Samovolně se spouštěcí instalace

MaxDamageCZ · Příspěvekod **MaxDamageCZ** » 19 říj 2009 18:06

Ahoj, mám menší problém. Vždy při spuštění windows, někdy i během práce mi naskočí samovolná instalace jakéhosi programu, co si říka scan. Konfiguruje se mi windows installer, ale pak mi to řekne, že nemám cd. Když dám storno, zase se to asi minutu stornuje. Dále se mi zdá, že je pc pomalejší než obvykle. Prosím tedy o kontrolu logu, případně pročištění PC. Log vypadá takto:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:06:08 odp., on 19.10.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\COMODO\livePCsupport\ELPS.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Marek\Plocha\Moje soubory\Složka nejvyšší nouze\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: HopSurf toolbar - {E9FAB13D-4600-49E1-90D1-EE961C859D39} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [COMODO livePCsupport] C:\Program Files\COMODO\livePCsupport\ELPS.exe
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: HopSurf - {ED98F8D1-09AC-4107-B2FF-91DBE011B0C5} - C:\Program Files\Comodo\HopSurfToolbar\HopSurfToolbar_IE.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate1ca18e6298cdd6) (gupdate1ca18e6298cdd6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: Služba SMART Board (SMART Board Service) - SMART Technologies Inc. - C:\Program Files\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 6155 bytes

Reklama

pitimir · Příspěvekod **pitimir** » 19 říj 2009 18:41

Nazdar, screenshot by sa nenasiel?

1) Stiahni DDS. Uloz na plochu, ukonci vsetky spustene programy a spust ho. Po skonceni scanu sa otvoria vysledky v 2 oknach - DDS.txt a Attach.txt. Obsah oboch by som rad videl.

2) Stiahni RootRepeal. Spustis program, kliknes na "Report" -> "Scan" a zafajknes vsetky polozky. Stlac "OK" a spusti sa scan. Po jeho dokonceni klik na "Save Report" a vzniknuty log skopiruj sem.

Btw, co mazes v MbAMe?

MaxDamageCZ · Příspěvekod **MaxDamageCZ** » 20 říj 2009 16:51

Ahoj screen by se našel,

V MBAMU jsem dělal scan, vložím log. No a logy z těch 2 programů taky hned dodám

MaxDamageCZ · Příspěvekod **MaxDamageCZ** » 20 říj 2009 17:00

Attach:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-13.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 3.7.2006 17:01:32
System Uptime: 20.10.2009 16:44:09 (0 hours ago)

Motherboard: Gigabyte Technology Co., Ltd. | | GA-K8NF9 Ultra
Processor: AMD Athlon(tm) 64 Processor 3000+ | Socket 939 | 1809/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 113,726 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is CDROM ()
G: is CDROM ()
H: is CDROM ()
I: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

1500
1500_Help
1500Trb
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop Elements 2.0
Adobe Reader 6.0
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced SystemCare 3
AiO_Scan
AiOSoftware
Aktualizace systému Windows Internet Explorer 8 (KB969497)
Aktualizace systému Windows XP (KB951072-v2)
Aktualizace systému Windows XP (KB951978)
Aktualizace systému Windows XP (KB955839)
Aktualizace systému Windows XP (KB967715)
Aktualizace systému Windows XP (KB968389)
Aktualizace systému Windows XP (KB973815)
Aktualizace zabezpečení aplikace Windows Media Player (KB911564)
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)
Aktualizace zabezpečení aplikace Windows Media Player (KB968816)
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)
Aktualizace zabezpečení aplikace Windows Media Player 10 (KB911565)
Aktualizace zabezpečení aplikace Windows Media Player 10 (KB917734)
Aktualizace zabezpečení aplikace Windows Media Player 10 (KB936782)
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB936782)
Aktualizace zabezpečení aplikace Windows Media Player 11 (KB954154)
Aktualizace zabezpečení aplikace Windows Media Player 6.4 (KB925398)
Aktualizace zabezpečení produktu Windows XP (KB923689)
Aktualizace zabezpečení produktu Windows XP (KB941569)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB928090)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB929969)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB931768)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB933566)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB937143)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB938127)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB939653)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB942615)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB944533)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB950759)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB953838)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB956390)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB958215)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB960714)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB961260)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB963027)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB969897)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB972260)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB974455)
Aktualizace zabezpečení systému Windows XP (KB913433)
Aktualizace zabezpečení systému Windows XP (KB923561)
Aktualizace zabezpečení systému Windows XP (KB938464)
Aktualizace zabezpečení systému Windows XP (KB946648)
Aktualizace zabezpečení systému Windows XP (KB950760)
Aktualizace zabezpečení systému Windows XP (KB950762)
Aktualizace zabezpečení systému Windows XP (KB950974)
Aktualizace zabezpečení systému Windows XP (KB951066)
Aktualizace zabezpečení systému Windows XP (KB951376-v2)
Aktualizace zabezpečení systému Windows XP (KB951376)
Aktualizace zabezpečení systému Windows XP (KB951698)
Aktualizace zabezpečení systému Windows XP (KB951748)
Aktualizace zabezpečení systému Windows XP (KB952004)
Aktualizace zabezpečení systému Windows XP (KB952954)
Aktualizace zabezpečení systému Windows XP (KB953839)
Aktualizace zabezpečení systému Windows XP (KB954211)
Aktualizace zabezpečení systému Windows XP (KB954459)
Aktualizace zabezpečení systému Windows XP (KB954600)
Aktualizace zabezpečení systému Windows XP (KB955069)
Aktualizace zabezpečení systému Windows XP (KB956391)
Aktualizace zabezpečení systému Windows XP (KB956572)
Aktualizace zabezpečení systému Windows XP (KB956744)
Aktualizace zabezpečení systému Windows XP (KB956802)
Aktualizace zabezpečení systému Windows XP (KB956803)
Aktualizace zabezpečení systému Windows XP (KB956841)
Aktualizace zabezpečení systému Windows XP (KB956844)
Aktualizace zabezpečení systému Windows XP (KB957095)
Aktualizace zabezpečení systému Windows XP (KB957097)
Aktualizace zabezpečení systému Windows XP (KB958644)
Aktualizace zabezpečení systému Windows XP (KB958687)
Aktualizace zabezpečení systému Windows XP (KB958690)
Aktualizace zabezpečení systému Windows XP (KB958869)
Aktualizace zabezpečení systému Windows XP (KB959426)
Aktualizace zabezpečení systému Windows XP (KB960225)
Aktualizace zabezpečení systému Windows XP (KB960715)
Aktualizace zabezpečení systému Windows XP (KB960803)
Aktualizace zabezpečení systému Windows XP (KB960859)
Aktualizace zabezpečení systému Windows XP (KB961371)
Aktualizace zabezpečení systému Windows XP (KB961373)
Aktualizace zabezpečení systému Windows XP (KB961501)
Aktualizace zabezpečení systému Windows XP (KB968537)
Aktualizace zabezpečení systému Windows XP (KB969059)
Aktualizace zabezpečení systému Windows XP (KB969898)
Aktualizace zabezpečení systému Windows XP (KB970238)
Aktualizace zabezpečení systému Windows XP (KB971486)
Aktualizace zabezpečení systému Windows XP (KB971557)
Aktualizace zabezpečení systému Windows XP (KB971633)
Aktualizace zabezpečení systému Windows XP (KB971657)
Aktualizace zabezpečení systému Windows XP (KB973346)
Aktualizace zabezpečení systému Windows XP (KB973354)
Aktualizace zabezpečení systému Windows XP (KB973507)
Aktualizace zabezpečení systému Windows XP (KB973525)
Aktualizace zabezpečení systému Windows XP (KB973869)
Aktualizace zabezpečení systému Windows XP (KB974112)
Aktualizace zabezpečení systému Windows XP (KB974571)
Aktualizace zabezpečení systému Windows XP (KB975025)
Aktualizace zabezpečení systému Windows XP (KB975467)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ardamax Keylogger 2.8
ASIO4ALL
aspi
AutoUpdate
Avanquest update
Bink and Smacker
BufferChm
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities PhotoStitch
Canon Utilities ZoomBrowser EX
Castle Strike
CCleaner (remove only)
CCScore
CCHelp
Comodo HopSurf
COMODO Internet Security
COMODO livePCsupport 1.0.65302.27
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
CR2
Crawler Toolbar with Web Security Guard
CueTour
CustomerResearchQFolder
Důležitá aktualizace aplikace Windows Media Player 11 (KB959772)
Destinations
DeviceFunctionQFolder
DeviceManagementQFolder
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
DocProc
DocumentViewer
DocumentViewerQFolder
Domácí násilí - Game Over
Dr. DivX 2.0 OSS
DyynoPlayer 0.8.6f.2
EA SPORTS online 2005
EAX4 Unified Redist
ESET NOD32 Antivirus
ESSAdpt
ESSANUP
ESSBrwr
ESSCAM
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSTUTOR
ESSvpaht
ESSvpot
eSupportQFolder
Fax
FIFA 2005
FL Studio 7
free-downloads.net Toolbar
FullDPAppQFolder
Game Booster
GameSpy Arcade
GMail Drive Shell Extension
Google Earth
Google Chrome
Google Talk Plugin
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Google Update Helper
GTA San Andreas
Hamachi 1.0.2.5
Hidden & Dangerous 2
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB954550-v5)
HP Document Viewer 5.3
HP Extended Capabilities 5.3
HP Image Zone 5.3
HP Image Zone Express
HP Imaging Device Functions 5.3
HP Product Assistant
HP PSC & OfficeJet 5.3.B
HP Solution Center & Imaging Support Tools 5.3
HP Update
HPProductAssistant
HTML editor Yugie (shareware) verze 4.3
HyperCam 2
I-Učebnice odinstalace
ICQ6.5
IL Download Manager
Image Resizer Powertoy for Windows XP
InstantShareDevices
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Jasc Paint Shop Pro 9
Java(TM) 6 Update 15
Java(TM) 6 Update 5
Java(TM) SE Runtime Environment 6 Update 1
Kobra 11 Nitro
Kodak EasyShare software
KSU
MAGIX music maker 11 demo (US)
Malwarebytes' Anti-Malware
MarketResearch
Medal of Honor Airborne
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Czech Language Pack
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Language Pack - CSY
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft XML Parser
MobileMe Control Panel
Mozilla Firefox (3.5.3)
MS SAPI4.0 Runtime (SpeechTech)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
muveeNow 2.1
MV2Player (remove only)
Nero Suite
NewCopy
NextUp Talker
Notifier
NVIDIA Drivers
NVIDIA nTune
NVIDIA PhysX v8.09.04
NvMixer
Nvu 1.0
Šachy 2002
Okoker DVD Ripper 1.5
OpenOffice.org 2.2
Opera 10.00
Oprava hotfix aplikace Windows Media Player 11 (KB939683)
Oprava Hotfix systému Windows Internet Explorer 7 (KB947864)
Oprava Hotfix systému Windows XP (KB952287)
Oprava Hotfix systému Windows XP (KB961118)
Oprava Hotfix systému Windows XP (KB970653-v3)
OTtBP
PanoStandAlone
PCDLNCH
PDF Settings
Peter Jackson's King Kong - The Official Game of the Movie
PhotoGallery
Picasa 3
Prevx 3.0
ProductContext
QuickTime
RandMap
Readme
Realtek AC'97 Audio
Registry Mechanic 8.0
Revo Uninstaller 1.83
RichFX Player
Scan
ScannerCopy
Security Task Manager 1.7h
SFR
SFR2
Shuangs Audio Editor 2.1
SkinsHP1
Skype™ 3.8
SMART Board Software
Smart Defrag 1.20
SMART Essentials for Educators
Smarty Uninstaller Pro
SolutionCenter
Some PDF to Word Converter 1.0
Sonic_PrimoSDK
Sony Ericsson PC Suite
Sony USB Driver
SpeechTech SAPI TTS engine
Spyware Terminator
Sqirlz Morph
Star Downloader Free
Status
Stykz 1.0 for Windows (RC 1)
SUPERAntiSpyware Free Edition
System Requirements Lab
TeamSpeak 2 RC2
The KMPlayer (remove only)
Total Commander (Remove or Repair)
Total Video Converter 3.50
TrayApp
TS Vlastivěda 1 (doporučená instalace)
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VC 9.0 Runtime
VDMSound 2.0.4
VeryPDF PDF2Word v3.0
Video DVD Maker Free v2.4.0.16
Vuze Toolbar
Warp
WebFldrs XP
WebReg
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
WinRAR
World of Warcraft
World Racing 2 Demo
wxDownload Fast 0.6.0
XnView 1.96.2

