Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

nod 32 sa nespusti

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
herodeso
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 53
Registrován: 12 lis 2006 11:35
Bydliště: Slovensko

nod 32 sa nespusti

#1 Příspěvek od herodeso »

mam pc kde sa mi nespustil nod 32. Ked som chcel spustit nod32 control center napisalo mi: "chyba pri komunikaciou so sluzbou nod32 kernel". stiahol som norton 360 v 3,0 a ta mi nasla nejaku haved ale nod nejde aj tak. v roote som nasiel autorun inf a este zopar exe suborov ktore tam nemaju co robit, tie som vsetky zmazal rucne.tu je log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by zuzka at 2010-01-25 11:18:15
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 269 GB (88%) free of 305 GB
Total RAM: 3037 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:19:53, on 25. 1. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\msa.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\zuzka\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\zuzka.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [AmIcoSinglun] C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BMIMZMHMFM] C:\DOCUME~1\zuzka\LOCALS~1\Temp\Xrd.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 2711136343
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe (file missing)

--
End of file - 5393 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
C:\WINDOWS\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll [2010-01-24 378736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\3.5.2.11\IPSBHO.DLL [2010-01-24 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\3.5.2.11\coIEPlg.dll [2010-01-24 378736]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2009-02-26 141336]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2009-02-26 173592]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2009-02-26 142360]
"AmIcoSinglun"=C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2009-04-02 237568]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-03-23 33599488]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-03-30 418816]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe /WAITSERVICE []
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-10-11 155648]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BMIMZMHMFM"=C:\DOCUME~1\zuzka\LOCALS~1\Temp\Xrd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BMIMZMHMFM]
C:\DOCUME~1\zuzka\LOCALS~1\Temp\Xrd.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdoosoft]
C:\DOCUME~1\zuzka\LOCALS~1\Temp\herss.exe []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2009-02-20 206848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b2a7a1e-f3df-11de-a3b7-0025d35c66ed}]
shell\AutoRun\command - E:\qkm.exe
shell\open\command - E:\qkm.exe


======List of files/folders created in the last 1 months======

2010-01-25 11:18:17 ----D---- C:\Program Files\trend micro
2010-01-25 11:18:15 ----D---- C:\rsit
2010-01-25 11:15:40 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2010-01-24 18:57:32 ----D---- C:\Program Files\Symantec
2010-01-24 18:57:32 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2010-01-24 18:56:46 ----D---- C:\Program Files\Windows Sidebar
2010-01-24 18:56:46 ----D---- C:\Program Files\Norton 360
2010-01-24 18:53:29 ----D---- C:\Documents and Settings\All Users\Application Data\PCSettings
2010-01-24 18:53:27 ----D---- C:\Documents and Settings\All Users\Application Data\Norton
2010-01-24 18:51:56 ----D---- C:\Program Files\NortonInstaller
2010-01-24 18:51:56 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2010-01-24 17:16:38 ----A---- C:\WINDOWS\system32\capicom.dll
2010-01-24 17:16:20 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-01-24 17:14:21 ----A---- C:\WINDOWS\msa.exe
2010-01-24 17:13:29 ----A---- C:\WINDOWS\system32\BASSMOD.dll
2010-01-23 19:58:34 ----A---- C:\WINDOWS\WEBTRAN4.INI
2010-01-22 23:19:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-01-17 14:39:02 ----D---- C:\WINDOWS\pss
2010-01-16 16:48:13 ----D---- C:\WINDOWS\system32\appmgmt
2010-01-15 21:14:15 ----D---- C:\Documents and Settings\zuzka\Application Data\Google
2010-01-13 21:48:56 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-09 16:16:52 ----D---- C:\Documents and Settings\All Users\Application Data\Blizzard
2010-01-09 16:15:56 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-01-06 10:32:38 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-01-06 10:32:38 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-01-05 18:54:26 ----D---- C:\Program Files\POL
2010-01-05 18:16:49 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-05 18:16:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-01-05 18:16:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-01-05 18:16:00 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-01-05 17:57:15 ----D---- C:\WINDOWS\Prefetch
2010-01-05 17:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB976749$
2010-01-05 17:49:16 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2010-01-05 17:49:10 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-01-05 17:49:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-01-05 17:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-01-05 17:48:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974455$
2010-01-05 17:48:49 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-01-05 17:48:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-01-05 17:48:39 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-01-05 17:48:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-01-05 17:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-01-05 17:48:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-01-05 17:48:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-01-05 17:48:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-01-05 17:48:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-01-05 17:48:02 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-01-05 17:47:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2010-01-05 17:47:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2010-01-05 17:47:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-01-05 17:47:39 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-01-05 17:47:35 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-01-05 17:47:30 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-01-05 17:47:25 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-01-05 17:47:19 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-01-05 17:47:14 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-01-05 17:47:09 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-01-05 17:47:04 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2010-01-05 17:47:00 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-01-05 17:46:55 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-01-05 17:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-01-05 17:46:45 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-01-05 17:46:40 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-01-05 17:46:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-01-05 17:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-01-05 17:46:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-01-05 17:46:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-01-05 17:46:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-01-05 17:46:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-01-05 17:46:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-01-05 17:45:58 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-01-05 17:45:54 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-01-05 17:45:49 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-01-05 17:45:44 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-01-05 17:45:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-01-05 17:45:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-01-05 17:45:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951126$
2010-01-05 17:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-01-05 17:45:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-01-05 17:45:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-01-05 17:45:11 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-01-05 17:45:05 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-01-05 17:41:47 ----D---- C:\WINDOWS\system32\scripting
2010-01-05 17:41:47 ----D---- C:\WINDOWS\system32\en-us
2010-01-05 17:41:46 ----D---- C:\WINDOWS\system32\en
2010-01-05 17:41:46 ----D---- C:\WINDOWS\system32\bits
2010-01-05 17:41:46 ----D---- C:\WINDOWS\l2schemas
2010-01-05 17:38:05 ----D---- C:\WINDOWS\network diagnostic
2010-01-05 17:34:28 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-01-05 17:29:22 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-05 17:27:26 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

