Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Opakované vyhadzovanie okna automatické spúšťanie usb
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Opakované vyhadzovanie okna automatické spúšťanie usb
Zdravím, keď zasuniem do usb portu kľúč alebo externý hardisk tak mi vyhodí okno automatického prehrávania. Po chvíli mi znova vyhodí okno automatického prehrávania, stále sa to opakuje aj keď niečo kopírujem. Mám 2 usb 2.0 a keď do vrchného dám kľúč tak mi vypíše, že zariadenie by mohlo pracovať rýchlejšie ak ho zapojím do usb 2.0. V spodnom mi vyhadzuje automatické prehrávanie.
-
Blluemartin
- Návštěvník
- Příspěvky: 160
- Registrován: 12 led 2010 14:18
Re: Opakované vyhadzovanie okna automatické spúšťanie usb
Logfile of random's system information tool 1.06 (written by random/random)
Run by Neonka at 2010-03-07 14:59:16
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 4 GB (19%) free of 20 GB
Total RAM: 1535 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:59:31, on 7.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Programy\Unlocker\UnlockerAssistant.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Programy\acrobat reader 9\Reader\Reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Programy\SRS audio\SRSSSC.exe
C:\Program Files\MzRam\MzRamBooster.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP4LAK.EXE
C:\WINDOWS\system32\CAP4RSK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP4SWK.EXE
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Neonka\Desktop\RSIT.exe
C:\Program Files\trend micro\Neonka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [Rscmpt] C:\WINDOWS\system32\Rscmpt.exe
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [OPSE reminder] "D:\Programy\Omni page\EregEng\Ereg.exe" -r "D:\Programy\Omni page\EregEng\ereg.ini"
O4 - HKLM\..\Run: [MbWzdFPAP-EXL580] C:\WINDOWS\system32\FPAP-EXL580\PdtGuide.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "D:\Programy\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [WinampAgent] D:\Programy\winamp\winampa.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programy\acrobat reader 9\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SRS Audio Sandbox] "D:\Programy\SRS audio\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [MzRamBooster] C:\Program Files\MzRam\MzRamBooster.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Canon LBP3200 Status Window.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP4LAK.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Prevziať &všetko pomocou Mass Downloadera - D:\Install\mass downloader\Mass Downloader\Add_All.htm
O8 - Extra context menu item: Prevziať pomocou &Mass Downloadera - D:\Install\mass downloader\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - D:\Install\mass downloader\Mass Downloader\massdown.exe
O9 - Extra 'Tools' menuitem: &Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - D:\Install\mass downloader\Mass Downloader\massdown.exe
O9 - Extra button: &Virtuální klávesnice - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: &Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE
--
End of file - 8122 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-07-03 68112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-06-25 688640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-06-12 1122816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-08-05 264720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-06-25 688640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Rscmpt"=C:\WINDOWS\system32\Rscmpt.exe [2001-12-07 429568]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2008-11-03 2540800]
"OPSE reminder"=D:\Programy\Omni page\EregEng\Ereg.exe -r D:\Programy\Omni page\EregEng\ereg.ini []
"MbWzdFPAP-EXL580"=C:\WINDOWS\system32\FPAP-EXL580\PdtGuide.exe [2007-04-23 852992]
"UnlockerAssistant"=D:\Programy\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"WinampAgent"=D:\Programy\winamp\winampa.exe []
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"Adobe Reader Speed Launcher"=D:\Programy\acrobat reader 9\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SRS Audio Sandbox"=D:\Programy\SRS audio\SRSSSC.exe [2007-05-31 3158016]
"MzRamBooster"=C:\Program Files\MzRam\MzRamBooster.exe [2009-05-15 194560]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
""= []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
Canon LBP3200 Status Window.LNK - C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP4LAK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2009-07-03 219664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"H:\Utorrent\uTorrent.exe"="H:\Utorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\u torrent\utorrent-1.6-beta-build-467.exe"="D:\u torrent\utorrent-1.6-beta-build-467.exe:*:Enabled:µTorrent"
"D:\Programy\Opera\opera.exe"="D:\Programy\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Hry\revolt\revolt.exe"="D:\Hry\revolt\revolt.exe:*:Enabled:Re-Volt"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\AutoRun\command - H:\Toshiba\more4youa.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d254962-df5e-11dd-b8c2-00301b2efadd}]
shell\AutoRun\command - H:\PdtStart.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8ad95980-1ef8-11df-ba18-00301b2efadd}]
shell\AutoRun\command - H:\Toshiba\more4youa.exe
======List of files/folders created in the last 1 months======
2010-03-07 14:59:16 ----D---- C:\rsit
2010-02-27 14:27:09 ----D---- C:\Program Files\SignSIS-GUI
2010-02-26 16:38:08 ----D---- C:\Program Files\PC Connectivity Solution
2010-02-26 16:22:10 ----HDC---- C:\WINDOWS\$NtUninstallWudf01007$
2010-02-26 15:22:26 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-02-26 15:21:43 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-02-26 15:08:30 ----D---- C:\Documents and Settings\Neonka\Application Data\dvdcss
2010-02-25 14:24:02 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-02-25 14:22:42 ----D---- C:\WINDOWS\system32\LogFiles
2010-02-25 14:22:20 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-02-25 14:19:46 ----D---- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
2010-02-24 14:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-21 20:46:48 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-02-21 20:19:29 ----D---- C:\WINDOWS\system32\NtmsData
2010-02-18 11:51:57 ----D---- C:\Program Files\Zoner
2010-02-11 07:32:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-11 07:31:20 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-11 07:28:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-11 07:28:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-11 07:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-11 07:28:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-11 07:28:07 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-11 07:27:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-11 06:46:40 ----D---- C:\WINDOWS\LastGood
======List of files/folders modified in the last 1 months======
2010-03-07 14:59:31 ----D---- C:\Program Files\Trend Micro
2010-03-07 14:59:24 ----D---- C:\WINDOWS\Temp
2010-03-07 14:58:29 ----A---- C:\data.ini
