kontrola logu

[Brano22]

Firefox som preinštaloval, ale ten sken spravím neskôr, keď dlhšie posedím pri PC..
Chcem sa medzi tým spýtať na hoax, zvykne sa ním šíriť vir? Nebudem popisovať ako, ale žiaľ, na mojom PC bol otvorený mail o stratenej Vivien Ráczovej http://hoax.cz/hoax/zmizlo-dievcatko-vivien/
Mohol som cez to dostať nejaký vírus?

[motji]

Pokud jste neotvíral žádnou přílohu, neměl by

[Brano22]

Trochu mi to trvalo, ale uz som tu Spustil som ten sysprot, v anglictine velmi dobry niesom, tak dufam ze som to dobre spravil, presiel som tie zalozky, pri kazdej klikol na scan, na poslednej som vsetky fajfky odklikal (okrem tej uplne dolu na spodu okna) a dal som generovat logy. problem vsak je, ze som ich nenasiel.. vyskocilo mi okno, ktore pridavam, podla tej adresy som sa tam ale nevedel dostat, nemohol som najst loacal(setings?)

B

[motji]

Musíte odkrýt skryté a systémové soubory.

Start - ovládací panely - možnosti složky - zobrazení - odkrýt skryté a systémové soubory

[Brano22]

Tak som to nasiel. posielam log:



SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

Process:
Name: [System Idle Process]
PID: 0
Hidden: No
Window Visible: No

Name: System
PID: 4
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\smss.exe
PID: 804
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\csrss.exe
PID: 1144
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\winlogon.exe
PID: 1176
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\services.exe
PID: 1220
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\lsass.exe
PID: 1232
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\ati2evxx.exe
PID: 1392
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1412
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1460
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1516
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1596
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1680
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\ati2evxx.exe
PID: 1840
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\spoolsv.exe
PID: 1964
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 2040
Hidden: No
Window Visible: No

Name: C:\Program Files\Bonjour\mDNSResponder.exe
PID: 172
Hidden: No
Window Visible: No

Name: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
PID: 268
Hidden: No
Window Visible: No

Name: C:\Program Files\Java\jre6\bin\jqs.exe
PID: 524
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PID: 560
Hidden: No
Window Visible: No

Name: C:\Program Files\CyberLink\Shared Files\RichVideo.exe
PID: 616
Hidden: No
Window Visible: No

Name: C:\Program Files\Spyware Terminator\sp_rsser.exe
PID: 660
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 764
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\wdfmgr.exe
PID: 956
Hidden: No
Window Visible: No

Name: C:\WINDOWS\explorer.exe
PID: 1708
Hidden: No
Window Visible: No

Name: C:\WINDOWS\RTHDCPL.exe
PID: 2060
Hidden: No
Window Visible: No

Name: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
PID: 2080
Hidden: No
Window Visible: No

Name: C:\Program Files\ASUS\ATK Media\DMedia.exe
PID: 2104
Hidden: No
Window Visible: No

Name: C:\WINDOWS\ATK0100\HControl.exe
PID: 2124
Hidden: No
Window Visible: No

Name: C:\Program Files\Apoint2K\Apoint.exe
PID: 2144
Hidden: No
Window Visible: No

Name: C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
PID: 2164
Hidden: No
Window Visible: No

Name: C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
PID: 2180
Hidden: No
Window Visible: No

Name: C:\Program Files\Winamp\winampa.exe
PID: 2252
Hidden: No
Window Visible: No

Name: C:\Program Files\Java\jre6\bin\jusched.exe
PID: 2356
Hidden: No
Window Visible: No

Name: C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
PID: 2376
Hidden: No
Window Visible: No

Name: C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
PID: 2392
Hidden: No
Window Visible: No

Name: C:\Documents and Settings\Branislav Padyšák\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
PID: 2444
Hidden: No
Window Visible: No

