Vir?Laguje a blbne

[Masakerko]

Zdravim, mam problemy z jednou hrou (cs 1.6). Ked ju hram, mam fps okolo 8.0 az 4.0 a niekedy skoci na 20.0 fps. Mam slaby PC, ale nieje az tak slaby, aby neutiahol tuto hru. Asi tak este pred 5 mesiacmi som drtil celkom v pohode, na fps 60 a vyssie. No teraz pridem na server, mam brutal lagy a neda sa ani hrat. Dakujem za pomoc, tu je log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by PC at 2009-12-18 17:55:57
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (33%) free of 20 GB
Total RAM: 1023 MB (50% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2008-12-03 1194496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-12-22 2133056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-12-23 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dbc80044-a445-435b-bc74-9c25c1c588a9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-14 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e7e6f031-17ce-4c07-bc86-eabfe594f69c}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-07-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-12-22 2133056]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\ctbr.dll [2008-12-03 1194496]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-06-18 67584]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd.exe [2003-08-04 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2003-12-22 241664]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-05-14 2029640]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-14 148888]
"NSLauncher"=C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [2007-11-06 3096576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-23 68856]
"Steam"=d:\steam\steam.exe [2009-10-24 1217808]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2009-04-23 691656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk]
D:\PROGRA~1\IVTCOR~1\BLUESO~1\BLUESO~1.EXE [2005-06-06 1183744]

C:\Documents and Settings\All Users\Application Data\Microsoft\Shortcuts
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Steam\steamapps\masakerko_1337\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\masakerko_1337\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"D:\CS 1.6 verzia 32 NonSteam\hl.exe"="D:\CS 1.6 verzia 32 NonSteam\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe"="C:\Program Files\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead"
"C:\Program Files\Steam\steamapps\masakerko_1337\condition zero deleted scenes\hl.exe"="C:\Program Files\Steam\steamapps\masakerko_1337\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Steam\steamapps\masakerko_1337\counter-strike\hl.exe"="D:\Steam\steamapps\masakerko_1337\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Steam\steamapps\masakerko_1337\dedicated server\hlds.exe"="D:\Steam\steamapps\masakerko_1337\dedicated server\hlds.exe:*:Enabled:HLDS Launcher"
"C:\WINDOWS\system32\Ati2evxx.exe"="C:\WINDOWS\system32\Ati2evxx.exe:*:Enabled:ENABLE"
"D:\Steam\steamapps\masakerko_1337\condition zero deleted scenes\hl.exe"="D:\Steam\steamapps\masakerko_1337\condition zero deleted scenes\hl.exe:*:Enabled:Half-Life Launcher"
"D:\battlefield 1942\BF1942.exe"="D:\battlefield 1942\BF1942.exe:*:Enabled:BF1942"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\FlashAD2706\flashAD2706.exe"="C:\Program Files\FlashAD2706\flashAD2706.exe:*:Enabled:flash AD2706"
"D:\Steam\steamapps\common\left 4 dead\left4dead.exe"="D:\Steam\steamapps\common\left 4 dead\left4dead.exe:*:Enabled:Left 4 Dead"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6c68ea2c-2043-11de-8e7e-0011675c3d16}]
shell\AutoRun\command - F:\cdstart.exe


======List of files/folders created in the last 1 months======

2009-12-18 17:54:17 ----D---- C:\Program Files\trend micro
2009-12-18 17:54:16 ----D---- C:\rsit
2009-11-28 12:19:41 ----D---- C:\Documents and Settings\All Users\Application Data\Nokia
2009-11-28 12:19:36 ----D---- C:\Program Files\Common Files\Nokia
2009-11-28 12:18:44 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2009-11-28 12:18:28 ----D---- C:\Documents and Settings\PC\Application Data\Nokia
2009-11-28 12:17:53 ----D---- C:\Program Files\Common Files\PCSuite
2009-11-28 12:17:47 ----D---- C:\Program Files\DIFX
2009-11-28 12:17:44 ----D---- C:\Documents and Settings\PC\Application Data\PC Suite
2009-11-28 12:17:39 ----D---- C:\Program Files\PC Connectivity Solution
2009-11-28 12:16:59 ----D---- C:\Program Files\Nokia
2009-11-28 12:16:59 ----A---- C:\WINDOWS\system32\nmwcdcls.dll