==== End Of File ===========================

DDS:

DDS (Ver_09-10-13.01) - NTFSx86
Run by Marek at 16:57:27,09 on Łt 20.10.2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_15
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.363 [GMT 2:00]

AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\COMODO\livePCsupport\ELPS.exe
C:\Program Files\HTV\HTV.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Marek\Plocha\dds.pif

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mURLSearchHooks: H - No File
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\toolbar\ctbr.dll
TB: &Crawler lišta: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\toolbar\ctbr.dll
TB: HopSurf toolbar: {e9fab13d-4600-49e1-90d1-ee961c859d39} - c:\program files\comodo\hopsurftoolbar\HopSurfToolbar_IE.dll
TB: {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [Advanced SystemCare 3] "c:\program files\iobit\advanced systemcare 3\AWC.exe" /startup
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [SpywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [SpywareTerminator] "c:\program files\spyware terminator\SpywareTerminatorShield.exe"
mRun: [COMODO livePCsupport] c:\program files\comodo\livepcsupport\ELPS.exe
mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h
mRun: [HTV Agent] c:\program files\htv\HTV.exe
IE: Crawler Search - tbr:iemenu
IE: {ED98F8D1-09AC-4107-B2FF-91DBE011B0C5} - {6BBCFF8E-D837-4DA4-9141-1F645B34A179} - c:\program files\comodo\hopsurftoolbar\HopSurfToolbar_IE.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
DPF: {D27CDB6E-CE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\crawler\toolbar\ctbr.dll
AppInit_DLLs: c:\windows\system32\guard32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SEH: {4F07DA45-8170-4859-9B5F-037EF2970034} - No File

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\marek\dataap~1\mozilla\firefox\profiles\j2ggv3xx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatche ... 60347&qkw=
FF - component: c:\program files\comodo\hopsurftoolbar\hopsurfext_ff3_5\components\hopsurf.dll
FF - component: c:\program files\crawler\toolbar\firefox\components\xcomm.dll
FF - component: c:\program files\crawler\toolbar\firefox\components\xshared.dll
FF - component: c:\program files\crawler\toolbar\firefox\components\xsupport.dll
FF - component: c:\program files\crawler\toolbar\firefox\components\xwsg.dll
FF - plugin: c:\documents and settings\marek\data aplikacă\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\marek\local settings\data aplikacă\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\dyyno\dyyno player\npvlc.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.jit.chrome", false);
c:\program files\mozilla firefox\greprefs\all.js - pref("security.checkloaduri", true);
c:\program files\mozilla firefox\greprefs\all.js - pref("bidi.characterset", 1);
c:\program files\mozilla firefox\defaults\pref\channel-prefs.js - pref("app.update.channel", "release");
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");

============= SERVICES / DRIVERS ===============

R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [2009-10-17 22024]
R0 pxsec;pxsec;c:\windows\system32\drivers\pxsec.sys [2009-10-17 27656]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [2009-2-3 63096]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [2009-10-18 132296]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2009-10-18 25160]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-5-14 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-5-14 94360]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-9-15 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-9-15 74480]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-10-18 142592]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2009-5-14 731840]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-9-25 38224]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-9-15 7408]
S2 gupdate1ca18e6298cdd6;Google Update Service (gupdate1ca18e6298cdd6);c:\program files\google\update\GoogleUpdate.exe [2009-8-9 133104]
S3 axskbus;axskbus;c:\windows\system32\drivers\axskbus.sys --> c:\windows\system32\drivers\axskbus.sys [?]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2008-2-20 13352]
S3 M1000Srv;M5603C USB2.0 Camera Driver;c:\windows\system32\drivers\m1000knt.sys --> c:\windows\system32\drivers\M1000KNT.sys [?]
S4 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-10-5 234888]
S4 BackWeb Plug-in - 7681197;F-Secure Automatic Update;c:\progra~1\f-secure\backweb\7681197\program\servic~1.exe --> c:\progra~1\f-secure\backweb\7681197\program\SERVIC~1.EXE [?]
S4 CSIScanner;CSIScanner;c:\program files\prevx\prevx.exe [2009-10-17 4368952]
S4 SMART Web Server;SMART Web Server;c:\program files\smart technologies inc\smart board software\WebServer.exe [2007-4-19 759312]

