Při naběhnutí se zjeví BSOD

Zpráva

teplice · #1 Příspěvek od **teplice** » 26 zář 2010 17:53

Dobrý den,
při zapnutí počítače se mi objevila modrá obrazovka smrti a musel jsem restartovat PC; to se několikrát opakovalo, do nouzového režimu též nešlo najet. Rozhodl jsem se tedy svá XP přeinstalovat na W7, ovšem ani to nešlo (údajně z DVD nešly načíst některé soubory), tak jsem instalaci zrušil a náhle XP šly spustit. Nevíte, co s tím? Zda se jedná o vir či nějakou SW/HW chybu? Přikládám log. Děkuji.

Logfile of random's system information tool 1.08 (written by random/random)
Run by L at 2010-09-26 18:44:57
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 61 GB (64%) free of 95 GB
Total RAM: 1023 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:45:23, on 26.9.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\L\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\L\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\L\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\L\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\L\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\L.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cz.o2.com/welcome/cz/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\L\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0230961890
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9556 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1220945662-1801674531-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-790525478-1220945662-1801674531-1003UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-30 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-30 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-21 1233288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"NPSStartup"= []
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"snpstd"=C:\WINDOWS\vsnpstd.exe [2004-06-10 286720]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\L\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-07-27 136176]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]
""= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-09-27 04:37:19 ----D---- C:\$WINDOWS.~BT
2010-09-27 04:13:55 ----ASH---- C:\WinPEpge.sys
2010-09-26 18:44:57 ----D---- C:\rsit
2010-09-26 18:44:57 ----D---- C:\Program Files\trend micro
2010-09-23 19:36:50 ----D---- C:\Documents and Settings\L\Data aplikací\Audacity
2010-09-23 19:36:41 ----D---- C:\Program Files\Audacity 1.3 Beta (Unicode)
2010-09-23 16:47:52 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-09-23 16:36:50 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-09-21 10:40:44 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-09-21 10:40:43 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-09-21 10:40:23 ----D---- C:\Program Files\Windows Media Connect 2
2010-09-21 10:40:14 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-09-20 22:08:38 ----D---- C:\Program Files\Common Files\DivX Shared
2010-09-20 22:07:44 ----D---- C:\Program Files\DivX
2010-09-20 22:06:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-09-20 21:39:38 ----D---- C:\Documents and Settings\L\Data aplikací\streamripper
2010-09-20 21:33:36 ----D---- C:\Documents and Settings\L\Data aplikací\COWON
2010-09-20 21:32:45 ----D---- C:\Program Files\Common Files\COWON
2010-09-20 21:32:43 ----D---- C:\Program Files\JetAudio
2010-09-20 21:32:19 ----D---- C:\Documents and Settings\L\Data aplikací\InstallShield
2010-09-20 21:30:52 ----D---- C:\Program Files\Streamripper
2010-09-19 20:09:52 ----D---- C:\Program Files\PokerStars.NET
2010-09-17 20:32:31 ----D---- C:\Documents and Settings\L\Data aplikací\AskToolbar
