Kazdy internetovy prehliadac hlasi chybu

[SlavoK]

No tak stiahol som to na plochu, spustil a nič. Nefunguje

[SlavoK]

Dump súbor som uploadol tu:

Kód: Vybrat vše

http://www.sendspace.com/file/tocc03

Keď to všetko spravím tak potom napíšem. Najskôr asi zajtra.

[SlavoK]

Tak spravil som to pomocou CD, do prílohy dávam výpis z OTLPE.

[SlavoK]

C:\Physical0MBR.bin:

SHA256: 0ae7e3877d60e1250b4361c4ca48a5d1f5b58693397c367721a60732a52e4511
SHA1: eda66d8a34dbd4ec1cb53b315a8da534284b1294
MD5: 7a37fcf060467777aa7d54424732da6a
File size: 512 bytes ( 512 bytes )
File type: unknown
Detection ratio: 13 / 43
Analysis date: 2012-01-22 11:12:39 UTC ( 0 minutes ago )

[SlavoK]

C:\WINDOWS\system32\drivers\atksgt.sys:

SHA256: ff53e843a99948568515964c3c97107fa875bbc3f2906badee0b29ace5532f0d
SHA1: f447e42bbd4aa4ec348bde7ff051251d79dc32c0
MD5: f0d933b42cd0594048e4d5200ae9e417
File size: 275.2 KB ( 281760 bytes )
File type: Win32 EXE
Detection ratio: 0 / 43
Analysis date: 2012-01-22 11:16:50 UTC ( 0 minutes ago )

[SlavoK]

OK

[SlavoK]

Spravil som to všetko, tu je výpis:

13:33:37.0406 2328 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
13:33:39.0406 2328 ============================================================
13:33:39.0406 2328 Current date / time: 2012/01/22 13:33:39.0406
13:33:39.0406 2328 SystemInfo:
13:33:39.0406 2328
13:33:39.0406 2328 OS Version: 5.1.2600 ServicePack: 3.0
13:33:39.0406 2328 Product type: Workstation
13:33:39.0406 2328 ComputerName: SLAVOK2
13:33:39.0406 2328 UserName: SlavoK
13:33:39.0406 2328 Windows directory: C:\WINDOWS
13:33:39.0406 2328 System windows directory: C:\WINDOWS
13:33:39.0406 2328 Processor architecture: Intel x86
13:33:39.0406 2328 Number of processors: 2
13:33:39.0406 2328 Page size: 0x1000
13:33:39.0406 2328 Boot type: Normal boot
13:33:39.0406 2328 ============================================================
13:33:41.0187 2328 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:33:41.0312 2328 Initialize success
13:34:00.0593 2672 ============================================================
13:34:00.0593 2672 Scan started
13:34:00.0593 2672 Mode: Manual; SigCheck; TDLFS;
13:34:00.0593 2672 ============================================================
13:34:01.0187 2672 7dd362c4 - ok
13:34:01.0187 2672 Abiosdsk - ok
13:34:01.0203 2672 abp480n5 - ok
13:34:01.0234 2672 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:34:02.0312 2672 ACPI - ok
13:34:02.0390 2672 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:34:02.0531 2672 ACPIEC - ok
13:34:02.0546 2672 adpu160m - ok
13:34:02.0578 2672 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:34:02.0687 2672 aec - ok
13:34:02.0734 2672 Afc (a7b8a3a79d35215d798a300df49ed23f) C:\WINDOWS\system32\drivers\Afc.sys
13:34:02.0750 2672 Afc ( UnsignedFile.Multi.Generic ) - warning
13:34:02.0750 2672 Afc - detected UnsignedFile.Multi.Generic (1)
13:34:02.0765 2672 AFD (322d0e36693d6e24a2398bee62a268cd) C:\WINDOWS\System32\drivers\afd.sys
13:34:02.0859 2672 AFD - ok
13:34:02.0859 2672 Aha154x - ok
13:34:02.0875 2672 aic78u2 - ok
13:34:02.0890 2672 aic78xx - ok
13:34:02.0921 2672 AliIde - ok
13:34:02.0968 2672 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
13:34:02.0984 2672 AmdK8 - ok
13:34:03.0046 2672 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
13:34:03.0062 2672 AmdLLD - ok
13:34:03.0062 2672 amsint - ok
13:34:03.0078 2672 asc - ok
13:34:03.0093 2672 asc3350p - ok
13:34:03.0109 2672 asc3550 - ok
13:34:03.0156 2672 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:34:03.0250 2672 AsyncMac - ok
13:34:03.0265 2672 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:34:03.0359 2672 atapi - ok
13:34:03.0375 2672 Atdisk - ok
13:34:03.0437 2672 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\WINDOWS\system32\DRIVERS\atksgt.sys
13:34:05.0562 2672 atksgt - ok
13:34:05.0640 2672 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:34:05.0750 2672 Atmarpc - ok
13:34:05.0812 2672 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:34:05.0906 2672 audstub - ok
13:34:05.0984 2672 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:34:06.0093 2672 Beep - ok
13:34:06.0156 2672 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
13:34:06.0234 2672 BthEnum - ok
13:34:06.0265 2672 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
13:34:06.0359 2672 BthPan - ok
13:34:06.0390 2672 BTHPORT (10b85171b90c449f8da71c2640b797e9) C:\WINDOWS\system32\Drivers\BTHport.sys
13:34:06.0500 2672 BTHPORT - ok
13:34:06.0515 2672 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
13:34:06.0609 2672 BTHUSB - ok
13:34:06.0718 2672 catchme - ok
13:34:06.0812 2672 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:34:06.0921 2672 cbidf2k - ok
13:34:06.0953 2672 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:34:07.0031 2672 CCDECODE - ok
13:34:07.0046 2672 cd20xrnt - ok
13:34:07.0078 2672 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:34:07.0203 2672 Cdaudio - ok
13:34:07.0218 2672 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:34:07.0296 2672 Cdfs - ok
13:34:07.0312 2672 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:34:07.0406 2672 Cdrom - ok
13:34:07.0421 2672 Changer - ok
13:34:07.0453 2672 CmdIde - ok
13:34:07.0468 2672 Cpqarray - ok
13:34:07.0484 2672 d0c3a864 - ok
13:34:07.0500 2672 dac2w2k - ok
13:34:07.0500 2672 dac960nt - ok
13:34:07.0531 2672 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:34:07.0625 2672 Disk - ok
13:34:07.0656 2672 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
13:34:07.0781 2672 dmboot - ok
13:34:07.0781 2672 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
13:34:07.0875 2672 dmio - ok
13:34:07.0890 2672 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:34:08.0000 2672 dmload - ok
13:34:08.0031 2672 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:34:08.0125 2672 DMusic - ok
13:34:08.0125 2672 dpti2o - ok
13:34:08.0156 2672 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:34:08.0234 2672 drmkaud - ok
13:34:08.0250 2672 dwshd - ok
13:34:08.0265 2672 EagleNT - ok
13:34:08.0312 2672 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
13:34:08.0312 2672 ElbyCDFL - ok
13:34:08.0328 2672 ElbyCDIO (178cc9403816c082d22a1d47fa1f9c85) C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
13:34:08.0328 2672 ElbyCDIO - ok
13:34:08.0359 2672 enodpl (b4556f3d468c8dcb0b259d9d866cd4c4) C:\WINDOWS\system32\drivers\enodpl.sys
13:34:08.0375 2672 enodpl ( UnsignedFile.Multi.Generic ) - warning
13:34:08.0375 2672 enodpl - detected UnsignedFile.Multi.Generic (1)
13:34:08.0421 2672 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:34:08.0515 2672 Fastfat - ok
13:34:08.0531 2672 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
13:34:08.0625 2672 Fdc - ok
13:34:08.0640 2672 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
13:34:08.0734 2672 Fips - ok
13:34:08.0765 2672 FIXUSTOR (ca0466b4d477426dabf21ec668e9dc85) C:\WINDOWS\system32\DRIVERS\fixustor.sys
13:34:08.0781 2672 FIXUSTOR ( UnsignedFile.Multi.Generic ) - warning
13:34:08.0781 2672 FIXUSTOR - detected UnsignedFile.Multi.Generic (1)
13:34:08.0796 2672 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
13:34:08.0875 2672 Flpydisk - ok
13:34:08.0937 2672 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
13:34:09.0015 2672 FltMgr - ok
13:34:09.0046 2672 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
13:34:09.0171 2672 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
13:34:09.0171 2672 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
13:34:09.0187 2672 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:34:09.0312 2672 Fs_Rec - ok
13:34:09.0328 2672 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:34:09.0453 2672 Ftdisk - ok
13:34:09.0468 2672 GMSIPCI - ok
13:34:09.0515 2672 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:34:09.0593 2672 Gpc - ok
13:34:09.0640 2672 hamachi (d30b31375c40309425c21efe75db90bb) C:\WINDOWS\system32\DRIVERS\hamachi.sys
13:34:09.0640 2672 hamachi - ok
13:34:09.0671 2672 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:34:09.0750 2672 HDAudBus - ok
13:34:09.0765 2672 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:34:09.0859 2672 HidUsb - ok
13:34:09.0875 2672 hpn - ok
13:34:09.0906 2672 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys
13:34:09.0984 2672 HTTP - ok
13:34:09.0984 2672 i2omgmt - ok
13:34:10.0000 2672 i2omp - ok
13:34:10.0015 2672 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:34:10.0109 2672 i8042prt - ok