2010-03-07 14:56:31 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2010-03-06 07:28:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-02 14:23:56 ----D---- C:\Documents and Settings\Neonka\Application Data\Canon
2010-02-28 20:23:45 ----SD---- C:\Documents and Settings\Neonka\Application Data\Microsoft
2010-02-28 17:50:57 ----D---- C:\WINDOWS\system32
2010-02-28 17:50:57 ----D---- C:\WINDOWS
2010-02-28 17:48:22 ----SD---- C:\WINDOWS\Tasks
2010-02-27 14:27:09 ----RD---- C:\Program Files
2010-02-27 13:50:47 ----D---- C:\WINDOWS\Prefetch
2010-02-27 13:05:25 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-27 13:03:56 ----HD---- C:\WINDOWS\inf
2010-02-27 13:03:24 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-26 16:42:39 ----D---- C:\Config.Msi
2010-02-26 16:42:34 ----SHD---- C:\WINDOWS\Installer
2010-02-26 16:40:07 ----D---- C:\Program Files\Common Files\Nokia
2010-02-26 16:38:29 ----D---- C:\Program Files\Nokia
2010-02-26 16:38:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-26 16:38:20 ----D---- C:\WINDOWS\system32\drivers
2010-02-26 16:36:55 ----D---- C:\WINDOWS\WinSxS
2010-02-26 16:22:36 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-02-26 16:21:59 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2010-02-26 16:15:05 ----A---- C:\WINDOWS\NeroDigital.ini
2010-02-26 15:23:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-26 15:22:34 ----A---- C:\WINDOWS\imsins.BAK
2010-02-26 15:18:24 ----A---- C:\WINDOWS\wincmd.ini
2010-02-25 14:24:57 ----D---- C:\Program Files\Windows Media Player
2010-02-22 16:13:24 ----D---- C:\WINDOWS\system32\Restore
2010-02-21 22:42:44 ----A---- C:\WINDOWS\autoload.exe
2010-02-21 22:40:34 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-18 11:53:45 ----D---- C:\Documents and Settings\Neonka\Application Data\Zoner
2010-02-11 07:32:07 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-11-25 296976]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-06-07 329901]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-06-07 855018]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2004-12-16 42496]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
R3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2004-08-03 606684]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys [2007-05-03 39552]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-02-26 370048]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2002-10-24 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2002-11-13 10496]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-06-07 30459]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-06-07 149028]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-06-07 47811]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2006-06-07 30285]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-06-07 67384]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
R2 btwdins;Bluetooth Service; C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe [2006-06-07 266295]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-11-03 1332480]
R2 UTSCSI;CLCV0; C:\WINDOWS\system32\UTSCSI.EXE [2009-01-10 45056]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Run by Neonka at 2010-03-07 14:59:16
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 4 GB (19%) free of 20 GB
Total RAM: 1535 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:59:31, on 7.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
D:\Programy\Unlocker\UnlockerAssistant.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\Programy\acrobat reader 9\Reader\Reader_sl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Programy\SRS audio\SRSSSC.exe
C:\Program Files\MzRam\MzRamBooster.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP4LAK.EXE
C:\WINDOWS\system32\CAP4RSK.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP4SWK.EXE
C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\Neonka\Desktop\RSIT.exe
C:\Program Files\trend micro\Neonka.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [Rscmpt] C:\WINDOWS\system32\Rscmpt.exe
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [OPSE reminder] "D:\Programy\Omni page\EregEng\Ereg.exe" -r "D:\Programy\Omni page\EregEng\ereg.ini"
O4 - HKLM\..\Run: [MbWzdFPAP-EXL580] C:\WINDOWS\system32\FPAP-EXL580\PdtGuide.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "D:\Programy\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [WinampAgent] D:\Programy\winamp\winampa.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Programy\acrobat reader 9\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SRS Audio Sandbox] "D:\Programy\SRS audio\SRSSSC.exe" /hideme
O4 - HKCU\..\Run: [MzRamBooster] C:\Program Files\MzRam\MzRamBooster.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Canon LBP3200 Status Window.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP4LAK.EXE
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Prevziať &všetko pomocou Mass Downloadera - D:\Install\mass downloader\Mass Downloader\Add_All.htm
O8 - Extra context menu item: Prevziať pomocou &Mass Downloadera - D:\Install\mass downloader\Mass Downloader\Add_Url.htm
O8 - Extra context menu item: Přidat do Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - D:\Install\mass downloader\Mass Downloader\massdown.exe
O9 - Extra 'Tools' menuitem: &Mass Downloader - {0FD01980-CCCB-11D3-80D4-0000E80E2EDE} - D:\Install\mass downloader\Mass Downloader\massdown.exe
O9 - Extra button: &Virtuální klávesnice - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: &Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE
--
End of file - 8122 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll [2009-07-03 68112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-06-25 688640]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-06-12 1122816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll [2009-08-05 264720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-06-25 688640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Rscmpt"=C:\WINDOWS\system32\Rscmpt.exe [2001-12-07 429568]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2008-11-03 2540800]
"OPSE reminder"=D:\Programy\Omni page\EregEng\Ereg.exe -r D:\Programy\Omni page\EregEng\ereg.ini []
"MbWzdFPAP-EXL580"=C:\WINDOWS\system32\FPAP-EXL580\PdtGuide.exe [2007-04-23 852992]
"UnlockerAssistant"=D:\Programy\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"WinampAgent"=D:\Programy\winamp\winampa.exe []
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"Adobe Reader Speed Launcher"=D:\Programy\acrobat reader 9\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SRS Audio Sandbox"=D:\Programy\SRS audio\SRSSSC.exe [2007-05-31 3158016]
"MzRamBooster"=C:\Program Files\MzRam\MzRamBooster.exe [2009-05-15 194560]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
""= []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Belkin\Bluetooth Software\BTTray.exe
Canon LBP3200 Status Window.LNK - C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP4LAK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-05-03 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\WINDOWS\system32\klogon.dll [2009-07-03 219664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"H:\Utorrent\uTorrent.exe"="H:\Utorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\u torrent\utorrent-1.6-beta-build-467.exe"="D:\u torrent\utorrent-1.6-beta-build-467.exe:*:Enabled:µTorrent"