======List of files/folders modified in the last 1 months======

2009-12-18 17:56:20 ----D---- C:\WINDOWS\Temp
2009-12-18 17:55:07 ----D---- C:\WINDOWS\Prefetch
2009-12-18 17:54:17 ----RD---- C:\Program Files
2009-12-18 17:50:13 ----D---- C:\WINDOWS
2009-12-18 17:12:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-18 13:58:31 ----D---- C:\Program Files\Crawler
2009-12-18 09:10:45 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-18 09:10:24 ----SHD---- C:\WINDOWS\Installer
2009-12-17 18:33:47 ----D---- C:\Program Files\Mozilla Firefox
2009-12-12 18:33:56 ----D---- C:\Program Files\FlashAD2706
2009-11-28 12:19:59 ----D---- C:\WINDOWS\WinSxS
2009-11-28 12:19:36 ----D---- C:\Program Files\Common Files
2009-11-28 12:17:53 ----D---- C:\WINDOWS\system32
2009-11-28 12:17:47 ----HD---- C:\WINDOWS\inf
2009-11-28 12:17:45 ----DC---- C:\WINDOWS\system32\DRVSTORE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2004-10-08 35840]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-05-14 55768]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-10-07 80576]
R2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS [2009-04-27 51072]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-05-14 133000]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-06-21 626204]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
R3 epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-05-14 33096]
R3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-14 20352]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-01-05 51056]
R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-01-05 16496]
R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-01-05 21488]
R3 ltmodem5;LT Modem Driver; C:\WINDOWS\System32\DRIVERS\ltmdmnt.sys [2008-04-13 606684]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-03-31 12160]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-03-31 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S3 a60egbht;a60egbht; C:\WINDOWS\system32\drivers\a60egbht.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-08-20 25280]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-05-14 731840]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
R2 javaquickstarterservice;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-07-14 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-01-05 65795]
R3 servicelayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-02-08 212480]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 gupdate1c9bd152a60a;Služba Google Update (gupdate1c9bd152a60a); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-14 133104]
S2 TrkWksFastUserSwitchingCompatibility;Distributed Link Tracking Client TrkWksFastUserSwitchingCompatibility; C:\WINDOWS\system32\1033h.exe srv []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 ehttpsrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-05-14 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

[Masakerko]

...este dodatok, mne niekedy PC zacne lagovat a ja ho vypnem, ale ked ho zapnem, pc pracuje a je cierna obrazovka...

[motji]

Dobrý večer
Odinstalujte Daemon tool toolbar

Zazálohujte si důležitá data, pro jistotu

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix -

http://download.bleepingcomputer.com/sU ... ttyFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem

[Masakerko]

Dobry vecer ,no tak mi na disku C vytvorilo priecinok KittyFix, ma okolo 26 mb, mam ho uploadnut?Ziadny txt som tam nenasiel

[Masakerko]

Omyl, nasiel som ho , nech sa paci:

ComboFix 09-12-18.01 - PC 19.12.2009 0:19:59.1.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1023.687 [GMT 1:00]
Running from: C:\Documents and Settings\PC\Desktop\KittyFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd
C:\Documents and Settings\PC\Application Data\wiaserva.log
C:\Documents and Settings\PC\oashdihasidhasuidhiasdhiashdiuasdhasd
C:\WINDOWS\system32\1155207652.dat
C:\WINDOWS\Temp\743D8D11.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NETSIK
-------\Legacy_TRKWKSFASTUSERSWITCHINGCOMPATIBILITY
-------\Service_TrkWksFastUserSwitchingCompatibility


((((((((((((((((((((((((( Files Created from 2009-11-18 to 2009-12-18 )))))))))))))))))))))))))))))))
.