======List of files/folders modified in the last 1 months======

2010-01-25 11:18:17 ----RD---- C:\Program Files
2010-01-25 11:18:16 ----D---- C:\WINDOWS\Temp
2010-01-25 11:15:51 ----D---- C:\Program Files\Mozilla Firefox
2010-01-25 11:15:40 ----SHD---- C:\WINDOWS\Installer
2010-01-25 11:15:01 ----SD---- C:\WINDOWS\Tasks
2010-01-25 11:13:12 ----A---- C:\WINDOWS\wincmd.ini
2010-01-24 19:59:59 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-24 19:55:34 ----SH---- C:\boot.ini
2010-01-24 19:55:34 ----A---- C:\WINDOWS\win.ini
2010-01-24 19:55:34 ----A---- C:\WINDOWS\system.ini
2010-01-24 19:54:56 ----D---- C:\WINDOWS
2010-01-24 18:58:02 ----SHD---- C:\System Volume Information
2010-01-24 18:57:54 ----D---- C:\WINDOWS\system32
2010-01-24 18:57:53 ----HD---- C:\WINDOWS\inf
2010-01-24 18:57:53 ----D---- C:\WINDOWS\system32\drivers
2010-01-24 18:57:52 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-24 18:57:33 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-24 18:57:12 ----RA---- C:\WINDOWS\system32\GEARAspi.dll
2010-01-24 18:18:53 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-01-24 18:01:29 ----D---- C:\temp
2010-01-24 17:17:33 ----D---- C:\Program Files\Common Files
2010-01-23 16:44:00 ----A---- C:\WINDOWS\NeroDigital.ini
2010-01-22 23:19:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-22 15:45:35 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-16 22:11:37 ----SD---- C:\Documents and Settings\zuzka\Application Data\Microsoft
2010-01-16 20:07:57 ----D---- C:\Program Files\ESET
2010-01-13 21:49:04 ----A---- C:\WINDOWS\imsins.BAK
2010-01-10 15:33:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-08 00:00:00 ----D---- C:\WINDOWS\system32\Restore
2010-01-05 18:18:00 ----D---- C:\WINDOWS\AppPatch
2010-01-05 18:16:45 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-05 18:16:32 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-01-05 18:05:42 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-05 18:04:54 ----D---- C:\WINDOWS\SoftwareDistribution
2010-01-05 17:58:05 ----A---- C:\WINDOWS\OEWABLog.txt
2010-01-05 17:57:21 ----A---- C:\WINDOWS\setuplog.txt
2010-01-05 17:56:48 ----D---- C:\WINDOWS\system32\wbem
2010-01-05 17:56:48 ----D---- C:\WINDOWS\system32\Setup
2010-01-05 17:56:46 ----RSD---- C:\WINDOWS\Fonts
2010-01-05 17:55:01 ----D---- C:\WINDOWS\security
2010-01-05 17:48:15 ----D---- C:\Program Files\Outlook Express
2010-01-05 17:45:13 ----D---- C:\Program Files\Messenger
2010-01-05 17:42:14 ----D---- C:\WINDOWS\WinSxS
2010-01-05 17:42:09 ----D---- C:\Program Files\Windows Media Player
2010-01-05 17:41:55 ----D---- C:\WINDOWS\system32\inetsrv
2010-01-05 17:41:55 ----D---- C:\WINDOWS\ime
2010-01-05 17:41:55 ----D---- C:\WINDOWS\Help
2010-01-05 17:41:47 ----D---- C:\WINDOWS\system32\usmt
2010-01-05 17:41:47 ----D---- C:\Program Files\Internet Explorer
2010-01-05 17:41:46 ----D---- C:\WINDOWS\PeerNet
2010-01-05 17:41:46 ----D---- C:\Program Files\Movie Maker
2010-01-05 17:40:06 ----D---- C:\WINDOWS\ServicePackFiles
2010-01-05 17:39:58 ----D---- C:\WINDOWS\system32\npp
2010-01-05 17:39:58 ----D---- C:\WINDOWS\mui
2010-01-05 17:39:57 ----D---- C:\WINDOWS\msagent