Name: C:\Documents and Settings\Branislav Padyšák\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
PID: 2556
Hidden: No
Window Visible: No

Name: C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
PID: 2568
Hidden: No
Window Visible: No

Name: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
PID: 2804
Hidden: No
Window Visible: Yes

Name: C:\Program Files\Apoint2K\hidfind.exe
PID: 2912
Hidden: No
Window Visible: No

Name: C:\Program Files\Apoint2K\ApntEx.exe
PID: 3036
Hidden: No
Window Visible: No

Name: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PID: 3048
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\alg.exe
PID: 3148
Hidden: No
Window Visible: No

Name: C:\Program Files\Apoint2K\Apvfb.exe
PID: 3156
Hidden: No
Window Visible: Yes

Name: C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
PID: 3332
Hidden: No
Window Visible: No

Name: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PID: 3568
Hidden: No
Window Visible: No

Name: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
PID: 3608
Hidden: No
Window Visible: No

Name: C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PID: 3632
Hidden: No
Window Visible: No

Name: C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
PID: 3676
Hidden: No
Window Visible: No

Name: C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
PID: 3752
Hidden: No
Window Visible: No

Name: C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe
PID: 3776
Hidden: No
Window Visible: No

Name: C:\WINDOWS\ATK0100\ATKOSD.exe
PID: 3832
Hidden: No
Window Visible: No

Name: C:\Program Files\Mozilla Firefox\firefox.exe
PID: 2884
Hidden: No
Window Visible: No

Name: C:\Program Files\WinRAR\WinRAR.exe
PID: 1556
Hidden: No
Window Visible: No

Name: C:\DOCUME~1\BRANIS~1\LOCALS~1\Temp\Rar$EX00.562\SysProt\SysProt.exe
PID: 260
Hidden: No
Window Visible: Yes

******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \??\C:\DOCUME~1\BRANIS~1\LOCALS~1\Temp\Rar$EX00.562\SysProt\SysProtDrv.sys
Service Name: SysProtDrv.sys
Module Base: AC5C1000
Module End: AC5CC000
Hidden: No

Module Name: \WINDOWS\system32\ntkrnlpa.exe
Service Name: ---
Module Base: 804D7000
Module End: 806E4000
Hidden: No

Module Name: \WINDOWS\system32\hal.dll
Service Name: ---
Module Base: 806E4000
Module End: 80704D00
Hidden: No

Module Name: \WINDOWS\system32\KDCOM.DLL
Service Name: ---
Module Base: BADA8000
Module End: BADAA000
Hidden: No

