Obsah fóra
PravidláRegistrovaťPrihlásenie




Odpovedať na tému [ Príspevkov: 59 ] Choď na stránku: predchádzajúca 1, 2
AutorSpráva
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 15:07

a usb mam mat stale zapojene?? ci to nevadi??


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 27.03.2013 15:10

nie nevadi


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 15:17

Logfile of random's system information tool 1.09 (written by random/random)
Run by MILOŠ at 2013-03-27 15:06:14
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 28 GB (19%) free of 148 GB
Total RAM: 3066 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:07:28, on 27. 3. 2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\Explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\MILOŠ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\MILOŠ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILOŠ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILOŠ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILOŠ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILOŠ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILOŠ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\MILOŠ\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\MILOŠ\Downloads\RSIT.exe
C:\Program Files\trend micro\MILOŠ.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [ProductReg] "C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Google Update] "C:\Users\MILOŠ\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] D:\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] D:\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Správca pre program Google Desktop 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 11192 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1436560887-626234917-1139969595-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1436560887-626234917-1139969595-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default

prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.19"
prefs.js - "keyword.URL" - "http://search.babylon.com/?affID=109980&babsrc=KW_ss&mntrId=b83e948300000000000000216b073b20&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.6.602.168 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.15.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
aboutRights.js
aboutRobots.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GoogleDesktopMozilla.dll
GoogleDesktopMozillaStub.js
GoogleDesktopMozillaStub.xpt
jsconsole-clhandler.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npnul32.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
arccosine.xml
atlas-sk.xml
azet-sk.xml
babylon.xml
dunaj-sk.xml
eBay.xml
google.xml
googledesktop.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\extensions\
ffxtlbr@babylon.com
{20a82645-c095-46ed-80e3-08825760534b}
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\searchplugins\
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-07-29 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-07-29 142896]
{855F3B16-6D32-4fe6-8A56-BBB695989046}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-09-18 6294048]
"ePower_DMC"=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-08-01 405504]
"eDataSecurity Loader"=C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-07-29 526896]
"eAudio"=C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-09-11 544768]
"BkupTray"=C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]
"ProductReg"=C:\Program Files\Acer\WR_PopUp\ProductReg.exe [2008-09-23 6144]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-25 1049896]
"LManager"=C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE [2008-06-04 817672]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-16 30192]
"eRecoveryService"= []
"ArcadeDeluxeAgent"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-07-24 147456]
"CLMLServer"=C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-07-24 167936]
"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-07-18 167936]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2006-11-12 157592]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Skytel"=C:\Windows\Skytel.exe [2008-09-18 1833504]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-11-04 500208]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-29 2145000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\MILOŠ\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-11 136176]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll [2007-04-24 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2013-03-27 15:06:14 ----D---- C:\rsit
2013-03-27 15:06:14 ----D---- C:\Program Files\trend micro
2013-03-27 14:59:56 ----RASHD---- C:\Autorun.inf
2013-03-27 14:52:08 ----A---- C:\UsbFix [Clean 2] MILOŠ-PC.txt
2013-03-27 14:42:05 ----N---- C:\UsbFix [Clean 1] MILOŠ-PC.txt
2013-03-27 14:29:52 ----N---- C:\UsbFix [Listing 3 ] MILOŠ-PC.txt
2013-03-27 14:07:05 ----N---- C:\UsbFix [Listing 2 ] MILOŠ-PC.txt
2013-03-27 14:04:40 ----N---- C:\UsbFix [Listing 1 ] MILOŠ-PC.txt
2013-03-27 14:04:18 ----D---- C:\UsbFix
2013-03-27 13:05:48 ----ASH---- C:\hiberfil.sys
2013-03-25 21:05:42 ----D---- C:\Users\MILOŠ\AppData\Roaming\Malwarebytes
2013-03-25 21:05:28 ----D---- C:\ProgramData\Malwarebytes
2013-03-25 15:39:16 ----D---- C:\Users\MILOŠ\AppData\Roaming\{4C766D83-785B-4C68-8FFF-64FFE9A5AFE9}
2013-03-25 15:38:57 ----D---- C:\Users\MILOŠ\AppData\Roaming\{E287A29A-E0C0-4805-9623-C43280552DDA}
2013-03-25 15:38:37 ----D---- C:\Temp
2013-03-23 20:10:26 ----A---- C:\Windows\system32\drivers\usb8023.sys
2013-03-23 14:45:21 ----N---- C:\MSDOS.SYS
2013-03-23 14:45:21 ----N---- C:\IO.SYS
2013-03-23 14:30:08 ----D---- C:\Program Files\Call of Duty Game of the Year Edition
2013-03-23 14:29:12 ----A---- C:\Windows\CoD.INI
2013-03-19 18:12:36 ----A---- C:\Windows\ntbtlog.txt
2013-03-17 20:07:04 ----D---- C:\Program Files\ESET
2013-03-16 22:40:11 ----D---- C:\Users\MILOŠ\AppData\Roaming\Mirillis
2013-03-16 22:40:11 ----D---- C:\ProgramData\Mirillis
2013-03-16 22:37:59 ----D---- C:\Program Files\Mirillis
2013-03-14 14:47:16 ----A---- C:\Windows\system32\mshtmled.dll
2013-03-14 14:47:15 ----A---- C:\Windows\system32\vbscript.dll
2013-03-14 14:47:14 ----A---- C:\Windows\system32\jsproxy.dll
2013-03-14 14:47:14 ----A---- C:\Windows\system32\ieui.dll
2013-03-14 14:47:13 ----A---- C:\Windows\system32\msfeeds.dll
2013-03-14 14:47:13 ----A---- C:\Windows\system32\ieUnatt.exe
2013-03-14 14:47:12 ----A---- C:\Windows\system32\wininet.dll
2013-03-14 14:47:11 ----A---- C:\Windows\system32\jscript.dll
2013-03-14 14:47:10 ----A---- C:\Windows\system32\jscript9.dll
2013-03-14 14:47:09 ----A---- C:\Windows\system32\url.dll
2013-03-14 14:47:08 ----A---- C:\Windows\system32\iertutil.dll
2013-03-14 14:47:06 ----A---- C:\Windows\system32\urlmon.dll
2013-03-14 14:47:02 ----A---- C:\Windows\system32\mshtml.dll
2013-03-14 14:46:57 ----A---- C:\Windows\system32\ieframe.dll
2013-03-07 00:28:53 ----D---- C:\ProgramData\Steam
2013-03-06 23:24:25 ----D---- C:\Program Files\SQUARE ENIX
2013-03-04 11:10:59 ----D---- C:\EnergyPlusV7-2-0
2013-03-04 11:03:46 ----D---- C:\Program Files\OpenStudio 0.10.0