=============== Created Last 30 ================

2009-10-20 16:53 <DIR> --d-h--- c:\windows\PIF
2009-10-19 19:20 <DIR> --d----- c:\program files\HTV
2009-10-19 17:37 <DIR> a-d----- c:\windows\rundll16.exe
2009-10-19 17:37 <DIR> a-d----- c:\windows\logo1_.exe
2009-10-19 16:42 <DIR> --d----- c:\program files\WinClamAVShield
2009-10-18 21:19 <DIR> --d----- c:\docume~1\marek\dataap~1\Comodo
2009-10-18 21:01 <DIR> -cd----- c:\docume~1\alluse~1\dataap~1\Comodo
2009-10-18 21:01 179,792 a------- c:\windows\system32\guard32.dll
2009-10-18 21:01 132,296 a------- c:\windows\system32\drivers\cmdguard.sys
2009-10-18 21:01 25,160 a------- c:\windows\system32\drivers\cmdhlp.sys
2009-10-18 21:00 <DIR> --d----- c:\program files\COMODO
2009-10-18 20:59 381 a------- c:\windows\system32\BIN_STRSBW.SPT
2009-10-18 20:17 <DIR> --d----- c:\program files\Crawler
2009-10-18 20:17 142,592 a------- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-10-18 20:17 <DIR> --d----- c:\docume~1\marek\dataap~1\Spyware Terminator
2009-10-18 20:17 <DIR> -cd----- c:\docume~1\alluse~1\dataap~1\Spyware Terminator
2009-10-18 20:17 <DIR> --d----- c:\program files\Spyware Terminator
2009-10-18 09:35 <DIR> a-d----- c:\windows\VDLL.DLL
2009-10-18 09:35 <DIR> a-d----- c:\windows\system32\runouce.exe
2009-10-18 09:35 <DIR> a-d----- c:\windows\RUNDL132.EXE
2009-10-18 09:35 <DIR> a-d----- c:\windows\logo_1.exe
2009-10-18 09:33 54 a------- c:\windows\Lic.xxx
2009-10-18 09:33 626,688 a------- c:\windows\system32\msvcr80.dll
2009-10-18 09:33 548,864 a------- c:\windows\system32\msvcp80.dll
2009-10-18 09:33 28,672 a------- c:\windows\system32\eEmpty.exe
2009-10-18 09:33 147,968 a------- c:\windows\REGEDIT.COM
2009-10-18 09:33 147,968 a------- c:\windows\R.COM
2009-10-18 09:33 137,216 a------- c:\windows\system32\TASKMGR.COM
2009-10-18 09:33 137,216 a------- c:\windows\system32\T.COM
2009-10-18 09:33 <DIR> --d----- c:\program files\common files\MicroWorld
2009-10-18 09:33 <DIR> -cd----- c:\docume~1\alluse~1\dataap~1\MicroWorld
2009-10-18 09:29 <DIR> -cds---- C:\ComboFix
2009-10-17 20:54 27,656 a------- c:\windows\system32\drivers\pxsec.sys
2009-10-17 20:54 22,024 a------- c:\windows\system32\drivers\pxscan.sys
2009-10-17 20:54 <DIR> --d----- c:\program files\Prevx
2009-10-17 20:54 <DIR> -cd----- c:\docume~1\alluse~1\dataap~1\PrevxCSI
2009-10-17 19:22 <DIR> --d----- c:\program files\Conduit
2009-10-17 19:22 <DIR> --d----- c:\program files\free-downloads.net
2009-10-11 18:39 101,888 ac------ c:\windows\system32\dllcache\adpu160m.sys
2009-10-11 18:39 46,112 ac------ c:\windows\system32\dllcache\adptsf50.sys
2009-10-11 18:39 10,880 ac------ c:\windows\system32\dllcache\admjoy.sys
2009-10-11 18:39 747,392 ac------ c:\windows\system32\dllcache\adm8830.sys
2009-10-11 18:39 553,984 ac------ c:\windows\system32\dllcache\adm8820.sys
2009-10-11 18:39 584,448 ac------ c:\windows\system32\dllcache\adm8810.sys
2009-10-11 18:37 66,048 ac------ c:\windows\system32\dllcache\s3legacy.dll
2009-10-10 13:50 <DIR> --d----- c:\docume~1\marek\dataap~1\cmw
2009-10-10 13:03 <DIR> -cd----- C:\iPod Photo Cache
2009-10-05 19:22 4,212 a---h--- c:\windows\system32\zllictbl.dat
2009-10-05 19:22 <DIR> --d----- c:\program files\Zone Labs
2009-10-05 19:21 <DIR> --d----- c:\windows\Internet Logs
2009-10-05 19:11 <DIR> --d----- c:\program files\JockerSoft
2009-10-05 17:15 <DIR> -cd----- c:\docume~1\alluse~1\dataap~1\Azureus
2009-10-05 17:15 <DIR> --d----- c:\docume~1\marek\dataap~1\Azureus
2009-10-05 17:14 <DIR> --d----- c:\program files\Vuze
2009-10-05 17:14 <DIR> --d----- c:\program files\AskBarDis
2009-10-05 17:04 <DIR> --d----- c:\program files\BitLord
2009-10-04 19:50 <DIR> --d----- c:\program files\wxDownload Fast
2009-10-04 19:33 <DIR> -cd----- C:\Downloads
2009-10-04 18:56 <DIR> --d----- c:\docume~1\marek\dataap~1\uTorrent
2009-10-04 18:15 <DIR> --d----- c:\program files\Star Downloader
2009-10-02 17:51 <DIR> --d----- c:\program files\Avanquest update
2009-10-02 11:33 <DIR> --d----- c:\program files\Total Video Converter
2009-10-02 07:37 215,920 a------- c:\windows\system32\muweb.dll
2009-10-01 12:57 <DIR> --d----- c:\docume~1\marek\dataap~1\IObit
2009-10-01 12:53 <DIR> --d----- c:\program files\IObit
2009-10-01 12:52 65,928 a---h--- c:\windows\system32\mlfcache.dat
2009-09-30 13:59 <DIR> --d----- c:\program files\iPod
2009-09-30 13:58 <DIR> --d----- c:\program files\iTunes
2009-09-30 13:24 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-09-30 13:24 26,600 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-30 08:42 <DIR> -cd----- c:\docume~1\alluse~1\dataap~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-30 08:39 2,065,696 a------- c:\windows\system32\usbaaplrc.dll
2009-09-30 08:39 40,448 a------- c:\windows\system32\drivers\usbaapl.sys
2009-09-28 18:59 640 ac------ C:\settings.dat
2009-09-26 21:18 4,484 a------- c:\windows\system32\drivers\cpuidlep.sys
2009-09-26 19:59 5,248 a------- c:\windows\system32\drivers\giveio.sys
2009-09-26 15:24 <DIR> --d----- c:\program files\Sunbelt Software
2009-09-26 12:22 <DIR> --d----- c:\documents and settings\marek\DoctorWeb
2009-09-25 14:11 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-25 14:11 19,160 a------- c:\windows\system32\drivers\mbam.sys
2009-09-25 14:11 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-09-23 16:25 <DIR> -cd----- c:\docume~1\alluse~1\dataap~1\Symantec
2009-09-23 16:25 <DIR> -cd----- c:\docume~1\alluse~1\dataap~1\Norton
2009-09-23 16:25 <DIR> -cd----- c:\docume~1\alluse~1\dataap~1\NortonInstaller
2009-09-23 16:23 <DIR> --d----- c:\windows\system32\Adobe
2009-09-23 16:02 <DIR> --d----- c:\program files\Warp