[motji]

Log není celý
Co je jednotka F?

[Masakerko]

No neviem preco nieje cely , jednotka F netusim . Zaujimave, tu jednotku F ani v tento pocitac nemam

[motji]

Nemůže to být třeba fleška?
Můžete prosím spustit combofix znovu a dát sem pak celý log

[Masakerko]

Dobry vecer, tu je to , vyzera to, ze teraz je to uz cele

ComboFix 09-12-18.01 - PC 19.12.2009 19:20:45.2.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1023.678 [GMT 1:00]
Running from: c:\documents and settings\PC\Desktop\KittyFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\LocalService\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\documents and settings\PC\Application Data\wiaserva.log
c:\documents and settings\PC\oashdihasidhasuidhiasdhiashdiuasdhasd
c:\windows\system32\1155207652.dat
c:\windows\Temp\743D8D11.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NETSIK
-------\Legacy_TRKWKSFASTUSERSWITCHINGCOMPATIBILITY
-------\Service_TrkWksFastUserSwitchingCompatibility


((((((((((((((((((((((((( Files Created from 2009-11-19 to 2009-12-19 )))))))))))))))))))))))))))))))
.

2009-12-19 09:04 . 2008-04-14 04:42 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-12-19 08:19 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-12-19 08:19 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-12-18 16:54 . 2009-12-18 16:54 -------- d-----w- c:\program files\trend micro
2009-12-18 16:54 . 2009-12-18 16:54 -------- d-----w- C:\rsit
2009-11-28 11:19 . 2009-11-28 11:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia
2009-11-28 11:19 . 2009-11-28 11:19 -------- d-----w- c:\program files\Common Files\Nokia
2009-11-28 11:18 . 2009-11-28 11:18 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-11-28 11:18 . 2009-11-28 11:20 -------- d-----w- c:\documents and settings\PC\Application Data\Nokia
2009-11-28 11:17 . 2009-11-28 11:17 -------- d-----w- c:\program files\Common Files\PCSuite
2009-11-28 11:17 . 2009-11-28 11:17 -------- d-----w- c:\program files\DIFX
2009-11-28 11:17 . 2009-11-28 11:17 -------- d-----w- c:\documents and settings\PC\Application Data\PC Suite
2009-11-28 11:17 . 2009-11-28 11:17 -------- d-----w- c:\program files\PC Connectivity Solution
2009-11-28 11:16 . 2009-11-28 11:19 -------- d-----w- c:\program files\Nokia
2009-11-28 11:16 . 2007-02-22 09:15 90624 ----a-w- c:\windows\system32\nmwcdcls.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-19 12:25 . 2009-01-03 10:15 -------- d-----w- c:\program files\Crawler
2009-12-18 17:12 . 2009-09-18 19:11 0 ----a-w- c:\windows\system32\drivers\f1741a9d.sys
2009-12-18 17:12 . 2009-06-11 17:51 0 ----a-w- c:\windows\system32\drivers\64b862f4.sys
2009-12-12 17:33 . 2009-10-30 08:57 -------- d-----w- c:\program files\FlashAD2706
2009-10-29 07:46 . 2003-03-31 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:46 . 2008-11-25 07:52 78336 ------w- c:\windows\system32\ieencode.dll
2009-10-29 07:46 . 2003-03-31 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-10-28 12:29 . 2009-10-28 12:28 -------- d-----w- c:\program files\Kodek CZ
2009-10-28 12:24 . 2009-10-28 12:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-10-28 12:24 . 2009-10-28 12:24 -------- d-----w- c:\program files\QuickTime Alternative
2009-10-28 12:21 . 2009-10-28 12:21 -------- d-----w- c:\program files\Xvid CZ
2009-10-27 13:09 . 2009-10-27 13:09 -------- d-----w- c:\documents and settings\All Users\Application Data\realtech VR
2009-10-27 13:09 . 2009-10-27 13:09 -------- d-----w- c:\program files\realtech VR
2009-10-21 05:38 . 2008-11-25 07:52 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 05:38 . 2008-11-25 07:52 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-20 16:20 . 2008-11-25 07:49 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-13 10:30 . 2003-03-31 12:00 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2003-03-31 12:00 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2003-03-31 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.