2010-09-16 18:04:17 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2010-09-16 18:04:14 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2010-09-16 18:04:12 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2010-09-16 18:04:10 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2010-09-16 18:04:07 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2010-09-16 18:04:04 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2010-09-16 18:04:02 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2010-09-16 18:03:53 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2010-09-16 18:00:22 ----A---- C:\WINDOWS\system32\rsnpstd.dll
2010-09-16 18:00:21 ----A---- C:\WINDOWS\system32\vsnpstd.dll
2010-09-16 18:00:21 ----A---- C:\WINDOWS\system32\csnpstd.dll
2010-09-16 18:00:20 ----A---- C:\WINDOWS\system32\drivers\snpstd.sys
2010-09-16 18:00:20 ----A---- C:\WINDOWS\snpstd.ini
2010-09-16 18:00:18 ----D---- C:\Program Files\Common Files\VCAMEye
2010-09-16 18:00:18 ----A---- C:\WINDOWS\vsnpstd.exe
2010-09-16 18:00:18 ----A---- C:\WINDOWS\system32\dsnpstd.dll
2010-09-15 14:15:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-09-15 14:15:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-09-15 14:15:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-09-15 14:12:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-09-15 14:12:39 ----HDC---- C:\WINDOWS\$NtUninstallKB982802$
2010-09-15 14:09:46 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-09-15 14:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2010-09-13 07:12:35 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-09-13 07:12:12 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-09-12 16:38:29 ----D---- C:\WINDOWS\Minidump
2010-09-11 21:03:57 ----D---- C:\Documents and Settings\L\Data aplikací\OpenOffice.org
2010-09-11 20:38:45 ----A---- C:\WINDOWS\system32\drivers\prodigy.sys
2010-09-11 20:38:30 ----D---- C:\Program Files\NSS
2010-09-11 14:40:16 ----HDC---- C:\WINDOWS\$NtUninstallWudf01009$
2010-09-11 14:36:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-09-11 14:35:41 ----D---- C:\WINDOWS\system32\LogFiles
2010-09-11 14:35:41 ----D---- C:\WINDOWS\system32\drivers\UMDF
2010-09-11 14:35:31 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-09-11 14:34:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\NokiaInstallerCache
2010-09-11 10:16:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nokia
2010-09-11 10:15:19 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2010-09-11 10:15:19 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2010-09-11 10:15:18 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2010-09-11 10:15:17 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-09-11 10:15:17 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-09-11 10:15:17 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-09-10 12:00:06 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-09-10 10:45:09 ----D---- C:\Program Files\OpenOffice.org 3
2010-09-10 10:37:31 ----D---- C:\Program Files\Common Files\Nero
2010-09-10 10:37:12 ----D---- C:\Program Files\Nero
2010-09-10 10:33:11 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-10 10:32:44 ----D---- C:\Program Files\Ask.com
2010-09-10 10:16:08 ----D---- C:\WINDOWS\system32\appmgmt
2010-09-10 10:14:12 ----D---- C:\Program Files\Convar
2010-09-10 10:14:12 ----A---- C:\WINDOWS\system32\Gif89.dll
2010-09-10 10:14:12 ----A---- C:\WINDOWS\system32\DartWeb.dll
2010-09-10 10:14:12 ----A---- C:\WINDOWS\system32\DartSock.dll
2010-09-10 10:14:11 ----RA---- C:\WINDOWS\system32\XceedCry.dll
2010-09-10 10:14:11 ----A---- C:\WINDOWS\system32\VB5DB.DLL
2010-09-09 18:44:46 ----D---- C:\Program Files\TO2SSM
2010-09-07 10:30:44 ----D---- C:\Documents and Settings\L\Data aplikací\Motive
2010-09-07 10:30:19 ----D---- C:\Program Files\Common Files\Motive
2010-09-07 10:29:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Motive
2010-09-06 17:00:04 ----D---- C:\Program Files\Mirage