======List of files/folders modified in the last 1 month======

2013-03-27 22:04:52 ----D---- C:\Windows\system32\config
2013-03-27 22:04:31 ----D---- C:\Windows\system32\wbem
2013-03-27 22:04:17 ----D---- C:\Windows\Tasks
2013-03-27 22:04:17 ----D---- C:\Windows\system
2013-03-27 22:04:15 ----D---- C:\Windows\system32\spool
2013-03-27 22:04:12 ----D---- C:\Windows\system32\Msdtc
2013-03-27 22:04:10 ----D---- C:\Windows\system32\en-US
2013-03-27 22:04:10 ----D---- C:\Windows\system32\drivers\etc
2013-03-27 22:04:08 ----D---- C:\Windows\system32\CodeIntegrity
2013-03-27 22:04:08 ----D---- C:\Windows\system32\catroot2
2013-03-27 22:04:06 ----D---- C:\Windows
2013-03-27 22:04:03 ----D---- C:\Users\MILOŠ\AppData\Roaming\vlc
2013-03-27 22:04:02 ----D---- C:\Users\MILOŠ\AppData\Roaming\AIMP
2013-03-27 22:03:23 ----D---- C:\Windows\registration
2013-03-27 21:49:11 ----SHD---- C:\Boot
2013-03-27 15:07:23 ----D---- C:\Windows\Temp
2013-03-27 15:06:14 ----D---- C:\Program Files
2013-03-27 15:05:34 ----D---- C:\Program Files\Mozilla Firefox
2013-03-27 14:35:05 ----D---- C:\Users\MILOŠ\AppData\Roaming\Skype
2013-03-27 14:05:53 ----D---- C:\Windows\System32
2013-03-27 14:05:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-27 14:05:52 ----D---- C:\Windows\inf
2013-03-27 13:44:02 ----SHD---- C:\System Volume Information
2013-03-26 13:51:55 ----D---- C:\Windows\winsxs
2013-03-26 12:19:41 ----D---- C:\Windows\Prefetch
2013-03-25 21:26:56 ----D---- C:\Windows\system32\drivers
2013-03-25 21:05:28 ----HD---- C:\ProgramData
2013-03-20 18:53:19 ----D---- C:\Windows\Minidump
2013-03-19 18:15:27 ----D---- C:\Users\MILOŠ\AppData\Roaming\ICQ
2013-03-19 12:00:47 ----D---- C:\Windows\system32\catroot
2013-03-17 20:07:51 ----SHD---- C:\Windows\Installer
2013-03-17 20:07:04 ----D---- C:\ProgramData\ESET
2013-03-15 16:28:19 ----SD---- C:\Users\MILOŠ\AppData\Roaming\Microsoft
2013-03-15 16:15:50 ----D---- C:\Users\MILOŠ\AppData\Roaming\Movier
2013-03-14 14:56:10 ----D---- C:\Windows\system32\migration
2013-03-14 14:56:09 ----D---- C:\Program Files\Internet Explorer
2013-03-14 14:50:04 ----D---- C:\Windows\Debug
2013-03-14 14:50:01 ----A---- C:\Windows\system32\mrt.exe
2013-03-14 14:49:47 ----D---- C:\ProgramData\Microsoft Help
2013-03-13 16:17:22 ----A---- C:\Windows\NeroDigital.ini
2013-03-11 15:26:41 ----D---- C:\Program Files\Common Files\Svoboda Software
2013-03-04 10:58:13 ----D---- C:\Program Files\Google
2013-02-28 17:07:39 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-07-20 324120]
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-07-29 18992]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-11 639224]
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-03-29 114984]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-07-18 61424]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-03-29 134024]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-03-29 96896]
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2008-08-19 15392]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-07-29 16944]
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-07-29 60464]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2008-03-25 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2008-03-25 207872]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-09-18 2169944]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2008-05-19 47104]
R3 NETw5v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-05-05 3658752]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2011-07-08 139880]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2011-10-15 10327360]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-03-26 61440]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-25 199472]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-03-25 661504]
R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S3 aaahrhg9;aaahrhg9; C:\Windows\system32\drivers\aaahrhg9.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BthPort;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-14 80424]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-07-16 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-16 16168]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2012-02-10 25280]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2008-04-28 50576]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-29 810120]
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
S2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-07-29 500784]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-11 135664]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
S2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
S2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]
S2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1136448]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
S2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-10-09 75136]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-04-16 173352]
S2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-04-29 85096]
S3 Autodesk Network Licensing Service;Autodesk Network Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskNetSrv.exe [2008-06-05 1322648]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-29 33560]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-16 1045256]
S3 GoogleDesktopManager-051210-111108;Správca pre program Google Desktop 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-16 30192]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-04-11 135664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 27.03.2013 15:20

Stiahni si AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
ulož ho na plochu Spusť program stlač tlačidlo search
Po skene sa objaví log budeš ho mať na systémovom disku ako AdwCleaner[R?].txt cely obsah vlož sem


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 15:25

# AdwCleaner v2.115 - Log vytvorený 27/03/2013 o 15:24:30
# Aktualizované 17/03/2013 Xplode
# Operaený systém : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Uživatel : MILOŠ - MILOŠ-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\MILOŠ\Desktop\adwcleaner.exe
# Volba [Preh3ada?]