13:34:10.0140 2672 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:34:10.0218 2672 Imapi - ok
13:34:10.0234 2672 ini910u - ok
13:34:10.0359 2672 IntcAzAudAddService (f7f3328544e1ac2e97caea9b39d9b9de) C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:34:10.0609 2672 IntcAzAudAddService - ok
13:34:10.0640 2672 IntelIde - ok
13:34:10.0671 2672 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
13:34:10.0765 2672 Ip6Fw - ok
13:34:10.0812 2672 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:34:10.0921 2672 IpFilterDriver - ok
13:34:10.0937 2672 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:34:11.0015 2672 IpInIp - ok
13:34:11.0031 2672 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:34:11.0125 2672 IpNat - ok
13:34:11.0140 2672 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:34:11.0234 2672 IPSec - ok
13:34:11.0250 2672 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:34:11.0328 2672 IRENUM - ok
13:34:11.0343 2672 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:34:11.0437 2672 isapnp - ok
13:34:11.0468 2672 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:34:11.0546 2672 Kbdclass - ok
13:34:11.0546 2672 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:34:11.0640 2672 kbdhid - ok
13:34:11.0656 2672 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:34:11.0734 2672 kmixer - ok
13:34:11.0750 2672 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys
13:34:11.0843 2672 KSecDD - ok
13:34:11.0859 2672 lbrtfdc - ok
13:34:11.0890 2672 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
13:34:11.0906 2672 lirsgt - ok
13:34:11.0953 2672 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
13:34:11.0953 2672 MBAMProtector - ok
13:34:11.0968 2672 mcdbus - ok
13:34:12.0000 2672 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:34:12.0125 2672 mnmdd - ok
13:34:12.0140 2672 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
13:34:12.0234 2672 Modem - ok
13:34:12.0250 2672 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:34:12.0328 2672 Mouclass - ok
13:34:12.0359 2672 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:34:12.0468 2672 mouhid - ok
13:34:12.0484 2672 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:34:12.0578 2672 MountMgr - ok
13:34:12.0578 2672 mraid35x - ok
13:34:12.0609 2672 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:34:12.0687 2672 MRxDAV - ok
13:34:12.0718 2672 MRxSmb (68755f0ff16070178b54674fe5b847b0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:34:12.0796 2672 MRxSmb - ok
13:34:12.0828 2672 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:34:12.0906 2672 Msfs - ok
13:34:12.0906 2672 MSICPL - ok
13:34:12.0921 2672 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:34:13.0015 2672 MSKSSRV - ok
13:34:13.0031 2672 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:34:13.0125 2672 MSPCLOCK - ok
13:34:13.0140 2672 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:34:13.0218 2672 MSPQM - ok
13:34:13.0234 2672 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:34:13.0328 2672 mssmbios - ok
13:34:13.0359 2672 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
13:34:13.0453 2672 MSTEE - ok
13:34:13.0468 2672 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
13:34:13.0546 2672 Mup - ok
13:34:13.0593 2672 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:34:13.0671 2672 NABTSFEC - ok
13:34:13.0703 2672 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:34:13.0796 2672 NDIS - ok
13:34:13.0796 2672 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:34:13.0890 2672 NdisIP - ok
13:34:13.0890 2672 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:34:13.0984 2672 NdisTapi - ok
13:34:14.0000 2672 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:34:14.0078 2672 Ndisuio - ok
13:34:14.0093 2672 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:34:14.0171 2672 NdisWan - ok
13:34:14.0218 2672 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
13:34:14.0296 2672 NDProxy - ok
13:34:14.0328 2672 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:34:14.0421 2672 NetBIOS - ok
13:34:14.0437 2672 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:34:14.0531 2672 NetBT - ok
13:34:14.0562 2672 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:34:14.0656 2672 Npfs - ok
13:34:14.0656 2672 NTACCESS - ok
13:34:14.0687 2672 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:34:14.0781 2672 Ntfs - ok
13:34:14.0796 2672 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:34:14.0906 2672 Null - ok
13:34:15.0343 2672 nv (c4267be1fa6b5dfe5a7559f804e31cf5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:34:15.0671 2672 nv - ok
13:34:15.0703 2672 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:34:15.0812 2672 NwlnkFlt - ok
13:34:15.0843 2672 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:34:15.0953 2672 NwlnkFwd - ok
13:34:16.0015 2672 PAC207 (54183d1ec4a8658bbacb31acd0c8f6df) C:\WINDOWS\system32\DRIVERS\PFC027.SYS
13:34:16.0093 2672 PAC207 - ok
13:34:16.0125 2672 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
13:34:16.0218 2672 Parport - ok
13:34:16.0234 2672 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:34:16.0312 2672 PartMgr - ok
13:34:16.0343 2672 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
13:34:16.0453 2672 ParVdm - ok
13:34:16.0484 2672 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
13:34:16.0515 2672 pccsmcfd - ok
13:34:16.0531 2672 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
13:34:16.0625 2672 PCI - ok
13:34:16.0640 2672 PCIDump - ok
13:34:16.0687 2672 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:34:16.0781 2672 PCIIde - ok
13:34:16.0812 2672 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:34:16.0906 2672 Pcmcia - ok
13:34:16.0906 2672 PDCOMP - ok
13:34:16.0921 2672 PDFRAME - ok
13:34:16.0937 2672 PDRELI - ok
13:34:16.0953 2672 PDRFRAME - ok
13:34:16.0953 2672 perc2 - ok
13:34:16.0968 2672 perc2hib - ok
13:34:17.0015 2672 pfc (5903fa75200807ad739286bbf40c4904) C:\WINDOWS\system32\drivers\pfc.sys
13:34:17.0031 2672 pfc ( UnsignedFile.Multi.Generic ) - warning
13:34:17.0031 2672 pfc - detected UnsignedFile.Multi.Generic (1)
13:34:17.0078 2672 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:34:17.0156 2672 PptpMiniport - ok
13:34:17.0171 2672 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
13:34:17.0250 2672 Processor - ok
13:34:17.0265 2672 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:34:17.0343 2672 PSched - ok
13:34:17.0359 2672 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:34:17.0468 2672 Ptilink - ok
13:34:17.0500 2672 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:34:17.0500 2672 PxHelp20 - ok
13:34:17.0515 2672 ql1080 - ok
13:34:17.0515 2672 Ql10wnt - ok
13:34:17.0531 2672 ql12160 - ok
13:34:17.0546 2672 ql1240 - ok
13:34:17.0546 2672 ql1280 - ok
13:34:17.0562 2672 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:34:17.0671 2672 RasAcd - ok
13:34:17.0718 2672 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:34:17.0812 2672 Rasl2tp - ok
13:34:17.0812 2672 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:34:17.0890 2672 RasPppoe - ok
13:34:17.0906 2672 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:34:18.0015 2672 Raspti - ok
13:34:18.0046 2672 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:34:18.0140 2672 Rdbss - ok
13:34:18.0156 2672 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:34:18.0265 2672 RDPCDD - ok
