . 2004-08-18 12:00 127488 -c--a-w- c:\windows.0\system32\dllcache\mshearts.exe
2009-08-14 12:52 . 2004-08-18 12:00 10096640 -c--a-w- c:\windows.0\system32\dllcache\hwxcht.dll
2009-08-14 12:51 . 2004-08-18 12:00 18944 -c--a-w- c:\windows.0\system32\dllcache\cprofile.exe
2009-08-14 12:50 . 2001-10-24 10:24 45056 -c--a-w- c:\windows.0\system32\dllcache\EXCH_aqadmin.dll
2009-08-14 12:50 . 2001-10-24 10:24 5632 -c--a-w- c:\windows.0\system32\dllcache\EXCH_adsiisex.dll
2009-08-14 12:50 . 2003-04-14 18:48 16384 -c--a-w- c:\windows.0\system32\dllcache\tcptsat.dll
2009-08-14 12:50 . 2003-04-14 18:48 212992 -c--a-w- c:\windows.0\system32\dllcache\fpmmcsat.dll
2009-08-14 12:49 . 2009-08-14 12:49 -------- d-----w- c:\documents and settings\Default User.WINDOWS.0\Local Settings\Application Data\Microsoft
2009-08-14 12:46 . 2004-08-18 12:00 16384 -c--a-w- c:\windows.0\system32\dllcache\isignup.exe
2009-08-14 11:49 . 2009-08-14 11:49 -------- d-----w- c:\program files\Sun
2009-08-13 15:46 . 2009-08-13 15:46 -------- d-----w- c:\docume~1\dedko\DATAAP~1\Malwarebytes
2009-08-13 15:46 . 2009-08-03 11:36 38160 ----a-w- c:\windows.0\system32\drivers\mbamswissarmy.sys
2009-08-13 15:46 . 2009-08-16 17:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-13 15:46 . 2009-08-03 11:36 19096 ----a-w- c:\windows.0\system32\drivers\mbam.sys
2009-08-13 08:14 . 2009-08-13 08:16 5874178 ----a-w- c:\windows.0\REGBK00.ZIP
2009-08-13 08:14 . 2009-08-13 08:14 -------- d---a-w- c:\windows.0\system32\runouce.exe
2009-08-13 08:12 . 2009-08-13 08:12 632064 ----a-w- c:\windows.0\system32\msvcr80.dll
2009-08-13 08:12 . 2009-08-13 08:12 554240 ----a-w- c:\windows.0\system32\msvcp80.dll
2009-08-13 08:12 . 2009-08-13 08:12 34048 ----a-w- c:\windows.0\system32\eEmpty.exe
2009-08-13 08:12 . 2008-04-14 07:52 137216 ----a-w- c:\windows.0\system32\T.COM
2009-08-13 08:12 . 2008-04-14 07:52 147968 ----a-w- c:\windows.0\R.COM
2009-08-13 08:12 . 2009-08-13 08:12 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-08-11 19:59 . 2009-08-15 10:06 -------- dc-h--w- c:\windows.0\ie8
2009-08-11 18:54 . 2001-07-26 05:54 59152 ----a-w- c:\windows.0\system32\drivers\iansw2k.sys
2009-08-11 18:54 . 2001-10-29 08:51 24778 ----a-w- c:\windows.0\system32\drivers\NMSDD.SYS
2009-08-11 18:54 . 2001-10-29 08:51 9644 ----a-w- c:\windows.0\system32\drivers\NMSCFG.SYS
2009-08-11 18:54 . 2001-10-29 08:51 147456 ----a-w- c:\windows.0\system32\NMSAPI.DLL
2009-08-11 18:54 . 2001-10-29 08:49 20480 ----a-w- c:\windows.0\system32\NMSMsg.DLL
2009-08-11 18:54 . 2001-10-29 08:51 36864 ----a-w- c:\windows.0\system32\NMSSvcPS.DLL
2009-08-11 18:54 . 2001-10-29 08:51 1077248 ----a-w- c:\windows.0\system32\NMSSvc.Exe
2009-08-11 12:50 . 2009-02-05 20:06 51376 ----a-w- c:\windows.0\system32\drivers\aswTdi.sys
2009-08-11 12:50 . 2009-02-05 20:06 23152 ----a-w- c:\windows.0\system32\drivers\aswRdr.sys
2009-08-11 12:50 . 2009-02-05 20:05 26944 ----a-w- c:\windows.0\system32\drivers\aavmker4.sys
2009-08-11 12:50 . 2009-02-05 20:04 97480 ----a-w- c:\windows.0\system32\AvastSS.scr