***** [Služby] *****

Nájdené : ICQ Service

***** [Súbory / Adresáre] *****

Adresár Nájdené : C:\Program Files\ICQ6Toolbar
Adresár Nájdené : C:\ProgramData\Ask
Adresár Nájdené : C:\ProgramData\Babylon
Adresár Nájdené : C:\ProgramData\ICQ\ICQToolbar
Adresár Nájdené : C:\Users\MILOŠ\AppData\Local\Babylon
Adresár Nájdené : C:\Users\MILOŠ\AppData\Roaming\Babylon
Adresár Nájdené : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Adresár Nájdené : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\extensions\ffxtlbr@babylon.com
Súbor Nájdené : C:\END
Súbor Nájdené : C:\Program Files\Mozilla Firefox\.autoreg
Súbor Nájdené : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Súbor Nájdené : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\searchplugins\icqplugin.xml
Súbor Nájdené : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\searchplugins\icqplugin-1.xml
Súbor Nájdené : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\searchplugins\icqplugin-2.xml
Súbor Nájdené : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\searchplugins\icqplugin-3.xml

***** [Registre] *****

Hodnota Nájdené : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Nájdené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
K3úe Nájdené : HKCU\Software\APN PIP
K3úe Nájdené : HKCU\Software\Conduit
K3úe Nájdené : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
K3úe Nájdené : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
K3úe Nájdené : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
K3úe Nájdené : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
K3úe Nájdené : HKCU\Software\PIP
K3úe Nájdené : HKCU\Software\Softonic
K3úe Nájdené : HKLM\Software\Babylon
K3úe Nájdené : HKLM\Software\BabylonToolbar
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
K3úe Nájdené : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
K3úe Nájdené : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
K3úe Nájdené : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
K3úe Nájdené : HKLM\SOFTWARE\Classes\Prod.cap
K3úe Nájdené : HKLM\Software\Conduit
K3úe Nájdené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Nájdené : HKLM\Software\PIP
K3úe Nájdené : HKU\S-1-5-21-1436560887-626234917-1139969595-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
K3úe Nájdené : HKU\S-1-5-21-1436560887-626234917-1139969595-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
K3úe Nájdené : HKU\S-1-5-21-1436560887-626234917-1139969595-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}

***** [Internetové prehliadaee] *****

-\\ Internet Explorer v9.0.8112.16470

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v3.0.19 (sk)

Súbor : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\prefs.js

Nájdené : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Nájdené : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Nájdené : user_pref("browser.search.order.1", "Search the web (Babylon)");
Nájdené : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Nájdené : user_pref("icqtoolbar.allowSendURL", false);
Nájdené : user_pref("icqtoolbar.engineVerified", true);
Nájdené : user_pref("icqtoolbar.geolastmodified", 1351530681);
Nájdené : user_pref("icqtoolbar.hiddenElements", "itb_options");
Nájdené : user_pref("icqtoolbar.history", "worms%20revolution%20warez||worms%20revolution%20download||bajova||[...]
Nájdené : user_pref("icqtoolbar.icqgeo", 4201);
Nájdené : user_pref("icqtoolbar.installTime", "1326018925");
Nájdené : user_pref("icqtoolbar.installsource", "1");
Nájdené : user_pref("icqtoolbar.newtab_state", "1");
Nájdené : user_pref("icqtoolbar.numberOfSearches", 0);
Nájdené : user_pref("icqtoolbar.previousFFVersion", "3.0.19");
Nájdené : user_pref("icqtoolbar.skip_default_search", "no");
Nájdené : user_pref("icqtoolbar.uniqueID", "127101093212710109301271019172582");
Nájdené : user_pref("icqtoolbar.usageStatstTimestamp", 1352067878);
Nájdené : user_pref("icqtoolbar.version", "1.4.3");
Nájdené : user_pref("icqtoolbar.voucherHideClicks", 0);
Nájdené : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Nájdené : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Nájdené : user_pref("icqtoolbar.voucherWasShown", 0);
Nájdené : user_pref("icqtoolbar.xmlLanguage", "sk");
Nájdené : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=109980&babsrc=KW_ss&mntrId=b83e9483000000[...]

-\\ Google Chrome v25.0.1364.172

Súbor : C:\Users\MILOŠ\AppData\Local\Google\Chrome\User Data\Default\Preferences

Nájdené [l.50] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Nájdené [l.53] : keyword = "babylon.com",
Nájdené [l.56] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&tt=010412_crm&babsrc=SP_crm",

-\\ Chromium v enable_autospellcorrect: false

Súbor : C:\Users\MILOŠ\AppData\Local\Chromium\User Data\Default\Preferences

[OK] Súbor je eistý.

*************************

AdwCleaner[R1].txt - [6015 octets] - [27/03/2013 15:24:30]

########## EOF - C:\AdwCleaner[R1].txt - [6075 octets] ##########


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 27.03.2013 15:30

Spusť adwcleaner stlač tlačidlo delete pre odsúhlasenie stlač OK počítač sa reštartuje
log budeš ho mať na systémovom disku ako AdwCleaner[S?].txt cely obsah vlož sem


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 15:42

# AdwCleaner v2.115 - Log vytvorený 27/03/2013 o 15:36:52
# Aktualizované 17/03/2013 Xplode
# Operaený systém : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Uživatel : MILOŠ - MILOŠ-PC
# Spustený systém : Normálny
# Spustené z : C:\Users\MILOŠ\Desktop\adwcleaner.exe
# Volba [Vymaza?]