13:34:18.0281 2672 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:34:18.0375 2672 rdpdr - ok
13:34:18.0421 2672 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
13:34:18.0515 2672 RDPWD - ok
13:34:18.0531 2672 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:34:18.0625 2672 redbook - ok
13:34:18.0656 2672 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
13:34:18.0750 2672 RFCOMM - ok
13:34:18.0796 2672 RTLE8023xp (e6e5af7d6920824b066832d3e1665506) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
13:34:18.0828 2672 RTLE8023xp - ok
13:34:18.0875 2672 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:34:18.0953 2672 Secdrv - ok
13:34:19.0000 2672 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:34:19.0078 2672 serenum - ok
13:34:19.0093 2672 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
13:34:19.0187 2672 Serial - ok
13:34:19.0218 2672 SetupNTGLM7X - ok
13:34:19.0250 2672 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:34:19.0328 2672 Sfloppy - ok
13:34:19.0359 2672 Simbad - ok
13:34:19.0390 2672 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:34:19.0468 2672 SLIP - ok
13:34:19.0484 2672 Sparrow - ok
13:34:19.0500 2672 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:34:19.0578 2672 splitter - ok
13:34:19.0640 2672 sptd (a80cd850d69d996c832bea37e3a6aa1e) C:\WINDOWS\system32\Drivers\sptd.sys
13:34:19.0640 2672 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: a80cd850d69d996c832bea37e3a6aa1e
13:34:19.0640 2672 sptd ( LockedFile.Multi.Generic ) - warning
13:34:19.0640 2672 sptd - detected LockedFile.Multi.Generic (1)
13:34:19.0656 2672 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
13:34:19.0734 2672 sr - ok
13:34:19.0765 2672 Srv (5252605079810904e31c332e241cd59b) C:\WINDOWS\system32\DRIVERS\srv.sys
13:34:19.0843 2672 Srv - ok
13:34:19.0890 2672 ss_bbus (eaa66218cd39f5bb1b4853a78c67c787) C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
13:34:19.0890 2672 ss_bbus - ok
13:34:19.0906 2672 ss_bmdfl (91765f99914ed8693d8bc76524f21581) C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
13:34:19.0906 2672 ss_bmdfl - ok
13:34:19.0921 2672 ss_bmdm (840e7b738b03c10ee91d9b7d3d6eff15) C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
13:34:19.0937 2672 ss_bmdm - ok
13:34:19.0953 2672 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:34:20.0031 2672 streamip - ok
13:34:20.0046 2672 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:34:20.0125 2672 swenum - ok
13:34:20.0140 2672 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:34:20.0234 2672 swmidi - ok
13:34:20.0250 2672 symc810 - ok
13:34:20.0250 2672 symc8xx - ok
13:34:20.0265 2672 sym_hi - ok
13:34:20.0281 2672 sym_u3 - ok
13:34:20.0296 2672 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:34:20.0375 2672 sysaudio - ok
13:34:20.0406 2672 tandpl (126d7b3b4c7b724491c604060e1f4e14) C:\WINDOWS\system32\drivers\tandpl.sys
13:34:20.0421 2672 tandpl ( UnsignedFile.Multi.Generic ) - warning
13:34:20.0421 2672 tandpl - detected UnsignedFile.Multi.Generic (1)
13:34:20.0453 2672 Tcpip (93ea8d04ec73a85db02eb8805988f733) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:34:20.0546 2672 Tcpip - ok
13:34:20.0562 2672 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:34:20.0640 2672 TDPIPE - ok
13:34:20.0656 2672 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:34:20.0734 2672 TDTCP - ok
13:34:20.0750 2672 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:34:20.0828 2672 TermDD - ok
13:34:20.0843 2672 TosIde - ok
13:34:20.0859 2672 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:34:20.0937 2672 Udfs - ok
13:34:20.0953 2672 ultra - ok
13:34:20.0984 2672 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:34:21.0093 2672 Update - ok
13:34:21.0109 2672 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:34:21.0203 2672 usbccgp - ok
13:34:21.0203 2672 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:34:21.0281 2672 usbehci - ok
13:34:21.0312 2672 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:34:21.0390 2672 usbhub - ok
13:34:21.0406 2672 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:34:21.0500 2672 usbohci - ok
13:34:21.0515 2672 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:34:21.0593 2672 usbprint - ok
13:34:21.0609 2672 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:34:21.0687 2672 usbscan - ok
13:34:21.0718 2672 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:34:21.0796 2672 USBSTOR - ok
13:34:21.0859 2672 USTOR2K (db130b3d5e24c5c9f6e5f7219bd27414) C:\WINDOWS\system32\DRIVERS\ustor2k.sys
13:34:21.0859 2672 USTOR2K ( UnsignedFile.Multi.Generic ) - warning
13:34:21.0859 2672 USTOR2K - detected UnsignedFile.Multi.Generic (1)
13:34:21.0875 2672 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:34:21.0968 2672 VgaSave - ok
13:34:21.0984 2672 ViaIde - ok
13:34:22.0000 2672 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
13:34:22.0078 2672 VolSnap - ok
13:34:22.0109 2672 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:34:22.0187 2672 Wanarp - ok
13:34:22.0187 2672 WDICA - ok
13:34:22.0218 2672 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:34:22.0296 2672 wdmaud - ok
13:34:22.0359 2672 WpdUsb (c1b3d9d75c3fb735f5fa3a5806aded57) C:\WINDOWS\system32\Drivers\wpdusb.sys
13:34:22.0375 2672 WpdUsb - ok
13:34:22.0421 2672 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:34:22.0531 2672 WS2IFSL - ok
13:34:22.0562 2672 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:34:22.0640 2672 WSTCODEC - ok
13:34:22.0656 2672 xwoarh - ok
13:34:22.0718 2672 zlportio - ok
13:34:22.0750 2672 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
13:34:22.0937 2672 \Device\Harddisk0\DR0 - ok
13:34:22.0937 2672 Boot (0x1200) (b3b62682d1e146ef7d5e69e209b4581b) \Device\Harddisk0\DR0\Partition0
13:34:22.0937 2672 \Device\Harddisk0\DR0\Partition0 - ok
13:34:22.0968 2672 Boot (0x1200) (933f9845870de4ce3d1f71a2d0985e61) \Device\Harddisk0\DR0\Partition1
13:34:22.0968 2672 \Device\Harddisk0\DR0\Partition1 - ok
13:34:22.0968 2672 ============================================================
13:34:22.0968 2672 Scan finished
13:34:22.0968 2672 ============================================================
13:34:23.0093 2664 Detected object count: 8
13:34:23.0093 2664 Actual detected object count: 8
13:34:36.0109 2664 Afc ( UnsignedFile.Multi.Generic ) - skipped by user
13:34:36.0109 2664 Afc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:34:36.0109 2664 enodpl ( UnsignedFile.Multi.Generic ) - skipped by user
13:34:36.0109 2664 enodpl ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:34:36.0109 2664 FIXUSTOR ( UnsignedFile.Multi.Generic ) - skipped by user
13:34:36.0109 2664 FIXUSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:34:36.0125 2664 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
13:34:36.0125 2664 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:34:36.0125 2664 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
13:34:36.0125 2664 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:34:36.0125 2664 sptd ( LockedFile.Multi.Generic ) - skipped by user
13:34:36.0125 2664 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
13:34:36.0125 2664 tandpl ( UnsignedFile.Multi.Generic ) - skipped by user
13:34:36.0125 2664 tandpl ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:34:36.0125 2664 USTOR2K ( UnsignedFile.Multi.Generic ) - skipped by user
13:34:36.0125 2664 USTOR2K ( UnsignedFile.Multi.Generic ) - User select action: Skip