==================== Find3M ====================

2009-10-18 20:22 457,400 a------- c:\windows\system32\perfh005.dat
2009-10-18 20:22 90,996 a------- c:\windows\system32\perfc005.dat
2009-09-18 19:23 12 a------- c:\documents and settings\marek\USERDATA.DAT
2009-09-11 16:19 136,192 a------- c:\windows\system32\msv1_0.dll
2009-09-04 23:05 58,880 a------- c:\windows\system32\msasn1.dll
2009-09-01 16:34 160,285 a------- c:\windows\Sqirlz Morph Uninstaller.exe
2009-08-29 09:58 916,480 -------- c:\windows\system32\wininet.dll
2009-08-26 10:02 247,326 a------- c:\windows\system32\strmdll.dll
2009-08-06 19:23 274,288 a------- c:\windows\system32\mucltui.dll
2009-08-05 11:01 205,312 a------- c:\windows\system32\mswebdvd.dll
2009-08-04 22:59 2,191,360 -------- c:\windows\system32\ntoskrnl.exe
2009-08-04 19:52 1,193,832 a------- c:\windows\system32\FM20.DLL
2009-08-04 19:29 2,068,224 -------- c:\windows\system32\ntkrnlpa.exe
2009-07-28 17:30 118,842 -----r-- c:\windows\bwUnin-6.3.2.116-7681197L.exe
2009-07-25 05:23 411,368 a------- c:\windows\system32\deploytk.dll
2008-05-28 10:40 22,328 a------- c:\docume~1\marek\dataap~1\PnkBstrK.sys
2007-05-19 13:56 17,337 a------- c:\docume~1\marek\dataap~1\Pamela_Crash_464EE5FF.zip
2007-05-08 17:19 41,004 a------- c:\docume~1\marek\dataap~1\Pamela_Crash_464094F9.zip
2007-04-26 16:10 284 a------- c:\docume~1\marek\dataap~1\ViewerApp.dat
2004-08-23 23:38 3,371 a------- c:\program files\!!!readme.txt
2004-08-23 21:08 83,968 ac------ c:\program files\NB_NB_2_12_37.xls
2008-05-31 19:22 32,768 ac-sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008053120080601\index.dat

============= FINISH: 16:59:10,65 ===============

MaxDamageCZ · Příspěvekod **MaxDamageCZ** » 20 říj 2009 17:05

MBAM:

Malwarebytes' Anti-Malware 1.41
Verze databáze: 2857
Windows 5.1.2600 Service Pack 3

20.10.2009 17:04:56
mbam-log-2009-10-20 (17-04-48).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 124236
Uplynulý čas: 11 minute(s), 12 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 1
Infikované soubory: 3

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
C:\Documents and Settings\All Users\Nabídka Start\Programy\Ardamax Keylogger (PUP.ArdamaxKeyLogger) -> No action taken.

Infikované soubory:
C:\Documents and Settings\All Users\Nabídka Start\Programy\Ardamax Keylogger\Ardamax Keylogger.lnk (PUP.ArdamaxKeyLogger) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Ardamax Keylogger\Help.lnk (PUP.ArdamaxKeyLogger) -> No action taken.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Ardamax Keylogger\Log Viewer.lnk (PUP.ArdamaxKeyLogger) -> No action taken.

MaxDamageCZ · Příspěvekod **MaxDamageCZ** » 20 říj 2009 17:20

ROOTREPEAL (c) AD, 2007-2009
==================================================
Scan Start Time: 2009/10/20 16:58
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================

Drivers
-------------------
Name: PCI_PNP8434
Image Path: \Driver\PCI_PNP8434
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB4051000 Size: 49152 File Visible: No Signed: -
Status: -

Name: splp.sys
Image Path: splp.sys
Address: 0xF7285000 Size: 1052672 File Visible: No Signed: -
Status: -

Name: sptd
Image Path: \Driver\sptd
Address: 0x00000000 Size: 0 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\hiberfil.sys
Status: Locked to the Windows API!

Path: c:\documents and settings\marek\data aplikací\superantispyware.com\superantispyware\applogs\superantispyware-10-20-2009( 13-56-48 ).sdb
Status: Allocation size mismatch (API: 8192, Raw: 16384)

Path: C:\Documents and Settings\Marek\Local Settings\Temporary Internet Files\Content.IE5\68EF8KAO\GetGoogleInfoCU[1].txt
Status: Visible to the Windows API, but not on disk.

Path: C:\Documents and Settings\Marek\Local Settings\Temporary Internet Files\Content.IE5\I3D38IZM\GetGoogleInfoCU[2].txt
Status: Invisible to the Windows API!

Path: c:\documents and settings\marek\data aplikací\mozilla\firefox\profiles\j2ggv3xx.default\sessionstore.js
Status: Size mismatch (API: 34155, Raw: 34302)

Path: C:\Documents and Settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\j2ggv3xx.default\bookmarkbackups\bookmarks-2009-09-06.json
Status: Visible to the Windows API, but not on disk.

SSDT
-------------------
#: 011 Function Name: NtAdjustPrivilegesToken
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf1d46

#: 019 Function Name: NtAssignProcessToJobObject
Status: Hooked by "<unknown>" at address 0x863018a0

#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xeb8e288e

#: 031 Function Name: NtConnectPort
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf1250

#: 037 Function Name: NtCreateFile
Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xeb8e20ec

#: 041 Function Name: NtCreateKey
Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xeb8e1dce

#: 046 Function Name: NtCreatePort
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf1132

#: 050 Function Name: NtCreateSection
Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xeb8e3938

#: 052 Function Name: NtCreateSymbolicLinkObject
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf352c

#: 053 Function Name: NtCreateThread
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf0cf8

#: 063 Function Name: NtDeleteKey
Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xeb8e1ed8

#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xeb8e1fc2

#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf0a5a

#: 071 Function Name: NtEnumerateKey
Status: Hooked by "splp.sys" at address 0xf72a4ca4

#: 073 Function Name: NtEnumerateValueKey
Status: Hooked by "splp.sys" at address 0xf72a5032

#: 097 Function Name: NtLoadDriver
Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xeb8e2bbc

#: 105 Function Name: NtMakeTemporaryObject
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf14d4

#: 116 Function Name: NtOpenFile
Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xeb8e23f4

#: 119 Function Name: NtOpenKey
Status: Hooked by "splp.sys" at address 0xf72860c0

#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0x86300cb0

#: 125 Function Name: NtOpenSection
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf1764

#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0x863010d0

#: 160 Function Name: NtQueryKey
Status: Hooked by "splp.sys" at address 0xf72a510a

#: 177 Function Name: NtQueryValueKey
Status: Hooked by "splp.sys" at address 0xf72a4f8a

#: 192 Function Name: NtRenameKey
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf2688

#: 200 Function Name: NtRequestWaitReplyPort
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf29f0

#: 210 Function Name: NtSecureConnectPort
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf2c72

#: 224 Function Name: NtSetInformationFile
Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xeb8e2526

#: 240 Function Name: NtSetSystemInformation
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf3084

#: 247 Function Name: NtSetValueKey
Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xeb8e1bfc

#: 249 Function Name: NtShutdownSystem
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf146e

#: 253 Function Name: NtSuspendProcess
Status: Hooked by "<unknown>" at address 0x863016d0

#: 254 Function Name: NtSuspendThread
Status: Hooked by "<unknown>" at address 0x863014f0

#: 255 Function Name: NtSystemDebugControl
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf1658

#: 257 Function Name: NtTerminateProcess
Status: Hooked by "C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys" at address 0xeb8c50b0

#: 258 Function Name: NtTerminateThread
Status: Hooked by "<unknown>" at address 0x86301310

#: 274 Function Name: NtWriteFile
Status: Hooked by "C:\WINDOWS\system32\drivers\sp_rsdrv2.sys" at address 0xeb8e270c

Stealth Objects
-------------------
Object: Hidden Code [ETHREAD: 0x865df6f0]
Process: System Address: 0x862ff930 Size: 1000

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CREATE]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLOSE]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_READ]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_WRITE]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_EA]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_EA]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SHUTDOWN]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_CLEANUP]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_SECURITY]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_SET_QUOTA]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Ntfs, IRP_MJ_PNP]
Process: System Address: 0x871de1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_CREATE]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLOSE]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_READ]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_WRITE]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_EA]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_EA]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_SHUTDOWN]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_CLEANUP]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: Fastfat, IRP_MJ_PNP]
Process: System Address: 0x85fba1f8 Size: 121

Object: Hidden Code [Driver: aym9oi19Ѕ䵃䥖Ё఍䵃Ϥ, IRP_MJ_CREATE]
Process: System Address: 0x86f961f8 Size: 121

