Zavireny komp...Pls help

Všetko o antivírových programoch, firewalloch, víroch, spyware, ostatných aktuálnych hrozbách, názoroch a skúsenostiach, ako sa im vyvarovať...
POZOR: žiadny WAREZ
Používateľov profilový obrázok
B4rz1n1
Používateľ
Používateľ
Príspevky: 409
Dátum registrácie: So 28. Apr, 2007, 08:00
Bydlisko: Trencin/BA

Zavireny komp...Pls help

Príspevok od používateľa B4rz1n1 »

takze jak som tak citam ostatne temy viacej ludi tu ma podobne problemy jako ja. Davnejsie som hladal nemenovany soft a po dlhom hladani som ho nakoniec nasiel. Spustim instalacku a nic... po resetnuti PC som zistil ze je riadne zpomaleny.. Nainstaloval som si rozne antiviraky a ani jeden mi nepomaha, najde worma niekedy malware a niekedy adaware, dam osdstranit a nic.. komp furt zpomaleny.. tak prosim o pomoc

PS: nemam chut preinstalovavat a formatovat HDD ...



pridal som sem vypis z Combofix-u

Kód: Vybrať všetko

ComboFix 08-04-20.5 - Archon 2008-04-21 17:27:16.1 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1250.421.1033.18.358 [GMT 2:00]
Running from: C:\Documents and Settings\Archon.ARN\Application Data\Opera\Opera\profile\cache4\temporary_download\ComboFix.exe
 * Created a new restore point
 * Resident AV is active


[color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
.
[i] ADS - svchost.exe: deleted 28672 bytes in 1 streams. [/i]