Module Name: \WINDOWS\system32\BOOTVID.dll
Service Name: ---
Module Base: BACB8000
Module End: BACBB000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ACPI.sys
Service Name: ACPI
Module Base: BA779000
Module End: BA7A7000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\WMILIB.SYS
Service Name: ---
Module Base: BADAA000
Module End: BADAC000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\pci.sys
Service Name: PCI
Module Base: BA768000
Module End: BA779000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\isapnp.sys
Service Name: isapnp
Module Base: BA8A8000
Module End: BA8B2000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ohci1394.sys
Service Name: ohci1394
Module Base: BA8B8000
Module End: BA8C8000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\1394BUS.SYS
Service Name: ---
Module Base: BA8C8000
Module End: BA8D6000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\compbatt.sys
Service Name: Compbatt
Module Base: BACBC000
Module End: BACBF000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\BATTC.SYS
Service Name: BattC
Module Base: BACC0000
Module End: BACC4000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\pciide.sys
Service Name: PCIIde
Module Base: BAE70000
Module End: BAE71000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Service Name: ---
Module Base: BAB28000
Module End: BAB2F000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\MountMgr.sys
Service Name: MountMgr
Module Base: BA8D8000
Module End: BA8E3000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ftdisk.sys
Service Name: Disk
Module Base: BA749000
Module End: BA768000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ACPIEC.sys
Service Name: ACPIEC
Module Base: BACC4000
Module End: BACC7000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
Service Name: ---
Module Base: BAE71000
Module End: BAE72000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\PartMgr.sys
Service Name: PartMgr
Module Base: BAB30000
Module End: BAB35000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\VolSnap.sys
Service Name: VolSnap
Module Base: BA8E8000
Module End: BA8F5000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\atapi.sys
Service Name: atapi
Module Base: BA731000
Module End: BA749000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\disk.sys
Service Name: ---
Module Base: BA8F8000
Module End: BA901000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Service Name: ---
Module Base: BA908000
Module End: BA915000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\fltmgr.sys
Service Name: FltMgr
Module Base: BA711000
Module End: BA731000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\PxHelp20.sys
Service Name: PxHelp20
Module Base: BA918000
Module End: BA921000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\KSecDD.sys
Service Name: KSecDD
Module Base: BA6FA000
Module End: BA711000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\Ntfs.sys
Service Name: Ntfs
Module Base: BA66D000
Module End: BA6FA000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\NDIS.sys
Service Name: NDIS
Module Base: BA640000
Module End: BA66D000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\Mup.sys
Service Name: Mup
Module Base: BA626000
Module End: BA640000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ATKACPI.sys
Service Name: MTsensor
Module Base: BADC4000
Module End: BADC6000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\AmdK8.sys
Service Name: AmdK8
Module Base: B7D46000
Module End: B7D54000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
Service Name: ati2mtag
Module Base: B7A85000
Module End: B7D06000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Service Name: ---
Module Base: B7A71000
Module End: B7A85000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
Service Name: RTLE8023xp
Module Base: B7A58000
Module End: B7A71000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ar5211.sys
Service Name: AR5211
Module Base: B79D2000
Module End: B7A58000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\usbohci.sys
Service Name: usbohci
Module Base: BABF8000
Module End: BABFD000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Service Name: ---
Module Base: B79AE000
Module End: B79D2000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Service Name: usbehci
Module Base: BAC00000
Module End: BAC08000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\imapi.sys
Service Name: Imapi
Module Base: B7D36000
Module End: B7D41000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Service Name: Cdrom
Module Base: B7D26000
Module End: B7D36000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\redbook.sys
Service Name: redbook
Module Base: B7D16000
Module End: B7D25000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ks.sys
Service Name: ---
Module Base: B798B000
Module End: B79AE000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Service Name: HDAudBus
Module Base: B7963000
Module End: B798B000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Service Name: i8042prt
Module Base: B7D06000
Module End: B7D13000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Service Name: Kbdclass
Module Base: BAC08000
Module End: BAC0E000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
Service Name: ApfiltrService
Module Base: B7944000
Module End: B7963000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Service Name: Mouclass
Module Base: BAC10000
Module End: BAC16000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\sdbus.sys
Service Name: sdbus
Module Base: B7930000
Module End: B7944000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
Service Name: rimmptsk
Module Base: BAC18000
Module End: BAC1F000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