[SlavoK]

Tu som to uploadol:

Kód: Vybrat vše

http://www.sendspace.com/file/dftxiq

NIS som nainštaloval, momentálne skenuje, potom vypíšem čo našlo.

[SlavoK]

Tu je výsledok z norton internet security:
Statistika prověřování:
Délka prověřování: 5 708 sekund
Prověřované cíle: Celý počítač
Počty:
Celkový počet prověřených položek: 583 801
– Soubory a složky: 579 864
– Položky registru: 394
– Procesy a položky po spuštění: 2 881
– Položky sítě a prohlížeče: 657
– Jiné: 5
– Důvěryhodné soubory: 179
- Přeskočené soubory: 1

Celkový počet zjištěných bezpečnostních rizik: 27
Celkový počet vyřešených položek: 14
Celkový počet položek vyžadujících pozornost: 13

vyřešených hrozeb:
7 sled. soubory cookie
Typ: Odchylka
Riziko: Nízké (Nízké Skrytý, Nízké Odstranění, Nízké Výkon, Nízké Ochrana osobních údajů)
Kategorie: Sledovací soubory cookie
Stav: Plně vyřešeno
-----------
Sledovací soubory cookie: 7
Cookie:slavok@doubleclick.net/ - Odstraněno
Cookie:slavok@sonyonlineentertainment.112.2o7.net/ - Odstraněno
Cookie:slavok@hit.gemius.pl/ - Odstraněno
Cookie:slavok@oracle.112.2o7.net/ - Odstraněno
Cookie:slavok@ad.yieldmanager.com/ - Odstraněno
Cookie:slavok@yadro.ru/ - Odstraněno
- Odstraněno


Trojan.Patchep!inf
Typ: Odchylka
Riziko: Vysoké (Vysoké Skrytý, Vysoké Odstranění, Vysoké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Vir
Stav: Plně vyřešeno
-----------
Soubory 4
c:\windows\$ntservicepackuninstall$\lsass.exe - Odstraněno
c:\windows\$ntservicepackuninstall$\services.exe - Odstraněno
c:\windows\$ntservicepackuninstall$\explorer.exe - Odstraněno
c:\windows\$ntservicepackuninstall$\spoolsv.exe - Odstraněno
Mezipaměť prohlížeče 1



Trojan.Patchep!inf
Typ: Odchylka
Riziko: Vysoké (Vysoké Skrytý, Vysoké Odstranění, Vysoké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Vir
Stav: Plně vyřešeno
-----------
Soubory 2
c:\qoobox\quarantine\c\windows\system32\_005034_.tmp.dll.vir - Odstraněno
c:\qoobox\quarantine\c\windows\system32\_005017_.tmp.dll.vir - Odstraněno
Mezipaměť prohlížeče 1



Backdoor.Trojan
Typ: Odchylka
Riziko: Vysoké (Vysoké Skrytý, Vysoké Odstranění, Vysoké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Vir
Stav: Plně vyřešeno
-----------
Soubor 1
c:\documents and settings\slavok\doctorweb\quarantine\sdfix.exe - Odstraněno
Mezipaměť prohlížeče 1



WS.Malware.1
Typ: Odchylka
Riziko: Vysoké (Vysoké Skrytý, Vysoké Odstranění, Vysoké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Vir
Stav: Plně vyřešeno
-----------
Soubor 1
c:\documents and settings\slavok\my documents\programy\ultimate userbar creator\ultimateuserbarv130.exe - Odstraněno
Mezipaměť prohlížeče 1