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
C:\Documents and Settings\Administrator\Application Data\Anti-Virus-Pro.com
C:\Documents and Settings\Administrator\Start Menu\Programs\Outerinfo
C:\Documents and Settings\Administrator\Start Menu\Programs\Outerinfo\Terms.lnk
C:\Documents and Settings\Administrator\Start Menu\Programs\Outerinfo\Uninstall.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Anti Virus Pro spyware remover
C:\Documents and Settings\All Users\Start Menu\Programs\Anti Virus Pro spyware remover\Register Anti Virus Pro spyware remover.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Anti Virus Pro spyware remover\Start Anti Virus Pro spyware remover.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Anti Virus Pro spyware remover\Uninstall.lnk
C:\Program Files\180search assistant
C:\Program Files\180search assistant\180sa.exe
C:\Program Files\180search assistant\sau.exe
C:\Program Files\180searchassistant
C:\Program Files\180searchassistant\saap.exe
C:\Program Files\180searchassistant\sac.exe
C:\Program Files\180solutions
C:\Program Files\180solutions\sais.exe
C:\Program Files\Common Files\crosof~1
C:\Program Files\Common Files\crosof~1.net
C:\Program Files\Common Files\crosof~1.net\??crosoft.NET\
C:\Program Files\inetget2
C:\Program Files\JavaCore
C:\Program Files\JavaCore\UnInstall.exe
C:\Program Files\NoDNS
C:\Program Files\NoDNS\UnInstall.exe
C:\Program Files\nvcoi
C:\Program Files\nvcoi\mst.stt
C:\Program Files\outerinfo
C:\Program Files\outerinfo\FF\chrome.manifest
C:\Program Files\outerinfo\FF\components\OuterinfoAds.xpt
C:\Program Files\outerinfo\FF\install.rdf
C:\Program Files\outerinfo\Terms.rtf
C:\Program Files\seekmo
C:\Program Files\seekmo\seekmohook.dll
C:\Program Files\stc
C:\Program Files\stc\csv5p070.exe
C:\Program Files\SysCleaner
C:\Program Files\Sysmnt
C:\Program Files\Sysmnt\Ssmgr.exe
C:\Program Files\SystemDefender
C:\Program Files\Temporary
C:\Program Files\zango
C:\Program Files\zango\zango.exe
C:\WINDOWS\123messenger.per
C:\WINDOWS\180ax.exe
C:\WINDOWS\2020search.dll
C:\WINDOWS\2020search2.dll
C:\WINDOWS\apphelp32.dll
C:\WINDOWS\asferror32.dll
C:\WINDOWS\asycfilt32.dll
C:\WINDOWS\athprxy32.dll
C:\WINDOWS\ati2dvaa32.dll
C:\WINDOWS\ati2dvag32.dll
C:\WINDOWS\audiosrv32.dll
C:\WINDOWS\autodisc32.dll
C:\WINDOWS\avifile32.dll
C:\WINDOWS\avisynthex32.dll
C:\WINDOWS\aviwrap32.dll
C:\WINDOWS\bjam.dll
C:\WINDOWS\BM3b1d1851.xml
C:\WINDOWS\BM43fbd27f.xml
C:\WINDOWS\bokja.exe
C:\WINDOWS\browserad.dll
C:\WINDOWS\cdsm32.dll
C:\WINDOWS\changeurl_30.dll
C:\WINDOWS\default.htm
C:\WINDOWS\didduid.ini
C:\WINDOWS\FLEOK
C:\WINDOWS\FLEOK\180ax.exe
C:\WINDOWS\Installer\{004537fa-609a-4983-bffa-9973a157cb47}\CDVolume.dll
C:\WINDOWS\Installer\{0076687d-3153-475d-a8b5-8047bc2bb610}\RomChk.dll
C:\WINDOWS\Installer\id53.exe
C:\WINDOWS\licencia.txt
C:\WINDOWS\msa64chk.dll
C:\WINDOWS\msapasrc.dll
C:\WINDOWS\mspphe.dll
C:\WINDOWS\mssvr.exe
C:\WINDOWS\ntnut.exe
C:\WINDOWS\pskt.ini
C:\WINDOWS\saiemod.dll
C:\WINDOWS\salm.exe
C:\WINDOWS\shdocpe.dll
C:\WINDOWS\shdocpl.dll
C:\WINDOWS\stcloader.exe
C:\WINDOWS\swin32.dll
C:\WINDOWS\system32\dnmxxpif.ini
C:\WINDOWS\system32\fjtebhoi.ini
C:\WINDOWS\system32\jjixvylw.ini
C:\WINDOWS\system32\kjkmp.ini
C:\WINDOWS\system32\kjkmp.ini2
C:\WINDOWS\system32\mmllm.ini
C:\WINDOWS\system32\mmllm.ini2
C:\WINDOWS\system32\motclere.ini
C:\WINDOWS\system32\msixu.dll
C:\WINDOWS\system32\MSNSA32.dll
C:\WINDOWS\system32\ntnut32.exe
C:\WINDOWS\system32\sbwltbxa.exe
C:\WINDOWS\system32\shdocpe.dll
C:\WINDOWS\system32\SIPSPI32.dll
C:\WINDOWS\system32\usfllftj.ini
C:\WINDOWS\system32\wer8274.dll
C:\WINDOWS\system32\winfrun32.bin
C:\WINDOWS\system32\xbpvdgig.ini
C:\WINDOWS\system32\yyfalkil.ini
C:\WINDOWS\telefonos.txt
C:\WINDOWS\Temp\1015823578.exe
C:\WINDOWS\Temp\1020648603.exe
C:\WINDOWS\Temp\1022134614.exe
C:\WINDOWS\Temp\1029219981.exe
C:\WINDOWS\Temp\1031548418.exe
C:\WINDOWS\Temp\1033478710.exe
C:\WINDOWS\Temp\1040152378.exe
C:\WINDOWS\Temp\10441523.exe
C:\WINDOWS\Temp\104468803.exe
C:\WINDOWS\Temp\1049079425.exe
C:\WINDOWS\Temp\106210198.exe
C:\WINDOWS\Temp\1068248873.exe
C:\WINDOWS\Temp\1069566539.exe
C:\WINDOWS\Temp\1071037148.exe
C:\WINDOWS\Temp\1071357258.exe
C:\WINDOWS\Temp\107387902.exe
C:\WINDOWS\Temp\1075615754.exe
C:\WINDOWS\Temp\1088451964.exe
C:\WINDOWS\Temp\1092356443.exe
C:\WINDOWS\Temp\1108072072.exe
C:\WINDOWS\Temp\1109973691.exe
C:\WINDOWS\Temp\1121427983.exe
C:\WINDOWS\Temp\114700047.exe
C:\WINDOWS\Temp\1147756718.exe
C:\WINDOWS\Temp\1153774426.exe
C:\WINDOWS\Temp\1155384556.exe
C:\WINDOWS\Temp\1157512687.exe
C:\WINDOWS\Temp\1158832629.exe
C:\WINDOWS\Temp\1168413079.exe
C:\WINDOWS\Temp\1173231491.exe
C:\WINDOWS\Temp\1177442694.exe
C:\WINDOWS\Temp\1182140753.exe
C:\WINDOWS\Temp\1189079842.exe
C:\WINDOWS\Temp\1214473678.exe
C:\WINDOWS\Temp\1219495659.exe
C:\WINDOWS\Temp\1220409884.exe
C:\WINDOWS\Temp\1225364540.exe
C:\WINDOWS\Temp\1226949967.exe
C:\WINDOWS\Temp\123515423.exe