2010-01-05 17:39:56 ----D---- C:\WINDOWS\srchasst
2010-01-05 17:39:56 ----D---- C:\Program Files\NetMeeting
2010-01-05 17:39:55 ----D---- C:\WINDOWS\system32\Com
2010-01-05 17:39:52 ----D---- C:\Program Files\Windows NT
2010-01-05 17:39:49 ----D---- C:\Program Files\Common Files\System
2010-01-05 17:39:33 ----D---- C:\WINDOWS\system32\oobe
2010-01-05 17:39:31 ----D---- C:\WINDOWS\system
2010-01-05 17:34:27 ----D---- C:\WINDOWS\ehome

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\system32\drivers\N360\0305020.00B\BHDrvx86.sys [2010-01-24 259632]
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\N360\0305020.00B\ccHPx86.sys [2010-01-24 482432]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100119.001\IDSxpx86.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2009-11-23 15424]
R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\system32\drivers\N360\0305020.00B\SRTSP.SYS [2010-01-24 308272]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\N360\0305020.00B\SRTSPX.SYS [2010-01-24 43696]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\system32\drivers\N360\0305020.00B\SYMTDI.SYS [2010-01-24 217136]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2009-02-13 1503840]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2009-03-19 991136]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 ETD;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2009-03-30 129024]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2010-01-24 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2009-02-20 6312864]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-12-16 38400]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2006-12-17 7680]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100124.004\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100124.004\NAVEX15.SYS []
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\system32\drivers\N360\0305020.00B\SYMFW.SYS [2010-01-24 89904]
R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\system32\drivers\N360\0305020.00B\SYMIDS.SYS [2010-01-24 33072]
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2010-01-24 36400]
R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\system32\drivers\N360\0305020.00B\SYMNDIS.SYS [2010-01-24 36400]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-03-20 1057280]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2009-11-23 512096]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2009-02-18 534312]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-24 156816]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-03-10 57384]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-10-30 47272]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CRFILTER;USB Mass Storage Filter; C:\WINDOWS\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2010-01-24 36400]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2009-03-23 349528]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [2010-01-24 117640]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe /svc []
S2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe []
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