======List of files/folders modified in the last 1 months======

2010-09-26 18:45:14 ----D---- C:\TEMP
2010-09-26 18:45:08 ----D---- C:\WINDOWS\Prefetch
2010-09-26 18:44:57 ----RD---- C:\Program Files
2010-09-26 18:44:37 ----D---- C:\WINDOWS\system32
2010-09-26 18:44:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-26 11:10:07 ----D---- C:\Windows
2010-09-26 10:53:46 ----D---- C:\Documents and Settings\L\Data aplikací\ICQ
2010-09-26 03:12:33 ----D---- C:\WINDOWS\Microsoft.NET
2010-09-26 03:10:27 ----SHD---- C:\WINDOWS\Installer
2010-09-26 03:10:10 ----RSD---- C:\WINDOWS\assembly
2010-09-26 03:10:08 ----D---- C:\WINDOWS\WinSxS
2010-09-25 19:42:36 ----D---- C:\Documents and Settings\L\Data aplikací\Skype
2010-09-25 16:12:04 ----D---- C:\Documents and Settings\L\Data aplikací\skypePM
2010-09-25 12:23:31 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-25 09:17:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-09-23 16:47:56 ----HD---- C:\WINDOWS\inf
2010-09-23 16:47:53 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-09-23 16:37:26 ----A---- C:\WINDOWS\imsins.BAK
2010-09-22 17:41:36 ----D---- C:\WINDOWS\Temp
2010-09-22 17:41:27 ----D---- C:\Documents and Settings\L\Data aplikací\PC Suite
2010-09-22 07:16:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-09-22 07:10:06 ----D---- C:\WINDOWS\system32\CatRoot
2010-09-21 10:54:56 ----D---- C:\Program Files\Windows Media Player
2010-09-21 10:40:32 ----N---- C:\WINDOWS\win.ini
2010-09-21 10:40:20 ----D---- C:\WINDOWS\Help
2010-09-21 09:24:16 ----D---- C:\Program Files\Mozilla Thunderbird
2010-09-20 22:08:38 ----D---- C:\Program Files\Common Files
2010-09-20 21:32:42 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-20 21:30:52 ----D---- C:\Program Files\The KMPlayer
2010-09-20 07:13:35 ----RSD---- C:\WINDOWS\Fonts
2010-09-20 07:13:19 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-09-20 07:12:38 ----D---- C:\Program Files\Microsoft Works
2010-09-20 07:08:17 ----D---- C:\Program Files\Common Files\System
2010-09-16 18:04:18 ----D---- C:\WINDOWS\system32\drivers
2010-09-16 18:03:56 ----D---- C:\WINDOWS\twain_32
2010-09-15 14:15:13 ----HD---- C:\WINDOWS\$hf_mig$
2010-09-15 14:03:25 ----A---- C:\WINDOWS\system32\MRT.exe
2010-09-12 09:27:53 ----D---- C:\Documents and Settings\L\Data aplikací\Nokia
2010-09-11 22:16:37 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-09-11 14:40:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2010-09-11 14:37:43 ----D---- C:\Program Files\Common Files\Nokia
2010-09-11 14:37:17 ----D---- C:\Program Files\Nokia
2010-09-11 14:37:11 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-11 14:37:08 ----D---- C:\Program Files\PC Connectivity Solution
2010-09-11 10:13:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-09-10 10:37:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2010-09-10 10:32:48 ----SD---- C:\WINDOWS\Tasks
2010-09-09 16:11:59 ----A---- C:\WINDOWS\ModemLog_Nokia E51 USB Modem.txt
2010-09-07 20:39:51 ----A---- C:\WINDOWS\ModemLog_SAMSUNG USB Mobile Modem.txt
2010-09-07 19:26:34 ----D---- C:\Program Files\ICQ7.2
2010-09-07 17:11:54 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-09-05 12:49:14 ----D---- C:\WINDOWS\security

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-07-27 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S3 acgjredz;acgjredz; C:\WINDOWS\system32\drivers\acgjredz.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač komunikace modemu Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 NVENET;NVIDIA nForce MCP Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENET.sys [2003-05-27 97280]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 snpstd;VideoCAM Eye; C:\WINDOWS\system32\DRIVERS\snpstd.sys [2005-06-20 390912]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-30 153376]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-07-27 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 26 zář 2010 17:57

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Pokud nebudu vědět, co bylo na té modré obrazovce napsáno, těžko mohu určit příčinu.

teplice · #3 Příspěvek od **teplice** » 26 zář 2010 18:17

tak jsem to chtěl udělat a zase BSOD, koukejte:

260920101191.jpg: (611.64 KiB) Staženo 86 x

#4 Příspěvek od **Rudy** » 26 zář 2010 19:35

Zkuste to v nouzovém režimu. Pokud nebudeme mít jistotu, že v systému není vir, nevíme, kde je problém.

teplice · #5 Příspěvek od **teplice** » 26 zář 2010 19:53

Už mi systém naběhl, mam to zkusit? Mám ale obavy, že zase spadne (není prosím jiné řešení?)