2009-08-11 12:50 . 2009-02-05 20:08 93296 ----a-w- c:\windows.0\system32\drivers\aswmon.sys
2009-08-11 12:50 . 2009-02-05 20:08 94032 ----a-w- c:\windows.0\system32\drivers\aswmon2.sys
2009-08-11 12:50 . 2009-02-05 20:07 114768 ----a-w- c:\windows.0\system32\drivers\aswSP.sys
2009-08-11 12:50 . 2009-02-05 20:07 20560 ----a-w- c:\windows.0\system32\drivers\aswFsBlk.sys
2009-08-11 12:49 . 2009-02-05 20:11 1256296 ----a-w- c:\windows.0\system32\aswBoot.exe
2009-08-11 12:49 . 2009-08-11 12:49 -------- d-----w- c:\program files\Alwil Software
2009-08-10 20:49 . 2009-08-10 20:49 230776 ----a-w- C:\aswclear.exe odinštalátor AVASTU.exe
2009-08-10 16:30 . 2009-02-06 12:24 93336 ----a-w- c:\windows.0\system32\drivers\epfwtdir.sys
2009-08-10 16:30 . 2009-02-06 12:23 106208 ----a-w- c:\windows.0\system32\drivers\ehdrv.sys
2009-08-10 16:30 . 2009-02-06 12:19 113448 ----a-w- c:\windows.0\system32\drivers\eamon.sys
2009-08-10 13:16 . 2009-08-10 13:16 -------- d-----w- c:\windows.0\system32\wbem\Repository
2009-08-10 07:13 . 2009-08-10 13:16 -------- d-----w- c:\program files\Windows Live Safety Center
2009-08-08 06:15 . 2009-08-14 10:14 -------- d-----w- c:\docume~1\dedko\DATAAP~1\Software Informer
2009-08-08 06:15 . 2009-08-08 06:15 -------- d-----w- c:\program files\Software Informer
2009-08-02 14:01 . 2009-08-03 07:21 -------- d-----w- c:\documents and settings\dedko\Local Settings\Application Data\WMTools Downloaded Files
2009-08-01 22:39 . 2009-08-01 22:39 -------- d-----w- c:\program files\MOBILedit!
2009-08-01 21:45 . 2009-08-01 21:45 -------- d-----w- c:\docume~1\dedko\DATAAP~1\MOBILedit
2009-07-30 17:42 . 2009-07-30 17:42 -------- d-----w- c:\program files\BSPP.2.43.Build.1008_wms
2009-07-29 18:28 . 2009-07-29 18:28 -------- d-----w- c:\docume~1\dedko\DATAAP~1\SuperMP3Download
2009-07-29 18:27 . 2009-07-29 18:31 -------- d-----w- c:\program files\SuperMp3Download
2009-07-29 04:36 . 2009-07-29 04:36 119808 -c----w- c:\windows.0\system32\dllcache\t2embed.dll
2009-07-29 04:36 . 2009-07-29 04:36 81920 -c----w- c:\windows.0\system32\dllcache\fontsub.dll
2009-07-23 16:06 . 2009-07-23 16:12 -------- d-----w- c:\docume~1\dedko\DATAAP~1\DriverCure
2009-07-21 16:35 . 2009-07-21 16:35 932 ----a-w- c:\windows.0\system32\asst03.dll
2009-07-20 10:29 . 2009-07-20 10:29 524288 ----a-w- c:\windows.0\opuc.dll
2009-07-19 18:40 . 2009-07-19 18:40 -------- d-----w- c:\documents and settings\dedko\Local Settings\Application Data\Temp
2009-07-19 16:46 . 2009-07-19 16:46 11067392 -c----w- c:\windows.0\system32\dllcache\ieframe.dll
2009-07-18 16:05 . 2009-07-19 13:16 5937152 -c----w- c:\windows.0\system32\dllcache\mshtml.dll
2009-07-18 16:05 . 2009-07-18 16:05 1510400 -c----w- c:\windows.0\system32\dllcache\shdocvw.dll
2009-07-18 09:43 . 2009-08-01 20:19 318589 ----a-w- c:\program files\rapiddz.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-16 18:55 . 2009-03-15 21:48 -------- d-----w- c:\docume~1\dedko\DATAAP~1\LangSoft
2009-08-16 18:03 . 2009-02-09 15:31 952 -csha-w- c:\windows.0\system32\KGyGaAvL.sys