-----------------EOF-----------------



info.txt logfile of random's system information tool 1.06 2010-01-25 11:19:59

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ACDSee 5.0 PowerPack Trial-->MsiExec.exe /I{E48A3003-0DB6-41A8-AEA7-B95989B5D505}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
AIMP2-->C:\Program Files\AIMP2\Uninstall.exe
AmIcoSingLun-->C:\Program Files\InstallShield Installation Information\{BF91B300-EEBC-4223-96F3-0FCBF7241B50}\setup.exe -runfromtemp -l0x0409
Atheros Client Installation Program-->C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe -runfromtemp -l0x0009 -removeonly
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0009 -removeonly
Classic Menu 4.x for Office 2007-->"C:\Program Files\Classic Menu for Office\unins000.exe"
ETDWare PS/2-x86 7.0.5.2 WHQL-->C:\Program Files\Elantech\ETDUninst.exe
GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB951126)-->"C:\WINDOWS\$NtUninstallKB951126$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
K-Lite Codec Pack 5.1.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Microsoft Office XP Professional s aplikací FrontPage-->MsiExec.exe /I{90280405-6000-11D3-8CFE-0050048383C9}
Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Multimedia Card Reader-->C:\Program Files\InstallShield Installation Information\{DA41F9E9-B878-467F-95E7-27E4D1943533}\SETUP.EXE -runfromtemp -l0x0409
MV2Player (remove only)-->C:\Program Files\Mv2Player\uninst.exe
Nero 7 Demo-->MsiExec.exe /I{C75DCDD3-16CB-610E-E121-DEB798A61051}
Norton 360-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\3.5.2.11\InstStub.exe /X
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
QuickTime-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{4E5E22C2-1386-47AE-8EDE-32DDCDCD6653} /l1033
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974455)-->"C:\WINDOWS\$NtUninstallKB974455$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update for Windows XP (KB976749)-->"C:\WINDOWS\$NtUninstallKB976749$\spuninst\spuninst.exe"
Update for Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe"
USB 2.0 1.3M UVC WebCam-->C:\WINDOWS\Uninstsxga.bat
VIA Platform Device Manager-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archivátor-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: Norton 360
AV: Eset NOD32 Antivirus 2.70
FW: Norton 360

======System event log======

Computer Name: ZUZKAPC
Event Code: 7036
Message: Služba Remote Access Connection Manager vstúpila do stavu Zastavené.

Record Number: 1619
Source Name: Service Control Manager
Time Written: 20091128155349.000000+060
Event Type: informácie
User:

Computer Name: ZUZKAPC
Event Code: 19
Message: Installation Successful: Windows successfully installed the following update: Update for Windows XP (KB976098)

Record Number: 1618
Source Name: Windows Update Agent
Time Written: 20091128133811.000000+060
Event Type: informácie
User:

Computer Name: ZUZKAPC
Event Code: 4377
Message: Windows XP Hotfix KB976098-v2 was installed.

Record Number: 1617
Source Name: NtServicePack
Time Written: 20091128133806.000000+060
Event Type: informácie
User: NT AUTHORITY\SYSTEM

Computer Name: ZUZKAPC
Event Code: 19
Message: Installation Successful: Windows successfully installed the following update: Slovak Interface for Windows Movie Maker (Version 2.1)

Record Number: 1616
Source Name: Windows Update Agent
Time Written: 20091128133804.000000+060
Event Type: informácie
User:

Computer Name: ZUZKAPC
Event Code: 19
Message: Installation Successful: Windows successfully installed the following update: Update for Windows XP (KB973687)

Record Number: 1615
Source Name: Windows Update Agent
Time Written: 20091128133804.000000+060
Event Type: informácie
User:

=====Application event log=====

Computer Name: ZUZKAPC
Event Code: 1007
Message:
Record Number: 752
Source Name: WgaSetup
Time Written: 20091212213152.000000+060
Event Type: informácie
User:

Computer Name: ZUZKAPC
Event Code: 1003
Message:
Record Number: 751
Source Name: WgaSetup
Time Written: 20091212213152.000000+060
Event Type: informácie
User:

Computer Name: ZUZKAPC
Event Code: 1005
Message:
Record Number: 750
Source Name: WgaSetup
Time Written: 20091212213152.000000+060
Event Type: informácie
User:

Computer Name: ZUZKAPC
Event Code: 1004
Message:
Record Number: 749
Source Name: WgaSetup
Time Written: 20091212213006.000000+060
Event Type: informácie
User:

Computer Name: ZUZKAPC
Event Code: 1002
Message:
Record Number: 748
Source Name: WgaSetup
Time Written: 20091212213006.000000+060
Event Type: informácie
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: nod 32 sa nespusti

#2 Příspěvek od motji »

Hezké odpoledne :)

:arrow: Zapojte do pc všechny usb klíče, flashky...co používáte


:arrow: Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe


- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna :!:

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
herodeso
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 53
Registrován: 12 lis 2006 11:35
Bydliště: Slovensko

Re: nod 32 sa nespusti

#3 Příspěvek od herodeso »

ComboFix 10-01-24.03 - zuzka . 01. 2010 12:06:58.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.3037.2355 [GMT 1:00]
Running from: c:\documents and settings\zuzka\My Documents\Preberanie\ComboFix.exe
AV: Eset NOD32 Antivirus 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Norton 360 *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton 360 *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
c:\windows\msa.exe
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

.
((((((((((((((((((((((((( Files Created from 2009-12-25 to 2010-01-25 )))))))))))))))))))))))))))))))
.

2010-01-25 10:22 . 2010-01-24 03:06 84912 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100124.021\NAVENG.SYS
2010-01-25 10:22 . 2010-01-24 03:06 177520 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100124.021\NAVENG32.DLL
2010-01-25 10:22 . 2010-01-24 03:06 1647984 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100124.021\NAVEX32A.DLL
2010-01-25 10:22 . 2010-01-24 03:06 1323568 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100124.021\NAVEX15.SYS
2010-01-25 10:22 . 2010-01-24 03:06 102448 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100124.021\ERASER.SYS
2010-01-25 10:22 . 2010-01-24 03:06 371248 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100124.021\EECTRL.SYS
2010-01-25 10:22 . 2010-01-24 03:06 2747440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100124.021\CCERASER.DLL
2010-01-25 10:22 . 2010-01-24 03:06 259440 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100124.021\ECMSVR32.DLL
2010-01-25 10:18 . 2010-01-25 10:19 -------- d-----w- c:\program files\trend micro
2010-01-25 10:18 . 2010-01-25 10:19 -------- d-----w- C:\rsit
2010-01-25 10:15 . 2010-01-25 10:15 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-01-25 10:11 . 2010-01-24 17:57 165240 ----a-r- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
2010-01-24 18:07 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100119.001\IDSvix86.sys
2010-01-24 18:07 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100119.001\IDSXpx86.sys
2010-01-24 18:07 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100119.001\Scxpx86.dll
2010-01-24 18:07 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100119.001\IDSxpx86.dll
2010-01-24 18:07 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100119.001\IDSviA64.sys
2010-01-24 17:51 . 2010-01-24 17:56 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-01-24 17:51 . 2010-01-24 17:51 -------- d-----w- c:\program files\NortonInstaller
2010-01-24 16:16 . 2010-01-24 17:59 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-01-24 16:13 . 2010-01-24 16:04 56091104 ----a-w- c:\temp\N3601U15D.exe
2010-01-24 16:12 . 2010-01-24 16:12 134272040 ----a-w- c:\temp\n360.exe
2010-01-24 16:11 . 2010-01-24 18:23 65 ----a-w- c:\temp\Norton_360_v3.0_by_1024YiB.zip
2010-01-16 21:11 . 2010-01-16 21:11 -------- d-----w- c:\documents and settings\zuzka\Local Settings\Application Data\Identities
2010-01-16 19:17 . 2010-01-24 16:43 -------- d--h--w- c:\documents and settings\All Users\BPK
2010-01-16 15:32 . 2010-01-16 15:32 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2010-01-16 15:27 . 2010-01-16 15:29 -------- d-----w- c:\documents and settings\zuzka\Local Settings\Application Data\Temp
2010-01-16 15:27 . 2010-01-16 15:27 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2010-01-15 20:13 . 2010-01-16 15:46 -------- d-----w- c:\documents and settings\zuzka\Local Settings\Application Data\Google
2010-01-11 20:10 . 2010-01-11 20:10 -------- d-----w- c:\documents and settings\zuzka\Local Settings\Application Data\WMTools Downloaded Files
2010-01-09 15:16 . 2010-01-09 15:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard
2010-01-09 15:15 . 2010-01-09 15:15 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-01-06 09:32 . 2009-08-06 18:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-01-05 17:54 . 2010-01-24 18:07 -------- d-----w- c:\program files\POL
2010-01-05 17:13 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-05 17:04 . 2010-01-05 17:04 -------- d-s---w- c:\documents and settings\zuzka\UserData
2010-01-05 16:41 . 2010-01-05 16:41 -------- d-----w- c:\windows\system32\scripting
2010-01-05 16:41 . 2010-01-05 16:41 -------- d-----w- c:\windows\l2schemas
2010-01-05 16:41 . 2010-01-05 16:41 -------- d-----w- c:\windows\system32\en
2010-01-05 16:41 . 2010-01-05 16:41 -------- d-----w- c:\windows\system32\bits