#6 Příspěvek od **Rudy** » 26 zář 2010 19:58

OK. Zkuste sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Za pád systému neručím ale ani v tomto případě.

teplice · #7 Příspěvek od **teplice** » 26 zář 2010 20:24

Tak z NZ se mi podařilo udělat combofix

ComboFix 10-09-25.07 - Administrator 26.09.2010 21:15:24.3.1 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.818 [GMT 2:00]
Spuštěný z: c:\documents and settings\L\Dokumenty\Downloads\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-08-26 do 2010-09-26 )))))))))))))))))))))))))))))))
.

2010-09-27 02:37 . 2010-09-27 02:37 -------- d-----w- C:\$WINDOWS.~BT
2010-09-27 02:13 . 2010-09-27 02:13 536870912 --sha-w- C:\WinPEpge.sys
2010-09-26 19:11 . 2010-09-26 19:11 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2010-09-26 19:08 . 2010-09-26 19:08 -------- d-----w- c:\temp\WPDNSE
2010-09-26 18:20 . 2010-09-26 19:19 -------- d-----w- c:\temp\div11.tmp
2010-09-26 18:03 . 2010-09-26 19:05 -------- d-----w- c:\temp\div10.tmp
2010-09-26 17:14 . 2010-09-26 19:05 -------- d-----w- c:\temp\divF.tmp
2010-09-26 16:44 . 2010-09-26 16:45 -------- d-----w- C:\rsit
2010-09-26 16:44 . 2010-09-26 16:45 -------- d-----w- c:\program files\trend micro
2010-09-26 16:42 . 2010-09-26 17:08 -------- d-----w- c:\temp\divE.tmp
2010-09-24 13:30 . 2010-09-26 17:08 -------- d-----w- c:\temp\divD.tmp
2010-09-24 05:28 . 2010-09-26 17:08 -------- d-----w- c:\temp\divC.tmp
2010-09-23 17:36 . 2010-09-23 17:36 -------- d-----w- c:\temp\audacity_temp
2010-09-23 17:36 . 2010-09-23 17:36 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
2010-09-23 15:53 . 2010-09-26 17:08 -------- d-----w- c:\temp\chrome_20023
2010-09-23 15:17 . 2010-09-26 17:08 -------- d-----w- c:\temp\CR_466.tmp
2010-09-23 14:35 . 2010-09-26 17:08 -------- d-----w- c:\temp\divB.tmp
2010-09-22 18:48 . 2010-09-26 17:08 -------- d-----w- c:\temp\divA.tmp
2010-09-22 18:00 . 2010-09-26 17:08 -------- d-----w- c:\temp\div9.tmp
2010-09-22 17:42 . 2010-09-26 17:08 -------- d-----w- c:\temp\div8.tmp
2010-09-22 16:13 . 2010-09-26 17:08 -------- d-----w- c:\temp\div7.tmp
2010-09-22 13:59 . 2010-09-26 17:08 -------- d-----w- c:\temp\div6.tmp
2010-09-22 04:57 . 2010-09-26 17:08 -------- d-----w- c:\temp\div5.tmp
2010-09-21 08:55 . 2010-09-26 17:08 -------- d-----w- c:\temp\div4.tmp
2010-09-21 08:40 . 2010-09-21 08:40 -------- d-----w- c:\program files\Windows Media Connect 2
2010-09-21 08:19 . 2010-09-26 17:08 -------- d-----w- c:\temp\div3.tmp
2010-09-21 05:29 . 2010-09-26 17:08 -------- d-----w- c:\temp\div2.tmp
2010-09-20 21:29 . 2010-09-26 17:08 -------- d-----w- c:\temp\div1.tmp
2010-09-20 20:09 . 2010-09-26 17:08 -------- d-----w- c:\temp\div41C.tmp