C:\WINDOWS\Temp\1237114749.exe
C:\WINDOWS\Temp\1239427608.exe
C:\WINDOWS\Temp\1242352246.exe
C:\WINDOWS\Temp\124947503.exe
C:\WINDOWS\Temp\1259623779.exe
C:\WINDOWS\Temp\1265167038.exe
C:\WINDOWS\Temp\1266875126.exe
C:\WINDOWS\Temp\1268645641.exe
C:\WINDOWS\Temp\1268703260.exe
C:\WINDOWS\Temp\1273619619.exe
C:\WINDOWS\Temp\1284156217.exe
C:\WINDOWS\Temp\1286478937.exe
C:\WINDOWS\Temp\1288650883.exe
C:\WINDOWS\Temp\1289855909.exe
C:\WINDOWS\Temp\1305803061.exe
C:\WINDOWS\Temp\1306638304.exe
C:\WINDOWS\Temp\1314548789.exe
C:\WINDOWS\Temp\1314761835.exe
C:\WINDOWS\Temp\1323507332.exe
C:\WINDOWS\Temp\1324055094.exe
C:\WINDOWS\Temp\1324264534.exe
C:\WINDOWS\Temp\1330394822.exe
C:\WINDOWS\Temp\133618876.exe
C:\WINDOWS\Temp\1337343192.exe
C:\WINDOWS\Temp\1342287103.exe
C:\WINDOWS\Temp\1348284701.exe
C:\WINDOWS\Temp\1358956002.exe
C:\WINDOWS\Temp\1368157675.exe
C:\WINDOWS\Temp\1370991332.exe
C:\WINDOWS\Temp\1390343028.exe
C:\WINDOWS\Temp\1395941376.exe
C:\WINDOWS\Temp\1399322121.exe
C:\WINDOWS\Temp\1417958827.exe
C:\WINDOWS\Temp\1418404344.exe
C:\WINDOWS\Temp\1433892951.exe
C:\WINDOWS\Temp\1443717466.exe
C:\WINDOWS\Temp\1444505425.exe
C:\WINDOWS\Temp\1459267867.exe
C:\WINDOWS\Temp\1459724088.exe
C:\WINDOWS\Temp\1461861713.exe
C:\WINDOWS\Temp\1469867651.exe
C:\WINDOWS\Temp\1482562037.exe
C:\WINDOWS\Temp\1497795759.exe
C:\WINDOWS\Temp\1505916663.exe
C:\WINDOWS\Temp\1509094952.exe
C:\WINDOWS\Temp\1511232093.exe
C:\WINDOWS\Temp\1511805488.exe
C:\WINDOWS\Temp\1514457986.exe
C:\WINDOWS\Temp\1525348591.exe
C:\WINDOWS\Temp\1528140775.exe
C:\WINDOWS\Temp\1536777137.exe
C:\WINDOWS\Temp\1541012816.exe
C:\WINDOWS\Temp\1549737605.exe
C:\WINDOWS\Temp\1551669984.exe
C:\WINDOWS\Temp\1551702728.exe
C:\WINDOWS\Temp\1552601694.exe
C:\WINDOWS\Temp\1559350334.exe
C:\WINDOWS\Temp\1566322051.exe
C:\WINDOWS\Temp\1569245956.exe
C:\WINDOWS\Temp\1572270418.exe
C:\WINDOWS\Temp\1575851270.exe
C:\WINDOWS\Temp\1581047196.exe
C:\WINDOWS\Temp\1582074492.exe
C:\WINDOWS\Temp\158461835.exe
C:\WINDOWS\Temp\1588798635.exe
C:\WINDOWS\Temp\1591001030.exe
C:\WINDOWS\Temp\1595195288.exe
C:\WINDOWS\Temp\1600563012.exe
C:\WINDOWS\Temp\1601888834.exe
C:\WINDOWS\Temp\1606851053.exe
C:\WINDOWS\Temp\1608882752.exe
C:\WINDOWS\Temp\1613180834.exe
C:\WINDOWS\Temp\1616587301.exe
C:\WINDOWS\Temp\1619649908.exe
C:\WINDOWS\Temp\1635794343.exe
C:\WINDOWS\Temp\1636354812.exe
C:\WINDOWS\Temp\1646084858.exe
C:\WINDOWS\Temp\1646407573.exe
C:\WINDOWS\Temp\1647566034.exe
C:\WINDOWS\Temp\1660682494.exe
C:\WINDOWS\Temp\1672049409.exe
C:\WINDOWS\Temp\1673146859.exe
C:\WINDOWS\Temp\1697969784.exe
C:\WINDOWS\Temp\1699812887.exe
C:\WINDOWS\Temp\1700276309.exe
C:\WINDOWS\Temp\1709128576.exe
C:\WINDOWS\Temp\1710676791.exe
C:\WINDOWS\Temp\1711129368.exe
C:\WINDOWS\Temp\171630478.exe
C:\WINDOWS\Temp\1726001840.exe
C:\WINDOWS\Temp\1726472783.exe
C:\WINDOWS\Temp\1726674667.exe
C:\WINDOWS\Temp\173338309.exe
C:\WINDOWS\Temp\1737163429.exe
C:\WINDOWS\Temp\1737293155.exe
C:\WINDOWS\Temp\1756235567.exe
C:\WINDOWS\Temp\1772595865.exe
C:\WINDOWS\Temp\1773270414.exe
C:\WINDOWS\Temp\1776529427.exe
C:\WINDOWS\Temp\1785295405.exe
C:\WINDOWS\Temp\1787824861.exe
C:\WINDOWS\Temp\178973751.exe
C:\WINDOWS\Temp\1793837076.exe
C:\WINDOWS\Temp\1794022876.exe
C:\WINDOWS\Temp\1794362085.exe
C:\WINDOWS\Temp\1795483989.exe
C:\WINDOWS\Temp\1808456168.exe
C:\WINDOWS\Temp\1811001024.exe
C:\WINDOWS\Temp\1815639600.exe
C:\WINDOWS\Temp\1833443005.exe
C:\WINDOWS\Temp\1840316263.exe
C:\WINDOWS\Temp\1845322359.exe
C:\WINDOWS\Temp\1846779072.exe
C:\WINDOWS\Temp\1848149878.exe
C:\WINDOWS\Temp\184967822.exe
C:\WINDOWS\Temp\1856447006.exe
C:\WINDOWS\Temp\1867810035.exe
C:\WINDOWS\Temp\1869586302.exe
C:\WINDOWS\Temp\1874939178.exe
C:\WINDOWS\Temp\1881306100.exe
C:\WINDOWS\Temp\1883824177.exe
C:\WINDOWS\Temp\1890155398.exe
C:\WINDOWS\Temp\1891708610.exe
C:\WINDOWS\Temp\1895333459.exe
C:\WINDOWS\Temp\1900084486.exe
C:\WINDOWS\Temp\1905143677.exe
C:\WINDOWS\Temp\1909735424.exe
C:\WINDOWS\Temp\1918016815.exe
C:\WINDOWS\Temp\1921615280.exe
C:\WINDOWS\Temp\1923700481.exe
C:\WINDOWS\Temp\1928638779.exe
C:\WINDOWS\Temp\1930197587.exe
C:\WINDOWS\Temp\1930231926.exe
C:\WINDOWS\Temp\1933556151.exe
C:\WINDOWS\Temp\1942291583.exe
C:\WINDOWS\Temp\1950914306.exe
C:\WINDOWS\Temp\1958085183.exe
C:\WINDOWS\Temp\1961542334.exe
C:\WINDOWS\Temp\1968884179.exe
C:\WINDOWS\Temp\1971034033.exe
C:\WINDOWS\Temp\198568355.exe
C:\WINDOWS\Temp\1992019510.exe
C:\WINDOWS\Temp\199216654.exe
C:\WINDOWS\Temp\1994672573.exe
C:\WINDOWS\Temp\1995242639.exe
C:\WINDOWS\Temp\1995367017.exe
C:\WINDOWS\Temp\2004968626.exe
C:\WINDOWS\Temp\2014984033.exe
C:\WINDOWS\Temp\2019353592.exe
C:\WINDOWS\Temp\2020910994.exe
C:\WINDOWS\Temp\2023769963.exe
C:\WINDOWS\Temp\2024773445.exe
C:\WINDOWS\Temp\2026626482.exe
C:\WINDOWS\Temp\2029683481.exe
C:\WINDOWS\Temp\2032043640.exe
C:\WINDOWS\Temp\2034482275.exe
C:\WINDOWS\Temp\2039543287.exe
C:\WINDOWS\Temp\2043464698.exe
C:\WINDOWS\Temp\2050055331.exe