Service Name: rimsptsk
Module Base: BA958000
Module End: BA965000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
Service Name: rismxdp
Module Base: B78E4000
Module End: B7930000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\CmBatt.sys
Service Name: CmBatt
Module Base: B8019000
Module End: B801D000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\tosrfcom.sys
Service Name: Tosrfcom
Module Base: BA968000
Module End: BA978000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\audstub.sys
Service Name: audstub
Module Base: BAEDA000
Module End: BAEDB000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Service Name: Rasl2tp
Module Base: BA978000
Module End: BA985000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Service Name: NdisTapi
Module Base: B8015000
Module End: B8018000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Service Name: NdisWan
Module Base: B78CD000
Module End: B78E4000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Service Name: RasPppoe
Module Base: BA988000
Module End: BA993000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Service Name: PptpMiniport
Module Base: BA998000
Module End: BA9A4000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Service Name: ---
Module Base: BAC20000
Module End: BAC25000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\psched.sys
Service Name: PSched
Module Base: B78BC000
Module End: B78CD000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Service Name: Gpc
Module Base: BA9A8000
Module End: BA9B1000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Service Name: Ptilink
Module Base: BAC28000
Module End: BAC2D000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\raspti.sys
Service Name: Raspti
Module Base: BAC30000
Module End: BAC35000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\termdd.sys
Service Name: TermDD
Module Base: BA9B8000
Module End: BA9C2000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\swenum.sys
Service Name: swenum
Module Base: BADCE000
Module End: BADD0000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\update.sys
Service Name: Update
Module Base: B785E000
Module End: B78BC000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Service Name: mssmbios
Module Base: B8005000
Module End: B8009000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\tosporte.sys
Service Name: tosporte
Module Base: BA9C8000
Module End: BA9D4000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Service Name: NDProxy
Module Base: BA9E8000
Module End: BA9F2000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Service Name: usbhub
Module Base: BAA28000
Module End: BAA37000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Service Name: ---
Module Base: BADD0000
Module End: BADD2000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\RtkHDAud.sys
Service Name: IntcAzAudAddService
Module Base: AF202000
Module End: AF693000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\portcls.sys
Service Name: ---
Module Base: AF1DE000
Module End: AF202000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\drmk.sys
Service Name: ---
Module Base: BAA38000
Module End: BAA47000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\smserial.sys
Service Name: smserial
Module Base: AF103000
Module End: AF1DE000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Modem.SYS
Service Name: Modem
Module Base: BAC38000
Module End: BAC40000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\MODEMCSA.sys
Service Name: MODEMCSA
Module Base: BA5FE000
Module End: BA602000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Service Name: Fs_Rec
Module Base: BADDC000
Module End: BADDE000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Null.SYS
Service Name: Null
Module Base: BAFFA000
Module End: BAFFB000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Beep.SYS
Service Name: Beep
Module Base: BADDE000
Module End: BADE0000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ehdrv.sys
Service Name: ehdrv
Module Base: AF0BC000
Module End: AF0DB000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\vga.sys
Service Name: VgaSave
Module Base: BAC60000
Module End: BAC66000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Service Name: mnmdd
Module Base: BADE0000
Module End: BADE2000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Service Name: RDPCDD
Module Base: BADE2000
Module End: BADE4000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Msfs.SYS
Service Name: Msfs
Module Base: BAC68000
Module End: BAC6D000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Npfs.SYS
Service Name: Npfs
Module Base: BAC70000
Module End: BAC78000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Service Name: RasAcd
Module Base: BA5F2000
Module End: BA5F5000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Service Name: IPSec
Module Base: AF089000
Module End: AF09C000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Service Name: Tcpip
Module Base: AF030000
Module End: AF089000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\netbt.sys
Service Name: NetBT
Module Base: AF008000
Module End: AF030000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Service Name: IpNat
Module Base: AEFE2000
Module End: AF008000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
Service Name: epfwtdir
Module Base: AEFCA000
Module End: AEFE2000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\afd.sys
Service Name: AFD
Module Base: AEFA8000
Module End: AEFCA000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\netbios.sys
Service Name: NetBIOS
Module Base: BAA48000
Module End: BAA51000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Service Name: Wanarp
Module Base: BAA58000
Module End: BAA61000
Hidden: No