Object: Hidden Code [Driver: aym9oi19Ѕ䵃䥖Ё఍䵃Ϥ, IRP_MJ_CLOSE]
Process: System Address: 0x86f961f8 Size: 121

Object: Hidden Code [Driver: aym9oi19Ѕ䵃䥖Ё఍䵃Ϥ, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86f961f8 Size: 121

Object: Hidden Code [Driver: aym9oi19Ѕ䵃䥖Ё఍䵃Ϥ, IRP_MJ_POWER]
Process: System Address: 0x86f961f8 Size: 121

Object: Hidden Code [Driver: aym9oi19Ѕ䵃䥖Ё఍䵃Ϥ, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86f961f8 Size: 121

Object: Hidden Code [Driver: aym9oi19Ѕ䵃䥖Ё఍䵃Ϥ, IRP_MJ_PNP]
Process: System Address: 0x86f961f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CREATE]
Process: System Address: 0x86fc11f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_CLOSE]
Process: System Address: 0x86fc11f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86fc11f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x86fc11f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_POWER]
Process: System Address: 0x86fc11f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86fc11f8 Size: 121

Object: Hidden Code [Driver: usbehci, IRP_MJ_PNP]
Process: System Address: 0x86fc11f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CREATE]
Process: System Address: 0x864201f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_CLOSE]
Process: System Address: 0x864201f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_READ]
Process: System Address: 0x864201f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_WRITE]
Process: System Address: 0x864201f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x864201f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x864201f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x864201f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SHUTDOWN]
Process: System Address: 0x864201f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_POWER]
Process: System Address: 0x864201f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x864201f8 Size: 121

Object: Hidden Code [Driver: Cdrom, IRP_MJ_PNP]
Process: System Address: 0x864201f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_CREATE]
Process: System Address: 0x86fc21f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_CLOSE]
Process: System Address: 0x86fc21f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86fc21f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x86fc21f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_POWER]
Process: System Address: 0x86fc21f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x86fc21f8 Size: 121

Object: Hidden Code [Driver: usbohci, IRP_MJ_PNP]
Process: System Address: 0x86fc21f8 Size: 121

Object: Hidden Code [Driver: , IRP_MJ_CREATE]
Process: System Address: 0xe2174908 Size: 1785

Object: Hidden Code [Driver: , IRP_MJ_CLOSE]
Process: System Address: 0xe2174908 Size: 1785

Object: Hidden Code [Driver: , IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0xe2174908 Size: 1785

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CREATE]
Process: System Address: 0x871701f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_READ]
Process: System Address: 0x871701f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_WRITE]
Process: System Address: 0x871701f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x871701f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x871701f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x871701f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SHUTDOWN]
Process: System Address: 0x871701f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_CLEANUP]
Process: System Address: 0x871701f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_POWER]
Process: System Address: 0x871701f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x871701f8 Size: 121

Object: Hidden Code [Driver: Ftdisk, IRP_MJ_PNP]
Process: System Address: 0x871701f8 Size: 121

Object: Hidden Code [Driver: prohlp02, IRP_MJ_CREATE]
Process: System Address: 0xe1b382e0 Size: 3362

Object: Hidden Code [Driver: prohlp02, IRP_MJ_CLOSE]
Process: System Address: 0xe1b382e0 Size: 3362

Object: Hidden Code [Driver: prohlp02, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0xe1b382e0 Size: 3362

Object: Hidden Code [Driver: NetBT, IRP_MJ_CREATE]
Process: System Address: 0x85f091f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLOSE]
Process: System Address: 0x85f091f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x85f091f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x85f091f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_CLEANUP]
Process: System Address: 0x85f091f8 Size: 121

Object: Hidden Code [Driver: NetBT, IRP_MJ_PNP]
Process: System Address: 0x85f091f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_NAMED_PIPE]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLOSE]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_READ]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_WRITE]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_EA]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_EA]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FLUSH_BUFFERS]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_VOLUME_INFORMATION]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_INTERNAL_DEVICE_CONTROL]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SHUTDOWN]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CLEANUP]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_CREATE_MAILSLOT]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_SECURITY]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_SECURITY]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_POWER]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SYSTEM_CONTROL]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_DEVICE_CHANGE]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_QUERY_QUOTA]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_SET_QUOTA]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: MRxSmb, IRP_MJ_PNP]
Process: System Address: 0x860eb1f8 Size: 121

Object: Hidden Code [Driver: Cdfsȅఊ祓哠, IRP_MJ_CREATE]
Process: System Address: 0x86e183d0 Size: 121

Object: Hidden Code [Driver: Cdfsȅఊ祓哠, IRP_MJ_CLOSE]
Process: System Address: 0x86e183d0 Size: 121

Object: Hidden Code [Driver: Cdfsȅఊ祓哠, IRP_MJ_READ]
Process: System Address: 0x86e183d0 Size: 121

Object: Hidden Code [Driver: Cdfsȅఊ祓哠, IRP_MJ_QUERY_INFORMATION]
Process: System Address: 0x86e183d0 Size: 121

Object: Hidden Code [Driver: Cdfsȅఊ祓哠, IRP_MJ_SET_INFORMATION]
Process: System Address: 0x86e183d0 Size: 121

Object: Hidden Code [Driver: Cdfsȅఊ祓哠, IRP_MJ_QUERY_VOLUME_INFORMATION]
Process: System Address: 0x86e183d0 Size: 121

Object: Hidden Code [Driver: Cdfsȅఊ祓哠, IRP_MJ_DIRECTORY_CONTROL]
Process: System Address: 0x86e183d0 Size: 121

Object: Hidden Code [Driver: Cdfsȅఊ祓哠, IRP_MJ_FILE_SYSTEM_CONTROL]
Process: System Address: 0x86e183d0 Size: 121

Object: Hidden Code [Driver: Cdfsȅఊ祓哠, IRP_MJ_DEVICE_CONTROL]
Process: System Address: 0x86e183d0 Size: 121

Object: Hidden Code [Driver: Cdfsȅఊ祓哠, IRP_MJ_SHUTDOWN]
Process: System Address: 0x86e183d0 Size: 121

Object: Hidden Code [Driver: Cdfsȅఊ祓哠, IRP_MJ_LOCK_CONTROL]
Process: System Address: 0x86e183d0 Size: 121

Object: Hidden Code [Driver: Cdfsȅఊ祓哠, IRP_MJ_CLEANUP]
Process: System Address: 0x86e183d0 Size: 121

Object: Hidden Code [Driver: Cdfsȅఊ祓哠, IRP_MJ_PNP]
Process: System Address: 0x86e183d0 Size: 121

Shadow SSDT
-------------------
#: 013 Function Name: NtGdiBitBlt
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf5308

#: 122 Function Name: NtGdiDeleteObjectApp
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf5a2c

#: 227 Function Name: NtGdiMaskBlt
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf543c

#: 233 Function Name: NtGdiOpenDCW
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf58ec

#: 237 Function Name: NtGdiPlgBlt
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf557c

#: 292 Function Name: NtGdiStretchBlt
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf56b0

#: 310 Function Name: NtUserBlockInput
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf5188

#: 319 Function Name: NtUserCallHwndParamLock
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf43da

#: 383 Function Name: NtUserGetAsyncKeyState
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf4e58

#: 389 Function Name: NtUserGetClipboardData
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf57ea

#: 414 Function Name: NtUserGetKeyboardState
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf4bc6

#: 416 Function Name: NtUserGetKeyState
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf4d08

#: 460 Function Name: NtUserMessageCall
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf48aa

#: 465 Function Name: NtUserMoveWindow
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf4112

#: 475 Function Name: NtUserPostMessage
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf455c

#: 476 Function Name: NtUserPostThreadMessage
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf4708

#: 491 Function Name: NtUserRegisterRawInputDevices
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf4fa8

#: 502 Function Name: NtUserSendInput
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf4a6c

#: 509 Function Name: NtUserSetClipboardViewer
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf509e

#: 529 Function Name: NtUserSetParent
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf4282

#: 549 Function Name: NtUserSetWindowsHookEx
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf5a92

#: 552 Function Name: NtUserSetWinEventHook
Status: Hooked by "C:\WINDOWS\System32\DRIVERS\cmdguard.sys" at address 0xefcf5cc6

==EOF==

pitimir · Příspěvekod **pitimir** » 20 říj 2009 20:00

1) Stiahni ComboFix - NESPUSTAT.