2010-09-20 20:08 . 2010-09-20 20:08 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-09-20 20:07 . 2010-09-20 20:09 -------- d-----w- c:\program files\DivX
2010-09-20 20:06 . 2010-09-26 17:08 -------- d-----w- c:\temp\div3E6.tmp
2010-09-20 19:32 . 2010-09-20 19:32 -------- d-----w- c:\program files\Common Files\COWON
2010-09-20 19:32 . 2010-09-20 19:41 -------- d-----w- c:\program files\JetAudio
2010-09-20 19:32 . 2010-09-26 17:08 -------- d-----w- c:\temp\{D0245C86-53C5-43F0-A81A-6CF455E6C37A}
2010-09-20 19:30 . 2010-09-20 19:30 -------- d-----w- c:\program files\Streamripper
2010-09-20 13:22 . 2010-09-20 13:22 -------- d-----w- c:\temp\Nokia Ovi Share Cache
2010-09-19 18:09 . 2010-09-19 18:25 -------- d-----w- c:\program files\PokerStars.NET
2010-09-18 12:58 . 2010-09-26 17:08 -------- d-----w- c:\temp\3.dir
2010-09-18 07:23 . 2010-09-26 17:08 -------- d-----w- c:\temp\chrome_16629
2010-09-18 05:17 . 2010-09-26 17:08 -------- d-----w- c:\temp\CR_530.tmp
2010-09-17 04:17 . 2010-09-26 17:08 -------- d-----w- c:\temp\CR_9E0.tmp
2010-09-16 16:03 . 2008-04-14 06:52 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2010-09-16 16:03 . 2008-04-14 06:52 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2010-09-16 16:00 . 2005-04-15 04:20 98304 ----a-w- c:\windows\system32\rsnpstd.dll
2010-09-16 16:00 . 2004-09-24 08:58 36864 ----a-w- c:\windows\system32\vsnpstd.dll
2010-09-16 16:00 . 2004-02-16 11:59 61440 ----a-w- c:\windows\system32\csnpstd.dll
2010-09-16 16:00 . 2005-06-20 19:27 390912 ----a-w- c:\windows\system32\drivers\snpstd.sys
2010-09-16 16:00 . 2010-09-16 16:00 -------- d-----w- c:\program files\Common Files\VCAMEye
2010-09-16 16:00 . 2004-06-10 11:48 286720 ----a-w- c:\windows\vsnpstd.exe
2010-09-16 16:00 . 2004-05-06 09:22 53248 ----a-w- c:\windows\system32\dsnpstd.dll
2010-09-11 18:47 . 2010-09-11 18:47 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ
2010-09-11 18:38 . 2006-08-29 14:56 32377 ----a-w- c:\windows\system32\drivers\prodigy.sys
2010-09-11 18:38 . 2010-09-11 20:15 -------- d-----w- c:\program files\NSS
2010-09-11 18:20 . 2010-09-17 19:07 -------- d-----w- c:\temp\Nokia PB3 Temp Folder
2010-09-11 13:43 . 2010-09-12 12:44 -------- d-----w- c:\temp\Adobe Stock Photos
2010-09-11 12:40 . 2010-09-26 17:08 -------- d-----w- c:\temp\{D5878294-C113-43c5-A24F-FC333C52015A}
2010-09-11 12:40 . 2010-09-26 17:08 -------- d-sh--w- c:\temp\Cookies
2010-09-11 12:40 . 2010-09-11 12:40 -------- d-sh--w- c:\temp\Temporary Internet Files
2010-09-11 12:40 . 2010-09-11 12:40 -------- d-sh--w- c:\temp\History
2010-09-11 12:40 . 2010-09-20 13:22 -------- d-----w- c:\temp\Nokia Remote Data Store