2009-08-16 16:51 . 2009-03-29 21:08 -------- d-----w- c:\docume~1\dedko\DATAAP~1\Skype
2009-08-16 15:19 . 2009-02-19 21:51 -------- d-----w- c:\program files\IObit
2009-08-16 15:05 . 2009-03-15 22:39 -------- d-----w- c:\docume~1\dedko\DATAAP~1\skypePM
2009-08-15 07:46 . 2004-08-18 12:00 97188 ----a-w- c:\windows.0\system32\perfc005.dat
2009-08-15 07:46 . 2004-08-18 12:00 480502 ----a-w- c:\windows.0\system32\perfh005.dat
2009-08-15 06:45 . 2009-04-05 14:42 685816 ----a-w- c:\windows.0\system32\drivers\sptd.sys
2009-08-14 22:43 . 2009-04-07 18:47 -------- d-----w- c:\docume~1\dedko\DATAAP~1\Vso
2009-08-14 13:48 . 2009-03-16 00:14 -------- d-----w- c:\docume~1\dedko\DATAAP~1\uTorrent
2009-08-14 12:45 . 2009-02-06 16:33 23588 -c--a-w- c:\windows.0\system32\emptyregdb.dat
2009-08-14 11:45 . 2009-02-14 11:08 -------- d-----w- c:\program files\Java
2009-08-14 10:56 . 2009-05-04 10:31 -------- d-----w- c:\docume~1\dedko\DATAAP~1\vlc
2009-08-14 10:56 . 2009-04-02 15:56 -------- d-----w- c:\docume~1\dedko\DATAAP~1\dvdcss
2009-08-11 18:54 . 2008-10-30 17:51 -------- d-----w- c:\program files\Intel
2009-08-11 14:21 . 2008-10-30 17:51 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-10 19:39 . 2009-02-06 17:59 1324 ----a-w- c:\windows.0\system32\d3d9caps.dat
2009-08-10 16:28 . 2009-04-16 08:47 -------- d-----w- c:\program files\Ashampoo
2009-08-10 13:16 . 2008-12-29 00:38 -------- d-----w- c:\program files\C-Media
2009-08-10 12:02 . 2009-04-14 11:56 -------- d-----w- c:\program files\Glary Utilities Trial cz
2009-08-10 11:58 . 2009-07-16 17:21 -------- d-----w- c:\program files\Codemasters
2009-08-10 11:58 . 2009-07-14 22:43 -------- d-----w- c:\program files\CDBurnerXP
2009-08-10 11:58 . 2009-05-11 19:01 -------- d-----w- c:\program files\AC3Filter
2009-08-10 11:58 . 2009-04-17 16:27 -------- d-----w- c:\program files\USDownloader
2009-08-10 11:58 . 2009-04-07 14:08 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-08-10 11:58 . 2009-03-07 12:50 -------- d-----w- c:\program files\AGEIA Technologies
2009-08-08 16:37 . 2009-01-14 23:59 -------- d-----w- c:\program files\TuneUp Utilities 2009
2009-08-08 16:36 . 2009-02-06 16:40 603904 ----a-w- c:\windows.0\system32\TUProgSt.exe
2009-08-08 16:36 . 2009-02-06 16:40 360192 ----a-w- c:\windows.0\system32\TuneUpDefragService.exe
2009-08-08 08:04 . 2009-03-20 07:25 -------- d-----w- c:\docume~1\dedko\DATAAP~1\OfficeUpdate12
2009-08-05 09:01 . 2004-08-18 12:00 205312 ----a-w- c:\windows.0\system32\mswebdvd.dll
2009-07-30 18:51 . 2009-04-23 07:19 -------- d-----w- c:\docume~1\dedko\DATAAP~1\BSplayer PRO
2009-07-30 17:34 . 2009-04-23 12:20 -------- d-----w- c:\program files\Webteh
2009-07-29 04:36 . 2004-08-18 12:00 119808 ----a-w- c:\windows.0\system32\t2embed.dll
2009-07-29 04:36 . 2004-08-18 12:00 81920 ----a-w- c:\windows.0\system32\fontsub.dll
2009-07-25 03:23 . 2009-02-07 22:20 411368 -c--a-w- c:\windows.0\system32\deploytk.dll
2009-07-23 19:00 . 2009-06-01 13:19 -------- d-----w- c:\docume~1\dedko\DATAAP~1\Media Player Classic
2009-07-23 18:55 . 2009-06-01 13:35 14336 -c--a-w- c:\windows.0\system32\drivers\PN31Snoop.sys