***** [Služby] *****

Zastavené & vymazané : ICQ Service

***** [Súbory / Adresáre] *****

Adresár Vymazané : C:\Program Files\ICQ6Toolbar
Adresár Vymazané : C:\ProgramData\Ask
Adresár Vymazané : C:\ProgramData\Babylon
Adresár Vymazané : C:\ProgramData\ICQ\ICQToolbar
Adresár Vymazané : C:\Users\MILOŠ\AppData\Local\Babylon
Adresár Vymazané : C:\Users\MILOŠ\AppData\Roaming\Babylon
Adresár Vymazané : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Adresár Vymazané : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\extensions\ffxtlbr@babylon.com
Súbor Vymazané : C:\END
Súbor Vymazané : C:\Program Files\Mozilla Firefox\.autoreg
Súbor Vymazané : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Súbor Vymazané : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\searchplugins\icqplugin.xml
Súbor Vymazané : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\searchplugins\icqplugin-1.xml
Súbor Vymazané : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\searchplugins\icqplugin-2.xml
Súbor Vymazané : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\searchplugins\icqplugin-3.xml

***** [Registre] *****

Hodnota Vymazané : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Hodnota Vymazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
K3úe Vymazané : HKCU\Software\APN PIP
K3úe Vymazané : HKCU\Software\Conduit
K3úe Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
K3úe Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
K3úe Vymazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
K3úe Vymazané : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
K3úe Vymazané : HKCU\Software\PIP
K3úe Vymazané : HKCU\Software\Softonic
K3úe Vymazané : HKLM\Software\Babylon
K3úe Vymazané : HKLM\Software\BabylonToolbar
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
K3úe Vymazané : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
K3úe Vymazané : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
K3úe Vymazané : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
K3úe Vymazané : HKLM\SOFTWARE\Classes\Prod.cap
K3úe Vymazané : HKLM\Software\Conduit
K3úe Vymazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
K3úe Vymazané : HKLM\Software\PIP

***** [Internetové prehliadaee] *****

-\\ Internet Explorer v9.0.8112.16470

Zamenené : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v3.0.19 (sk)

Súbor : C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\prefs.js

C:\Users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\user.js ... Vymazané !

Vymazané : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Vymazané : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Vymazané : user_pref("browser.search.order.1", "Search the web (Babylon)");
Vymazané : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Vymazané : user_pref("icqtoolbar.allowSendURL", false);
Vymazané : user_pref("icqtoolbar.engineVerified", true);
Vymazané : user_pref("icqtoolbar.geolastmodified", 1351530681);
Vymazané : user_pref("icqtoolbar.hiddenElements", "itb_options");
Vymazané : user_pref("icqtoolbar.history", "worms%20revolution%20warez||worms%20revolution%20download||bajova||[...]
Vymazané : user_pref("icqtoolbar.icqgeo", 4201);
Vymazané : user_pref("icqtoolbar.installTime", "1326018925");
Vymazané : user_pref("icqtoolbar.installsource", "1");
Vymazané : user_pref("icqtoolbar.newtab_state", "1");
Vymazané : user_pref("icqtoolbar.numberOfSearches", 0);
Vymazané : user_pref("icqtoolbar.previousFFVersion", "3.0.19");
Vymazané : user_pref("icqtoolbar.skip_default_search", "no");
Vymazané : user_pref("icqtoolbar.uniqueID", "127101093212710109301271019172582");
Vymazané : user_pref("icqtoolbar.usageStatstTimestamp", 1352067878);
Vymazané : user_pref("icqtoolbar.version", "1.4.3");
Vymazané : user_pref("icqtoolbar.voucherHideClicks", 0);
Vymazané : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Vymazané : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Vymazané : user_pref("icqtoolbar.voucherWasShown", 0);
Vymazané : user_pref("icqtoolbar.xmlLanguage", "sk");
Vymazané : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=109980&babsrc=KW_ss&mntrId=b83e9483000000[...]

-\\ Google Chrome v25.0.1364.172

Súbor : C:\Users\MILOŠ\AppData\Local\Google\Chrome\User Data\Default\Preferences

Vymazané [l.50] : icon_url = "hxxp://www.babylon.com/favicon.ico",
Vymazané [l.53] : keyword = "babylon.com",
Vymazané [l.56] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&tt=010412_crm&babsrc=SP_crm",

-\\ Chromium v enable_autospellcorrect: false

Súbor : C:\Users\MILOŠ\AppData\Local\Chromium\User Data\Default\Preferences

[OK] Súbor je eistý.

*************************

AdwCleaner[R1].txt - [6144 octets] - [27/03/2013 15:24:30]
AdwCleaner[S1].txt - [5820 octets] - [27/03/2013 15:36:52]

########## EOF - C:\AdwCleaner[S1].txt - [5880 octets] ##########


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 27.03.2013 15:46

Stiahni si RKill z http://download.bleepingcomputer.com/grinler/rkill.com
ulož ho na plochu Spusť Rkill
program ukonči všetky procesi teda aj malware
Na ploche sa vytvori rkill.txt vlož ho sem
Teraz nereštartuj PC
Aplikuj hneď combofix


Stihni si combofix z http://download.bleepingcomputer.com/sUBs/ComboFix.exe ulož ho na plochu
Vypni všetky rezidentné štíty antiviru a antyspyware
Pre WIN XP spuštaj pod administrátorom
Pre WIN Vista a WIN 7 klikny na combofix pravým tlačidlom daj spustiť ako správca
Hneď po zapnutý okno z licečnimi podmienkami stlač tlačidlo áno
Keď ty combofix ponúkne inštalovať konzolu pre zotavenie odsúhlas inštaláciu tlačidlom ANO
Behom scanu nechaj combofix pracovať nerob nič na PC
Scan môže trvať cca 10 min všetko zaleží od toho v akom stave je PC môže sa to predlžiť o dvojnásobok
Po dokončení skenovanie combofix reštartuje PC a zobrazí sa log budeš ho mať na C:\ComboFix.txt vlož ho sem
Nože sa stať že systém nenabehne v tom prípade použi poslednú známu konfiguráciu http://support.microsoft.com/kb/307852/sk


