Haved zrejme niekomu zasiela informacie z PC

Zpráva

#16 Příspěvek od **motji** » 28 čer 2010 21:04

Dobrý večer, záskok za kolegu

,

jak se teď chová počítač? Gmer zatím znovu nedělejte, poprosím Vás o nový log z combofixu

marvolo · #17 Příspěvek od **marvolo** » 29 čer 2010 18:41

Uz som si myslel ze to je tak zle, že radšej ani nikto nenapiše

Dakujem že ste sa ozvali.
PC sa sprava pomerne normalne, az na zopar veci.
- Obcas ked som menil nejake nastavenia (nic s grafikou) alebo sa koncil nejaky proces (napr. v CCleaner) tak nabehla asi na 1 sekundu cierna obrazovka a potom sa to opravilo a vsetko islo OK
- Chcel som nainstalovat nejaky soft ale instalacia sa nespustila, no v procesoch si bral coraz viac pamäte. (je pravda ze podla jedneho antivira vnom mal byt trojan, no ostatni snim nemali problem, takze to nemusi byt chyba systemu)
- V nastaveniach bezpečnosti Win ( XP ) je Firewall zapnuty, no pri starte vzdy vyhodi bublinu ze je vypnuty.
-Neslo mi dnes spoustit program SpeedUpMyPC, len ukazal obrazok uvodny a nic (ani v procesoch to nebolo. Teraz pri pisani som pozeral nazov a som ho skusil pustit tak ide vpohode.
To je tak všetko. A este ten Log

Log z ComboFix
ComboFix 10-06-25.02 - user 29.06.2010 19:01:09.4.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.255.5 [GMT 2:00]
Running from: c:\documents and settings\user\Desktop\ComboFix.exe
AV: Eset NOD32 Antivirus 2.70 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
.

((((((((((((((((((((((((( Files Created from 2010-05-28 to 2010-06-29 )))))))))))))))))))))))))))))))
.

2010-06-28 11:24 . 2010-06-28 11:24 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\NokiaAccount
2010-06-28 11:06 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-06-28 11:05 . 2010-06-28 11:05 -------- d-----w- c:\program files\PC Connectivity Solution
2010-06-28 11:03 . 2010-06-28 11:03 12212040 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-06-28 11:03 . 2010-06-28 11:03 13930312 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-06-28 11:03 . 2010-06-28 11:03 77824 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-06-28 11:03 . 2010-06-28 11:03 50000 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe
2010-06-28 11:03 . 2010-06-28 11:03 38912 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-06-28 11:03 . 2010-06-28 11:03 38912 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-06-28 11:02 . 2010-06-28 10:41 103404272 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
2010-06-28 10:48 . 2010-06-28 11:39 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Nokia
2010-06-28 10:47 . 2010-06-28 14:31 -------- d-----w- c:\windows\Globalization
2010-06-28 10:45 . 2010-06-28 10:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaMusic
2010-06-28 10:42 . 2010-06-28 10:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache
2010-06-28 09:47 . 2010-06-28 09:24 35790800 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\NokiaSoftwareUpdaterSetup_sk.exe
2010-06-28 09:44 . 2010-06-28 09:44 3351812 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\msxml6Exec.exe
2010-06-28 09:44 . 2010-06-28 09:44 36864 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\Sleep.exe
2010-06-28 09:44 . 2010-06-28 09:44 3203453 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Installer\CommonCustomActions\vcredistExec.exe
2010-06-28 09:41 . 2010-06-28 09:41 -------- d-----w- c:\program files\Common Files\PCSuite
2010-06-28 09:40 . 2010-06-29 16:43 -------- d-----w- c:\program files\Common Files\Nokia
2010-06-28 09:39 . 2010-02-26 12:32 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-06-28 09:38 . 2010-02-26 12:32 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-06-28 09:38 . 2010-02-26 12:32 22528 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-06-28 09:38 . 2010-02-26 12:32 662016 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-06-28 09:38 . 2010-02-26 12:32 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-06-28 09:38 . 2010-02-26 12:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2010-06-28 09:36 . 2010-06-28 09:29 36665824 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Nokia_PC_Suite_slk_web.exe
2010-06-28 09:36 . 2010-06-28 09:36 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\pcswpcsi.exe
2010-06-28 09:36 . 2010-06-28 09:36 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-06-28 09:36 . 2010-06-28 09:36 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\UninstPCS.exe
2010-06-28 09:36 . 2010-06-28 09:36 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\UninstCCD.exe
2010-06-27 15:42 . 2010-06-27 15:43 -------- d-----w- c:\program files\VirtualDJ
2010-06-27 09:24 . 2010-06-27 10:49 -------- d-----w- c:\documents and settings\user\Application Data\DAEMON Tools Lite
2010-06-27 09:24 . 2010-06-27 09:24 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2010-06-26 10:59 . 2010-06-26 10:59 -------- d-----w- C:\_OTM
2010-06-17 12:56 . 2010-06-17 13:04 -------- d-----w- c:\documents and settings\user\Application Data\Hamachi
2010-06-17 12:55 . 2010-06-17 12:55 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-06-15 15:47 . 2010-06-18 13:27 -------- d-----w- c:\program files\Counter-Strike 1.6
2010-06-13 10:53 . 2010-06-13 10:56 -------- d-----w- c:\documents and settings\user\Application Data\ManyCam
2010-06-13 10:53 . 2010-06-24 13:44 -------- d-----w- c:\program files\ManyCam 2.4
2010-06-11 15:22 . 2010-06-11 15:22 -------- d-----w- c:\program files\Zoner
2010-06-11 12:20 . 2010-06-11 12:21 -------- d-----w- c:\program files\vbNFSMWMegaTrainer
2010-06-07 17:48 . 2010-06-07 17:48 -------- d-----w- c:\windows\system32\wbem\Repository
2010-06-07 17:24 . 2010-06-07 17:24 -------- d-----w- c:\program files\Kerio
2010-06-05 08:35 . 2010-06-05 08:36 -------- d-----w- c:\documents and settings\user\Application Data\Stella