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-24 17:58 . 2010-01-24 17:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-01-24 17:56 . 2010-01-24 17:56 -------- d-----w- c:\program files\Windows Sidebar
2010-01-24 17:53 . 2010-01-24 17:53 -------- d-----w- c:\documents and settings\All Users\Application Data\PCSettings
2010-01-24 17:18 . 2009-10-11 13:08 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-01-16 19:07 . 2009-10-11 13:19 -------- d-----w- c:\program files\ESET
2010-01-05 16:44 . 2009-10-11 11:32 5938 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-05 16:44 . 2009-10-11 11:32 166455 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-05 16:23 . 2009-10-11 13:34 68128 ----a-w- c:\documents and settings\zuzka\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-24 10:53 . 2009-10-11 14:22 -------- d-----w- c:\documents and settings\zuzka\Application Data\AIMP
2009-12-22 05:21 . 2004-08-04 00:56 667136 ----a-w- c:\windows\system32\wininet.dll
2009-12-22 05:20 . 2004-08-04 00:56 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-04 01:32 . 2009-12-04 01:32 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2009-12-02 13:55 . 2009-12-01 19:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-12-01 19:47 . 2009-12-01 19:47 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee Security Scan
2009-12-01 19:45 . 2009-12-01 19:45 1962544 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\install_flash_player_ax.exe
2009-11-23 13:05 . 2009-10-11 13:19 512096 ----a-w- c:\windows\system32\drivers\amon.sys
2009-11-23 13:05 . 2009-10-11 13:19 298104 ----a-w- c:\windows\system32\imon.dll
2009-11-23 13:05 . 2009-10-11 13:19 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys
2009-11-21 15:51 . 2004-08-04 00:56 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSvix86.sys
2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSXpx86.sys
2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Scxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\IDSviA64.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-26 141336]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-26 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-26 142360]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2009-04-02 237568]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-03-23 33599488]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-03-30 418816]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-10-11 155648]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0305020.00B\SymEFA.sys [24. 1. 2010 18:57 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\N360\0305020.00B\BHDrvx86.sys [24. 1. 2010 18:57 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\N360\0305020.00B\cchpx86.sys [24. 1. 2010 18:57 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100119.001\IDSXpx86.sys [24. 1. 2010 19:07 329592]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [11. 10. 2009 14:19 15424]
R2 N360;Norton 360;c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe [24. 1. 2010 18:57 117640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [24. 1. 2010 4:06 102448]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [11. 10. 2009 13:21 129024]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [11. 10. 2009 13:13 1057280]
S2 gupdate;Google Update Service (gupdate);"c:\program files\Google\Update\GoogleUpdate.exe" /svc --> c:\program files\Google\Update\GoogleUpdate.exe [?]
S3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\drivers\CRFILTER.sys [7. 4. 2008 7:00 6656]
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\windows\system32\imon.dll
FF - ProfilePath - c:\documents and settings\zuzka\Application Data\Mozilla\Firefox\Profiles\z2azgv1d.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-nod32kui - c:\program files\Eset\nod32kui.exe
MSConfigStartUp-BMIMZMHMFM - c:\docume~1\zuzka\LOCALS~1\Temp\Xrd.exe
MSConfigStartUp-cdoosoft - c:\docume~1\zuzka\LOCALS~1\Temp\herss.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-25 12:09
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"c:\program files\Norton 360\Engine\3.5.2.11\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.5.2.11\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(1168)
c:\windows\system32\imon.dll
.
Completion time: 2010-01-25 12:10:57
ComboFix-quarantined-files.txt 2010-01-25 11:10

Pre-Run: 281 572 536 320 bytes free
Post-Run: 281 532 059 648 bytes free

- - End Of File - - A3B7B60387F6C17CFE6FFA6D7FEB14D0
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: nod 32 sa nespusti

#4 Příspěvek od motji »

:arrow: Jak to ted vypadá s počítačem?
:arrow: jeden antivir odinstalujte, prali by se :)

:arrow: Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.