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 15:52

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/27/2013 03:51:39 PM in x86 mode.
Windows Version: Windows Vista (TM) Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Users\MILO~1\AppData\Local\Temp\RtkBtMnt.exe (PID: 2132) [SUP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 03/27/2013 03:52:07 PM
Execution time: 0 hours(s), 0 minute(s), and 28 seconds(s)


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 16:26

ComboFix 13-03-27.01 - MILOŠ . 03. 2013 16:08:36.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3066.1646 [GMT 1:00]
Running from: c:\users\MILOŠ\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\DaemonTools_WhenUSave_Installer
c:\users\MILOŠ\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Files Created from 2013-02-27 to 2013-03-27 )))))))))))))))))))))))))))))))
.
.
2013-03-27 15:19 . 2013-03-27 15:19 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-03-27 15:19 . 2013-03-27 15:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-27 14:06 . 2013-03-27 14:07 -------- d-----w- C:\rsit
2013-03-27 14:06 . 2013-03-27 14:07 -------- d-----w- c:\program files\trend micro
2013-03-27 13:04 . 2013-03-27 13:59 -------- d-----w- C:\UsbFix
2013-03-27 12:15 . 2013-03-19 04:50 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3799F7D8-9CDD-4436-8133-8BC19305A3D0}\mpengine.dll
2013-03-25 20:05 . 2013-03-25 20:05 -------- d-----w- c:\users\MILOŠ\AppData\Roaming\Malwarebytes
2013-03-25 20:05 . 2013-03-25 20:05 -------- d-----w- c:\programdata\Malwarebytes
2013-03-25 14:39 . 2013-03-25 14:39 -------- d-----w- c:\users\MILOŠ\AppData\Roaming\{4C766D83-785B-4C68-8FFF-64FFE9A5AFE9}
2013-03-25 14:38 . 2013-03-25 14:38 -------- d-----w- c:\users\MILOŠ\AppData\Roaming\{E287A29A-E0C0-4805-9623-C43280552DDA}
2013-03-25 14:38 . 2013-03-25 14:38 -------- d-----w- C:\Temp
2013-03-23 19:10 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-23 13:30 . 2013-03-23 13:56 -------- d-----w- c:\program files\Call of Duty Game of the Year Edition
2013-03-17 19:07 . 2013-03-17 19:07 -------- d-----w- c:\program files\ESET
2013-03-16 21:40 . 2013-03-16 21:40 -------- d-----w- c:\users\MILOŠ\AppData\Roaming\Mirillis
2013-03-16 21:40 . 2013-03-16 21:40 -------- d-----w- c:\programdata\Mirillis
2013-03-16 21:40 . 2013-03-22 23:03 -------- d-----w- c:\users\MILOŠ\AppData\Local\Mirillis
2013-03-16 21:37 . 2013-03-16 21:37 -------- d-----w- c:\program files\Mirillis
2013-03-10 13:39 . 2013-03-10 13:39 -------- d-----w- c:\users\MILOŠ\AppData\Local\Macromedia
2013-03-06 23:28 . 2013-03-06 23:28 -------- d-----w- c:\programdata\Steam
2013-03-06 22:53 . 2013-03-06 22:53 -------- d-----w- c:\users\MILOŠ\AppData\Local\SKIDROW
2013-03-06 22:24 . 2013-03-06 22:24 -------- d-----w- c:\program files\SQUARE ENIX
2013-03-04 10:10 . 2013-03-25 08:23 -------- d-----w- C:\EnergyPlusV7-2-0
2013-03-04 10:03 . 2013-03-04 10:08 -------- d-----w- c:\program files\OpenStudio 0.10.0
2013-02-27 18:46 . 2013-02-27 18:46 -------- d-----w- c:\users\MILOŠ\AppData\Local\Nero
2013-02-27 17:28 . 2013-02-27 17:28 -------- d-----w- c:\program files\Common Files\Java
2013-02-27 17:26 . 2013-02-27 17:18 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-27 17:26 . 2013-02-27 17:18 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-27 17:24 . 2013-02-27 17:18 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-26 20:20 . 2013-02-26 20:20 -------- d-----w- C:\Downloads
2013-02-26 19:19 . 2002-08-14 09:51 244024 ----a-w- c:\windows\system32\Msflxgrd.ocx
2013-02-26 19:19 . 2002-03-22 14:40 444064 ----a-w- c:\windows\system32\Vsflex7L.ocx
2013-02-26 19:19 . 2000-05-21 23:00 115920 ----a-w- c:\windows\system32\MSINET.OCX
2013-02-26 19:19 . 2002-08-14 09:50 72440 ----a-w- c:\windows\system32\Gswdll32.dll
2013-02-26 19:19 . 2002-08-14 09:50 290816 ----a-w- c:\windows\system32\Gsw32.exe
2013-02-26 19:19 . 2002-08-14 09:50 216096 ----a-w- c:\windows\system32\Graph32.ocx
2013-02-26 19:19 . 2000-03-06 18:00 434252 ----a-w- c:\windows\system32\Msvcrtd.dll
2013-02-26 16:06 . 2013-02-26 16:07 -------- d-----w- c:\users\MILOŠ\AppData\Roaming\Nero
2013-02-26 15:07 . 2013-02-26 15:38 -------- d-----w- c:\program files\Nero
2013-02-26 15:06 . 2013-02-26 15:25 -------- d-----w- c:\programdata\Nero
2013-02-26 15:06 . 2013-02-26 15:53 -------- d-----w- c:\program files\Common Files\Nero
2013-02-26 13:15 . 2013-02-26 13:15 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-25 20:18 . 2013-02-26 16:35 -------- d-----w- c:\users\MILOŠ\AppData\Roaming\dvdcss
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 13:15 . 2012-02-28 19:21 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-17 00:28 . 2010-04-11 16:16 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:26 . 2013-02-13 12:38 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:26 . 2013-02-13 12:38 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 11:28 . 2013-02-13 12:38 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-04 01:38 . 2013-02-13 12:39 2048512 ----a-w- c:\windows\system32\win32k.sys
2010-08-16 16:21 . 2010-08-16 16:21 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"RtHDVCpl"="RtHDVCpl.exe" [2008-09-18 6294048]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-09-11 544768]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-06-04 817672]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-08-16 30192]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-07-24 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-07-24 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-07-18 167936]
"DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2006-11-12 157592]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Skytel"="Skytel.exe" [2008-09-18 1833504]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-11-04 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-03-29 2145000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-23 727592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-11 16:33]
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-11 16:33]
.
.
------- Supplementary Scan -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-eRecoveryService - (no file)
HKU-Default-Run-Nokia.PCSync - d:\nokia\Nokia PC Suite 6\PcSync2.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-27 16:19
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1436560887-626234917-1139969595-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:2c,97,a0,a9,75,8f,bb,df,23,45,0b,ad,ec,f3,84,b4,7c,3e,5b,8f,5f,e1,f2,
a8,30,12,ce,2a,60,c7,37,7e,4c,9c,7e,3e,2c,97,e8,89,35,2f,9f,d5,37,f5,35,d7,\
"??"=hex:af,60,9c,2d,20,07,00,39,91,30,4e,35,2c,f0,98,fa
.
[HKEY_USERS\S-1-5-21-1436560887-626234917-1139969595-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):51,c6,0a,e3,25,d2,c8,37,0f,f2,93,0d,07,83,12,fd,86,ac,8f,be,88,
24,12,20,11,b7,1c,1e,7d,8f,98,66,b0,dc,54,21,e4,d2,de,be,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-1436560887-626234917-1139969595-1000_Classes\CLSID\{64c5bedb-3957-4c83-beef-d0c845e44557}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000154
"Therad"=dword:00000020
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,
38,95,44,54,52,77,f6,32,01,f0,84,58,35,21,8e,0a,50,ea,d7,5e,4e,b2,52,3a,df,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2013-03-27 16:22:19
ComboFix-quarantined-files.txt 2013-03-27 15:22
.
Pre-Run: 29 141 049 344 bytes free
Post-Run: 29 155 139 584 bytes free
.
- - End Of File - - F37E16C8D0DBDCC70173F17C79722780