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-29 16:40 . 2007-11-23 14:15 -------- d-----w- c:\documents and settings\user\Application Data\Nokia
2010-06-29 16:32 . 2007-04-30 16:39 -------- d-----w- c:\documents and settings\user\Application Data\Skype
2010-06-28 14:35 . 2006-07-31 23:06 94576 ----a-w- c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-28 14:32 . 2009-10-05 18:27 -------- d-----w- c:\program files\Nokia
2010-06-28 10:15 . 2010-06-28 10:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-06-28 10:15 . 2010-06-28 10:15 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-06-28 10:13 . 2007-11-23 14:15 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2010-06-28 10:13 . 2010-06-28 10:13 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-06-28 10:13 . 2010-06-28 10:13 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-06-28 09:50 . 2007-11-23 14:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2010-06-28 09:40 . 2007-11-23 14:14 -------- d-----w- c:\program files\DIFX
2010-06-27 11:30 . 2009-12-27 11:50 2656 ----a-w- c:\documents and settings\user\Local Settings\Application Data\config.dat
2010-06-24 13:42 . 2006-08-09 18:18 -------- d-----w- c:\program files\EA GAMES
2010-06-24 13:42 . 2006-07-28 19:27 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-23 12:11 . 2010-04-16 13:21 -------- d-----w- c:\documents and settings\user\Application Data\ICQ
2010-06-23 11:47 . 2010-04-16 13:21 -------- d-----w- c:\program files\ICQ7.1
2010-06-13 09:55 . 2010-05-14 15:05 138968 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-13 09:54 . 2010-05-14 15:04 214592 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-13 09:21 . 2007-04-24 12:38 -------- d-----w- c:\program files\Google
2010-06-12 14:44 . 2006-08-09 16:10 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-11 12:20 . 2009-11-16 18:44 249856 ------w- c:\windows\Setup1.exe
2010-06-11 12:20 . 2009-11-16 18:44 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-06-09 15:35 . 2008-03-03 10:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-06-08 08:31 . 2006-12-24 18:19 -------- d-----w- c:\program files\Lx_cats
2010-06-07 17:44 . 2010-06-07 17:26 3219 ----a-w- c:\windows\system32\drivers\kwfupper.log
2010-06-07 17:25 . 2010-06-07 17:25 5255 ----a-w- c:\windows\system32\drivers\kwflower.log
2010-06-05 20:49 . 2008-08-03 13:53 -------- d-----w- c:\documents and settings\user\Application Data\Thinstall
2010-06-05 08:23 . 2008-05-20 14:07 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-29 08:34 . 2010-05-14 15:04 139152 ----a-w- c:\documents and settings\user\Application Data\PnkBstrK.sys
2010-05-29 08:34 . 2010-05-14 15:04 139152 ----a-w- c:\documents and settings\user\Application Data\PnkBstrK.sys
2010-05-29 08:33 . 2010-05-29 08:33 794408 ----a-w- c:\windows\system32\pbsvc.exe