:arrow: Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir


:arrow: Stahněte TFC a použijte
TFC (http://oldtimer.geekstogo.com/TFC.exe)


:arrow: Stáhněte Ccleaner,viz můj podpis
-nainstalujte a vyčištěte dočasné soubory, i registry

:arrow: Vložte nový log ze RSIT a řekněte co počítač,jak se chová,už je vše v pořádku?

:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
herodeso
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 53
Registrován: 12 lis 2006 11:35
Bydliště: Slovensko

Re: nod 32 sa nespusti

#5 Příspěvek od herodeso »

pc sa mi zda fajn ale stale nefunguje nod 32, vypisuje tu istu chybu, popripade ktory iny volny antivir je vhodny



Malwarebytes' Anti-Malware 1.44
Verzia databázy: 3633
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

25. 1. 2010 13:56:23
mbam-log-2010-01-25 (13-56-07).txt

Typ kontroly: Úplná (C:\|)
Objektov kontrolovaných: 140807
Uplynutý cas: 24 minute(s), 10 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 5
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 1
Infikovaných súborov: 9

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
HKEY_CLASSES_ROOT\TypeLib\{67450775-3b18-49b1-aa83-0e010f07f4df} (Trojan.Dropper) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{69b3ebfa-0015-4914-9312-e7758eacfac1} (Trojan.Dropper) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{30de9920-2e84-40a2-88a5-b8d256e15101} (Trojan.Dropper) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\BMIMZMHMFM (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\WS9E3IQBKY (Trojan.FakeAlert) -> No action taken.

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
C:\Program Files\POL (PUP.ArdamaxKeyLogger) -> No action taken.

Infikovaných súborov:
C:\Documents and Settings\All Users\BPK\bpkvw.exe (Malware.Packer.T) -> No action taken.
C:\Program Files\Common Files\ACD Systems\Filters\EITCC_LinearBlur.dll (Trojan.Dropper) -> No action taken.
C:\Program Files\POL\akv.cfg (PUP.ArdamaxKeyLogger) -> No action taken.
C:\Program Files\POL\key.bin (PUP.ArdamaxKeyLogger) -> No action taken.
C:\Program Files\POL\POL.001 (PUP.ArdamaxKeyLogger) -> No action taken.
C:\Program Files\POL\POL.002 (PUP.ArdamaxKeyLogger) -> No action taken.
C:\Program Files\POL\POL.005 (PUP.ArdamaxKeyLogger) -> No action taken.
C:\Program Files\POL\POL.009 (PUP.ArdamaxKeyLogger) -> No action taken.
C:\Program Files\POL\test (PUP.ArdamaxKeyLogger) -> No action taken.
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15655
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: nod 32 sa nespusti

#6 Příspěvek od JaRon »

dovolim si vstupit:
vedel ten uzivatel chudacik, ze mu tam bezi KeyLogger :???:
je ten NOD legalny :???: ak ano, up-datni ho na verziu 3.x, 4.x, ak nie, tak nemame o com ,,,
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
herodeso
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 53
Registrován: 12 lis 2006 11:35
Bydliště: Slovensko

Re: nod 32 sa nespusti

#7 Příspěvek od herodeso »

ano, keylogger tam bol na kontrolu deti browsujucich po internete. Co sa tyka nodu, tak by mal byt legalny. ako urobim upgrade, len preinstalovanim novsej verzie? bude to fungovat?
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: nod 32 sa nespusti

#8 Příspěvek od motji »

V mbamu nemažte vše co se týká toho keyllogeru, tedy soubory ve složce C:\Program Files\POL, ostatní smažte.

:arrow: Nod přeinstalujte, nemusíte ani na novější verzi, prostě ho jen přeinstalujte.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“