"D:\Programy\Opera\opera.exe"="D:\Programy\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Hry\revolt\revolt.exe"="D:\Hry\revolt\revolt.exe:*:Enabled:Re-Volt"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\AutoRun\command - H:\Toshiba\more4youa.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d254962-df5e-11dd-b8c2-00301b2efadd}]
shell\AutoRun\command - H:\PdtStart.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8ad95980-1ef8-11df-ba18-00301b2efadd}]
shell\AutoRun\command - H:\Toshiba\more4youa.exe
======List of files/folders created in the last 1 months======
2010-03-07 14:59:16 ----D---- C:\rsit
2010-02-27 14:27:09 ----D---- C:\Program Files\SignSIS-GUI
2010-02-26 16:38:08 ----D---- C:\Program Files\PC Connectivity Solution
2010-02-26 16:22:10 ----HDC---- C:\WINDOWS\$NtUninstallWudf01007$
2010-02-26 15:22:26 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-02-26 15:21:43 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-02-26 15:08:30 ----D---- C:\Documents and Settings\Neonka\Application Data\dvdcss
2010-02-25 14:24:02 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-02-25 14:22:42 ----D---- C:\WINDOWS\system32\LogFiles
2010-02-25 14:22:20 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-02-25 14:19:46 ----D---- C:\Documents and Settings\All Users\Application Data\OviInstallerCache
2010-02-24 14:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-21 20:46:48 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-02-21 20:19:29 ----D---- C:\WINDOWS\system32\NtmsData
2010-02-18 11:51:57 ----D---- C:\Program Files\Zoner
2010-02-11 07:32:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-11 07:31:20 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-11 07:28:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-11 07:28:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-11 07:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-11 07:28:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-11 07:28:07 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-11 07:27:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-11 06:46:40 ----D---- C:\WINDOWS\LastGood
======List of files/folders modified in the last 1 months======
2010-03-07 14:59:31 ----D---- C:\Program Files\Trend Micro
2010-03-07 14:59:24 ----D---- C:\WINDOWS\Temp
2010-03-07 14:58:29 ----A---- C:\data.ini
2010-03-07 14:56:31 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2010-03-06 07:28:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-02 14:23:56 ----D---- C:\Documents and Settings\Neonka\Application Data\Canon
2010-02-28 20:23:45 ----SD---- C:\Documents and Settings\Neonka\Application Data\Microsoft
2010-02-28 17:50:57 ----D---- C:\WINDOWS\system32
2010-02-28 17:50:57 ----D---- C:\WINDOWS
2010-02-28 17:48:22 ----SD---- C:\WINDOWS\Tasks
2010-02-27 14:27:09 ----RD---- C:\Program Files
2010-02-27 13:50:47 ----D---- C:\WINDOWS\Prefetch
2010-02-27 13:05:25 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-27 13:03:56 ----HD---- C:\WINDOWS\inf
2010-02-27 13:03:24 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-26 16:42:39 ----D---- C:\Config.Msi
2010-02-26 16:42:34 ----SHD---- C:\WINDOWS\Installer
2010-02-26 16:40:07 ----D---- C:\Program Files\Common Files\Nokia
2010-02-26 16:38:29 ----D---- C:\Program Files\Nokia
2010-02-26 16:38:20 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-02-26 16:38:20 ----D---- C:\WINDOWS\system32\drivers
2010-02-26 16:36:55 ----D---- C:\WINDOWS\WinSxS
2010-02-26 16:22:36 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-02-26 16:21:59 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2010-02-26 16:15:05 ----A---- C:\WINDOWS\NeroDigital.ini
2010-02-26 15:23:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-26 15:22:34 ----A---- C:\WINDOWS\imsins.BAK
2010-02-26 15:18:24 ----A---- C:\WINDOWS\wincmd.ini
2010-02-25 14:24:57 ----D---- C:\Program Files\Windows Media Player
2010-02-22 16:13:24 ----D---- C:\WINDOWS\system32\Restore
2010-02-21 22:42:44 ----A---- C:\WINDOWS\autoload.exe
2010-02-21 22:40:34 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-18 11:53:45 ----D---- C:\Documents and Settings\Neonka\Application Data\Zoner
2010-02-11 07:32:07 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2009-11-25 296976]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-05-03 1540608]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-06-07 329901]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-06-07 855018]
R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2004-12-16 42496]
R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2009-05-13 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2009-05-16 19472]
R3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2004-08-03 606684]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\WINDOWS\system32\drivers\srs_sscfilter_i386.sys [2007-05-03 39552]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VIAudio;VIA AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\viaudios.sys [2003-02-26 370048]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2002-10-24 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2002-11-13 10496]
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys []
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S2 Angelnt;Angelnt; C:\WINDOWS\System32\Drivers\ANGELNT.SYS []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-06-07 30459]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-06-07 149028]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-06-07 47811]
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2006-06-07 30285]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-06-07 67384]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-05-03 413696]
R2 AVP;Kaspersky Internet Security; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe [2009-07-03 303376]
R2 btwdins;Bluetooth Service; C:\Program Files\Belkin\Bluetooth Software\bin\btwdins.exe [2006-06-07 266295]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-11-03 1332480]
R2 UTSCSI;CLCV0; C:\WINDOWS\system32\UTSCSI.EXE [2009-01-10 45056]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-05-03 520192]
S2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Opakované vyhadzovanie okna automatické spúšťanie usb
Dobrý večer 
Odinstalujte pdfforge Toolbar
C:\Program Files\pdfforge Toolbar smažte
Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner
záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít
Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
Dejte soubor otestovat na http://www.virustotal.com
C:\WINDOWS\system32\Rscmpt.exe
C:\WINDOWS\system32\FPAP-EXL580\PdtGuide.exe
-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
Odinstalujte pdfforge ToolbarC:\Program Files\pdfforge Toolbar smažte
Z mého podpisu stahněte Ccleaner- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru
záložka čistič-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner
záložka Registry- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy
ok zavřít Záložka Nástroje- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.
Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.
Dejte soubor otestovat na http://www.virustotal.comC:\WINDOWS\system32\Rscmpt.exe
C:\WINDOWS\system32\FPAP-EXL580\PdtGuide.exe
-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Opakované vyhadzovanie okna automatické spúšťanie usb
Combofix stahněte takto:- pravým myšítkem klikněte na odkaz combofixu --uložit jako.. ,a teď ho přejmenujte na Potvora.com a uložte.
Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe - ComboFix je třeba spustit pod účtem s právy administrátora
- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Re: Opakované vyhadzovanie okna automatické spúšťanie usb
ComboFix 10-03-11.05 - Neonka 12.03.2010 12:34:22.1.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1535.977 [GMT 1:00]
Running from: c:\documents and settings\Neonka\Desktop\Potvora.com.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
c:\documents and settings\Neonka\Application Data\Desktopicon
c:\documents and settings\Neonka\Application Data\Desktopicon\eBayShortcuts.exe
c:\windows\system32\_000013_.tmp.dll
----- BITS: Possible infected sites -----
hxxp://au.download.windowsupdatj+|Cv+@J:NGD_DQ{zcxLJS@%kAmx0Java Update-S-1-5-21-1202660629-789336058-854245398-1004XtD$?%GO
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
-------\Service_SSHNAS
((((((((((((((((((((((((( Files Created from 2010-02-12 to 2010-03-12 )))))))))))))))))))))))))))))))
.
2010-03-12 10:58 . 2010-03-12 10:58 -------- d-----w- c:\program files\CCleaner
2010-03-07 13:59 . 2010-03-07 13:59 -------- d-----w- C:\rsit
2010-02-27 13:27 . 2010-02-27 13:27 -------- d-----w- c:\program files\SignSIS-GUI
2010-02-26 15:46 . 2010-02-26 15:46 -------- d-----w- c:\documents and settings\Neonka\Local Settings\Application Data\Nokia
2010-02-26 15:45 . 2010-02-26 15:45 -------- d-----w- c:\documents and settings\Neonka\Local Settings\Application Data\NokiaAccount
2010-02-26 15:38 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-02-26 15:38 . 2010-02-26 15:38 -------- d-----w- c:\program files\PC Connectivity Solution
2010-02-26 14:08 . 2010-02-26 14:08 -------- d-----w- c:\documents and settings\Neonka\Application Data\dvdcss
2010-02-25 13:22 . 2010-02-26 15:37 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-02-25 13:22 . 2010-02-25 13:22 -------- d-----w- c:\windows\system32\LogFiles
2010-02-25 13:20 . 2010-02-26 15:36 12212040 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-02-25 13:20 . 2010-02-26 15:36 13930312 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-02-25 13:20 . 2010-02-26 15:36 77824 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-02-25 13:20 . 2010-02-26 15:36 61440 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-02-25 13:20 . 2010-02-26 15:36 58880 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-02-25 13:20 . 2010-02-26 15:36 50000 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Installer\CommonCustomActions\pcswpc.exe
2010-02-25 13:19 . 2010-02-25 13:19 98302544 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Nokia_Ovi_Suite_PCS_Update.exe
2010-02-25 13:19 . 2010-02-25 13:19 -------- d-----w- c:\documents and settings\All Users\Application Data\OviInstallerCache
2010-02-21 19:46 . 2010-02-21 19:49 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-21 19:19 . 2010-02-21 19:26 -------- d-----w- c:\windows\system32\NtmsData
2010-02-18 10:51 . 2010-02-18 10:51 -------- d-----w- c:\program files\Zoner
2010-02-11 05:46 . 2010-02-26 15:38 -------- d-----w- c:\windows\LastGood
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-12 11:08 . 2009-11-25 07:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2010-03-07 13:59 . 2009-02-15 12:39 -------- d-----w- c:\program files\Trend Micro
2010-03-02 13:25 . 2009-01-10 21:21 -------- d-----w- c:\documents and settings\Neonka\Application Data\Canon
2010-02-26 15:40 . 2009-12-24 09:06 -------- d-----w- c:\program files\Common Files\Nokia
2010-02-26 15:38 . 2009-04-27 07:50 -------- d-----w- c:\program files\Nokia
2010-02-26 15:22 . 2010-02-26 15:22 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-26 15:22 . 2010-02-26 15:22 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-02-26 15:21 . 2009-01-20 08:12 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2010-02-21 21:42 . 2008-12-29 10:32 24064 ----a-w- c:\windows\autoload.exe
2010-02-18 10:53 . 2009-09-28 09:05 -------- d-----w- c:\documents and settings\Neonka\Application Data\Zoner
2010-02-03 21:02 . 2010-02-03 21:02 -------- d-----w- c:\documents and settings\Neonka\Application Data\MetaProducts
2010-02-01 14:41 . 2008-12-29 17:58 -------- d-----w- c:\program files\Java
2010-02-01 14:39 . 2010-02-01 14:39 152576 ----a-w- c:\documents and settings\Neonka\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-02-01 14:39 . 2010-02-01 14:39 79488 ----a-w- c:\documents and settings\Neonka\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-29 11:13 . 2010-01-29 11:13 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-01-05 11:25 . 2006-06-24 01:13 114688 ----a-w- c:\windows\system32\liclock.dll