Presun ikonu CF na plochu, vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall a otvor poznamkovy blok. Donho skopiruj:

Kód: Vybrat vše

KillAll::
DDS::
mURLSearchHooks: H - No File
TB: {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
DPF: {D27CDB6E-CE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shoc ... wflash.cab
SEH: {4F07DA45-8170-4859-9B5F-037EF2970034} - No File

Uloz na plochu ako CFScript.txt a mysou pretiahni nad ikonou CF.

Obrázek

Program script spracuje a spravi novy log.

Pozor: Ak po aplikacii skriptu nenabehne Windows, restartuj PC, stlac F8 a zvol Poslednu znamu funkcnu konfiguraciu.

2) Pozri - pokial mienis crackovat pouzite veci (na ploche ti svieti nejaka sranda pre MWAV), taxa tu potom nemame o com bavit.

Stiahni CKScanner na plochu. Spust program dvojklikom na ikonu. Otvori sa okno, v nom klik na "Search For Files". Zacne scan, po jeho skonceni klikni na "Save List To File" -> "OK". Na ploche by sa mal objavit subor s nazvom CKFiles.txt, jeho obsah mi sem skopiruj.

3) Mas tam zvysky po ohromnom mnozstve bezpecnostnych softov.

Stiahni SecurityCheck. Spust ho a postupuj podla instrukcii. Nakoniec vyhodi log, ktory skopiruj sem.

MaxDamageCZ · Příspěvekod **MaxDamageCZ** » 20 říj 2009 21:33

CKScanner:

CKScanner - Additional Security Risks - These are not necessarily bad
c:\documents and settings\marek\plocha\mwav keygen - x-core.zip
c:\program files\jasc software inc\paint shop pro 9\bump maps\cracked desert.pspimage
c:\program files\jasc software inc\paint shop pro 9\patterns\cracked paint.pspimage
c:\program files\rockstar games\gta san andreas\data\decision\craig\crack1.ped
c:\program files\superantispyware\superantispyware.professional.v3.9.0.1008-heritage\crack\superantispyware.exe
c:\program files\toribash-3.1\custom\cracker94\head.tga
c:\program files\toribash-3.1\custom\cracker94\r_leg.tga
c:\program files\toribash-3.1\custom\nutcracker\head.tga
c:\program files\warcraft iii\crack\rzr-wc3.nfo
c:\program files\warcraft iii\crack\war3.exe
c:\program files\warcraft iii\crack\worldedit.exe
c:\windows\prefetch\keygen.superantispyware.profe-2af6f2d0.pf
scanner sequence 3.ZZ.11
----- EOF -----

MaxDamageCZ · Příspěvekod **MaxDamageCZ** » 20 říj 2009 21:34

ComboFix 09-10-19.04 - Marek 20.10.2009 21:06.19.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.587 [GMT 2:00]
Spuštěný z: c:\documents and settings\Marek\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Marek\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\regedit.com
c:\windows\system32\taskmgr.com

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-09-20 do 2009-10-20 )))))))))))))))))))))))))))))))
.

2009-10-20 18:53 . 2009-10-20 18:53 -------- dc----w- c:\documents and settings\MaxDamage - uživatel
2009-10-20 14:53 . 2009-10-20 14:53 -------- d--h--w- c:\windows\PIF
2009-10-19 17:20 . 2009-10-19 17:31 -------- d-----w- c:\program files\HTV
2009-10-19 15:37 . 2009-10-19 15:37 -------- d---a-w- c:\windows\rundll16.exe
2009-10-19 15:37 . 2009-10-19 15:37 -------- d---a-w- c:\windows\logo1_.exe
2009-10-18 19:00 . 2009-10-20 18:53 -------- d-----w- c:\program files\COMODO
2009-10-18 18:17 . 2009-10-18 18:18 -------- d-----w- c:\program files\Crawler
2009-10-18 07:35 . 2009-10-18 07:35 -------- d---a-w- c:\windows\VDLL.DLL
2009-10-18 07:35 . 2009-10-18 07:35 -------- d---a-w- c:\windows\system32\runouce.exe
2009-10-18 07:35 . 2009-10-18 07:35 -------- d---a-w- c:\windows\RUNDL132.EXE
2009-10-18 07:35 . 2009-10-18 07:35 -------- d---a-w- c:\windows\logo_1.exe
2009-10-18 07:33 . 2009-10-18 07:33 626688 ----a-w- c:\windows\system32\msvcr80.dll
2009-10-18 07:33 . 2009-10-18 07:33 548864 ----a-w- c:\windows\system32\msvcp80.dll
2009-10-18 07:33 . 2009-10-18 07:33 28672 ----a-w- c:\windows\system32\eEmpty.exe
2009-10-18 07:33 . 2008-04-14 03:22 137216 ----a-w- c:\windows\system32\T.COM
2009-10-18 07:33 . 2008-04-14 03:22 147968 ----a-w- c:\windows\R.COM
2009-10-18 07:33 . 2009-10-18 07:33 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-10-17 18:54 . 2009-10-17 18:54 27656 ----a-w- c:\windows\system32\drivers\pxsec.sys
2009-10-17 18:54 . 2009-10-17 18:54 22024 ----a-w- c:\windows\system32\drivers\pxscan.sys
2009-10-17 18:54 . 2009-10-17 18:54 -------- d-----w- c:\program files\Prevx
2009-10-17 17:22 . 2009-10-17 17:22 -------- d-----w- c:\program files\Conduit
2009-10-17 17:22 . 2009-10-17 19:28 -------- d-----w- c:\program files\free-downloads.net
2009-10-11 17:11 . 2009-10-11 17:11 -------- d-----w- c:\program files\Opera
2009-10-11 16:39 . 2001-08-17 20:07 101888 -c--a-w- c:\windows\system32\dllcache\adpu160m.sys
2009-10-11 16:39 . 2004-08-03 20:32 10880 -c--a-w- c:\windows\system32\dllcache\admjoy.sys
2009-10-11 16:39 . 2001-08-17 18:11 46112 -c--a-w- c:\windows\system32\dllcache\adptsf50.sys
2009-10-11 16:39 . 2001-08-17 18:19 747392 -c--a-w- c:\windows\system32\dllcache\adm8830.sys
2009-10-11 16:39 . 2001-08-17 18:19 553984 -c--a-w- c:\windows\system32\dllcache\adm8820.sys
2009-10-11 16:39 . 2001-08-17 18:19 584448 -c--a-w- c:\windows\system32\dllcache\adm8810.sys
2009-10-11 16:37 . 2001-10-24 10:24 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2009-10-10 16:29 . 2009-10-10 16:29 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-10-10 11:03 . 2009-10-10 11:04 -------- dc----w- C:\iPod Photo Cache
2009-10-05 17:22 . 2009-10-05 17:22 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-10-05 17:22 . 2009-10-05 17:22 -------- d-----w- c:\program files\Zone Labs
2009-10-05 17:21 . 2009-10-12 13:47 -------- d-----w- c:\windows\Internet Logs
2009-10-05 17:11 . 2009-10-10 16:14 -------- d-----w- c:\program files\JockerSoft
2009-10-05 15:14 . 2009-10-05 17:23 -------- d-----w- c:\program files\AskBarDis
2009-10-05 15:14 . 2009-10-05 15:29 -------- d-----w- c:\program files\Vuze
2009-10-05 15:04 . 2009-10-10 16:13 -------- d-----w- c:\program files\BitLord
2009-10-04 17:50 . 2009-10-04 17:50 -------- d-----w- c:\program files\wxDownload Fast
2009-10-04 17:33 . 2009-10-04 17:33 -------- dc----w- C:\Downloads
2009-10-04 16:15 . 2009-10-11 13:26 -------- d-----w- c:\program files\Star Downloader
2009-10-02 15:51 . 2009-10-02 15:51 -------- d-----w- c:\program files\Avanquest update
2009-10-02 09:33 . 2009-10-02 09:33 -------- d-----w- c:\program files\Total Video Converter
2009-10-02 05:37 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll
2009-10-01 10:53 . 2009-10-19 16:44 -------- d-----w- c:\program files\IObit
2009-10-01 10:52 . 2009-10-01 10:52 65928 ---ha-w- c:\windows\system32\mlfcache.dat
2009-09-30 11:59 . 2009-09-30 11:59 -------- d-----w- c:\program files\iPod
2009-09-30 11:58 . 2009-09-30 12:02 -------- d-----w- c:\program files\iTunes
2009-09-30 11:24 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-30 11:24 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2009-09-30 06:41 . 2009-09-30 06:41 -------- d-----w- c:\program files\QuickTime
2009-09-30 06:40 . 2009-09-30 06:40 -------- d-----w- c:\program files\Apple Software Update
2009-09-30 06:39 . 2009-08-28 17:42 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-09-30 06:39 . 2009-08-28 17:42 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-09-30 06:39 . 2009-09-30 11:59 -------- d-----w- c:\program files\Common Files\Apple
2009-09-28 16:59 . 2009-09-28 16:59 640 -c--a-w- C:\settings.dat
2009-09-26 19:18 . 2009-09-26 19:18 4484 ----a-w- c:\windows\system32\drivers\cpuidlep.sys
2009-09-26 17:59 . 1996-04-03 19:33 5248 ----a-w- c:\windows\system32\drivers\giveio.sys
2009-09-26 16:38 . 2009-09-26 17:09 -------- d-----w- c:\program files\Alwil Software
2009-09-26 13:24 . 2009-09-26 13:24 -------- d-----w- c:\program files\Sunbelt Software
2009-09-26 10:22 . 2009-10-09 12:45 -------- d-----w- c:\documents and settings\Marek\DoctorWeb
2009-09-25 12:11 . 2009-09-10 12:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-25 12:11 . 2009-09-25 12:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-09-25 12:11 . 2009-09-10 12:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-23 14:23 . 2009-09-25 12:35 -------- d-----w- c:\windows\system32\Adobe
2009-09-23 14:02 . 2009-09-23 14:02 -------- d-----w- c:\program files\Warp