Adware.DealHelper
Typ: Komprimováno
Riziko: Střední (Střední Skrytý, Nízké Odstranění, Nízké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Adware
Stav: Plně vyřešeno
-----------
Soubor 1
[atma_installer.exe] uvnitř [c:\documents and settings\slavok\my documents\iné\veci na hry\diablo2\atma_installer.zip] - Odstraněno


Trojan Horse
Typ: Odchylka
Riziko: Vysoké (Vysoké Skrytý, Vysoké Odstranění, Vysoké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Vir
Stav: Plně vyřešeno
-----------
Soubor 1
c:\documents and settings\slavok\my documents\inštalácie\sonyvegas\plugins\spicemaster pro v. 2.5\keygen.exe - Odstraněno
Mezipaměť prohlížeče 1



Trojan Horse
Typ: Odchylka
Riziko: Vysoké (Vysoké Skrytý, Vysoké Odstranění, Vysoké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Vir
Stav: Plně vyřešeno
-----------
Soubor 1
e:\games\savy\red alert 3 uprising\brewers.exe - Odstraněno
Mezipaměť prohlížeče 1





Nevyřešené hrozby:
Rizika v komprimovaném souboru Qoobox.rar
Typ: Komprimováno
Riziko: Vysoké (Vysoké Skrytý, Vysoké Odstranění, Vysoké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Vir
Stav: Nevyzkoušeno
-----------
Soubory 2
[c:\qoobox.rar] - Nevyzkoušeno


WS.Malware.2
Typ: Odchylka
Riziko: Vysoké (Vysoké Skrytý, Vysoké Odstranění, Vysoké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Vir
Stav: Přehled
-----------
Soubor 1
c:\documents and settings\slavok\application data\msj-driver-4532-56324-6224\winrsnbc.exe - Nezdarilo se
Mezipaměť prohlížeče 1



Backdoor.Sheedash!inf
Typ: Odchylka
Riziko: Vysoké (Vysoké Skrytý, Vysoké Odstranění, Vysoké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Vir
Stav: Přehled
-----------
Soubor 1
c:\documents and settings\slavok\doctorweb\quarantine\sfcfiles.dll - Nezdarilo se
Mezipaměť prohlížeče 1



Rizika v komprimovaném souboru mwav.exe
Typ: Komprimováno
Riziko: Vysoké (Vysoké Skrytý, Vysoké Odstranění, Vysoké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Heuristická detekce virů
Stav: Nevyzkoušeno
-----------
Soubory 4
[c:\documents and settings\slavok\my documents\programy\antivíry\mwav\mwav.exe] - Nevyzkoušeno


WS.Malware.2
Typ: Odchylka
Riziko: Vysoké (Vysoké Skrytý, Vysoké Odstranění, Vysoké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Vir
Stav: Přehled
-----------
Soubor 1
c:\documents and settings\slavok\my documents\iné\veci na hry\fate\fate119patch.exe - Nezdarilo se
Mezipaměť prohlížeče 1



Rizika v komprimovaném souboru acdsee.pro.2.v2.0.238.keymaker.only-core.rar
Typ: Komprimováno
Riziko: Vysoké (Vysoké Skrytý, Vysoké Odstranění, Vysoké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Vir
Stav: Nevyzkoušeno
-----------
Soubor 1
[c:\documents and settings\slavok\my documents\inštalácie\acdsee pro 2 v2.0.238\acdsee.pro.2.v2.0.238.keymaker.only-core.rar] - Nevyzkoušeno


Rizika v komprimovaném souboru gothic3v1.12nodvdfixedexeeuro.rar
Typ: Komprimováno
Riziko: Vysoké (Vysoké Skrytý, Vysoké Odstranění, Vysoké Výkon, Vysoké Ochrana osobních údajů)
Kategorie: Vir
Stav: Nevyzkoušeno
-----------
Soubor 1
[c:\documents and settings\slavok\my documents\inštalácie\gothic3v1.12nodvdfixedexeeuro.rar] - Nevyzkoušeno


WS.SecurityRisk.3
Typ: Odchylka
Riziko: Nízké (Nízké Skrytý, Nízké Odstranění, Nízké Výkon, Nízké Ochrana osobních údajů)
Kategorie: Bezpečnostní riziko
Stav: Nevyzkoušeno
-----------
Soubor 1
c:\documents and settings\slavok\my documents\inštalácie\sonyvegas\plugins\newblue fx\art effects.exe - Nebyla provedena žádná akce
Mezipaměť prohlížeče 1



Adware.Gen
Typ: Odchylka
Riziko: Nízké (Nízké Skrytý, Nízké Odstranění, Nízké Výkon, Nízké Ochrana osobních údajů)
Kategorie: Heuristická detekce virů
Stav: Nevyzkoušeno
-----------
Soubor 1
c:\documents and settings\slavok\my documents\inštalácie\sonyvegas\plugins\newblue fx\motion blends.exe - Nebyla provedena žádná akce
Mezipaměť prohlížeče 1

[vyosek]

Fajn, udelejte prosim novy sken pomoci MBRScanu

[SlavoK]

Kód: Vybrat vše

MBRScan v1.0.6

OS             : Windows XP Home Service Pack 3 (32 bit)
PROCESSOR      : x86 Family 15 Model 107 Stepping 2, AuthenticAMD
BOOT           : Normal Boot
DATE           : 2012/01/22 (ISO 8601) at 16:30:16
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __ST3250410AS (3.AAF)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	232.9 Go  [Fixed] ==> XP MBR Code

MBR_MD5   : C6BB26721E290C74AC71916FB59D8325
MBR_SHA1  : A009E00E6B251B686FFF5ACF65AA52E5DDA4F0DF

Device\Harddisk0\Partition1	107.4 Go  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2	125.5 Go  	0x07 NTFS / HPFS
________________________________________________________________________________


_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.м.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04   ¿..PW¹å.ó¤Ë½¾.±.
0x00000020   38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5   8n.|.u..Å.âôÍ..õ
0x00000030   83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B   .Æ.It.8,tö.µ.´..
0x00000040   F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88   ð¬<.tü»..´.Í.ëò.
0x00000050   4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B   N.èF.s*þF..~..t.
0x00000060   80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83   .~..t..¶.uÒ.F...
0x00000070   46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB   F...V..è!.s..¶.ë
0x00000080   BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0   ¼.>þ}Uªt..~..tÈ.
0x00000090   B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56   ·.ë©.ü.W.õË¿...V
0x000000A0   00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC   .´.Í.r#.Á$?..Þ.ü
0x000000B0   43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56   C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0   0A 77 23 72 05 39 46 08 73 1C B8 01 02 BB 00 7C   .w#r.9F.s.¸..».|
0x000000D0   8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A   .N..V.Í.sQOtN2ä.
0x000000E0   56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD   V.Í.ëä.V.`»ªU´AÍ
0x000000F0   13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60   .r6.ûUªu0öÁ.t+a`
0x00000100   6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A   j.j..v..v.j.h.|j
0x00000110   01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B   .j.´B.ôÍ.aas.Ot.
0x00000120   32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 49 6E 76 61   2ä.V.Í.ëÖaùÃInva
0x00000130   6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61   lid partition ta
0x00000140   62 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E   ble.Error loadin
0x00000150   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x00000160   65 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61   em.Missing opera
0x00000170   74 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00   ting system.....
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 2C 44 63 29 6A 29 6A 00 00 80 01   .....,Dc)j)j....
0x000001C0   01 00 07 FE FF FF 3F 00 00 00 C8 7D 6D 0D 00 00   ...þ..?...È}m...
0x000001D0   C1 FF 0F FE FF FF 07 7E 6D 0D B9 88 AE 0F 00 00   Á..þ...~m.¹.®...
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