2009-12-31 16:50 . 2004-08-04 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-30 23:29 . 2009-12-30 23:29 53760 ----a-w- c:\documents and settings\Neonka\Application Data\Thinstall\Microsoft Office Professional Plus 2007\1000000500002i\dumprep.exe
2009-12-30 23:29 . 2009-12-30 23:29 53760 ----a-w- c:\documents and settings\Neonka\Application Data\Thinstall\Microsoft Office Professional Plus 2007\300000002ca00002i\OffDiag.exe
2009-12-30 23:29 . 2009-12-30 23:29 53760 ----a-w- c:\documents and settings\Neonka\Application Data\Thinstall\Microsoft Office Professional Plus 2007\30000000d900002i\DW20.EXE
2009-12-30 10:30 . 2009-01-20 08:08 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-12-24 09:02 . 2009-12-24 09:02 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2009-12-24 09:02 . 2009-12-24 09:02 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2009-12-24 09:02 . 2009-12-24 09:02 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-12-24 09:02 . 2009-12-24 09:02 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2009-12-24 09:02 . 2009-12-24 09:03 33863976 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_slk.exe
2009-12-23 17:27 . 2009-12-23 17:27 8704 ----a-w- c:\documents and settings\Neonka\Application Data\Thinstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\40000060300002h\_Alcohol.exe
2009-12-22 05:21 . 2004-08-04 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2009-12-22 05:20 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-16 18:43 . 2008-12-28 21:41 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2008-04-14 00:12 . 2009-01-03 09:58 73728 --sha-w- c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
2009-11-25 07:27 . 2009-11-25 07:27 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlay1EXL580]
@="{B4834762-CF57-45AB-819D-CABE601B3C3C}"
[HKEY_CLASSES_ROOT\CLSID\{B4834762-CF57-45AB-819D-CABE601B3C3C}]
2007-04-23 09:17 596480 ----a-w- c:\windows\system32\FPAP-EXL580\FileptcIconOverlay.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRS Audio Sandbox"="d:\programy\SRS audio\SRSSSC.exe" [2007-05-31 3158016]
"MzRamBooster"="c:\program files\MzRam\MzRamBooster.exe" [2009-05-15 194560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Rscmpt"="c:\windows\system32\Rscmpt.exe" [2001-12-07 429568]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-11-03 2540800]
"MbWzdFPAP-EXL580"="c:\windows\system32\FPAP-EXL580\PdtGuide.exe" [2007-04-23 852992]
"UnlockerAssistant"="d:\programy\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"Adobe Reader Speed Launcher"="d:\programy\acrobat reader 9\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"avp"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-07-03 303376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Canon LBP3200 Status Window.LNK - c:\windows\system32\spool\drivers\w32x86\3\CAP4LAK.EXE [2008-12-29 30720]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\u torrent\\utorrent-1.6-beta-build-467.exe"=
"d:\\Programy\\Opera\\opera.exe"=
"d:\\Hry\\revolt\\revolt.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15.12.2008 20:41 33808]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13.5.2009 17:46 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16.5.2009 20:59 19472]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 Angelnt;Angelnt;c:\windows\system32\Drivers\ANGELNT.SYS --> c:\windows\system32\Drivers\ANGELNT.SYS [?]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Prevziať &všetko pomocou Mass Downloadera - d:\install\mass downloader\Mass Downloader\Add_All.htm
IE: Prevziať pomocou &Mass Downloadera - d:\install\mass downloader\Mass Downloader\Add_Url.htm
IE: Send to &Bluetooth Device... - c:\program files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\Neonka\Application Data\Mozilla\Firefox\Profiles\vp9j65gc.default\
FF - prefs.js: network.proxy.type - 2
FF - component: c:\documents and settings\Neonka\Application Data\Mozilla\Firefox\Profiles\vp9j65gc.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}\components\mpint.dll
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: d:\programy\firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: d:\programy\acrobat reader 9\Reader\browser\nppdf32.dll
FF - plugin: d:\programy\Opera\program\plugins\npdsplay.dll
FF - plugin: d:\programy\Opera\program\plugins\npmassdn.dll
FF - plugin: d:\programy\Opera\program\plugins\NPOFFICE.DLL
FF - plugin: d:\programy\Opera\program\plugins\NPSWF32.dll
FF - plugin: d:\programy\Opera\program\plugins\npwmsdrm.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
d:\programy\firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-12 12:41