C:\WINDOWS\Temp\2055706971.exe
C:\WINDOWS\Temp\206247921.exe
C:\WINDOWS\Temp\2080251779.exe
C:\WINDOWS\Temp\2088805152.exe
C:\WINDOWS\Temp\2091620926.exe
C:\WINDOWS\Temp\2096550020.exe
C:\WINDOWS\Temp\210618577.exe
C:\WINDOWS\Temp\2118045491.exe
C:\WINDOWS\Temp\2121905349.exe
C:\WINDOWS\Temp\2130063165.exe
C:\WINDOWS\Temp\2138117226.exe
C:\WINDOWS\Temp\216977366.exe
C:\WINDOWS\Temp\228048546.exe
C:\WINDOWS\Temp\235684523.exe
C:\WINDOWS\Temp\2370965.exe
C:\WINDOWS\Temp\241049174.exe
C:\WINDOWS\Temp\245122366.exe
C:\WINDOWS\Temp\24611847.exe
C:\WINDOWS\Temp\246354080.exe
C:\WINDOWS\Temp\250774790.exe
C:\WINDOWS\Temp\251796842.exe
C:\WINDOWS\Temp\257243269.exe
C:\WINDOWS\Temp\26081162.exe
C:\WINDOWS\Temp\267694449.exe
C:\WINDOWS\Temp\27262935.exe
C:\WINDOWS\Temp\288922517.exe
C:\WINDOWS\Temp\29099480.exe
C:\WINDOWS\Temp\292084430.exe
C:\WINDOWS\Temp\300418501.exe
C:\WINDOWS\Temp\314147989.exe
C:\WINDOWS\Temp\320778964.exe
C:\WINDOWS\Temp\327667210.exe
C:\WINDOWS\Temp\333426544.exe
C:\WINDOWS\Temp\344471151.exe
C:\WINDOWS\Temp\349628708.exe
C:\WINDOWS\Temp\354910735.exe
C:\WINDOWS\Temp\36168987.exe
C:\WINDOWS\Temp\361987191.exe
C:\WINDOWS\Temp\364170101.exe
C:\WINDOWS\Temp\369055685.exe
C:\WINDOWS\Temp\376323777.exe
C:\WINDOWS\Temp\380600035.exe
C:\WINDOWS\Temp\387180124.exe
C:\WINDOWS\Temp\388522892.exe
C:\WINDOWS\Temp\389610893.exe
C:\WINDOWS\Temp\393696879.exe
C:\WINDOWS\Temp\399354140.exe
C:\WINDOWS\Temp\406472950.exe
C:\WINDOWS\Temp\414237956.exe
C:\WINDOWS\Temp\414680102.exe
C:\WINDOWS\Temp\417097600.exe
C:\WINDOWS\Temp\418270659.exe
C:\WINDOWS\Temp\427276560.exe
C:\WINDOWS\Temp\435848798.exe
C:\WINDOWS\Temp\438337210.exe
C:\WINDOWS\Temp\446110488.exe
C:\WINDOWS\Temp\446967285.exe
C:\WINDOWS\Temp\450506360.exe
C:\WINDOWS\Temp\452857564.exe
C:\WINDOWS\Temp\454339662.exe
C:\WINDOWS\Temp\46899032.exe
C:\WINDOWS\Temp\469285445.exe
C:\WINDOWS\Temp\470113791.exe
C:\WINDOWS\Temp\472053936.exe
C:\WINDOWS\Temp\476046378.exe
C:\WINDOWS\Temp\485232824.exe
C:\WINDOWS\Temp\489074141.exe
C:\WINDOWS\Temp\489696679.exe
C:\WINDOWS\Temp\502751873.exe
C:\WINDOWS\Temp\517807363.exe
C:\WINDOWS\Temp\528944328.exe
C:\WINDOWS\Temp\531060179.exe
C:\WINDOWS\Temp\531484191.exe
C:\WINDOWS\Temp\538983126.exe
C:\WINDOWS\Temp\539025866.exe
C:\WINDOWS\Temp\53961516.exe
C:\WINDOWS\Temp\55172093.exe
C:\WINDOWS\Temp\552859228.exe
C:\WINDOWS\Temp\560383840.exe
C:\WINDOWS\Temp\562540018.exe
C:\WINDOWS\Temp\569874340.exe
C:\WINDOWS\Temp\570148485.exe
C:\WINDOWS\Temp\578279920.exe
C:\WINDOWS\Temp\585332840.exe
C:\WINDOWS\Temp\589703496.exe
C:\WINDOWS\Temp\592320745.exe
C:\WINDOWS\Temp\596407469.exe
C:\WINDOWS\Temp\597451641.exe
C:\WINDOWS\Temp\598931748.exe
C:\WINDOWS\Temp\602241061.exe
C:\WINDOWS\Temp\603376867.exe
C:\WINDOWS\Temp\607447746.exe
C:\WINDOWS\Temp\616972952.exe
C:\WINDOWS\Temp\61947956.exe
C:\WINDOWS\Temp\623512240.exe
C:\WINDOWS\Temp\63559144.exe
C:\WINDOWS\Temp\64036230.exe
C:\WINDOWS\Temp\640729698.exe
C:\WINDOWS\Temp\642071558.exe
C:\WINDOWS\Temp\643775967.exe
C:\WINDOWS\Temp\644204577.exe
C:\WINDOWS\Temp\648361675.exe
C:\WINDOWS\Temp\665509740.exe
C:\WINDOWS\Temp\667962138.exe
C:\WINDOWS\Temp\669358920.exe
C:\WINDOWS\Temp\669849855.exe
C:\WINDOWS\Temp\670495780.exe
C:\WINDOWS\Temp\67466895.exe
C:\WINDOWS\Temp\676286887.exe
C:\WINDOWS\Temp\682550503.exe
C:\WINDOWS\Temp\695068662.exe
C:\WINDOWS\Temp\697295871.exe
C:\WINDOWS\Temp\708985278.exe
C:\WINDOWS\Temp\71368260.exe
C:\WINDOWS\Temp\71901471.exe
C:\WINDOWS\Temp\721733775.exe
C:\WINDOWS\Temp\724669345.exe
C:\WINDOWS\Temp\729247184.exe
C:\WINDOWS\Temp\729605086.exe
C:\WINDOWS\Temp\732243031.exe
C:\WINDOWS\Temp\767822034.exe
C:\WINDOWS\Temp\778510836.exe
C:\WINDOWS\Temp\789138348.exe
C:\WINDOWS\Temp\80413756.exe
C:\WINDOWS\Temp\805738473.exe
C:\WINDOWS\Temp\806853259.exe
C:\WINDOWS\Temp\807388455.exe
C:\WINDOWS\Temp\813459640.exe
C:\WINDOWS\Temp\831389236.exe
C:\WINDOWS\Temp\843688056.exe
C:\WINDOWS\Temp\844730067.exe
C:\WINDOWS\Temp\845713851.exe
C:\WINDOWS\Temp\849361755.exe
C:\WINDOWS\Temp\877729325.exe
C:\WINDOWS\Temp\878544940.exe
C:\WINDOWS\Temp\883919658.exe
C:\WINDOWS\Temp\8840824.exe
C:\WINDOWS\Temp\88540067.exe
C:\WINDOWS\Temp\88978709.exe
C:\WINDOWS\Temp\89498230.exe
C:\WINDOWS\Temp\895770532.exe
C:\WINDOWS\Temp\896456358.exe
C:\WINDOWS\Temp\90378412.exe
C:\WINDOWS\Temp\905528996.exe
C:\WINDOWS\Temp\907526483.exe
C:\WINDOWS\Temp\908617628.exe
C:\WINDOWS\Temp\913918239.exe
C:\WINDOWS\Temp\921183243.exe
C:\WINDOWS\Temp\924279933.exe
C:\WINDOWS\Temp\924518164.exe
C:\WINDOWS\Temp\948678676.exe
C:\WINDOWS\Temp\958101047.exe
C:\WINDOWS\Temp\963543227.exe
C:\WINDOWS\Temp\966239263.exe
C:\WINDOWS\Temp\969584077.exe
C:\WINDOWS\Temp\971811433.exe
C:\WINDOWS\Temp\973266686.exe
C:\WINDOWS\Temp\984029374.exe
C:\WINDOWS\Temp\997062473.exe
C:\WINDOWS\Temp\99823271.exe
C:\WINDOWS\Temp\998408019.exe
C:\WINDOWS\TEMP\salm.exe
C:\WINDOWS\textos.txt
C:\WINDOWS\updatetc.exe
C:\WINDOWS\voiceip.dll
C:\WINDOWS\winsb.dll
C:\WINDOWS\ymante~1