[vyosek]

Fajn, nyni poprosim o novy log z ComboFixu - postup stejny jako minule

[SlavoK]

ComboFix 12-01-21.02 - SlavoK 22.01.2012 16:43:21.11.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2047.1190 [GMT 1:00]
Running from: c:\documents and settings\SlavoK\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-22 to 2012-01-22 )))))))))))))))))))))))))))))))
.
.
2012-01-22 16:45 . 2012-01-22 16:45 512 ----a-w- C:\Physical0MBR.bin
2012-01-22 13:11 . 2012-01-22 13:14 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-01-22 13:11 . 2012-01-22 13:11 -------- d-----w- c:\program files\Symantec
2012-01-22 13:11 . 2012-01-22 13:11 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2012-01-22 13:11 . 2012-01-22 13:11 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-01-22 13:10 . 2012-01-22 13:10 -------- d-----w- c:\windows\system32\drivers\NIS
2012-01-22 13:10 . 2012-01-22 13:10 -------- d-----w- c:\program files\Norton Internet Security
2012-01-22 13:10 . 2012-01-22 13:10 -------- d-----w- c:\program files\Windows Sidebar
2012-01-22 13:10 . 2012-01-22 13:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2012-01-22 13:10 . 2012-01-22 13:10 -------- d-----w- c:\program files\NortonInstaller
2012-01-21 23:20 . 2012-01-21 23:20 -------- d--h--w- c:\windows\system32\GroupPolicy
2012-01-21 17:08 . 2012-01-21 17:12 -------- d-----w- C:\UsbFix
2012-01-21 16:38 . 2012-01-21 16:49 -------- d-----w- c:\documents and settings\All Users\Application Data\RegCure
2012-01-21 16:27 . 2012-01-21 16:27 -------- d-----w- C:\VundoFix Backups
2012-01-21 15:25 . 2001-08-17 12:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys
2012-01-21 15:24 . 2008-04-13 23:10 43904 -c--a-w- c:\windows\system32\dllcache\sbp2port.sys
2012-01-21 15:23 . 2008-04-13 23:16 49024 -c--a-w- c:\windows\system32\dllcache\mstape.sys
2012-01-21 15:22 . 2001-08-17 21:36 45056 -c--a-w- c:\windows\system32\dllcache\icam5com.dll
2012-01-21 15:21 . 2001-08-17 11:12 24618 -c--a-w- c:\windows\system32\dllcache\fa410nd5.sys
2012-01-21 15:20 . 2008-04-13 23:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2012-01-21 15:19 . 2001-08-17 12:52 22400 -c--a-w- c:\windows\system32\dllcache\asc3350p.sys
2012-01-21 08:20 . 2011-09-20 18:22 553880 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe
2012-01-06 22:59 . 2012-01-06 22:59 -------- d-----w- c:\program files\CDisplay
2012-01-06 22:56 . 2012-01-06 22:57 -------- d-----w- c:\documents and settings\SlavoK\Application Data\Comical
2011-12-26 13:12 . 2011-12-26 13:12 -------- d-----w- c:\documents and settings\SlavoK\Application Data\Trine2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-21 17:12 . 2012-01-21 17:12 3296 ----a-w- C:\UsbFix_Upload_Me_SLAVOK2.zip
2012-01-06 22:56 . 2011-08-12 12:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 14:24 . 2009-05-05 18:09 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-23 16:45 . 2011-11-23 16:45 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-23 16:45 . 2010-05-21 13:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-28 08:00 . 2011-11-07 14:05 74752 ----a-w- c:\windows\system32\ff_vfw.dll
2007-02-13 15:22 . 2010-01-09 13:34 947472 ----a-w- c:\program files\msjava.dll
2009-07-14 00:16 . 2009-07-14 00:16 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-07-14 00:16 . 2009-07-14 00:16 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-21_19.37.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-22 12:33 . 2012-01-22 12:33 16384 c:\windows\temp\Perflib_Perfdata_748.dat
+ 2012-01-22 13:13 . 2012-01-22 13:13 16384 c:\windows\temp\Perflib_Perfdata_144.dat
+ 2012-01-22 13:10 . 2011-08-02 18:22 31864 c:\windows\system32\drivers\NIS\1301000.01C\srtspx.sys
+ 2012-01-22 13:10 . 2011-06-06 17:03 2801 c:\windows\system32\drivers\NIS\1301000.01C\SymVTcer.dat
+ 2012-01-22 13:10 . 2011-07-25 18:18 344184 c:\windows\system32\drivers\NIS\1301000.01C\symtdiv.sys
+ 2012-01-22 13:10 . 2011-07-25 18:18 387192 c:\windows\system32\drivers\NIS\1301000.01C\symtdi.sys
+ 2012-01-22 13:10 . 2011-07-25 18:18 314488 c:\windows\system32\drivers\NIS\1301000.01C\symnets.sys
+ 2012-01-22 13:10 . 2011-07-28 19:20 897656 c:\windows\system32\drivers\NIS\1301000.01C\SymEFA.sys
+ 2012-01-22 13:10 . 2011-07-25 18:18 340088 c:\windows\system32\drivers\NIS\1301000.01C\SymDS.sys
+ 2012-01-22 13:10 . 2011-08-02 18:22 566904 c:\windows\system32\drivers\NIS\1301000.01C\srtsp.sys
+ 2012-01-22 13:10 . 2011-07-25 18:15 149624 c:\windows\system32\drivers\NIS\1301000.01C\Ironx86.sys
+ 2012-01-22 13:10 . 2011-08-08 15:38 132744 c:\windows\system32\drivers\NIS\1301000.01C\ccSetx86.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LXCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-07-20 73728]
"lxccmon.exe"="c:\program files\Lexmark 3300 Series\lxccmon.exe" [2005-07-21 192512]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-08 13851752]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoAutorun"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 01000000
"NoSMMyPictures"= 01000000
"NoRecentDocsNetHood"= 01000000
"NoSMMyDocs"= 01000000
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 03:42 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-08-25 22:12 1753192 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"i:\\driver\\usb\\–Ľ‡‘Š•†‘Í€ŚŽ"=
"e:\\Games\\Blur\\Blur.exe"=
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\SlavoK\\Application Data\\MSJ-Driver-4532-56324-6224\\winrsnbc.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"e:\\Games\\Split Second\\SplitSecond.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1828:TCP"= 1828:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.5.2008 17:01 722416]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1301000.01C\SymDS.sys [22.1.2012 14:10 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1301000.01C\SymEFA.sys [22.1.2012 14:10 897656]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110723.001\BHDrvx86.sys [22.1.2012 14:10 815736]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1301000.01C\ccSetx86.sys [22.1.2012 14:10 132744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1301000.01C\Ironx86.sys [22.1.2012 14:10 149624]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [21.1.2012 9:45 652872]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [22.1.2012 14:10 138760]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSXpx86.sys [22.1.2012 14:10 356280]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5.5.2009 19:09 20464]
S1 7dd362c4;7dd362c4;c:\windows\system32\drivers\7dd362c4.sys --> c:\windows\system32\drivers\7dd362c4.sys [?]
S1 d0c3a864;d0c3a864;c:\windows\system32\drivers\d0c3a864.sys --> c:\windows\system32\drivers\d0c3a864.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 xwoarh;xwoarh; [x]
S3 FIXUSTOR;FIXUSTOR;c:\windows\system32\drivers\fixustor.sys [5.4.2010 18:22 12416]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [8.5.2010 9:37 36608]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.SYS [24.2.2005 12:29 508288]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [8.5.2010 9:37 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [8.5.2010 9:37 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [8.5.2010 9:37 121856]
S3 USTOR2K;USB Mass Storage Windows Driver;c:\windows\system32\drivers\ustor2k.sys [5.4.2010 18:17 28928]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
S3 zlportio;zlportio;\??\e:\games\UltraStar Deluxe\zlportio.sys --> e:\games\UltraStar Deluxe\zlportio.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 12518850
*NewlyCreated* - BHDRVX86
*NewlyCreated* - CCSET_NIS
*NewlyCreated* - EECTRL
*NewlyCreated* - ERASERUTILDRV11113
*NewlyCreated* - ERASERUTILDRVI13
*NewlyCreated* - IDSXPX86
*NewlyCreated* - NAVENG
*NewlyCreated* - NAVEX15
*NewlyCreated* - NIS
*NewlyCreated* - SRTSP
*NewlyCreated* - SRTSPX
*NewlyCreated* - SYMDS
*NewlyCreated* - SYMEFA
*NewlyCreated* - SYMEVENT
*NewlyCreated* - SYMIRON
*NewlyCreated* - SYMTDI
*Deregistered* - 12518850
*Deregistered* - EraserUtilDrv11113
*Deregistered* - EraserUtilDrvI13
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
Trusted Zone: sony.com\launchpad.patch.station
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\SlavoK\Application Data\Mozilla\Firefox\Profiles\ne6hvnge.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Linkification: {35106bca-6c78-48c7-ac28-56df30b51d2a} - %profile%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: U Flv: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: {7645f4b1-1f19-13dd-2d6b-0200600c2a56}: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: KFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a16}: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: VFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a17}: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
FF - Ext: VFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a18} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a18}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a18}: {8675f4b3-2f19-11ed-2d6b-0800600c0a18} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a18}
FF - Ext: Feedback module: {8675f4b3-2f19-11ed-2d6b-0800600c0a19} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a19}: {8675f4b3-2f19-11ed-2d6b-0800600c0a19} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
FF - Ext: SOE Web Installer: {000F1EA4-5E08-4564-A29B-29076F63A37A} - %profile%\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-22 16:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.1.0.28\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1454471165-1604221776-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1454471165-1604221776-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:0f,27,0f,82,b0,d4,0b,0a,7d,c0,e3,0b,81,91,24,99,5f,59,d5,63,84,
aa,5e,af,9c,93,fb,22,76,a9,11,0a,e6,84,cf,01,a5,f6,c3,8e,f6,bc,54,93,8f,e0,\
"rkeysecu"=hex:dc,e3,9b,b6,8f,b8,8b,dc,7e,0c,78,9f,d6,5d,b5,98
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3964)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
.
Completion time: 2012-01-22 16:55:14
ComboFix-quarantined-files.txt 2012-01-22 15:55
ComboFix2.txt 2012-01-21 19:54
.
Pre-Run: 1 060 610 048 bytes free
Post-Run: 1 036 980 224 voľných bajtov
.
- - End Of File - - 807951B31B43FD03E11A4857893DDF63