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="DFADF4E85A72AFC533C57A6D2837214D28EC02243ADD68B660DFFEC9AC4006D7CAFD43881258E0697E3E2FF418E1F9E1A6EF6E4CBD39B3247CC5C60D919AA87CD1BB795984261267A7C62E2CCD3CBE35DF5573DDDE231775739A4AF76200382E3BB64BDB4F21156C4E244DB110923121EC7628B4AD0CE54E736C8343982638FD70D0B24376E03E1736AB2756890119EF87BFE8601F36F7C6D35CACD91212B1F38001ECF860D26879C4C9191F4BFAC0631130D4A08B39A96D8B9FC75C8FA1B2881D507A9AD5B7EF9C067DC5C6474475AC8CDE4E6EADFDD8C3B980189C370449A91BDE227786A438F9A8D893B9D4780C7624F0FCF2A8C4FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC7933A6A0AC4980AC79335D575E7D6A3B98089B0CC6CFBAAB317D8B2DB1434982C5838DDC31948CB01000E6A78A9C6924DFC283B2921F59A441EB3016120CA31E3155DC07460BB0A966C8F659E763E67D1B8ACF47C5A4931A74B08E91EF2E72D0744EBB6AF1FAB71B7BE656AF9EC1AE3A5A3B79FCE76A67AFF95F1281CBCA75FE84A527334D37C1C3AED5B1460162E4960A347EF9A39017BF65DBA839C996AF3DBE661F0394AAB196C766B8A983036C02F72BE0D94749A857ADE0C50130596757E3EEA5EEA952303C6F3BA15CC1F56FA1562A262C46DCE6B8307BDF94EC6F294B18F2C30191BFA98F32CC23D379A2DA4EBA8CD673B7A4DE59A90F71A38FC8C24BE4770434F317CD9F03667B7B0C02609421028327D692E3623E4FF752CCE9C83F345877F91E931130B6296B30002374B4E6913AB001288CB1F647F8B9F9EA91405944303802012C3A060636C47E28D0A2CE1492F03B7DB0D8BCD4F86494F8389D06BEC6C7B2C099670F47A4FD554771877FB3A63B2A3DF09C61A902543CD39BD9D49D56F46BC89B195389849776C91940837392549AA72D7796CAA4FAB5CEDF2B400B80818621B56038B8A6BE79104CDC48A7F9F8798E8D96F312F1C16753EBFBAA0865A187E8AE87061CDD15950BD3A2A0F701D85CDAFA5BF5AF0206DDDDEAEB5765AF0091CF9408EA4A05312BC03C08C26351157886A4DBFA22EE15C9FD4A4B6E4A0A39ED1C361279AE779D3A4C59BB4AB898C5A821FBE047BF56B47E58BF237D31235C09A6A88925891656E9DABC1E341E89756CCE37E701B4DC1DF224412C736AB070F4DCC284C86EC4CF8330C2C1E30BD824E545D0A2B4FB27F8C43089D5A51769EDE53F22D020C56D6F74A185719ECD40445CD1067751E9E069335A18C24CAE084235E4A6EC4ECA7C0E509969A990067E3C3BD15AFE2A22B802A197314904FB4CCCDFF4F30B578CE17ACB961198C628536790B99287761E614B98F05A724C1EFA65852EF114A66F13F6"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(632)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(1744)
c:\windows\system32\FPAP-EXL580\FileptcIconOverlay.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_slk.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.SKY
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Belkin\Bluetooth Software\bin\btwdins.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\oodag.exe
c:\windows\system32\UTSCSI.EXE
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\windows\system32\CAP4RSK.EXE
c:\windows\system32\spool\drivers\w32x86\3\CAP4SWK.EXE
.
**************************************************************************
.
Completion time: 2010-03-12 12:47:29 - machine was rebooted
ComboFix-quarantined-files.txt 2010-03-12 11:47
Pre-Run: 4 175 187 968 bytes free
Post-Run: 4 084 330 496 voľných bajtov
- - End Of File - - D8EF4F7A1211B3C594C59EF03D07B20D
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1535.977 [GMT 1:00]
Running from: c:\documents and settings\Neonka\Desktop\Potvora.com.exe
AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
c:\documents and settings\Neonka\Application Data\Desktopicon
c:\documents and settings\Neonka\Application Data\Desktopicon\eBayShortcuts.exe
c:\windows\system32\_000013_.tmp.dll
----- BITS: Possible infected sites -----
hxxp://au.download.windowsupdatj+|Cv+@J:NGD_DQ{zcxLJS@%kAmx0Java Update-S-1-5-21-1202660629-789336058-854245398-1004XtD$?%GO
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SSHNAS
-------\Service_SSHNAS
((((((((((((((((((((((((( Files Created from 2010-02-12 to 2010-03-12 )))))))))))))))))))))))))))))))
.
2010-03-12 10:58 . 2010-03-12 10:58 -------- d-----w- c:\program files\CCleaner
2010-03-07 13:59 . 2010-03-07 13:59 -------- d-----w- C:\rsit
2010-02-27 13:27 . 2010-02-27 13:27 -------- d-----w- c:\program files\SignSIS-GUI
2010-02-26 15:46 . 2010-02-26 15:46 -------- d-----w- c:\documents and settings\Neonka\Local Settings\Application Data\Nokia
2010-02-26 15:45 . 2010-02-26 15:45 -------- d-----w- c:\documents and settings\Neonka\Local Settings\Application Data\NokiaAccount
2010-02-26 15:38 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-02-26 15:38 . 2010-02-26 15:38 -------- d-----w- c:\program files\PC Connectivity Solution
2010-02-26 14:08 . 2010-02-26 14:08 -------- d-----w- c:\documents and settings\Neonka\Application Data\dvdcss
2010-02-25 13:22 . 2010-02-26 15:37 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-02-25 13:22 . 2010-02-25 13:22 -------- d-----w- c:\windows\system32\LogFiles
2010-02-25 13:20 . 2010-02-26 15:36 12212040 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-02-25 13:20 . 2010-02-26 15:36 13930312 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-02-25 13:20 . 2010-02-26 15:36 77824 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-02-25 13:20 . 2010-02-26 15:36 61440 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-02-25 13:20 . 2010-02-26 15:36 58880 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-02-25 13:20 . 2010-02-26 15:36 50000 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Installer\CommonCustomActions\pcswpc.exe
2010-02-25 13:19 . 2010-02-25 13:19 98302544 ----a-w- c:\documents and settings\All Users\Application Data\OviInstallerCache\{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}\Nokia_Ovi_Suite_PCS_Update.exe
2010-02-25 13:19 . 2010-02-25 13:19 -------- d-----w- c:\documents and settings\All Users\Application Data\OviInstallerCache