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ICF
-------\Service_ICF


(((((((((((((((((((((((((   Files Created from 2008-03-21 to 2008-04-21  )))))))))))))))))))))))))))))))
.

2008-04-21 16:41 . 2008-04-21 16:41	<DIR>	d--------	C:\Documents and Settings\Archon.ARN\Application Data\teamspeak2
2008-04-20 22:00 . 2008-04-20 22:01	<DIR>	d--------	C:\Program Files\ICQLite
2008-04-20 22:00 . 2008-04-20 22:01	<DIR>	d--------	C:\Documents and Settings\Archon.ARN\Application Data\ICQLite
2008-04-19 14:32 . 2008-04-19 14:32	<DIR>	d--------	C:\Documents and Settings\Archon.ARN\Application Data\InstallShield
2008-04-18 22:37 . 2008-04-18 22:37	<DIR>	d--------	C:\Documents and Settings\Archon.ARN\Application Data\MusicIP
2008-04-17 22:04 . 2008-04-17 22:04	<DIR>	d--------	C:\Documents and Settings\Archon.ARN\Application Data\ICQ
2008-04-17 20:55 . 2008-04-21 16:39	<DIR>	d--------	C:\Documents and Settings\Archon.ARN\Application Data\skypePM
2008-04-17 20:54 . 2008-04-21 16:52	<DIR>	d--------	C:\Documents and Settings\Archon.ARN\Application Data\Skype
2008-04-17 20:22 . 2008-04-19 13:52	<DIR>	d--------	C:\Documents and Settings\Archon.ARN\Application Data\Hamachi
2008-04-17 20:21 . 2008-04-17 20:21	<DIR>	d--------	C:\Documents and Settings\Archon.ARN\Application Data\ICQ Toolbar
2008-04-17 20:17 . 2008-04-17 20:17	<DIR>	d--------	C:\Program Files\Microsoft Games
2008-04-17 20:17 . 2000-07-28 22:33	2,555,949	--a------	C:\Temp\empires2.exe
2008-04-17 20:17 . 2000-09-20 01:55	138,752	--a------	C:\Temp\dplayerx.dll
2008-04-17 20:15 . 2008-04-21 17:15	<DIR>	d--------	C:\Documents and Settings\Archon.ARN\Application Data\MEGAUPLOADTOOLBAR
2008-04-17 20:14 . 2008-04-17 20:14	<DIR>	d--------	C:\Documents and Settings\Archon.ARN\Application Data\Grisoft
2008-04-17 20:13 . 2008-04-18 20:21	<DIR>	d--------	C:\Documents and Settings\Archon.ARN
2008-04-17 20:13 . 2008-04-21 17:34	147,456	--ah-----	C:\Documents and Settings\Archon.ARN\ntuser.dat.LOG
2008-04-17 14:57 . 1999-12-17 10:13	86,016	--a------	C:\WINDOWS\unvise32.exe
2008-04-15 14:17 . 2008-04-19 14:33	32	--a------	C:\WINDOWS\system32\w3data.vss
2008-04-15 14:17 . 2008-04-19 14:33	32	--a------	C:\WINDOWS\system32\msvcsv60.dll
2008-04-15 14:17 . 2008-04-19 14:33	32	--a------	C:\WINDOWS\msocreg32.dat
2008-04-15 14:09 . 2008-04-15 14:09	<DIR>	d--------	C:\Program Files\Steinberg
2008-04-15 14:09 . 2008-04-16 20:09	<DIR>	d--------	C:\Program Files\IK Multimedia
2008-04-15 14:09 . 2008-04-15 14:09	<DIR>	d--------	C:\Program Files\Common Files\DigiDesign
2008-04-14 21:54 . 2008-04-14 21:54	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\IK Multimedia
2008-04-12 13:36 . 2008-04-12 13:36	<DIR>	d--------	C:\Documents and Settings\Administrator\Application Data\Apple Computer
2008-04-12 13:33 . 2008-04-12 13:33	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Apple
2008-04-12 13:18 . 2008-04-12 13:33	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-12 13:18 . 2008-04-20 13:54	54,156	--ah-----	C:\WINDOWS\QTFont.qfn
2008-04-12 13:18 . 2008-04-12 13:18	1,409	--a------	C:\WINDOWS\QTFont.for
2008-04-12 13:15 . 2008-04-12 13:34	<DIR>	d--------	C:\Program Files\QuickTime
2008-04-12 13:15 . 2008-04-12 13:15	<DIR>	d--------	C:\Program Files\ImTOO
2008-04-10 11:34 . 2003-04-02 18:07	61,440	--a------	C:\dbg.dll
2008-04-10 11:33 . 2003-04-30 10:55	249,856	--a------	C:\Core.dll
2008-04-10 09:20 . 2008-04-10 09:22	<DIR>	d--------	C:\Program Files\DOSBox-0.72
2008-04-08 20:52 . 2008-04-10 09:23	<DIR>	d--------	C:\wolf3d
2008-04-06 15:28 . 2008-04-06 15:28	<DIR>	d--------	C:\Documents and Settings\Archoon\Application Data\ICQ Toolbar
2008-04-06 15:24 . 2008-04-06 15:24	<DIR>	d--------	C:\Program Files\SpyMaxx
2008-04-06 15:23 . 2008-04-06 15:23	<DIR>	d--------	C:\Documents and Settings\Archoon\Application Data\MEGAUPLOADTOOLBAR
2008-04-06 15:18 . 2008-04-06 15:18	<DIR>	d--------	C:\Documents and Settings\Archoon\Application Data\Grisoft
2008-04-06 15:17 . 2008-04-06 15:18	<DIR>	d--------	C:\Documents and Settings\Archoon\Application Data\ICQ
2008-04-06 15:15 . 2008-04-06 15:15	<DIR>	d--------	C:\Documents and Settings\Archoon
2008-04-06 15:15 . 2008-04-21 17:27	1,024	--ah-----	C:\Documents and Settings\Archoon\ntuser.dat.LOG
2008-04-03 15:09 . 2008-04-21 17:15	<DIR>	d--------	C:\Program Files\ICQToolbar
2008-04-03 15:07 . 2008-04-17 18:40	<DIR>	d--------	C:\Program Files\ICQ6
2008-04-02 15:29 . 2008-02-20 20:39	81,920	--a------	C:\WINDOWS\system32\emfxp.dll
2008-04-02 14:29 . 2008-04-21 17:27	1,024	--ah-----	C:\WINDOWS\system32\config\systemprofile\NtUser.dat.LOG
2008-04-01 22:29 . 2008-04-01 22:29	<DIR>	d--------	C:\Program Files\Alwil Software
2008-04-01 22:29 . 2003-03-18 21:20	1,060,864	--a------	C:\WINDOWS\system32\MFC71.dll
2008-04-01 22:29 . 2003-03-18 20:14	499,712	--a------	C:\WINDOWS\system32\MSVCP71.dll
2008-04-01 13:42 . 2008-04-01 13:42	269,334	--a------	C:\WINDOWS\system32\jitknmtgrad.bmp
2008-04-01 13:38 . 2008-04-01 13:38	269,334	--a------	C:\WINDOWS\system32\cjmdsfmhon.bmp
2008-04-01 07:48 . 2008-04-01 07:48	269,334	--a------	C:\WINDOWS\system32\pkjehsjadgnip.bmp
2008-04-01 07:44 . 2008-04-01 07:44	269,334	--a------	C:\WINDOWS\system32\bepojidkf.bmp
2008-03-31 23:10 . 2008-03-31 23:10	269,334	--a------	C:\WINDOWS\system32\jepsnep.bmp
2008-03-31 18:56 . 2008-03-31 18:56	269,334	--a------	C:\WINDOWS\system32\fetgn.bmp
2008-03-31 14:29 . 2008-03-31 14:29	269,334	--a------	C:\WINDOWS\system32\itkbqlsbidsril.bmp
2008-03-30 19:29 . 2008-03-30 19:29	269,334	--a------	C:\WINDOWS\system32\qpsjat.bmp
2008-03-30 12:51 . 2008-03-30 12:51	269,334	--a------	C:\WINDOWS\system32\tkfmlofetkrqt.bmp
2008-03-30 12:04 . 2008-03-30 12:04	269,334	--a------	C:\WINDOWS\system32\fetgrmdsjalgb.bmp
2008-03-29 23:51 . 2008-03-29 23:51	269,334	--a------	C:\WINDOWS\system32\mdgnqtcfipgnqd.bmp
2008-03-29 22:39 . 2008-03-29 22:39	269,334	--a------	C:\WINDOWS\system32\repojilsbid.bmp
2008-03-29 19:50 . 2008-03-29 19:50	269,334	--a------	C:\WINDOWS\system32\cfahgbmtgrmhgr.bmp
2008-03-29 18:18 . 2008-03-29 18:18	269,334	--a------	C:\WINDOWS\system32\itgbeh.bmp
2008-03-29 10:32 . 2008-03-29 10:32	269,334	--a------	C:\WINDOWS\system32\itonahknahcbml.bmp
2008-03-28 23:37 . 2008-03-28 23:37	90,112	--a------	C:\WINDOWS\system32\QuickTimeVR.qtx
2008-03-28 23:37 . 2008-03-28 23:37	57,344	--a------	C:\WINDOWS\system32\QuickTime.qts
2008-03-28 20:30 . 2008-04-18 17:38	<DIR>	d--------	C:\Program Files\Eidos Interactive
2008-03-28 17:31 . 2008-03-28 17:31	269,334	--a------	C:\WINDOWS\system32\doridsfadcfap.bmp
2008-03-28 17:11 . 2008-03-28 17:11	269,334	--a------	C:\WINDOWS\system32\srmpcfitkret.bmp
2008-03-28 14:00 . 2008-03-28 14:00	269,334	--a------	C:\WINDOWS\system32\pkjadgbql.bmp
2008-03-28 13:51 . 2008-03-28 13:51	269,334	--a------	C:\WINDOWS\system32\qhcbetsnqt.bmp
2008-03-28 00:00 . 2008-03-28 00:00	269,334	--a------	C:\WINDOWS\system32\nilgrqdonqdgf.bmp
2008-03-27 23:29 . 2008-03-27 23:29	<DIR>	d--------	C:\Program Files\MegauploadToolbar
2008-03-27 23:29 . 2008-04-20 15:28	<DIR>	d--------	C:\Documents and Settings\Administrator\Application Data\MegauploadToolbar
2008-03-27 19:34 . 2008-03-27 19:34	269,334	--a------	C:\WINDOWS\system32\psbmpcbmh.bmp
2008-03-27 13:54 . 2008-03-27 13:54	269,334	--a------	C:\WINDOWS\system32\pcrelgbmdgj.bmp
2008-03-27 08:57 . 2008-03-27 08:57	269,334	--a------	C:\WINDOWS\system32\jmdkf.bmp
2008-03-26 22:45 . 2008-03-26 22:45	269,334	--a------	C:\WINDOWS\system32\nelkbql.bmp
2008-03-26 21:33 . 2008-03-26 21:33	269,334	--a------	C:\WINDOWS\system32\jidkjedgj.bmp
2008-03-26 21:10 . 2008-03-26 21:10	269,334	--a------	C:\WINDOWS\system32\cbipojqtsfip.bmp
2008-03-26 19:58 . 2008-03-26 19:58	269,334	--a------	C:\WINDOWS\system32\ehofitcripsjqh.bmp
2008-03-26 16:20 . 2008-03-26 16:20	269,334	--a------	C:\WINDOWS\system32\oritkrmdkb.bmp
2008-03-26 15:38 . 2008-03-26 15:38	269,334	--a------	C:\WINDOWS\system32\cbmdsret.bmp
2008-03-26 14:55 . 2008-03-26 14:55	269,334	--a------	C:\WINDOWS\system32\dcfmh.bmp
2008-03-26 14:45 . 2008-03-26 14:45	269,334	--a------	C:\WINDOWS\system32\apsbit.bmp
2008-03-26 08:42 . 2008-03-26 08:42	269,334	--a------	C:\WINDOWS\system32\ipcrad.bmp
2008-03-25 21:41 . 2008-03-25 21:41	269,334	--a------	C:\WINDOWS\system32\pgjil.bmp
2008-03-25 21:30 . 2008-03-25 21:30	269,334	--a------	C:\WINDOWS\system32\bidojahcnml.bmp
2008-03-25 19:26 . 2008-03-25 19:26	269,334	--a------	C:\WINDOWS\system32\jilgnml.bmp
2008-03-25 18:44 . 2008-03-25 18:44	269,334	--a------	C:\WINDOWS\system32\lcjmdoralobap.bmp
2008-03-25 16:20 . 2008-03-25 16:20	269,334	--a------	C:\WINDOWS\system32\rmlgnmlcnidkj.bmp
2008-03-25 11:32 . 2008-03-25 11:32	269,334	--a------	C:\WINDOWS\system32\ilcnmhsn.bmp
2008-03-24 18:42 . 2008-03-24 18:42	269,334	--a------	C:\WINDOWS\system32\kfadojatojep.bmp
2008-03-24 12:35 . 2008-03-24 12:35	269,334	--a------	C:\WINDOWS\system32\dobepsj.bmp
2008-03-24 11:06 . 2008-03-24 11:06	269,334	--a------	C:\WINDOWS\system32\apojql.bmp
2008-03-24 10:58 . 2008-03-24 10:58	269,334	--a------	C:\WINDOWS\system32\ojapgrmlsr.bmp
2008-03-24 10:33 . 2008-03-24 10:33	269,334	--a------	C:\WINDOWS\system32\qdgbihkfehgnit.bmp
2008-03-23 20:42 . 2008-03-23 20:42	269,334	--a------	C:\WINDOWS\system32\lsbilsb.bmp
2008-03-23 11:32 . 2008-03-23 11:32	269,334	--a------	C:\WINDOWS\system32\nilobit.bmp
2008-03-23 02:01 . 2008-03-23 02:01	269,334	--a------	C:\WINDOWS\system32\lsfqlcn.bmp
2008-03-23 01:36 . 2008-03-23 01:36	269,334	--a------	C:\WINDOWS\system32\qpcfedcral.bmp
2008-03-22 23:46 . 2008-03-22 23:46	269,334	--a------	C:\WINDOWS\system32\obetgfqh.bmp
2008-03-22 19:46 . 2008-03-22 19:46	269,334	--a------	C:\WINDOWS\system32\mlkbitsjel.bmp
2008-03-22 19:39 . 2008-03-22 19:39	269,334	--a------	C:\WINDOWS\system32\ehcfmpkb.bmp
2008-03-22 15:56 . 2008-03-22 15:56	269,334	--a------	C:\WINDOWS\system32\pknqpsnihgn.bmp
2008-03-22 12:39 . 2008-03-22 12:39	269,334	--a------	C:\WINDOWS\system32\sjipgn.bmp
2008-03-22 11:57 . 2008-03-22 11:57	269,334	--a------	C:\WINDOWS\system32\ipkretob.bmp
2008-03-21 22:53 . 2008-03-21 22:53	269,334	--a------	C:\WINDOWS\system32\psjqtgn.bmp
2008-03-21 19:31 . 2008-03-21 19:31	269,334	--a------	C:\WINDOWS\system32\jilsbmpgjqlsb.bmp