Module Name: \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
Service Name: sp_rsdrv2
Module Base: AEEE5000
Module End: AEF08000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Service Name: Rdbss
Module Base: AEEBA000
Module End: AEEE5000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Service Name: MRxSmb
Module Base: AEE4A000
Module End: AEEBA000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Fips.SYS
Service Name: Fips
Module Base: BAA78000
Module End: BAA83000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\hidusb.sys
Service Name: hidusb
Module Base: B76E1000
Module End: B76E4000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS
Service Name: ---
Module Base: BAAD8000
Module End: BAAE1000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS
Service Name: ---
Module Base: BAC80000
Module End: BAC87000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Service Name: Cdfs
Module Base: BAAF8000
Module End: BAB08000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\usbccgp.sys
Service Name: usbccgp
Module Base: BACB0000
Module End: BACB8000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mouhid.sys
Service Name: mouhid
Module Base: AF6AF000
Module End: AF6B2000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\usbvideo.sys
Service Name: usbvideo
Module Base: AEDE8000
Module End: AEE06000
Hidden: No

Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys
Service Name: ---
Module Base: AED58000
Module End: AED70000
Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_WMILIB.SYS
Service Name: ---
Module Base: BAE04000
Module End: BAE06000
Hidden: Yes

Module Name: C:\WINDOWS\System32\drivers\Dxapi.sys
Service Name: ---
Module Base: AEDC0000
Module End: AEDC3000
Hidden: No

Module Name: C:\WINDOWS\System32\watchdog.sys
Service Name: ---
Module Base: BAB80000
Module End: BAB85000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\dxgthk.sys
Service Name: ---
Module Base: BAEB7000
Module End: BAEB8000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\eamon.sys
Service Name: eamon
Module Base: AC956000
Module End: ACA18000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Service Name: Ndisuio
Module Base: ACA2C000
Module End: ACA30000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Service Name: MRxDAV
Module Base: AC659000
Module End: AC686000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\wdmaud.sys
Service Name: wdmaud
Module Base: AC52C000
Module End: AC541000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sysaudio.sys
Service Name: sysaudio
Module Base: ACAB0000
Module End: ACABF000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\srv.sys
Service Name: Srv
Module Base: AC45F000
Module End: AC4B6000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\MASPINT.SYS
Service Name: MASPINT
Module Base: BADCA000
Module End: BADCC000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\HTTP.sys
Service Name: HTTP
Module Base: ABC24000
Module End: ABC65000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Service Name: USBSTOR
Module Base: BAC88000
Module End: BAC8F000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Fastfat.SYS
Service Name: Fastfat
Module Base: AB5BD000
Module End: AB5E1000
Hidden: No

******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwAssignProcessToJobObject
Address: AF0BD610
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

Function Name: ZwDebugActiveProcess
Address: AF0BDC10
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

Function Name: ZwDuplicateObject
Address: AF0BD730
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

Function Name: ZwOpenProcess
Address: AF0BD4B0
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

Function Name: ZwOpenThread
Address: AF0BD570
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

Function Name: ZwProtectVirtualMemory
Address: AF0BD6D0
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

Function Name: ZwSetContextThread
Address: AF0BD690
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

Function Name: ZwSetInformationThread
Address: AF0BD650
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

Function Name: ZwSetSecurityObject
Address: AF0BD7D0
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

Function Name: ZwSuspendProcess
Address: AF0BD510
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

Function Name: ZwSuspendThread
Address: AF0BD590
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

Function Name: ZwTerminateProcess
Address: AF0BD4D0
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

Function Name: ZwTerminateThread
Address: AF0BD5D0
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

Function Name: ZwWriteVirtualMemory
Address: AF0BD750
Driver Base: AF0BC000
Driver End: AF0DB000
Driver Name: \SystemRoot\system32\DRIVERS\ehdrv.sys

******************************************************************************************
******************************************************************************************
No Kernel Hooks found

******************************************************************************************
******************************************************************************************
No IRP Hooks found

******************************************************************************************
******************************************************************************************
Ports:
Local Address: AERO:30606
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
State: LISTENING

Local Address: AERO:6498
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Documents and Settings\Branislav Padyšák\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
State: LISTENING

Local Address: AERO:5354
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: LISTENING

Local Address: AERO:5152
Remote Address: LOCALHOST:1058
Type: TCP
Process: C:\Program Files\Java\jre6\bin\jqs.exe
State: CLOSE_WAIT