2010-02-21 19:46 . 2010-02-21 19:49 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-21 19:19 . 2010-02-21 19:26 -------- d-----w- c:\windows\system32\NtmsData
2010-02-18 10:51 . 2010-02-18 10:51 -------- d-----w- c:\program files\Zoner
2010-02-11 05:46 . 2010-02-26 15:38 -------- d-----w- c:\windows\LastGood
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-12 11:08 . 2009-11-25 07:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab
2010-03-07 13:59 . 2009-02-15 12:39 -------- d-----w- c:\program files\Trend Micro
2010-03-02 13:25 . 2009-01-10 21:21 -------- d-----w- c:\documents and settings\Neonka\Application Data\Canon
2010-02-26 15:40 . 2009-12-24 09:06 -------- d-----w- c:\program files\Common Files\Nokia
2010-02-26 15:38 . 2009-04-27 07:50 -------- d-----w- c:\program files\Nokia
2010-02-26 15:22 . 2010-02-26 15:22 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-02-26 15:22 . 2010-02-26 15:22 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-02-26 15:21 . 2009-01-20 08:12 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2010-02-21 21:42 . 2008-12-29 10:32 24064 ----a-w- c:\windows\autoload.exe
2010-02-18 10:53 . 2009-09-28 09:05 -------- d-----w- c:\documents and settings\Neonka\Application Data\Zoner
2010-02-03 21:02 . 2010-02-03 21:02 -------- d-----w- c:\documents and settings\Neonka\Application Data\MetaProducts
2010-02-01 14:41 . 2008-12-29 17:58 -------- d-----w- c:\program files\Java
2010-02-01 14:39 . 2010-02-01 14:39 152576 ----a-w- c:\documents and settings\Neonka\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2010-02-01 14:39 . 2010-02-01 14:39 79488 ----a-w- c:\documents and settings\Neonka\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2010-01-29 11:13 . 2010-01-29 11:13 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2010-01-05 11:25 . 2006-06-24 01:13 114688 ----a-w- c:\windows\system32\liclock.dll
2009-12-31 16:50 . 2004-08-04 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-30 23:29 . 2009-12-30 23:29 53760 ----a-w- c:\documents and settings\Neonka\Application Data\Thinstall\Microsoft Office Professional Plus 2007\1000000500002i\dumprep.exe
2009-12-30 23:29 . 2009-12-30 23:29 53760 ----a-w- c:\documents and settings\Neonka\Application Data\Thinstall\Microsoft Office Professional Plus 2007\300000002ca00002i\OffDiag.exe
2009-12-30 23:29 . 2009-12-30 23:29 53760 ----a-w- c:\documents and settings\Neonka\Application Data\Thinstall\Microsoft Office Professional Plus 2007\30000000d900002i\DW20.EXE
2009-12-30 10:30 . 2009-01-20 08:08 91136 ----a-w- c:\windows\system32\nmwcdcls.dll
2009-12-24 09:02 . 2009-12-24 09:02 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\pcswpcsi.exe
2009-12-24 09:02 . 2009-12-24 09:02 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstCCD.exe
2009-12-24 09:02 . 2009-12-24 09:02 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2009-12-24 09:02 . 2009-12-24 09:02 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Installer\CommonCustomActions\UninstPCS.exe
2009-12-24 09:02 . 2009-12-24 09:03 33863976 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}\Nokia_PC_Suite_7_1_40_1_slk.exe
2009-12-23 17:27 . 2009-12-23 17:27 8704 ----a-w- c:\documents and settings\Neonka\Application Data\Thinstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\40000060300002h\_Alcohol.exe
2009-12-22 05:21 . 2004-08-04 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2009-12-22 05:20 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-12-16 18:43 . 2008-12-28 21:41 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2004-08-04 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2008-04-14 00:12 . 2009-01-03 09:58 73728 --sha-w- c:\windows\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
2009-11-25 07:27 . 2009-11-25 07:27 604140 --sha-w- c:\windows\system32\drivers\ISwift3.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IconOverlay1EXL580]
@="{B4834762-CF57-45AB-819D-CABE601B3C3C}"
[HKEY_CLASSES_ROOT\CLSID\{B4834762-CF57-45AB-819D-CABE601B3C3C}]
2007-04-23 09:17 596480 ----a-w- c:\windows\system32\FPAP-EXL580\FileptcIconOverlay.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRS Audio Sandbox"="d:\programy\SRS audio\SRSSSC.exe" [2007-05-31 3158016]
"MzRamBooster"="c:\program files\MzRam\MzRamBooster.exe" [2009-05-15 194560]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Rscmpt"="c:\windows\system32\Rscmpt.exe" [2001-12-07 429568]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-11-03 2540800]
"MbWzdFPAP-EXL580"="c:\windows\system32\FPAP-EXL580\PdtGuide.exe" [2007-04-23 852992]
"UnlockerAssistant"="d:\programy\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056]
"Adobe Reader Speed Launcher"="d:\programy\acrobat reader 9\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"avp"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2009-07-03 303376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Canon LBP3200 Status Window.LNK - c:\windows\system32\spool\drivers\w32x86\3\CAP4LAK.EXE [2008-12-29 30720]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\u torrent\\utorrent-1.6-beta-build-467.exe"=
"d:\\Programy\\Opera\\opera.exe"=
"d:\\Hry\\revolt\\revolt.exe"=