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-18 18:43 . 2009-09-20 13:28 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-10-18 18:22 . 2004-08-18 12:00 90996 ----a-w- c:\windows\system32\perfc005.dat
2009-10-18 18:22 . 2004-08-18 12:00 457400 ----a-w- c:\windows\system32\perfh005.dat
2009-10-18 10:48 . 2006-12-16 12:12 -------- d-----w- c:\program files\EA SPORTS
2009-10-18 07:27 . 2009-09-19 09:33 -------- d-----w- c:\program files\ESET
2009-10-17 17:44 . 2009-07-30 11:56 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-10-12 13:32 . 2007-01-20 12:48 -------- d-----w- c:\program files\Lavasoft
2009-10-12 12:41 . 2008-06-02 12:40 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-04 17:40 . 2009-09-01 16:33 -------- d-----w- c:\program files\Bonjour
2009-10-02 15:51 . 2006-07-04 06:24 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-02 09:02 . 2006-08-25 09:21 -------- d-----w- c:\program files\Sony Ericsson
2009-10-01 11:27 . 2006-09-10 10:19 -------- d-----w- c:\program files\VDMSound
2009-10-01 11:21 . 2006-11-08 13:23 -------- d-----w- c:\program files\Nvu
2009-10-01 11:21 . 2009-07-28 08:44 -------- d-----w- c:\program files\Trend Micro
2009-10-01 11:21 . 2009-06-13 15:47 -------- d-----w- c:\program files\World of Warcraft
2009-10-01 11:21 . 2009-05-06 17:54 -------- d-----w- c:\program files\Stykz
2009-10-01 11:21 . 2009-05-06 16:03 -------- d-----w- c:\program files\VirtualDJ
2009-10-01 11:21 . 2008-02-03 17:51 -------- d-----w- c:\program files\Toribash-3.1
2009-10-01 11:21 . 2007-06-19 17:21 -------- d-----w- c:\program files\RADVideo
2009-10-01 11:21 . 2007-01-09 19:27 -------- d-----w- c:\program files\Video DVD Maker FREE
2009-10-01 11:21 . 2006-12-31 18:52 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-09-19 15:31 . 2009-09-19 15:30 -------- d-----w- c:\program files\Security Task Manager
2009-09-18 17:23 . 2009-09-18 17:23 12 ----a-w- c:\documents and settings\Marek\USERDATA.DAT
2009-09-12 16:03 . 2009-09-12 15:56 -------- d-----w- c:\program files\ICQ6.5
2009-09-12 15:57 . 2008-05-29 15:58 -------- d-----w- c:\program files\ICQ6
2009-09-11 14:19 . 2004-08-18 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:05 . 2004-08-18 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-02 09:26 . 2008-11-06 15:38 -------- d-----w- c:\program files\NextUp Talker
2009-09-01 16:54 . 2006-07-10 07:04 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-01 16:43 . 2009-09-01 16:41 -------- d-----w- c:\program files\Common Files\Jasc Software Inc
2009-09-01 16:41 . 2009-09-01 16:40 -------- d-----w- c:\program files\Jasc Software Inc
2009-09-01 16:05 . 2009-09-01 16:05 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-09-01 14:34 . 2009-09-01 14:34 160285 ----a-w- c:\windows\Sqirlz Morph Uninstaller.exe
2009-09-01 14:34 . 2009-09-01 14:34 -------- d-----w- c:\program files\Sqirlz Morph
2009-08-31 13:54 . 2009-04-13 16:45 -------- d-----w- c:\program files\Free Power Word to Pdf Converter
2009-08-31 13:54 . 2009-04-13 16:34 -------- d-----w- c:\program files\Free PDF to Word Doc Converter
2009-08-31 13:39 . 2006-08-25 09:21 -------- d-----w- c:\program files\Common Files\Teleca Shared
2009-08-31 13:37 . 2008-11-05 19:11 -------- d-----w- c:\program files\Text to Speech Maker
2009-08-31 13:23 . 2009-06-30 11:44 -------- d-----w- c:\program files\MumboJumbo
2009-08-31 13:23 . 2009-02-24 13:08 -------- d-----w- c:\program files\Wanadoo Edition
2009-08-31 13:13 . 2009-08-03 15:13 -------- d-----w- c:\program files\Actual Drawing
2009-08-31 13:13 . 2009-05-06 16:55 -------- d-----w- c:\program files\Acoustica Mixcraft
2009-08-29 07:58 . 2004-08-18 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-08-26 08:02 . 2004-08-18 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-22 18:03 . 2007-05-07 10:42 -------- d-----w- c:\program files\Rockstar Games
2009-08-06 17:24 . 2006-07-03 14:57 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 17:24 . 2006-07-03 14:57 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 17:24 . 2006-07-04 06:38 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 17:24 . 2006-07-03 14:57 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 17:24 . 2006-07-03 14:57 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 17:24 . 2004-08-18 12:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 17:23 . 2006-07-03 14:57 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 17:23 . 2008-06-01 13:30 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-08-06 17:23 . 2006-07-03 14:57 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-05 09:01 . 2004-08-18 12:00 205312 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-04 20:59 . 2004-08-18 12:00 2191360 ------w- c:\windows\system32\ntoskrnl.exe
2009-08-04 17:52 . 2009-08-04 17:52 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-04 17:29 . 2004-08-17 15:45 2068224 ------w- c:\windows\system32\ntkrnlpa.exe
2009-07-28 15:30 . 2009-07-28 15:30 118842 ------r- c:\windows\bwUnin-6.3.2.116-7681197L.exe
2009-07-27 15:10 . 2006-07-05 17:26 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-25 03:23 . 2009-08-04 11:37 411368 ----a-w- c:\windows\system32\deploytk.dll
2004-08-23 21:38 . 2004-08-23 21:38 3371 ----a-w- c:\program files\!!!readme.txt
2004-08-23 19:08 . 2004-08-23 19:08 83968 -c--a-w- c:\program files\NB_NB_2_12_37.xls
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-06-30 2329224]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-10-17 2000112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"HTV Agent"="c:\program files\HTV\HTV.exe" [2007-12-22 484864]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"PnkBstrB"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\backWeb-7288971.exe"=
"c:\\Program Files\\Electronic Arts\\Need For Speed III\\nfs3.exe"=
"c:\\Program Files\\Sierra\\SWAT 4\\Content\\System\\Swat4.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Illusion Softworks\\Hidden & Dangerous 2\\hd2.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Sierra\\CoolPool\\coolpool.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\\Program Files\\Electronic Arts\\Medal of Honor Airborne\\UnrealEngine3\\Binaries\\MOHA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Documents and Settings\\Marek\\Local Settings\\Data aplikací\\Dyyno Receiver\\DPPM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\keyclone\\keyclone.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.0.1-to-3.0.2-enGB-Win-Update-downloader.exe"=
"c:\\Documents and Settings\\Marek\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Marek\\Local Settings\\Data aplikací\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\Marek\\Plocha\\utorrent.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2869:TCP"= 2869:TCP:@xpsp2res.dll,-22008
"11001:TCP"= 11001:TCP:H&D2 port 11001
"11001:UDP"= 11001:UDP:H&D2 port 11001
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"12001:UDP"= 12001:UDP:SMART WebServer Handshake Multicast Port
"6112:TCP"= 6112:TCP:Blizzard Downloader