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 16:29

Hned mi to nabehlo ...tak som nedaval to ....konfiguráciu http://support.microsoft.com/kb/307852/sk....A teraz mam co spravit??


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 27.03.2013 16:34

otestuj rundll32.exe na https://www.virustotal.com/sk/


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 16:37

SHA256: 8a3808fbc197040bf0c65084514e8441e35ffff8e31980f9ce1f41ed65e08437
SHA1: 2d77b2ac185828a6300c8838355444279929bcb0
MD5: 4b555106290bd117334e9a08761c035a
File size: 43.5 KB ( 44544 bytes )
File name: RUNDLL32.EXE
File type: Win32 EXE
Tags: peexe nsrl signed mz
Detection ratio: 0 / 46
Analysis date: 2013-03-26 22:12:46 UTC ( 17 hodín, 23 minút ago )


31 cervene 13 zelene---a sipka ukazuje na zelene


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 16:39

je dobre ci zle??


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 27.03.2013 16:42

Je to dobre
Keď nemáš combofix tak ho presuň na plochu
Spusť poznámkový blok
skopíruj script do poznámkového bloku
Kód:
killall::
file::
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1436560887-626234917-1139969595-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1436560887-626234917-1139969595-1000UA.job
folder::
C:\Users\MILOŠ\AppData\Roaming\{4C766D83-785B-4C68-8FFF-64FFE9A5AFE9}
C:\Users\MILOŠ\AppData\Roaming\{E287A29A-E0C0-4805-9623-C43280552DDA}

registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Desktop Search"=-
"DAEMON Tools"=-
"GrooveMonitor"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
"AdobeAAMUpdater-1.0"=-
"SwitchBoard"=-
"AdobeCS5ServiceManager"=-
firefox::
FF - ProfilePath - c:\users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=

regnull::
[HKEY_USERS\S-1-5-21-1436560887-626234917-1139969595-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
reglock::
[HKEY_USERS\S-1-5-21-1436560887-626234917-1139969595-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
[HKEY_USERS\S-1-5-21-1436560887-626234917-1139969595-1000_Classes\CLSID\{64c5bedb-3957-4c83-beef-d0c845e44557}]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

clearjavacache::
reboot::


Ulož vytvorený TXT súbor ako CFScript
Pretiahni cfscript cez combofix aplikuje sa script
Po aplikovaný scriptu a možnom reštarte pc vlož log sem


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 16:43

SHA256: 8a3808fbc197040bf0c65084514e8441e35ffff8e31980f9ce1f41ed65e08437
SHA1: 2d77b2ac185828a6300c8838355444279929bcb0
MD5: 4b555106290bd117334e9a08761c035a
File size: 43.5 KB ( 44544 bytes )
File name: RUNDLL32.EXE
File type: Win32 EXE
Detection ratio: 0 / 46
Analysis date: 2013-03-27 15:39:20 UTC ( 1 minúta ago )


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 16:46

ved combofix mam tak to mam presunut na plochu..nerozumiem


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 27.03.2013 16:52

Pretiahni cfscript cez combofix http://imageshack.us/photo/my-images/801/13587703.gif/#