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Registry::
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
  "i:\\driver\\usb\\–Ľ‡‘Š•†‘Í€ŚŽ"=-
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
  "1828:TCP"=-
  "5000:UDP"=-
  
  Driver::
  xwoarh
  SetupNTGLM7X
  7dd362c4
  d0c3a864
   zlportio
  
  DDS::
  Trusted Zone: clonewarsadventures.com
  Trusted Zone: freerealms.com
  Trusted Zone: soe.com
  Trusted Zone: sony.com
  Trusted Zone: sony.com\launchpad.patch.station
  
  RegNull::
  [HKEY_USERS\S-1-5-21-1454471165-1604221776-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
  [HKEY_USERS\S-1-5-21-1454471165-1604221776-725345543-1003\Software\SecuROM\License information*]
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[SlavoK]

ComboFix 12-01-21.02 - SlavoK 22.01.2012 20:13:15.12.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2047.1285 [GMT 1:00]
Running from: c:\documents and settings\SlavoK\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\SlavoK\Desktop\CFScript.txt
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SETUPNTGLM7X
-------\Legacy_xwoarh
-------\Service_7dd362c4
-------\Service_d0c3a864
-------\Service_SetupNTGLM7X
-------\Service_xwoarh
-------\Service_zlportio
.
.
((((((((((((((((((((((((( Files Created from 2011-12-22 to 2012-01-22 )))))))))))))))))))))))))))))))
.
.
2012-01-22 16:45 . 2012-01-22 16:45 512 ----a-w- C:\Physical0MBR.bin
2012-01-22 13:11 . 2012-01-22 13:14 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-01-22 13:11 . 2012-01-22 13:11 -------- d-----w- c:\program files\Symantec
2012-01-22 13:11 . 2012-01-22 13:11 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2012-01-22 13:11 . 2012-01-22 13:11 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-01-22 13:10 . 2012-01-22 13:10 -------- d-----w- c:\windows\system32\drivers\NIS
2012-01-22 13:10 . 2012-01-22 13:10 -------- d-----w- c:\program files\Norton Internet Security
2012-01-22 13:10 . 2012-01-22 13:10 -------- d-----w- c:\program files\Windows Sidebar
2012-01-22 13:10 . 2012-01-22 13:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2012-01-22 13:10 . 2012-01-22 13:10 -------- d-----w- c:\program files\NortonInstaller
2012-01-21 23:20 . 2012-01-21 23:20 -------- d--h--w- c:\windows\system32\GroupPolicy
2012-01-21 17:08 . 2012-01-21 17:12 -------- d-----w- C:\UsbFix
2012-01-21 16:38 . 2012-01-21 16:49 -------- d-----w- c:\documents and settings\All Users\Application Data\RegCure
2012-01-21 15:25 . 2001-08-17 12:28 794654 -c--a-w- c:\windows\system32\dllcache\usr1801.sys
2012-01-21 15:24 . 2008-04-13 23:10 43904 -c--a-w- c:\windows\system32\dllcache\sbp2port.sys
2012-01-21 15:23 . 2008-04-13 23:16 49024 -c--a-w- c:\windows\system32\dllcache\mstape.sys
2012-01-21 15:22 . 2001-08-17 21:36 45056 -c--a-w- c:\windows\system32\dllcache\icam5com.dll
2012-01-21 15:21 . 2001-08-17 11:12 24618 -c--a-w- c:\windows\system32\dllcache\fa410nd5.sys
2012-01-21 15:20 . 2008-04-13 23:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2012-01-21 15:19 . 2001-08-17 12:52 22400 -c--a-w- c:\windows\system32\dllcache\asc3350p.sys
2012-01-21 08:20 . 2011-09-20 18:22 553880 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe
2012-01-06 22:59 . 2012-01-06 22:59 -------- d-----w- c:\program files\CDisplay
2012-01-06 22:56 . 2012-01-06 22:57 -------- d-----w- c:\documents and settings\SlavoK\Application Data\Comical
2011-12-26 13:12 . 2011-12-26 13:12 -------- d-----w- c:\documents and settings\SlavoK\Application Data\Trine2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-06 22:56 . 2011-08-12 12:34 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 14:24 . 2009-05-05 18:09 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-23 16:45 . 2011-11-23 16:45 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-11-23 16:45 . 2010-05-21 13:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-28 08:00 . 2011-11-07 14:05 74752 ----a-w- c:\windows\system32\ff_vfw.dll
2007-02-13 15:22 . 2010-01-09 13:34 947472 ----a-w- c:\program files\msjava.dll
2009-07-14 00:16 . 2009-07-14 00:16 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-07-14 00:16 . 2009-07-14 00:16 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-21_19.37.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-22 19:24 . 2012-01-22 19:24 16384 c:\windows\temp\Perflib_Perfdata_758.dat
+ 2012-01-22 13:10 . 2011-08-02 18:22 31864 c:\windows\system32\drivers\NIS\1301000.01C\srtspx.sys
+ 2012-01-22 13:10 . 2011-06-06 17:03 2801 c:\windows\system32\drivers\NIS\1301000.01C\SymVTcer.dat
+ 2012-01-22 13:10 . 2011-07-25 18:18 344184 c:\windows\system32\drivers\NIS\1301000.01C\symtdiv.sys
+ 2012-01-22 13:10 . 2011-07-25 18:18 387192 c:\windows\system32\drivers\NIS\1301000.01C\symtdi.sys
+ 2012-01-22 13:10 . 2011-07-25 18:18 314488 c:\windows\system32\drivers\NIS\1301000.01C\symnets.sys
+ 2012-01-22 13:10 . 2011-07-28 19:20 897656 c:\windows\system32\drivers\NIS\1301000.01C\SymEFA.sys
+ 2012-01-22 13:10 . 2011-07-25 18:18 340088 c:\windows\system32\drivers\NIS\1301000.01C\SymDS.sys
+ 2012-01-22 13:10 . 2011-08-02 18:22 566904 c:\windows\system32\drivers\NIS\1301000.01C\srtsp.sys
+ 2012-01-22 13:10 . 2011-07-25 18:15 149624 c:\windows\system32\drivers\NIS\1301000.01C\Ironx86.sys
+ 2012-01-22 13:10 . 2011-08-08 15:38 132744 c:\windows\system32\drivers\NIS\1301000.01C\ccSetx86.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LXCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-07-20 73728]
"lxccmon.exe"="c:\program files\Lexmark 3300 Series\lxccmon.exe" [2005-07-21 192512]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-10-08 13851752]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoAutorun"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 01000000
"NoSMMyPictures"= 01000000
"NoRecentDocsNetHood"= 01000000
"NoSMMyDocs"= 01000000
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 03:42 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2010-08-25 22:12 1753192 ----a-w- c:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"e:\\Games\\Blur\\Blur.exe"=
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\SlavoK\\Application Data\\MSJ-Driver-4532-56324-6224\\winrsnbc.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"e:\\Games\\Split Second\\SplitSecond.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [26.5.2008 17:01 722416]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1301000.01C\SymDS.sys [22.1.2012 14:10 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1301000.01C\SymEFA.sys [22.1.2012 14:10 897656]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20110723.001\BHDrvx86.sys [22.1.2012 14:10 815736]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1301000.01C\ccSetx86.sys [22.1.2012 14:10 132744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1301000.01C\Ironx86.sys [22.1.2012 14:10 149624]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [21.1.2012 9:45 652872]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe [22.1.2012 14:10 138760]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [22.1.2012 14:56 106104]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20110726.001\IDSXpx86.sys [22.1.2012 14:10 356280]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [5.5.2009 19:09 20464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 FIXUSTOR;FIXUSTOR;c:\windows\system32\drivers\fixustor.sys [5.4.2010 18:22 12416]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [8.5.2010 9:37 36608]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\drivers\PFC027.SYS [24.2.2005 12:29 508288]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [8.5.2010 9:37 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [8.5.2010 9:37 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [8.5.2010 9:37 121856]
S3 USTOR2K;USB Mass Storage Windows Driver;c:\windows\system32\drivers\ustor2k.sys [5.4.2010 18:17 28928]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ERASERUTILREBOOTDRV
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\SlavoK\Application Data\Mozilla\Firefox\Profiles\ne6hvnge.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
FF - Ext: Linkification: {35106bca-6c78-48c7-ac28-56df30b51d2a} - %profile%\extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: U Flv: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: {7645f4b1-1f19-13dd-2d6b-0200600c2a56}: {7645f4b1-1f19-13dd-2d6b-0200600c2a56} - %profile%\extensions\{7645f4b1-1f19-13dd-2d6b-0200600c2a56}
FF - Ext: KFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a16}: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: VFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a17}: {8675f4b3-2f19-11ed-2d6b-0800600c0a17} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a17}
FF - Ext: VFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a18} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a18}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a18}: {8675f4b3-2f19-11ed-2d6b-0800600c0a18} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a18}
FF - Ext: Feedback module: {8675f4b3-2f19-11ed-2d6b-0800600c0a19} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a19}: {8675f4b3-2f19-11ed-2d6b-0800600c0a19} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a19}
FF - Ext: SOE Web Installer: {000F1EA4-5E08-4564-A29B-29076F63A37A} - %profile%\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Norton Vulnerability Protection: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-22 20:24
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.1.0.28\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(1400)
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\lxcccoms.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2012-01-22 20:28:25 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-22 19:28
ComboFix2.txt 2012-01-22 15:55
ComboFix3.txt 2012-01-21 19:54
.
Pre-Run: 1 053 765 632 bytes free
Post-Run: 1 043 742 720 voľných bajtov
.
- - End Of File - - 65403B2CE3E4E22182E05A8F036D9894