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-18 18:38	---------	d--h--w	C:\Program Files\InstallShield Installation Information
2008-04-18 15:38	---------	d-----w	C:\Program Files\TimeAdjuster
2008-04-17 17:45	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\Hamachi
2008-04-17 12:30	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\Free Download Manager
2008-04-16 20:32	---------	d-----w	C:\Program Files\QIP Infium
2008-04-14 20:11	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\Skype
2008-04-14 20:05	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\skypePM
2008-04-11 17:55	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\LimeWire
2008-04-01 21:13	---------	d-----w	C:\Program Files\Lineage II
2008-03-28 15:29	---------	d-----w	C:\Program Files\Valve Hammer Editor
2008-03-28 15:29	---------	d-----w	C:\Program Files\Restorator 2007
2008-03-28 15:26	---------	d-----w	C:\Program Files\IDoser v4
2008-03-25 13:56	---------	d-----w	C:\Program Files\Java
2008-03-22 17:49	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\ICQ
2008-03-19 15:24	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\Xfire
2008-03-18 12:54	---------	d-----w	C:\Program Files\Xfire
2008-03-17 17:47	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\teamspeak2
2008-03-16 21:42	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\ooVoo Details
2008-03-16 19:28	---------	d-----w	C:\Program Files\XP Codec Pack
2008-03-16 11:45	---------	d-----w	C:\Program Files\Yahoo!
2008-03-16 11:33	---------	d-----w	C:\Program Files\SMS Posilac
2008-03-16 11:26	---------	d-----w	C:\Program Files\SMS Manager
2008-03-14 15:23	---------	d-----w	C:\Program Files\Windows Live Toolbar
2008-03-14 15:23	---------	d-----w	C:\Program Files\Prstoklad
2008-03-14 15:23	---------	d-----w	C:\Program Files\LimeWire
2008-03-14 15:23	---------	d-----w	C:\Program Files\Install Creator
2008-03-14 15:23	---------	d-----w	C:\Program Files\AV Vcs 4.0 DIAMOND
2008-03-13 18:17	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\QIP
2008-03-10 16:14	---------	d-----w	C:\Program Files\Lavasoft
2008-03-10 16:14	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-10 16:13	---------	d-----w	C:\Program Files\Common Files\Wise Installation Wizard
2008-03-10 15:40	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\Grisoft
2008-03-10 15:39	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-10 14:01	---------	d-----w	C:\Program Files\Guitar Pro 5
2008-03-10 08:54	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\ESET
2008-03-10 08:52	---------	d-----w	C:\Program Files\ESET
2008-03-10 08:52	---------	d-----w	C:\Documents and Settings\All Users\Application Data\ESET
2008-03-09 13:39	---------	d-----w	C:\Program Files\Windows Live
2008-03-07 20:54	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\FileZilla
2008-03-07 19:24	---------	d-----w	C:\Program Files\Common Files\DirectX
2008-03-05 20:50	---------	d-----w	C:\Program Files\Microsoft SQL Server Compact Edition
2008-03-05 20:48	---------	d-----w	C:\Program Files\Windows Live Favorites
2008-03-05 20:41	---------	dcsh--w	C:\Program Files\Common Files\WindowsLiveInstaller
2008-03-05 20:33	---------	d-----w	C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-02 20:50	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\MSNInstaller
2008-03-02 20:42	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\ABBYY
2008-03-02 20:40	---------	d-----w	C:\Program Files\Common Files\ABBYY
2008-03-02 20:37	---------	d-----w	C:\Documents and Settings\All Users\Application Data\ABBYY
2008-03-02 14:20	---------	d-----w	C:\Program Files\TRANSLATOR
2008-02-25 19:58	---------	d-----w	C:\Program Files\FDRLab
2008-02-25 15:09	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\My Battle for Middle-earth Files
2008-02-24 13:28	---------	d-----w	C:\Documents and Settings\Administrator\Application Data\BitTorrent
2008-02-23 14:37	---------	d-----w	C:\Program Files\No-IP
2008-02-19 23:12	352,256	----a-w	C:\WINDOWS\eSellerateEngine.dll
2008-02-18 15:10	143,997	----a-w	C:\Decal_Converter.zip
2008-02-01 10:11	586,240	----a-w	C:\WINDOWS\WLXPGSS.SCR
2007-11-16 22:43	32	----a-w	C:\Documents and Settings\All Users\Application Data\ezsid.dat
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{09821A07-3A07-481B-9E0A-6C5EEE53DE5A}]
2004-08-04 14:00	88064	--a------	C:\WINDOWS\system32\amstrea.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3AD53278-1DCC-4DE9-9D89-0BF8F13D7548}]
			C:\WINDOWS\system32\mllmm.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SkyTel"="SkyTel.EXE" [2006-05-16 12:04 2879488 C:\WINDOWS\SkyTel.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 13:49 16269312 C:\WINDOWS\RTHDCPL.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 02:07 8491008]
"nwiz"="nwiz.exe" [2007-09-17 02:07 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 02:07 81920]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"TalkAndWrite"="C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\1163D2B46CC742E5A3CC9E4157887751\TalkAndWrite.exe" [2008-02-20 20:39 3042816]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2008-03-10 20:02 6731312]
"BM3b1d1851"="C:\WINDOWS\system32\gphfddcp.dll" [ ]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2006-03-18 04:24 184320]
"SpyMaxx"="C:\Program Files\SpyMaxx\SpyMaxx.exe" [2008-04-06 15:24 325080]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\H0ð]
H0ð