2009-07-19 20:46 . 2009-06-08 21:09 -------- d-----w- c:\program files\Intel Desktop Board Audio Driver
2009-07-18 01:08 . 2009-04-07 18:47 -------- d-----w- c:\program files\VSO
2009-07-18 01:08 . 2008-12-17 00:54 -------- d-----w- c:\program files\ICQ6Toolbar
2009-07-18 01:08 . 2008-10-30 20:01 -------- d-----w- c:\program files\Microsoft Works
2009-07-17 22:02 . 2008-10-30 19:30 -------- d-----w- c:\program files\Common Files\Skype
2009-07-17 22:02 . 2008-10-30 19:30 -------- d-----r- c:\program files\Skype
2009-07-17 19:04 . 2004-08-18 12:00 58880 ----a-w- c:\windows.0\system32\atl.dll
2009-07-15 20:12 . 2009-07-15 20:12 -------- d-----w- c:\program files\Creative
2009-07-15 12:26 . 2009-07-15 12:26 -------- d-----w- c:\program files\Common Files\EZB Systems
2009-07-15 12:26 . 2009-07-15 12:26 -------- d-----w- c:\program files\UltraISO
2009-07-13 08:08 . 2004-08-18 12:00 286720 ----a-w- c:\windows.0\system32\wmpdxm.dll
2009-07-12 11:13 . 2009-07-12 11:13 -------- d--h--r- c:\docume~1\dedko\DATAAP~1\SecuROM
2009-07-12 11:13 . 2009-07-12 11:13 107888 ----a-w- c:\windows.0\system32\CmdLineExt.dll
2009-07-12 07:21 . 2009-07-12 07:21 -------- d-----w- c:\docume~1\dedko\DATAAP~1\Canneverbe_Limited
2009-07-10 17:47 . 2009-07-05 16:29 -------- d-----w- c:\docume~1\dedko\DATAAP~1\QIP
2009-07-10 16:18 . 2009-06-08 18:25 -------- d-----w- c:\program files\Záloha Driver Genius-ovladače
2009-07-05 15:47 . 2009-07-05 15:47 -------- d-----w- c:\program files\Intelore
2009-07-04 18:39 . 2009-07-04 18:39 43520 ----a-w- c:\windows.0\system32\CmdLineExt03.dll
2009-07-03 16:59 . 2004-08-18 12:00 915456 ----a-w- c:\windows.0\system32\wininet.dll
2009-07-01 13:09 . 2009-04-24 02:57 -------- d-----w- c:\docume~1\dedko\DATAAP~1\Notepad++
2009-06-29 19:31 . 2009-06-12 23:00 252440 -c--a-w- c:\windows.0\system32\PROUnstl.exe
2009-06-25 08:27 . 2004-08-18 12:00 729088 ----a-w- c:\windows.0\system32\lsasrv.dll
2009-06-25 08:27 . 2004-08-18 12:00 56832 ----a-w- c:\windows.0\system32\secur32.dll
2009-06-25 08:27 . 2004-08-18 12:00 54272 ----a-w- c:\windows.0\system32\wdigest.dll
2009-06-25 08:27 . 2004-08-18 12:00 301568 ----a-w- c:\windows.0\system32\kerberos.dll
2009-06-25 08:27 . 2004-08-18 12:00 147456 ----a-w- c:\windows.0\system32\schannel.dll
2009-06-25 08:27 . 2004-08-18 12:00 136192 ----a-w- c:\windows.0\system32\msv1_0.dll
2009-06-24 11:18 . 2004-08-18 12:00 92928 ----a-w- c:\windows.0\system32\drivers\ksecdd.sys
2009-06-24 06:24 . 2009-06-24 06:24 184320 ----a-w- c:\windows.0\system32\Ncs2Setp.dll
2009-06-24 06:15 . 2009-06-24 06:15 764536 ----a-w- c:\windows.0\system32\ncs2dmix.dll
2009-06-24 06:15 . 2009-06-24 06:15 539256 ----a-w- c:\windows.0\system32\accesor.dll
2009-06-24 05:55 . 2009-06-24 05:55 141944 ----a-w- c:\windows.0\system32\ncs2instutility.dll
2009-06-24 05:46 . 2009-06-24 05:46 1620600 ----a-w- c:\windows.0\system32\ncscolib.dll
2009-06-23 22:54 . 2009-06-23 22:54 30880 ----a-w- c:\windows.0\system32\drivers\iqvw32.sys