------- Sigcheck -------

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . ACCF5A9A1FFAA490F33DBA1C632B95E1 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2003-03-31 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-23 68856]
"Steam"="d:\steam\steam.exe" [2009-10-24 1217808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-06-18 67584]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-14 148888]
"NSLauncher"="c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-11-06 3096576]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-9-16 237568]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"d:\\CS 1.6 verzia 32 NonSteam\\hl.exe"=
"d:\\Steam\\steamapps\\masakerko_1337\\counter-strike\\hl.exe"=
"d:\\Steam\\steamapps\\masakerko_1337\\dedicated server\\hlds.exe"=
"c:\\WINDOWS\\system32\\Ati2evxx.exe"=
"d:\\Steam\\steamapps\\masakerko_1337\\condition zero deleted scenes\\hl.exe"=
"d:\\battlefield 1942\\BF1942.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\FlashAD2706\\flashAD2706.exe"=
"d:\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 14:47 107256]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [27.4.2009 15:09 51072]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 14:47 731840]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [23.1.2009 22:52 222456]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.4.2009 12:31 721904]
S1 64b862f4;64b862f4;c:\windows\system32\drivers\64b862f4.sys [11.6.2009 18:51 0]
S1 f1741a9d;f1741a9d;c:\windows\system32\drivers\f1741a9d.sys [18.9.2009 20:11 0]
S2 gupdate1c9bd152a60a;Služba Google Update (gupdate1c9bd152a60a);c:\program files\Google\Update\GoogleUpdate.exe [14.4.2009 16:23 133104]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.azet.sk/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\s1a41zlz.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage|www.google.sk
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx? ... 60076&qkw=
FF - component: c:\program files\Crawler\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\firefox\components\xwsg.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

AddRemove-counter-strike: source - d:\program files\Counter-Strike Source\Uninst.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-19 19:27
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(972)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll

- - - - - - - > 'lsass.exe'(1028)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
Completion time: 2009-12-19 19:31:49
ComboFix-quarantined-files.txt 2009-12-19 18:31

Pre-Run: 7 888 994 304 bytes free
Post-Run: 7 871 397 888 voľných bajtov

- - End Of File - - BF541BD8C33FC9ACD667EA2655770269

[motji]

Start - ovládací panely - možnosti složky - zobrazení - odkrýt skryté a systémové soubory

Dejte soubor otestovat na http://www.virustotal.com

c:\windows\system32\drivers\64b862f4.sys
c:\windows\system32\drivers\f1741a9d.sys
c:\windows\system32\drivers\tcpip.sys

Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
Sem vložte link s výsledky.

[Masakerko]

prve: 0 bytes size received / Se ha recibido un archivo vacio
druhe: 0 bytes size received / Se ha recibido un archivo vacio

tretie:

Soubor již byl testován:MD5: 9425b72f40257b45d45d24773273dad0
Poprvé zaslán: 2009.03.04 10:06:56 UTC
Datum: 2009.12.10 09:29:02 UTC [>9D]
Výsledky: 0/41
Stálý odkaz: analisis/f3afa8c9849930ccd385dec9c050248c62a2b4b17508e430a4899178f51c06bf-1260437342

tu som to tretie dal este 1x: http://www.virustotal.com/cs/analisis/f ... 1261256002

som v tom laik, ale myslim, ze to prve a druhe sa ani nenacitalo (ked si to s tou mojou anglictinou prelozim)