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\H€ð]
H€ð

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\qomllmn]
qomllmn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wincqt32]
wincqt32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ˬc]
ˬc

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll
"vidc.ffds"= ffdshow.ax

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^Xfire.lnk]
path=C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
--a------ 2008-03-10 20:02 6731312 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
--a------ 2007-12-21 09:21 1443072 C:\Program Files\ESET\ESET Smart Security\egui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadu-Gadu]
C:\Program Files\Gadu-Gadu\gg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ooVoo.exe]
C:\Program Files\ooVoo\ooVoo.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQLite\\ICQLite.exe"=
"C:\\Arn ^^\\Games\\CS 1.6\\hl.exe"=
"C:\\Documents and Settings\\Administrator\\My Documents\\eL2Walker\\L2W_All.EXE"=
"C:\\Arn ^^\\Games\\Quake 3\\quake3.exe"=
"C:\\Program Files\\QIP\\qip.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Arn ^^\\Games\\CS 1.6\\hlds.exe"=
"C:\\Program Files\\Xfire\\xfire.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"33989:TCP"= 33989:TCP:@xpsp2res.dll,-22005
"39232:TCP"= 39232:TCP:@xpsp2res.dll,-22005
"13943:TCP"= 13943:TCP:@xpsp2res.dll,-22005
"6066:TCP"= 6066:TCP:@xpsp2res.dll,-22005

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;"C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe" -service []
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R3 nvsmu;nvsmu;C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2007-02-16 02:50]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a604bb2-b250-11dc-a60c-0019662d9f96}]
\Shell\AutoRun\command - F:\cfdflx.com
\Shell\explore\Command - F:\cfdflx.com
\Shell\open\Command - F:\cfdflx.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7a604bb3-b250-11dc-a60c-0019662d9f96}]
\Shell\AutoRun\command - cfdflx.com
\Shell\explore\Command - cfdflx.com
\Shell\open\Command - cfdflx.com

.
Contents of the 'Scheduled Tasks' folder
"2008-04-21 15:11:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-21 17:33:08
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-04-21 17:37:20 - machine was rebooted
ComboFix-quarantined-files.txt  2008-04-21 15:37:17

Pre-Run: 4,754,313,216 bytes free
Post-Run: 5,327,773,696 bytes free

779	--- E O F ---	2008-03-28 11:56:59
Používateľov profilový obrázok
gammaray
Administrátor
Administrátor
Príspevky: 7130
Dátum registrácie: Po 23. Okt, 2006, 02:00
Bydlisko: Kysucké Nové Mesto

Príspevok od používateľa gammaray »

To co tam mas za kraviny vo Windows/Temp ? Tie exe subory ? NOD a Spybot pouzivam a som spokojny. Prebehni to tym a potom povedz co sa stalo.
ZOSTAVA CPU: AMD 5600x MB: GIGABYTE B550M AORUS PRO-P (rev. 1.0) Cooler CPU: SilentiumPC Fera 5 RAM: Crucial Ballistix Black 16GB (2x8GB) DDR4 3600MHz CL16 M.2 SSD NVME system: Samsung 980 1TB M.2 SSD NVME data: Samsung 980 1TB DVD RW: Samsung SH-S183A GPU: GeForce RTX™ 3070 GAMING OC 8G (rev. 2.0) PSU: CORSAIR RM750x PSU 750W 80+ Gold 2021 Monitor: LG 32GK850F CASE: Fractal Design Define Mini Headset: KOSS SB/45 Repro: Fluid Audio F5 Myš: Logitech G Pro Klávesnica: Corsair K68 RGB OS: Windows 10 Pro 64bit
Používateľov profilový obrázok
B4rz1n1
Používateľ
Používateľ
Príspevky: 409
Dátum registrácie: So 28. Apr, 2007, 08:00
Bydlisko: Trencin/BA