2009-06-19 05:57 . 2009-06-19 05:57 -------- d-----w- c:\program files\AviSynth 2.5
2009-06-15 10:45 . 2004-08-18 12:00 78336 ----a-w- c:\windows.0\system32\telnet.exe
2009-06-11 05:50 . 2009-06-29 17:38 545 ----a-w- c:\windows.0\UC.PIF
2009-06-11 05:50 . 2009-06-29 17:38 545 ----a-w- c:\windows.0\RAR.PIF
2009-06-11 05:50 . 2009-06-29 17:38 545 ----a-w- c:\windows.0\PKZIP.PIF
2009-06-11 05:50 . 2009-06-29 17:38 545 ----a-w- c:\windows.0\PKUNZIP.PIF
2009-06-11 05:50 . 2009-06-29 17:38 545 ----a-w- c:\windows.0\NOCLOSE.PIF
2009-06-11 05:50 . 2009-06-29 17:38 545 ----a-w- c:\windows.0\LHA.PIF
2009-06-11 05:50 . 2009-06-29 17:38 545 ----a-w- c:\windows.0\ARJ.PIF
2009-06-10 14:15 . 2004-08-18 12:00 84992 ----a-w- c:\windows.0\system32\avifil32.dll
2009-06-10 07:21 . 2009-02-06 16:31 2066432 ----a-w- c:\windows.0\system32\mstscax.dll
2009-06-10 06:16 . 2004-08-18 12:00 132096 ----a-w- c:\windows.0\system32\wkssvc.dll
2009-06-04 20:31 . 2009-06-04 20:31 2560 -c--a-w- c:\windows.0\_MSRSTRT.EXE
2009-06-03 19:11 . 2004-08-18 12:00 1293824 ----a-w- c:\windows.0\system32\quartz.dll
2009-05-28 10:59 . 2009-04-07 18:47 47360 -c--a-w- c:\windows.0\system32\drivers\pcouffin.sys
2009-05-28 10:59 . 2009-04-07 18:47 47360 -c--a-w- c:\docume~1\dedko\DATAAP~1\pcouffin.sys
2009-05-21 20:31 . 2009-05-21 20:31 81920 -c--a-w- c:\docume~1\dedko\DATAAP~1\ezpinst.exe
2009-04-17 16:10 . 2009-04-17 16:10 506 -csha-w- c:\program files\USDownloader.exe.manifest
2009-04-05 21:05 . 2009-04-05 21:05 2662 -c--a-w- c:\program files\Common Files\unins000.dat
2009-05-13 20:51 . 2009-05-13 20:51 23 -csha-w- c:\windows.0\system32\afdcabbadad7_z.dll
2009-04-04 10:53 . 2009-04-04 10:53 23 -csha-w- c:\windows.0\system32\decdeea_x.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-08-16_18.43.13 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-08-16 19:03 . 2009-08-16 19:03 16384 c:\windows.0\Temp\Perflib_Perfdata_2ec.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FTweakFCleaner"="c:\program files\FCleaner\FCleaner.exe" [2009-08-03 1721856]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-06-30 2329224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-02-05 81000]
"NvCplDaemon"="c:\windows.0\system32\NvCpl.dll" [2009-03-27 13684736]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Alerter"=2 (0x2)
"Browser"=3 (0x3)
"SCardSvr"=3 (0x3)
"Netlogon"=3 (0x3)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"swg"=c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
"Google Update"="c:\documents and settings\dedko\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized
"OEXPRESS"=c:\documents and settings\All Users\Application Data\LangSoft\OETRN.EXE
"uTorrent"="f:\download programy\utorrent1.8.2.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"HPDJ Taskbar Utility"=c:\windows.0\system32\spool\drivers\w32x86\3\hpztsb04.exe
"NvMediaCenter"=RUNDLL32.EXE c:\windows.0\system32\NvMcTray.dll,NvTaskbarInit
"nwiz"=nwiz.exe /install
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SoundMax"="c:\program files\Analog Devices\SoundMAX\Smax4.exe" /tray