Local Address: AERO:5152
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Java\jre6\bin\jqs.exe
State: LISTENING

Local Address: AERO:1060
Remote Address: LOCALHOST:1059
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: AERO:1059
Remote Address: LOCALHOST:1060
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: AERO:1057
Remote Address: LOCALHOST:1056
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: AERO:1056
Remote Address: LOCALHOST:1057
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: AERO:1032
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\WINDOWS\system32\alg.exe
State: LISTENING

Local Address: AERO:1027
Remote Address: LOCALHOST:1026
Type: TCP
Process: C:\Documents and Settings\Branislav Padyšák\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
State: ESTABLISHED

Local Address: AERO:1026
Remote Address: LOCALHOST:1027
Type: TCP
Process: C:\Documents and Settings\Branislav Padyšák\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
State: ESTABLISHED

Local Address: AERO:6881
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
State: LISTENING

Local Address: AERO:MICROSOFT-DS
Remote Address: 0.0.0.0:0
Type: TCP
Process: System
State: LISTENING

Local Address: AERO:EPMAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\WINDOWS\system32\svchost.exe
State: LISTENING

Local Address: AERO:5353
Remote Address: NA
Type: UDP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: NA

Local Address: AERO:1900
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: AERO:1042
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\explorer.exe
State: NA

Local Address: AERO:123
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\svchost.exe
State: NA

Local Address: AERO:6881
Remote Address: NA
Type: UDP
Process: C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
State: NA

Local Address: AERO:4500
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\lsass.exe
State: NA

Local Address: AERO:1031
Remote Address: NA
Type: UDP
Process: C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
State: NA

Local Address: AERO:1025
Remote Address: NA
Type: UDP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: NA

Local Address: AERO:500
Remote Address: NA
Type: UDP
Process: C:\WINDOWS\system32\lsass.exe
State: NA

Local Address: AERO:MICROSOFT-DS
Remote Address: NA
Type: UDP
Process: System
State: NA

******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: D:\legalSOFTWARE\3D Vista\3D mails\mail 3 Gmail - Receipt for Your Payment to 3DVista Espana SL.htm
Status: Hidden

Object: D:\legalSOFTWARE\3D Vista\3D mails\mail 3 Gmail - Receipt for Your Payment to 3DVista Espana SL_subory
Status: Hidden

Object: D:\System Volume Information\MountPointManagerRemoteDatabase
Status: Access denied

Object: D:\System Volume Information\tracking.log
Status: Access denied

Object: D:\System Volume Information\_restore{688EFF5D-2724-441B-A61C-0D14C57FB69C}
Status: Access denied

Object: C:\System Volume Information\MountPointManagerRemoteDatabase
Status: Access denied

Object: C:\System Volume Information\tracking.log
Status: Access denied

[motji]

Jak to vypadá s počítačem?

[Brano22]

PC OK. Je celkovo rýchlejši. Ale po spustení SysProtu som nezaznamenal nejakú badateľnú zmenu. Zase sa ukázal ten program "n". Troška primrzol po skončení generovania logu - nevyskočilo okno s oznámením o vygenerovaní logu, iba to ťuklo, a na nič nešlo kliknúť - nešlo zavrieť sysprot. ukončil som ho správcom úloh, a vypol PC. Odvtedy som PC nemal zapnutý...

[motji]

Mě třeba tohle ukončování dělá Skype. Uděláme takový pokus. Já Vám nejdřív fixnu pár programů spouštějících se po startu a domluvíme se, které programy před vypnutím pc ukončíte..vždy po jednom..jedině tak zjistíme, jestli to dělá nějaký legální program, nebo mrška, kterou nevidím .

Poprosím o nový log ze rsitu

[Brano22]

OK.