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Folder::
C:\Program Files\DAEMON Tools Toolbar
File::
c:\windows\system32\drivers\64b862f4.sys
c:\windows\system32\drivers\f1741a9d.sys
Driver::
64b862f4
f1741a9d
Registry::
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Security Providers]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6c68ea2c-2043-11de-8e7e-0011675c3d16}]
Extra::
Firefox::
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\s1a41zlz.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage|www.google.sk

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[Masakerko]

No tak urobil som to , tu je vysledok:

ComboFix 09-12-18.01 - PC 19.12.2009 23:11:00.3.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1023.585 [GMT 1:00]
Running from: c:\documents and settings\PC\Desktop\KittyFix.exe
Command switches used :: c:\documents and settings\PC\Desktop\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

FILE ::
"c:\windows\system32\drivers\64b862f4.sys"
"c:\windows\system32\drivers\f1741a9d.sys"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\64b862f4.sys
c:\windows\system32\drivers\f1741a9d.sys

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_64b862f4
-------\Service_f1741a9d


((((((((((((((((((((((((( Files Created from 2009-11-19 to 2009-12-19 )))))))))))))))))))))))))))))))
.

2009-12-19 21:01 . 2009-12-19 21:01 -------- d-----w- c:\program files\VirusTotalUploader2
2009-12-19 09:04 . 2008-04-14 04:42 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-12-19 08:19 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2009-12-19 08:19 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2009-12-18 16:54 . 2009-12-18 16:54 -------- d-----w- c:\program files\trend micro
2009-12-18 16:54 . 2009-12-18 16:54 -------- d-----w- C:\rsit
2009-11-28 11:19 . 2009-11-28 11:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Nokia
2009-11-28 11:19 . 2009-11-28 11:19 -------- d-----w- c:\program files\Common Files\Nokia
2009-11-28 11:18 . 2009-11-28 11:18 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-11-28 11:18 . 2009-11-28 11:20 -------- d-----w- c:\documents and settings\PC\Application Data\Nokia
2009-11-28 11:17 . 2009-11-28 11:17 -------- d-----w- c:\program files\Common Files\PCSuite
2009-11-28 11:17 . 2009-11-28 11:17 -------- d-----w- c:\program files\DIFX
2009-11-28 11:17 . 2009-11-28 11:17 -------- d-----w- c:\documents and settings\PC\Application Data\PC Suite
2009-11-28 11:17 . 2009-11-28 11:17 -------- d-----w- c:\program files\PC Connectivity Solution
2009-11-28 11:16 . 2009-11-28 11:19 -------- d-----w- c:\program files\Nokia
2009-11-28 11:16 . 2007-02-22 09:15 90624 ----a-w- c:\windows\system32\nmwcdcls.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-19 21:03 . 2009-01-03 10:15 -------- d-----w- c:\program files\Crawler
2009-12-12 17:33 . 2009-10-30 08:57 -------- d-----w- c:\program files\FlashAD2706
2009-10-29 07:46 . 2003-03-31 12:00 832512 ------w- c:\windows\system32\wininet.dll
2009-10-29 07:46 . 2008-11-25 07:52 78336 ------w- c:\windows\system32\ieencode.dll
2009-10-29 07:46 . 2003-03-31 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-10-28 12:29 . 2009-10-28 12:28 -------- d-----w- c:\program files\Kodek CZ
2009-10-28 12:24 . 2009-10-28 12:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-10-28 12:24 . 2009-10-28 12:24 -------- d-----w- c:\program files\QuickTime Alternative
2009-10-28 12:21 . 2009-10-28 12:21 -------- d-----w- c:\program files\Xvid CZ
2009-10-27 13:09 . 2009-10-27 13:09 -------- d-----w- c:\documents and settings\All Users\Application Data\realtech VR
2009-10-27 13:09 . 2009-10-27 13:09 -------- d-----w- c:\program files\realtech VR
2009-10-21 05:38 . 2008-11-25 07:52 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 05:38 . 2008-11-25 07:52 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-20 16:20 . 2008-11-25 07:49 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-13 10:30 . 2003-03-31 12:00 270336 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:38 . 2003-03-31 12:00 149504 ----a-w- c:\windows\system32\rastls.dll
2009-10-12 13:38 . 2003-03-31 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 1044480 ----a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-02-24 19:34 . 2009-02-24 19:34 200704 ----a-w- c:\program files\opera\program\plugins\ssldivx.dll
.