2010-09-11 12:35 . 2010-09-22 15:41 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-09-11 12:35 . 2010-09-11 12:35 -------- d-----w- c:\windows\system32\LogFiles
2010-09-11 12:17 . 2010-09-26 17:08 -------- d-----w- c:\temp\CR_14.tmp
2010-09-11 08:16 . 2010-09-26 17:08 -------- d-----w- c:\temp\NSU_2826f4011d39433312dbd8
2010-09-11 08:15 . 2010-02-26 12:32 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-09-11 08:15 . 2010-02-26 12:32 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-09-11 08:15 . 2010-02-26 12:32 22528 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-09-11 08:15 . 2010-02-26 12:32 662016 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-09-11 08:15 . 2010-02-26 12:32 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-09-11 08:15 . 2010-02-26 12:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2010-09-10 10:00 . 2008-04-14 06:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-09-10 08:45 . 2010-09-10 08:45 -------- d-----w- c:\program files\OpenOffice.org 3
2010-09-10 08:37 . 2010-09-10 08:37 -------- d-----w- c:\program files\Common Files\Nero
2010-09-10 08:37 . 2010-09-10 08:40 -------- d-----w- c:\program files\Nero
2010-09-10 08:36 . 2010-09-26 17:08 -------- d-----w- c:\temp\D39B4B65_3692_4292_833F_2C81D15845EB
2010-09-10 08:33 . 2010-09-24 05:28 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-10 08:32 . 2010-09-26 17:08 -------- d-----w- c:\temp\AskSearch
2010-09-10 08:32 . 2010-09-10 08:32 -------- d-----w- c:\program files\Ask.com
2010-09-10 08:31 . 2010-09-26 17:08 -------- d-----w- c:\temp\NERO20100709115641857
2010-09-10 08:14 . 2010-09-10 08:14 -------- d-----w- c:\program files\Convar
2010-09-10 08:14 . 2002-02-28 07:46 217088 ----a-w- c:\windows\system32\DartSock.dll
2010-09-10 08:14 . 2002-02-21 08:12 118784 ----a-w- c:\windows\system32\DartWeb.dll
2010-09-10 08:14 . 1998-06-13 20:53 44544 ----a-w- c:\windows\system32\Gif89.dll
2010-09-10 08:14 . 2003-07-18 11:58 516784 ----a-r- c:\windows\system32\XceedCry.dll
2010-09-10 08:14 . 1998-06-17 22:00 89360 ----a-w- c:\windows\system32\VB5DB.DLL
2010-09-09 16:45 . 2010-09-26 17:08 -------- d-----w- c:\temp\TO2SSM
2010-09-09 16:44 . 2010-09-09 16:46 -------- d-----w- c:\program files\TO2SSM
2010-09-07 08:30 . 2010-09-26 17:08 -------- d-----w- c:\temp\TO2SAM
2010-09-07 08:30 . 2010-09-09 16:45 -------- d-----w- c:\program files\Common Files\Motive
2010-09-06 15:00 . 2010-09-06 15:00 -------- d-----w- c:\program files\Mirage
2010-09-03 20:38 . 2010-09-24 06:38 -------- d-----w- c:\temp\hsperfdata_L
2010-09-02 05:28 . 2010-09-02 05:28 -------- d-----w- c:\temp\Nokia Communication Centre - Messages