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
"Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Alwil Software\\Avast4\\ashAvast.exe"=
"d:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\IObit\\Advanced SystemCare 3\\AWC.exe"=
"c:\\Documents and Settings\\dedko\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\dedko\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 aswSP;avast! Self Protection;c:\windows.0\system32\drivers\aswSP.sys [11.8.2009 14:50 114768]
R1 ehdrv;ehdrv;c:\windows.0\system32\drivers\ehdrv.sys [10.8.2009 18:30 106208]
R1 epfwtdir;epfwtdir;c:\windows.0\system32\drivers\epfwtdir.sys [10.8.2009 18:30 93336]
R2 aswFsBlk;aswFsBlk;c:\windows.0\system32\drivers\aswFsBlk.sys [11.8.2009 14:50 20560]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows.0\system32\TUProgSt.exe [6.2.2009 18:40 603904]
R3 PAC207;Trust WB-1400T Webcam;c:\windows.0\system32\drivers\PFC027.sys [24.2.2005 13:29 162176]
S3 Asushwio;Asushwio;c:\windows.0\system32\drivers\ASUSHWIO.SYS [16.3.2009 0:30 5824]
S4 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [17.12.2008 2:54 222456]
S4 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [16.8.2009 17:19 307472]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - NMSCFG

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows.0\system32\rundll32.exe" "c:\windows.0\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-16 c:\windows.0\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]