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [15.12.2008 20:41 33808]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [13.5.2009 17:46 31760]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [16.5.2009 20:59 19472]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 Angelnt;Angelnt;c:\windows\system32\Drivers\ANGELNT.SYS --> c:\windows\system32\Drivers\ANGELNT.SYS [?]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Prevziať &všetko pomocou Mass Downloadera - d:\install\mass downloader\Mass Downloader\Add_All.htm
IE: Prevziať pomocou &Mass Downloadera - d:\install\mass downloader\Mass Downloader\Add_Url.htm
IE: Send to &Bluetooth Device... - c:\program files\Belkin\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\documents and settings\Neonka\Application Data\Mozilla\Firefox\Profiles\vp9j65gc.default\
FF - prefs.js: network.proxy.type - 2
FF - component: c:\documents and settings\Neonka\Application Data\Mozilla\Firefox\Profiles\vp9j65gc.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}\components\mpint.dll
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: d:\programy\firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - plugin: d:\programy\acrobat reader 9\Reader\browser\nppdf32.dll
FF - plugin: d:\programy\Opera\program\plugins\npdsplay.dll
FF - plugin: d:\programy\Opera\program\plugins\npmassdn.dll
FF - plugin: d:\programy\Opera\program\plugins\NPOFFICE.DLL
FF - plugin: d:\programy\Opera\program\plugins\NPSWF32.dll
FF - plugin: d:\programy\Opera\program\plugins\npwmsdrm.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
d:\programy\firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-12 12:41
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="DFADF4E85A72AFC533C57A6D2837214D28EC02243ADD68B660DFFEC9AC4006D7CAFD43881258E0697E3E2FF418E1F9E1A6EF6E4CBD39B3247CC5C60D919AA87CD1BB795984261267A7C62E2CCD3CBE35DF5573DDDE231775739A4AF76200382E3BB64BDB4F21156C4E244DB110923121EC7628B4AD0CE54E736C8343982638FD70D0B24376E03E1736AB2756890119EF87BFE8601F36F7C6D35CACD91212B1F38001ECF860D26879C4C9191F4BFAC0631130D4A08B39A96D8B9FC75C8FA1B2881D507A9AD5B7EF9C067DC5C6474475AC8CDE4E6EADFDD8C3B980189C370449A91BDE227786A438F9A8D893B9D4780C7624F0FCF2A8C4FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC7933A6A0AC4980AC79335D575E7D6A3B98089B0CC6CFBAAB317D8B2DB1434982C5838DDC31948CB01000E6A78A9C6924DFC283B2921F59A441EB3016120CA31E3155DC07460BB0A966C8F659E763E67D1B8ACF47C5A4931A74B08E91EF2E72D0744EBB6AF1FAB71B7BE656AF9EC1AE3A5A3B79FCE76A67AFF95F1281CBCA75FE84A527334D37C1C3AED5B1460162E4960A347EF9A39017BF65DBA839C996AF3DBE661F0394AAB196C766B8A983036C02F72BE0D94749A857ADE0C50130596757E3EEA5EEA952303C6F3BA15CC1F56FA1562A262C46DCE6B8307BDF94EC6F294B18F2C30191BFA98F32CC23D379A2DA4EBA8CD673B7A4DE59A90F71A38FC8C24BE4770434F317CD9F03667B7B0C02609421028327D692E3623E4FF752CCE9C83F345877F91E931130B6296B30002374B4E6913AB001288CB1F647F8B9F9EA91405944303802012C3A060636C47E28D0A2CE1492F03B7DB0D8BCD4F86494F8389D06BEC6C7B2C099670F47A4FD554771877FB3A63B2A3DF09C61A902543CD39BD9D49D56F46BC89B195389849776C91940837392549AA72D7796CAA4FAB5CEDF2B400B80818621B56038B8A6BE79104CDC48A7F9F8798E8D96F312F1C16753EBFBAA0865A187E8AE87061CDD15950BD3A2A0F701D85CDAFA5BF5AF0206DDDDEAEB5765AF0091CF9408EA4A05312BC03C08C26351157886A4DBFA22EE15C9FD4A4B6E4A0A39ED1C361279AE779D3A4C59BB4AB898C5A821FBE047BF56B47E58BF237D31235C09A6A88925891656E9DABC1E341E89756CCE37E701B4DC1DF224412C736AB070F4DCC284C86EC4CF8330C2C1E30BD824E545D0A2B4FB27F8C43089D5A51769EDE53F22D020C56D6F74A185719ECD40445CD1067751E9E069335A18C24CAE084235E4A6EC4ECA7C0E509969A990067E3C3BD15AFE2A22B802A197314904FB4CCCDFF4F30B578CE17ACB961198C628536790B99287761E614B98F05A724C1EFA65852EF114A66F13F6"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(632)
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(1744)
c:\windows\system32\FPAP-EXL580\FileptcIconOverlay.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_slk.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.SKY
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Belkin\Bluetooth Software\bin\btwdins.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\oodag.exe
c:\windows\system32\UTSCSI.EXE
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\windows\system32\CAP4RSK.EXE
c:\windows\system32\spool\drivers\w32x86\3\CAP4SWK.EXE
.
**************************************************************************
.
Completion time: 2010-03-12 12:47:29 - machine was rebooted
ComboFix-quarantined-files.txt 2010-03-12 11:47
Pre-Run: 4 175 187 968 bytes free
Post-Run: 4 084 330 496 voľných bajtov
- - End Of File - - D8EF4F7A1211B3C594C59EF03D07B20D
Re: Opakované vyhadzovanie okna automatické spúšťanie usb
Jak to ted vypadá s počítačem?
Tuto složku znáte? Víte k jakému programu patří?
C:\WINDOWS\system32\FPAP-EXL600
Tuto složku znáte? Víte k jakému programu patří?
C:\WINDOWS\system32\FPAP-EXL600
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Vždy před odvirováním počítače zazálohujte důležitá data
Chcete podpořit naše forum? Informace zde
K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Přispějete na provoz fóra?