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 17:12

ComboFix 13-03-27.01 - MILOŠ . 03. 2013 16:55:02.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.421.1051.18.3066.1952 [GMT 1:00]
Running from: c:\users\MILOŠ\Desktop\ComboFix.exe
Command switches used :: c:\users\MILOŠ\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1436560887-626234917-1139969595-1000Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1436560887-626234917-1139969595-1000UA.job"
.
.
((((((((((((((((((((((((( Files Created from 2013-02-27 to 2013-03-27 )))))))))))))))))))))))))))))))
.
.
2013-03-27 16:03 . 2013-03-27 16:05 -------- d-----w- c:\users\MILOŠ\AppData\Local\temp
2013-03-27 16:03 . 2013-03-27 16:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-03-27 16:03 . 2013-03-27 16:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-27 14:06 . 2013-03-27 14:07 -------- d-----w- C:\rsit
2013-03-27 14:06 . 2013-03-27 14:07 -------- d-----w- c:\program files\trend micro
2013-03-27 13:04 . 2013-03-27 13:59 -------- d-----w- C:\UsbFix
2013-03-27 12:15 . 2013-03-19 04:50 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3799F7D8-9CDD-4436-8133-8BC19305A3D0}\mpengine.dll
2013-03-25 20:05 . 2013-03-25 20:05 -------- d-----w- c:\users\MILOŠ\AppData\Roaming\Malwarebytes
2013-03-25 20:05 . 2013-03-25 20:05 -------- d-----w- c:\programdata\Malwarebytes
2013-03-25 14:39 . 2013-03-25 14:39 -------- d-----w- c:\users\MILOŠ\AppData\Roaming\{4C766D83-785B-4C68-8FFF-64FFE9A5AFE9}
2013-03-25 14:38 . 2013-03-25 14:38 -------- d-----w- c:\users\MILOŠ\AppData\Roaming\{E287A29A-E0C0-4805-9623-C43280552DDA}
2013-03-25 14:38 . 2013-03-25 14:38 -------- d-----w- C:\Temp
2013-03-23 19:10 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-23 13:30 . 2013-03-23 13:56 -------- d-----w- c:\program files\Call of Duty Game of the Year Edition
2013-03-17 19:07 . 2013-03-17 19:07 -------- d-----w- c:\program files\ESET
2013-03-16 21:40 . 2013-03-16 21:40 -------- d-----w- c:\users\MILOŠ\AppData\Roaming\Mirillis
2013-03-16 21:40 . 2013-03-16 21:40 -------- d-----w- c:\programdata\Mirillis
2013-03-16 21:40 . 2013-03-22 23:03 -------- d-----w- c:\users\MILOŠ\AppData\Local\Mirillis
2013-03-16 21:37 . 2013-03-16 21:37 -------- d-----w- c:\program files\Mirillis
2013-03-10 13:39 . 2013-03-10 13:39 -------- d-----w- c:\users\MILOŠ\AppData\Local\Macromedia
2013-03-06 23:28 . 2013-03-06 23:28 -------- d-----w- c:\programdata\Steam
2013-03-06 22:53 . 2013-03-06 22:53 -------- d-----w- c:\users\MILOŠ\AppData\Local\SKIDROW
2013-03-06 22:24 . 2013-03-06 22:24 -------- d-----w- c:\program files\SQUARE ENIX
2013-03-04 10:10 . 2013-03-25 08:23 -------- d-----w- C:\EnergyPlusV7-2-0
2013-03-04 10:03 . 2013-03-04 10:08 -------- d-----w- c:\program files\OpenStudio 0.10.0
2013-02-27 18:46 . 2013-02-27 18:46 -------- d-----w- c:\users\MILOŠ\AppData\Local\Nero
2013-02-27 17:28 . 2013-02-27 17:28 -------- d-----w- c:\program files\Common Files\Java
2013-02-27 17:26 . 2013-02-27 17:18 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-27 17:26 . 2013-02-27 17:18 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-02-27 17:24 . 2013-02-27 17:18 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-26 20:20 . 2013-02-26 20:20 -------- d-----w- C:\Downloads
2013-02-26 19:19 . 2002-08-14 09:51 244024 ----a-w- c:\windows\system32\Msflxgrd.ocx
2013-02-26 19:19 . 2002-03-22 14:40 444064 ----a-w- c:\windows\system32\Vsflex7L.ocx
2013-02-26 19:19 . 2000-05-21 23:00 115920 ----a-w- c:\windows\system32\MSINET.OCX
2013-02-26 19:19 . 2002-08-14 09:50 72440 ----a-w- c:\windows\system32\Gswdll32.dll
2013-02-26 19:19 . 2002-08-14 09:50 290816 ----a-w- c:\windows\system32\Gsw32.exe
2013-02-26 19:19 . 2002-08-14 09:50 216096 ----a-w- c:\windows\system32\Graph32.ocx
2013-02-26 19:19 . 2000-03-06 18:00 434252 ----a-w- c:\windows\system32\Msvcrtd.dll
2013-02-26 16:06 . 2013-02-26 16:07 -------- d-----w- c:\users\MILOŠ\AppData\Roaming\Nero
2013-02-26 15:07 . 2013-02-26 15:38 -------- d-----w- c:\program files\Nero
2013-02-26 15:06 . 2013-02-26 15:25 -------- d-----w- c:\programdata\Nero
2013-02-26 15:06 . 2013-02-26 15:53 -------- d-----w- c:\program files\Common Files\Nero
2013-02-26 13:15 . 2013-02-26 13:15 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-25 20:18 . 2013-02-26 16:35 -------- d-----w- c:\users\MILOŠ\AppData\Roaming\dvdcss
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 13:15 . 2012-02-28 19:21 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-17 00:28 . 2010-04-11 16:16 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:26 . 2013-02-13 12:38 3550072 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:26 . 2013-02-13 12:38 3602808 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 11:28 . 2013-02-13 12:38 905576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-04 01:38 . 2013-02-13 12:39 2048512 ----a-w- c:\windows\system32\win32k.sys
2010-08-16 16:21 . 2010-08-16 16:21 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"RtHDVCpl"="RtHDVCpl.exe" [2008-09-18 6294048]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-09-11 544768]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-09-23 6144]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-06-04 817672]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-07-24 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-07-24 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-07-18 167936]
"Skytel"="Skytel.exe" [2008-09-18 1833504]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-03-29 2145000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-23 727592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-11 16:33]
.
2013-03-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-11 16:33]
.
.
------- Supplementary Scan -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\MILOŠ\AppData\Roaming\Mozilla\Firefox\Profiles\89ed9aqv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-27 17:05
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(4576)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\system32\btmmhook.dll
c:\windows\System32\SysHook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe
c:\program files\Acer\Empowering Technology\Service\ETService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\TeamViewer\Version5\TeamViewer_Service.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\users\MILO~1\AppData\Local\Temp\RtkBtMnt.exe
c:\program files\Launch Manager\QtZgAcer.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Completion time: 2013-03-27 17:11:19 - machine was rebooted
ComboFix-quarantined-files.txt 2013-03-27 16:11
ComboFix2.txt 2013-03-27 15:22
.
Pre-Run: 29 077 954 560 bytes free
Post-Run: 29 046 358 016 bytes free
.
- - End Of File - - D2F8439C57E14E6A34F4275160257BAF