------- Sigcheck -------

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9425B72F40257B45D45D24773273DAD0 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . ACCF5A9A1FFAA490F33DBA1C632B95E1 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[-] 2003-03-31 . 244A2F9816BC9B593957281EF577D976 . 332928 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
((((((((((((((((((((((((((((( SnapShot@2009-12-19_18.27.59 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-12-19 22:20 . 2009-12-19 22:20 16384 c:\windows\Temp\Perflib_Perfdata_108.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-23 68856]
"Steam"="d:\steam\steam.exe" [2009-10-24 1217808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2004-06-18 67584]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-12-22 241664]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-14 148888]
"NSLauncher"="c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-11-06 3096576]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Application Data\Microsoft\Shortcuts\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2003-9-16 237568]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BlueSoleil.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\BlueSoleil.lnk
backup=c:\windows\pss\BlueSoleil.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"d:\\CS 1.6 verzia 32 NonSteam\\hl.exe"=
"d:\\Steam\\steamapps\\masakerko_1337\\counter-strike\\hl.exe"=
"d:\\Steam\\steamapps\\masakerko_1337\\dedicated server\\hlds.exe"=
"c:\\WINDOWS\\system32\\Ati2evxx.exe"=
"d:\\Steam\\steamapps\\masakerko_1337\\condition zero deleted scenes\\hl.exe"=
"d:\\battlefield 1942\\BF1942.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\FlashAD2706\\flashAD2706.exe"=
"d:\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.4.2009 12:31 721904]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 14:47 107256]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [27.4.2009 15:09 51072]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [14.5.2009 14:47 731840]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [23.1.2009 22:52 222456]
S2 gupdate1c9bd152a60a;Služba Google Update (gupdate1c9bd152a60a);c:\program files\Google\Update\GoogleUpdate.exe [14.4.2009 16:23 133104]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.azet.sk/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Crawler Search - tbr:iemenu
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\s1a41zlz.default\
FF - prefs.js: keyword.URL - hxxp://www.crawler.com/search/dispatcher.aspx? ... 60076&qkw=
FF - component: c:\program files\Crawler\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\firefox\components\xwsg.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-19 23:21
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys prosync1.sys hal.dll atapi.sys spou.sys >>UNKNOWN [0x8678C938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7872f28
\Driver\ACPI -> ACPI.sys @ 0xf76cccb8
\Driver\atapi -> prosync1.sys @ 0xf7d346c1
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a05a9
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: Realtek RTL8139 Family PCI Fast Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xf7591bd4
PacketIndicateHandler -> NDIS.sys @ 0xf759da21
SendHandler -> NDIS.sys @ 0xf7591d44
user & kernel MBR OK

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(992)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll

- - - - - - - > 'lsass.exe'(1048)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll

- - - - - - - > 'explorer.exe'(700)
c:\windows\system32\WININET.dll
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
d:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\Ati2evxx.exe
c:\windows\SOUNDMAN.EXE
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\windows\system32\HPZipm12.exe
c:\program files\HP\hpcoretech\comp\hpdarc.exe
.
**************************************************************************
.
Completion time: 2009-12-19 23:29:07 - machine was rebooted
ComboFix-quarantined-files.txt 2009-12-19 22:29

Pre-Run: 7 875 657 728 bytes free
Post-Run: 7 882 760 192 bytes free

- - End Of File - - 8CC8414846B28036BE151F93534EBC0A

[motji]

Jak to vypadá s počítačem ted?

[Masakerko]

No som skusal zapnut tu hru, a fps je bohuzial stale okolo 20, ale uz skace aj na 40, ale laguje stale...