2009-08-01 c:\windows.0\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-08-16 c:\windows.0\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-08-16 13:35]

2009-08-16 c:\windows.0\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities Trial cz\initialize.exe [2009-04-14 08:30]

2009-08-15 c:\windows.0\Tasks\GlaryOneClickOptimizer.job
- c:\program files\Glary Utilities Trial cz\oneclickoptimizer.exe [2009-04-14 08:30]

2009-08-14 c:\windows.0\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1801674531-725345543-1006Core.job
- c:\documents and settings\dedko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-19 18:39]

2009-08-16 c:\windows.0\Tasks\GoogleUpdateTaskUserS-1-5-21-2025429265-1801674531-725345543-1006UA.job
- c:\documents and settings\dedko\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-07-19 18:39]

2009-08-16 c:\windows.0\Tasks\User_Feed_Synchronization-{722EEE3D-9441-4A0F-821D-7BA9DBF54477}.job
- c:\windows.0\system32\msfeedssync.exe [2007-08-13 02:31]

2009-08-16 c:\windows.0\Tasks\User_Feed_Synchronization-{D79A00E9-A983-40FC-B53B-F41F8684483D}.job
- c:\windows.0\system32\msfeedssync.exe [2007-08-13 02:31]

2009-08-16 c:\windows.0\Tasks\Úklid 1 kliknutím.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 20:36]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Trusted Zone: ifortuna.sk\www
Trusted Zone: microsoft.com\office
Trusted Zone: microsoft.com\support
Trusted Zone: microsoft.com\windowsupdate
FF - ProfilePath - c:\docume~1\dedko\DATAAP~1\Mozilla\Firefox\Profiles\znip79ru.default\
FF - prefs.js: browser.startup.homepage - hxxp://start.qip.ru
FF - prefs.js: browser.search.selectedEngine - QIP Search
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresult ... default&q=
FF - prefs.js: browser.startup.homepage - hxxp://start.qip.ru
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - prefs.js: keyword.URL - hxxp://www.ask.com/web?&o=13795&l=dis&q=
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresult ... default&q=
FF - prefs.js: keyword.URL - hxxp://search.speedbit.com/searchresult ... default&q=
FF - prefs.js: browser.startup.homepage - hxxp://start.qip.ru
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows.0\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 16000
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - fales
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autoFill - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.maxtextrun - 4095
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: dom.disable_window_status_change - true
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: browser.blink_allowed - true
FF - user.js: network.prefetch-next - true
FF - user.js: layout.spellcheckDefault - 1
FF - user.js: browser.search.openintab - false
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.opentabfor.middleclick - true
FF - user.js: browser.tabs.tabMinWidth - 100
FF - user.js: browser.urlbar.hideGoButton - false
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-16 21:24
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2025429265-1801674531-725345543-1006\Software\SecuROM\License information*]
"datasecu"=hex:65,b0,90,35,5b,35,d3,53,d2,58,ab,fc,59,8a,2b,94,09,0b,94,7e,76,
2f,0f,3f,e9,dc,b3,62,cc,eb,ee,2f,77,d1,d9,fa,02,10,90,10,02,52,0d,85,69,9f,\
"rkeysecu"=hex:8f,57,c3,2a,26,0b,7f,b0,a2,a9,b0,38,f8,20,1a,c6
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1856)
c:\windows.0\system32\webcheck.dll
.
Completion time: 2009-08-16 21:28
ComboFix-quarantined-files.txt 2009-08-16 19:28
ComboFix2.txt 2009-08-16 18:46

Pre-Run: Volných bajtů: 20 603 043 840
Post-Run: Volných bajtů: 20 551 811 072

Current=4 Default=4 Failed=0 LastKnownGood=8 Sets=1,2,3,4,5,6,7,8
456 --- E O F --- 2009-08-15 19:54

[dedko58]

Damned asi ono to ten Qip??? ja sa toho neviem zbaviť!!!!

[Damned]

Já teď na chvíli musím odejít. Potom se dám další pokyny.