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 27.03.2013 17:21

pošli screen čo hlási antivir


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 17:33

Nic mi nehlasi ESET nod


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 27.03.2013 17:37

tak potom je všetko OK

Stiahni si OTC http://www.geekstogo.com/forum/files/fi ... -clean-it/ spusť daj cleaun up
Stiahni si ccleaner http://www.piriform.com/ccleaner/download prečisti a oprav registre
Stiahni si defraggler http://www.piriform.com/defraggler defragmentuj disky


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 17:55

aj D: si mam dat defraggmentovat?...to mi nic takeho nevymaze hej?


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 27.03.2013 18:02

ANO aj D: nie nič ty to nevymaže


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 18:07

a mam dat defragmentovat normalne alebo rychlo...lebo to normalne asi dlho bude ukazuje mi zatial 2percenta...ved pockam teda


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 18:11

A po defrag..mam potom co spravit.? zatial dakujem za pomoc


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 27.03.2013 18:15

to by bolo všetko pokiaľ antivir nič tak to by bolo všetko ešte odinštaluj USBfix


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 26.03.13
Prihlásený: 27.03.13
Príspevky: 23
Témy: 0
Príspevok NapísalOffline : 27.03.2013 18:26

Ale ten rundll32 mi stale ukazuje ako infikovany...ale co som ti posielal tu stranku tam som cital...ze tento vir co som chytil na kluci..ze nezachyti ziadny Antivirus...tak neviem teraz


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 09.05.11
Prihlásený: 20.12.18
Príspevky: 618
Témy: 2
Príspevok NapísalOffline : 27.03.2013 19:40

posli radšej vypis z protokolov


Odpovedať na tému [ Príspevkov: 59 ] Choď na stránku: predchádzajúca 1, 2


Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy. Pri kopirovany na USB vytvori odkaz

v Antivíry a antispywary

6

847

28.12.2015 15:09

cLickY Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Pri kliknuti na odkaz sa otvori tento odkaz v novom okne

v HTML, XHTML, XML, CSS

13

1989

08.12.2007 21:08

twistik Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. odkaz

v HTML, XHTML, XML, CSS

1

657

10.06.2009 11:55

idiotart Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. odkaz

v PHP, ASP

6

808

23.05.2007 19:35

qacer Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Odkaz

v JavaScript, VBScript, Ajax

5

791

28.08.2008 15:08

Sup Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Odkaz

v Redakčné systémy

4

824

15.04.2007 20:15

kajbo Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Odkaz

v Správy pre vedenie fóra

11

1801

18.09.2007 22:47

nZL Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. odkaz

v Ostatné

3

1006

10.02.2007 15:43

zero0x Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. odkaz

v HTML, XHTML, XML, CSS

8

738

01.11.2010 10:22

dessert Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. probém odkaz

v HTML, XHTML, XML, CSS

3

397

15.06.2013 22:57

killer Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Hypertextový odkaz

v Ostatné programy

6

348

13.06.2015 14:12

derdis Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Aktivny odkaz

v HTML, XHTML, XML, CSS

24

1412

28.02.2009 12:38

jablko05 Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. URL odkaz

v HTML, XHTML, XML, CSS

14

658

11.04.2012 7:41

Ďuri Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Nepodčiarknutý odkaz

v HTML, XHTML, XML, CSS

11

1068

22.02.2008 15:25

Vladio Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Odkaz // vyriesene

v Redakčné systémy

6

1004

18.07.2006 22:43

WEB LAMA Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Odkaz - kotva

v HTML, XHTML, XML, CSS

5

669

19.09.2010 2:20

PhYs0c Zobrazenie posledných príspevkov


Nemôžete zakladať nové témy v tomto fóre
Nemôžete odpovedať na témy v tomto fóre
Nemôžete upravovať svoje príspevky v tomto fóre
Nemôžete mazať svoje príspevky v tomto fóre

Skočiť na:  

Powered by phpBB Jarvis © 2005 - 2024 PCforum, webhosting by WebSupport, secured by GeoTrust, edited by JanoF
Ako väčšina webových stránok aj my používame cookies. Zotrvaním na webovej stránke súhlasíte, že ich môžeme používať.
Všeobecné podmienky, spracovanie osobných údajov a pravidlá fóra