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-26 18:24 . 2001-10-25 12:00 86948 ----a-w- c:\windows\system32\perfc005.dat
2010-09-26 18:24 . 2001-10-25 12:00 444722 ----a-w- c:\windows\system32\perfh005.dat
2010-09-21 07:24 . 2010-07-27 17:17 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-09-20 19:32 . 2010-07-27 11:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-20 19:30 . 2010-07-27 17:17 -------- d-----w- c:\program files\The KMPlayer
2010-09-20 05:12 . 2010-07-27 19:28 -------- d-----w- c:\program files\Microsoft Works
2010-09-11 12:40 . 2010-09-11 12:40 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-09-11 12:40 . 2010-09-11 12:40 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-09-11 12:37 . 2010-07-27 20:20 -------- d-----w- c:\program files\Common Files\Nokia
2010-09-11 12:37 . 2010-07-27 20:20 -------- d-----w- c:\program files\Nokia
2010-09-11 12:37 . 2010-07-27 20:20 -------- d-----w- c:\program files\PC Connectivity Solution
2010-09-07 17:26 . 2010-07-27 17:25 -------- d-----w- c:\program files\ICQ7.2
2010-09-07 15:12 . 2010-07-27 17:32 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-07-27 17:32 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-07-27 17:32 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-07-27 17:32 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-07-27 17:32 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-07-27 17:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-07 14:47 . 2010-07-27 17:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-07 14:47 . 2010-07-27 17:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 14:46 . 2010-07-27 17:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-08-26 20:09 . 2010-08-26 20:08 -------- d-----w- c:\program files\Samsung
2010-08-26 20:08 . 2010-08-26 20:08 -------- d-----w- c:\program files\MarkAny
2010-08-17 13:17 . 2008-04-14 06:52 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-12 14:59 . 2010-07-27 19:16 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-08-09 19:42 . 2010-08-09 19:42 -------- d-----w- c:\program files\Recuva
2010-08-05 12:07 . 2010-08-05 12:07 -------- d-----w- c:\program files\Pracovní kalendář_203
2010-07-31 08:45 . 2010-07-31 08:45 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-07-31 08:45 . 2010-07-31 08:45 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-30 16:06 . 2010-07-30 16:06 -------- d-----w- c:\program files\Common Files\Java
2010-07-30 16:06 . 2010-07-30 16:06 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-30 16:06 . 2010-07-30 16:06 -------- d-----w- c:\program files\Java
2010-07-27 19:16 . 2010-07-27 19:16 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-07-27 17:31 . 2010-07-27 17:31 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-07-27 17:18 . 2010-07-27 17:18 0 ----a-w- c:\windows\nsreg.dat
2010-07-27 11:35 . 2010-07-27 11:35 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin
2010-07-27 11:35 . 2010-07-27 11:35 1 ----a-w- c:\windows\system32\nvdrssel.bin
2010-07-27 11:35 . 2010-07-27 11:35 232968 ----a-w- c:\windows\system32\nvdrsdb1.bin
2010-07-27 10:03 . 2010-07-27 09:37 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-07-27 10:03 . 2010-07-27 09:37 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-07-27 10:02 . 2010-07-27 09:38 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-07-27 09:35 . 2010-07-27 09:35 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-07-22 15:46 . 2008-04-14 06:51 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 06:19 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-09 22:38 . 2010-07-27 11:29 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-07-09 22:38 . 2010-07-27 11:29 10604128 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-07-09 22:38 . 2010-07-27 11:29 2914408 ----a-w- c:\windows\system32\nvcuvid.dll
2010-07-09 22:38 . 2010-07-27 11:29 2506344 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-07-09 22:38 . 2010-07-27 11:29 13549568 ----a-w- c:\windows\system32\nvoglnt.dll
2010-07-09 22:38 . 2010-07-27 11:29 6343040 ----a-w- c:\windows\system32\nv4_disp.dll
2010-07-09 22:38 . 2010-07-27 11:29 4595712 ----a-w- c:\windows\system32\nvcuda.dll
2010-07-09 22:38 . 2010-07-27 11:29 236136 ----a-w- c:\windows\system32\nvcodins.dll
2010-07-09 22:38 . 2010-07-27 11:29 236136 ----a-w- c:\windows\system32\nvcod.dll
2010-07-09 22:38 . 2010-07-27 11:29 2195030 ----a-w- c:\windows\system32\nvdata.bin
2010-07-09 22:38 . 2010-07-27 11:29 1388544 ----a-w- c:\windows\system32\nvapi.dll
2010-07-09 22:38 . 2010-07-27 11:29 10260480 ----a-w- c:\windows\system32\nvcompiler.dll
2010-07-07 11:46 . 2010-07-27 11:07 604776 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-06-30 12:33 . 2008-04-14 06:51 149504 ----a-w- c:\windows\system32\schannel.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-09-26_17.10.46 )))))))))))))))))))))))))))))))))))))))))
.
- 2001-10-25 12:00 . 2010-09-26 17:03 68320 c:\windows\system32\perfc009.dat
+ 2001-10-25 12:00 . 2010-09-26 18:24 68320 c:\windows\system32\perfc009.dat
+ 2001-10-25 12:00 . 2010-09-26 18:24 433364 c:\windows\system32\perfh009.dat
- 2001-10-25 12:00 . 2010-09-26 17:03 433364 c:\windows\system32\perfh009.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-05-21 10:17 1233288 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-21 1233288]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
"_nltide_3"="advpack.dll" [2009-03-08 128512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"SoundMan"="SOUNDMAN.EXE" [2006-08-02 577536]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"NPSStartup"="" [BU]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
"_nltide_3"="advpack.dll" [2009-03-08 128512]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsasvr.exe"=
"c:\\Program Files\\Samsung\\Samsung New PC Studio\\npsvsvr.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [27.7.2010 19:32 165584]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.7.2010 19:32 17744]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [26.8.2010 22:09 233472]
S2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [4.5.2010 12:07 503080]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [26.8.2010 22:09 36608]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [26.8.2010 22:09 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [26.8.2010 22:09 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [26.8.2010 22:09 121856]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [27.7.2010 21:16 691696]
.
Obsah adresáře 'Naplánované úlohy'