Logfile of random's system information tool 1.06 (written by random/random)
Run by Branislav Padyšák at 2010-05-09 14:30:29
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 23 GB (46%) free of 50 GB
Total RAM: 2047 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:30:36, on 9.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Documents and Settings\Branislav Padyšák\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Documents and Settings\Branislav Padyšák\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Apoint2K\Apvfb.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclToBTSrv.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Documents and Settings\Branislav Padyšák\Desktop\TOTALCMD.EXE
c:\Documents and Settings\Branislav Padyšák\My Documents\Preberanie\RSIT.exe
C:\Program Files\trend micro\Branislav Padyšák.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60347
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Documents and Settings\Branislav Padyšák\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Branislav Padyšák\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{8BDF7AB8-24CF-474F-A35D-5D4C06D59C19}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4108792-3A09-4700-BC22-AF1CB2FEF781}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1caa1288aea18c0) (gupdate1caa1288aea18c0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 8705 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-09-27 16844800]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-08-03 1826816]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-05-16 53248]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-08-23 110592]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2006-06-02 176128]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-06-01 573440]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-03-27 36352]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-29 2145000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-03-20 1312256]
"Octoshape Streaming Services"=C:\Documents and Settings\Branislav Padyšák\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2009-01-08 70936]
"Google Update"=C:\Documents and Settings\Branislav Padyšák\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-06-25 133104]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-04-25 3037696]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-08-22 122880]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Documents and Settings\Branislav Padyšák\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll"="C:\Documents and Settings\Branislav Padyšák\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.dll:*:Enabled:Google Talk Plugin"
"C:\Documents and Settings\Branislav Padyšák\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe"="C:\Documents and Settings\Branislav Padyšák\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-05-03 12:54:39 ----D---- C:\Program Files\IKEA HomePlanner
2010-05-03 12:54:19 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-05-01 15:27:51 ----D---- C:\Program Files\Mozilla Firefox
2010-05-01 15:19:45 ----D---- C:\Program Files\VS Revo Group
2010-04-29 20:24:15 ----D---- C:\Documents and Settings\Branislav Padyšák\Application Data\gtk-2.0
2010-04-29 20:19:19 ----D---- C:\Program Files\GIMP-2.0
2010-04-27 22:44:54 ----A---- C:\WINDOWS\ntbtlog.txt
2010-04-26 20:35:15 ----D---- C:\rsit
2010-04-26 20:15:32 ----SHD---- C:\RECYCLER
2010-04-26 10:47:22 ----A---- C:\logZcombofixuAutomaticky.txt
2010-04-25 13:53:42 ----D---- C:\Documents and Settings\Branislav Padyšák\Application Data\Malwarebytes
2010-04-25 13:53:14 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-04-25 13:53:10 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-25 09:14:01 ----D---- C:\Documents and Settings\Branislav Padyšák\Application Data\Spyware Terminator
2010-04-25 09:13:59 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2010-04-25 09:13:51 ----D---- C:\Program Files\Spyware Terminator
2010-04-24 21:24:05 ----D---- C:\Program Files\trend micro
2010-04-17 21:51:04 ----D---- C:\Program Files\ESET