Príspevok od používateľa B4rz1n1 »

jak som hodil ten ComboFix tak viditelne sa situacia zlepsila... automaticky mi uz nemeni plochu na daku kravinu, nevyhadzuju sa mi webove stranky o antivirakoch a podobne kraviny... este si precheckujem PC tym SpyBotom a este dam vediet....
Používateľov profilový obrázok
Jerry
Administrátor
Administrátor
Príspevky: 2788
Dátum registrácie: Ut 22. Feb, 2005, 20:00
Bydlisko: Trenčín

Príspevok od používateľa Jerry »

Ja by som len doporucil Spybot aktualizovat a potom ist do safe mode a tam dat kontrolu, lebo takto sa vsetkeho nezbavis ... :wink: A ako bolo napisane Eset Smart + Spybot = dobre zabezpeceny pc.
Používateľov profilový obrázok
B4rz1n1
Používateľ
Používateľ
Príspevky: 409
Dátum registrácie: So 28. Apr, 2007, 08:00
Bydlisko: Trencin/BA

Príspevok od používateľa B4rz1n1 »

ok dakujem za rady
Používateľov profilový obrázok
blackbox
Používateľ
Používateľ
Príspevky: 388
Dátum registrácie: Št 27. Mar, 2008, 14:00
Bydlisko: London

Príspevok od používateľa blackbox »

nechcem zbytocne spamovat, ale tiez musim potrvrdit a vrelo odporucit. pouzivam NOD32 trial(kazdy mesiac preinstalujem-neni s tym vela roboty) + SPYBOT a odvtedy si u mna ani neprdol ziaden sajrajt :lol:
Používateľov profilový obrázok
br4n0
Používateľ
Používateľ
Príspevky: 599
Dátum registrácie: Ut 20. Mar, 2007, 08:00
Bydlisko: Bratislava V

Príspevok od používateľa br4n0 »

blackbox napísal:nechcem zbytocne spamovat, ale tiez musim potrvrdit a vrelo odporucit. pouzivam NOD32 trial(kazdy mesiac preinstalujem-neni s tym vela roboty) + SPYBOT a odvtedy si u mna ani neprdol ziaden sajrajt :lol:
Vsimol si si, aky ma antivirus. NOD nie je vsemocny. A Spybot tiez dava zbohom, keD ide do tuheho.
Používateľov profilový obrázok
Jerry
Administrátor
Administrátor
Príspevky: 2788
Dátum registrácie: Ut 22. Feb, 2005, 20:00
Bydlisko: Trenčín

Príspevok od používateľa Jerry »

br4n0@

Keby si vies poriadne noda a spybota nadstavit, tak nemas problem. A nehovoriac o tom, ze musis si byt aj vedomy, ze kde vlastne klikas. Cize podobne reci ako nod nie je vsemocny sice respektujem, ale je to vec cisto uzivatela co si do pc pusti a co nie. A o tom ze spybot nie je ucinny ked ide do tuheho (co vlastne nechapem vyznam pojmu "do tuheho") svedci, ze mas s nim pravdepodobne male skusenosti, co tento program dokaze. Ked si spustis spybot v safemode, neunikne takmer ziadne svinstvo ...
Používateľov profilový obrázok
gammaray
Administrátor
Administrátor
Príspevky: 7130
Dátum registrácie: Po 23. Okt, 2006, 02:00
Bydlisko: Kysucké Nové Mesto

Príspevok od používateľa gammaray »

....ale aspon som sa zasmial :D

No a k veci, presne tak ako Jerry pise s tym suhlasim. Pokial chodis po kadejakych pofidernych strankach tak nachytas svinstvo nejake. Nic nieje 100%-ne (ani ten najlepsi antivirus, antispyware). Najlepsia ochrana proti svinstvam z netu je nechodit po "takych" strankach, netahat si do PC kadeco a aktualizovat si SW urceny na zachytavanie svinstiev z netu.

Hough!
ZOSTAVA CPU: AMD 5600x MB: GIGABYTE B550M AORUS PRO-P (rev. 1.0) Cooler CPU: SilentiumPC Fera 5 RAM: Crucial Ballistix Black 16GB (2x8GB) DDR4 3600MHz CL16 M.2 SSD NVME system: Samsung 980 1TB M.2 SSD NVME data: Samsung 980 1TB DVD RW: Samsung SH-S183A GPU: GeForce RTX™ 3070 GAMING OC 8G (rev. 2.0) PSU: CORSAIR RM750x PSU 750W 80+ Gold 2021 Monitor: LG 32GK850F CASE: Fractal Design Define Mini Headset: KOSS SB/45 Repro: Fluid Audio F5 Myš: Logitech G Pro Klávesnica: Corsair K68 RGB OS: Windows 10 Pro 64bit
Používateľov profilový obrázok
br4n0
Používateľ
Používateľ
Príspevky: 599
Dátum registrácie: Ut 20. Mar, 2007, 08:00
Bydlisko: Bratislava V

Príspevok od používateľa br4n0 »

Jerry napísal:br4n0@

Keby si vies poriadne noda a spybota nadstavit, tak nemas problem. A nehovoriac o tom, ze musis si byt aj vedomy, ze kde vlastne klikas. Cize podobne reci ako nod nie je vsemocny sice respektujem, ale je to vec cisto uzivatela co si do pc pusti a co nie. A o tom ze spybot nie je ucinny ked ide do tuheho (co vlastne nechapem vyznam pojmu "do tuheho") svedci, ze mas s nim pravdepodobne male skusenosti, co tento program dokaze. Ked si spustis spybot v safemode, neunikne takmer ziadne svinstvo ...
Tu nejde o nastavenie (s rezidentnou ochranou velmi nepohnes), ale o detekcne a najma odstranovacie schopnosti. Ja tieto problemy nemam a nepotrebujem AV ani AS, ale pomaham s manualnym odstranovanim. A keby vacsina ludi s vaznymi problemami nemala NOD (ale aj ine kvalitne AV) a Spybot/Ad-aware, veril by som, ze je to "neporazitelne duo". Je sice pekne, ze to najde cookies, BHO a podobne prkotiny, ale keD pride na rad napr. nejaky Vundo a podobne trojany(vtedy ide do tuheho alebo inak, pozri si zoznam suborov vymazanych combofixom napriek pritomnosti NOD+Adaware07), v lepsom pripade to len pravidelne bezmocne vykrikuje bez moznosti skutocne to odstranit.
Ale ako si pisal, keby ludia nespustali kazdy blby exe, ktory im vyskoci, nemali by problem. Ty zrejme k takym ludom nepatris a do systemu si netahas skutocne svinstva, a teda AV/AS nema vela prace. Z takychto podmienok potom vychadzaju tvrdenia o neporazitelnosti NOD+Spybot, hoci v skutocnosti je pravym dovodom rozumnost pouzivatela, nie efektivnost bezpecnostneho riesenia.

//Keby si sa v tejto oblasti nejaky cas pohyboval, tiez by si stratil iluzie. [/OT]
Lopik
Používateľ
Používateľ
Príspevky: 413
Dátum registrácie: Ut 17. Apr, 2007, 08:00
Bydlisko: Žilina

Príspevok od používateľa Lopik »

br4n0
pekne napisane ... bolo by to fajn, keby boli PC nedobitne s pouzitim softwarovej ochrany. Lenze realita je trosku inde.

Návrat na "Bezpečnost a zabezpečenie PC"