2010-09-26 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-05-21 10:17]
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-26 21:20
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(1572)
c:\windows\system32\msi.dll
.
Celkový čas: 2010-09-26 21:21:50
ComboFix-quarantined-files.txt 2010-09-26 19:21

Před spuštěním: Volných bajtů: 67 619 041 280
Po spuštění: Volných bajtů: 67 612 307 456

- - End Of File - - BB01DFA818510D44997047EEB0C81C33

#8 Příspěvek od **Rudy** » 26 zář 2010 21:35

Soubor C:\WinPEpge.sys otestujte online na www.virustotal.com . Výsledek oznamte. Dále promažte složku C:\temp .

teplice · #9 Příspěvek od **teplice** » 28 zář 2010 14:44

Rád bych, ale soubor nelze nahrát (trvá to dlouho a pak to napíše nějakou chybu - problém je myslím na stránce). A co přesně mam smazat v Tempu?

#10 Příspěvek od **Rudy** » 28 zář 2010 15:57

A co přesně mam smazat v Tempu?

Můžete celý obsah složky.

teplice · #11 Příspěvek od **teplice** » 28 zář 2010 17:09

Tak to jsem udělal

mam ještě něco?

#12 Příspěvek od **Rudy** » 28 zář 2010 17:20

Soubor zkuste otestovat jinde: http://www.virusscan.jotti.org .

teplice · #13 Příspěvek od **teplice** » 28 zář 2010 17:23

Jenže ten soubor má 512 MB a na tom webu je omezení na 20 MB

#14 Příspěvek od **Rudy** » 28 zář 2010 17:29

Tak ho alespon prověřte antivirem.

teplice · #15 Příspěvek od **teplice** » 28 zář 2010 17:31

Zkontrolováno avastem, nic nenalezeno..

VIRY.CZ

Při naběhnutí se zjeví BSOD

Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD

Re: Při naběhnutí se zjeví BSOD