======List of files/folders modified in the last 1 months======

2010-05-09 14:30:10 ----A---- C:\WINDOWS\WINCMD.INI
2010-05-09 14:22:07 ----D---- C:\WINDOWS\Temp
2010-05-07 23:35:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-07 21:38:24 ----HD---- C:\WINDOWS\inf
2010-05-07 21:35:30 ----A---- C:\WINDOWS\NeroDigital.ini
2010-05-07 21:35:12 ----D---- C:\WINDOWS\Prefetch
2010-05-07 17:44:44 ----A---- C:\moduleName.txt
2010-05-03 12:55:03 ----SHD---- C:\WINDOWS\Installer
2010-05-03 12:54:39 ----RD---- C:\Program Files
2010-05-03 12:54:19 ----D---- C:\Program Files\Common Files
2010-05-01 15:26:06 ----D---- C:\WINDOWS
2010-05-01 15:24:01 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-05-01 15:20:01 ----D---- C:\WINDOWS\system32\drivers
2010-05-01 15:19:55 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-27 22:47:31 ----D---- C:\WINDOWS\system32
2010-04-26 10:41:54 ----SD---- C:\WINDOWS\Tasks
2010-04-26 10:41:10 ----A---- C:\WINDOWS\system.ini
2010-04-26 10:39:47 ----D---- C:\WINDOWS\AppPatch
2010-04-25 22:32:29 ----D---- C:\Documents and Settings\Branislav Padyšák\Application Data\ICQ
2010-04-25 13:34:30 ----D---- C:\WINDOWS\Debug
2010-04-24 22:37:16 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-04-24 21:10:06 ----D---- C:\Program Files\Google
2010-04-17 21:48:04 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-04-16 23:19:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-16 23:18:56 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 36864]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-03-29 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-03-29 95872]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-03-29 140216]
R2 MASPINT;MASPINT; C:\WINDOWS\system32\drivers\MASPINT.sys [2000-03-29 8096]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2006-05-26 111104]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-04-05 546112]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-08-22 2417664]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-10-02 4613120]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-18 5632]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-09-17 28672]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-09-14 50560]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-09-30 310016]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-09-19 101504]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 smserial;smserial; C:\WINDOWS\system32\DRIVERS\smserial.sys [2006-06-01 894336]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-04-19 47488]
R3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-05-18 110976]
R3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-03-16 37632]
R3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-05-09 62848]
R3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-05-09 40192]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 Revoflt;Revoflt; C:\WINDOWS\system32\DRIVERS\revoflt.sys [2009-12-30 27064]
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2008-04-13 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2008-04-13 11008]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 sonypvs1;Sony Digital Imaging Video2; C:\WINDOWS\system32\DRIVERS\sonypvs1.sys [2002-10-15 102220]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2006-03-15 52864]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-08-22 487424]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-29 810120]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-09-29 266343]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-04-25 488960]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-03-04 621056]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-08-21 593920]
S2 gupdate1caa1288aea18c0;Služba Google Update (gupdate1caa1288aea18c0); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-29 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-29 33560]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-11-23 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

spusťte přejmenované HJT C:\Program Files\trend micro\Branislav Padyšák.exe , má tuto ikonku

- Klikněte na "Do a system scan only"
- U řádku
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Branislav Padyšák\Local Settings\Application Data\Google\Update\GoogleUpdate.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
- Dejte fajfku do čtverečku a zmáčkněte Fix checked
- restartujte pc



První zkuste ve správci uloh ukončit tento program a vypnout pc
[Octoshape Streaming Services]

[Brano22]

Ok.
Mimochodom, minule sa neukončoval program "n" ale pre zmenu "sw"

[motji]

Vyzkoušejte to a uvidíme

[Brano22]

hmm.. neviem či som spravne pochopil: prebehol som ten HJT, odfajfkal som čo bolo treba, Fix checked, a reštartoval som PC. Až potom som v spravcovi uloh hľadal ten Octoshape.... Nemal som ho vypnuť pred reštartom..?? či je to jedno?
Každopádne - po HJT sa pred reštartom ukončoval program "n" , potom po opetovnom naštartovaní PC som hľadal Octoshape Streaming Services, ale bolo tam len OctoshapeClient.exe
Pri ďalšom vypínaní sa už myslím "n" neukázal.

[motji]

Měl jste fixnout v HJT, tím jsem omezili spouštění zybtečných programů po startu, spsutíte si je kdy budete chtít. A Až ted můžete zkusit vypnout ten program..ale jestli už se ten záhadný N program neukazuje, je možné, že to byl některý z těch fixnutých v HJT.
Vyzkoušejte, napište

[Brano22]

V HJT som tie programy fixnul. včera večer sa ten "n" objavil zas. ale zabudol som predtym pozrieť ten [Octoshape Streaming Services]...