R0 pxscan;pxscan;c:\windows\system32\drivers\pxscan.sys [17.10.2009 20:54 22024]
R0 pxsec;pxsec;c:\windows\system32\drivers\pxsec.sys [17.10.2009 20:54 27656]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [3.2.2009 17:39 63096]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14.5.2009 15:49 94360]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [15.9.2009 11:42 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [15.9.2009 11:42 74480]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.5.2009 15:47 731840]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [15.9.2009 11:42 7408]
S2 gupdate1ca18e6298cdd6;Google Update Service (gupdate1ca18e6298cdd6);c:\program files\Google\Update\GoogleUpdate.exe [9.8.2009 13:39 133104]
S3 axskbus;axskbus;c:\windows\system32\DRIVERS\axskbus.sys --> c:\windows\system32\DRIVERS\axskbus.sys [?]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [20.2.2008 20:49 13352]
S3 M1000Srv;M5603C USB2.0 Camera Driver;c:\windows\system32\Drivers\M1000KNT.sys --> c:\windows\system32\Drivers\M1000KNT.sys [?]
S4 ASKUpgrade;ASKUpgrade;c:\program files\AskBarDis\bar\bin\ASKUpgrade.exe [5.10.2009 17:15 234888]
S4 BackWeb Plug-in - 7681197;F-Secure Automatic Update;c:\progra~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE --> c:\progra~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE [?]
S4 CSIScanner;CSIScanner;c:\program files\Prevx\prevx.exe [17.10.2009 20:54 4368952]
S4 SMART Web Server;SMART Web Server;c:\program files\SMART Technologies Inc\SMART Board Software\WebServer.exe [19.4.2007 7:42 759312]
.
Obsah adresáře 'Naplánované úlohy'

2009-10-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

2009-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-09 11:38]

2009-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-09 11:38]

2009-10-19 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-10-19 07:22]

2009-10-20 c:\windows\Tasks\User_Feed_Synchronization-{CB8F93AA-F0A1-41BE-9268-229B640A54CD}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]

2009-10-20 c:\windows\Tasks\User_Feed_Synchronization-{D8C6849B-BD9A-4B92-970F-E7635BC45510}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 02:31]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Crawler Search - tbr:iemenu
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
FF - ProfilePath - c:\documents and settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\j2ggv3xx.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatche ... 60347&qkw=
FF - component: c:\program files\Comodo\HopSurfToolbar\hopsurfext_ff3_5\components\hopsurf.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xwsg.dll
FF - plugin: c:\program files\Dyyno\Dyyno Player\npvlc.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----

c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-20 21:18
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1409082233-220523388-1801674531-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:df,62,2c,55,b4,92,8c,81,8f,81,d7,2e,f6,2f,99,2a,af,76,f8,bb,39,8e,53,
3b,98,84,f3,a1,74,26,e8,39,f4,22,d8,75,d3,12,9d,76,c2,c3,f8,38,95,43,4a,2c,\
"??"=hex:a9,1b,d4,2d,84,8a,c8,cc,72,9b,3f,aa,56,b9,ca,9f
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(524)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\combofix\CF286.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\nvsvc32.exe
c:\program files\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\combofix\PEV.cfxxe
.
**************************************************************************
.
Celkový čas: 2009-10-20 21:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-10-20 19:24
ComboFix2.txt 2009-10-17 20:18

Před spuštěním: Volných bajtů: 122 400 030 720
Po spuštění: Volných bajtů: 122 546 458 624

- - End Of File - - 86F691FC74A87E1985A0084F7040E042

MaxDamageCZ · Příspěvekod **MaxDamageCZ** » 20 říj 2009 21:42

No a u security check když dám ten link, hodí mi to tento error

PS: Moc sorry za ty cracky tam, vidím, že je to samej malware, už na ten warez se*u, dělá jen potíže

MaxDamageCZ · Příspěvekod **MaxDamageCZ** » 21 říj 2009 18:39

Ahoj! Dnes mi to konečně funguje, takže dodavám log

Results of screen317's Security Check version 0.99.0
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:
ESET NOD32 Antivirus
Prevx 3.0
``````````````````````````````
Anti-malware/Other Utilities Check:
SUPERAntiSpyware Free Edition
HijackThis 2.0.2
CCleaner (remove only)
Java(TM) 6 Update 15
Java(TM) SE Runtime Environment 6 Update 1
Java(TM) 6 Update 5
Out of date Java installed!
Adobe Flash Player 10
Adobe Reader 6.0
Out of date Adobe Reader installed!
``````````````````````````````
Process Check:
objlist.exe by Laurent
``````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````

PS: A ještě jednou sorry za to, že jsem si crackama sám zasvinil PC a vy mi pomáháte to opravit. Tak díky moc

pitimir · Příspěvekod **pitimir** » 21 říj 2009 19:09

A ideme robit poriadok...

1) Pouzi JavaRa, mas staru Javu.

2) Updatuj Adobe Reader (poslednu verziu najdes >>tu<<).

3) Presun ikonu CF na plochu, vypni vsetky otvorene aplikacie, ako aj rezidenty antiviru, antispywaru a firewall a otvor poznamkovy blok. Donho skopiruj:

Kód: Vybrat vše

KillAll::
Folder::
c:\program files\Zone Labs
c:\program files\AskBarDis
c:\program files\Alwil Software
c:\program files\Sunbelt Software
c:\documents and settings\Marek\DoctorWeb
c:\program files\Spybot - Search & Destroy
c:\program files\Lavasoft
c:\progra~1\F-Secure
c:\progra~1\Crawler
c:\program files\warcraft iii\crack

Driver::
ASKUpgrade
BackWeb Plug-in - 7681197

File::
c:\documents and settings\marek\plocha\mwav keygen - x-core.zip
c:\program files\rockstar games\gta san andreas\data\decision\craig\crack1.ped
c:\program files\superantispyware\superantispyware.professional.v3.9.0.1008-heritage\crack\superantispyware.exe

DDS::
IE: Crawler Search - tbr:iemenu
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll

FireFox::
FF - ProfilePath - c:\documents and settings\Marek\Data aplikací\Mozilla\Firefox\Profiles\j2ggv3xx.default\
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatche ... 60347&qkw=
FF - component: c:\program files\Comodo\HopSurfToolbar\hopsurfext_ff3_5\components\hopsurf.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\Toolbar\firefox\components\xwsg.dll

Add-Remove programs:: 

Extra::

Uloz na plochu ako CFScript.txt a mysou pretiahni nad ikonou CF.

Obrázek

Program script spracuje a spravi novy log.

Pozor: Ak po aplikacii skriptu nenabehne Windows, restartuj PC, stlac F8 a zvol Poslednu znamu funkcnu konfiguraciu.

Samovolně se spouštěcí instalace Vyřešeno

Samovolně se spouštěcí instalace

Re: Samovolně se spouštěcí instalace

Re: Samovolně se spouštěcí instalace

Re: Samovolně se spouštěcí instalace

Re: Samovolně se spouštěcí instalace

Re: Samovolně se spouštěcí instalace

Re: Samovolně se spouštěcí instalace

Re: Samovolně se spouštěcí instalace

Re: Samovolně se spouštěcí instalace

Re: Samovolně se spouštěcí instalace

Re: Samovolně se spouštěcí instalace

Re: Samovolně se spouštěcí instalace

Kdo je online