2010-05-29 08:33 . 2006-08-09 15:22 -------- d-----w- c:\program files\EA SPORTS
2010-05-20 17:15 . 2009-05-04 17:22 -------- d-----w- c:\documents and settings\user\Application Data\Any Video Converter Professional
2010-05-19 16:34 . 2010-01-30 14:28 -------- d-----w- c:\program files\Lexmark 3300 Series
2010-05-19 16:26 . 2010-05-19 16:25 -------- d-----w- c:\program files\Lexmark Fax Solutions
2010-05-17 18:58 . 2010-05-17 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-05-17 18:57 . 2010-05-17 18:57 -------- d-----w- c:\program files\NVIDIA Corporation
2010-05-15 16:42 . 2009-01-04 17:18 -------- d-----w- c:\documents and settings\user\Application Data\dvdcss
2010-05-14 15:04 . 2009-07-05 16:49 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-05-14 15:04 . 2010-05-14 15:04 2427248 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2010-05-09 14:34 . 2009-07-06 16:44 -------- d-----w- c:\documents and settings\user\Application Data\vlc
2010-05-06 18:22 . 2010-05-06 18:22 -------- d-----w- c:\documents and settings\user\Application Data\eTeks
2010-05-05 16:47 . 2010-05-05 16:46 -------- d-----w- c:\program files\Sweet Home 3D
2010-05-02 05:22 . 2004-08-04 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-05-01 19:23 . 2010-05-01 19:08 -------- d-----w- c:\program files\trend micro
2010-05-01 12:46 . 2010-05-01 12:46 -------- d-----w- c:\program files\Uniblue1
2010-05-01 12:26 . 2009-05-12 18:14 -------- d-----w- c:\documents and settings\user\Application Data\Uniblue
2010-04-20 05:30 . 2004-08-04 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-14 08:26 . 2010-04-14 08:26 1837296 ----a-w- c:\windows\system32\WUDFUpdate_01009.dll
2010-04-10 17:08 . 2006-08-04 00:19 12134 ----a-w- c:\documents and settings\user\Application Data\wklnhst.dat
2010-04-03 17:23 . 2010-04-03 17:23 278120 ----a-w- c:\windows\system32\nvmccs.dll
2010-04-03 17:23 . 2010-04-03 17:23 154216 ----a-w- c:\windows\system32\nvsvc32.exe
2010-04-03 17:23 . 2010-04-03 17:23 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-04-03 17:23 . 2010-04-03 17:23 13670504 ----a-w- c:\windows\system32\nvcpl.dll
2010-04-03 17:23 . 2010-04-03 17:23 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-04-03 17:23 . 2010-04-03 17:23 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2010-04-03 17:23 . 2010-04-03 17:23 126976 ----a-w- c:\windows\system32\nvrszht.dll
2008-03-05 17:22 . 2008-03-05 17:22 0 -c--a-w- c:\program files\temp01
2007-10-19 17:33 . 2007-10-19 17:33 2686551 ----a-w- c:\program files\PNTSE.exe
2007-08-20 11:12 . 2007-08-20 11:12 15505200 ----a-w- c:\program files\IE7-WindowsXP-x86-enu.exe
.

((((((((((((((((((((((((((((( SnapShot@2010-06-26_10.44.16 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
+ 2009-07-11 23:07 . 2009-07-11 23:07 57856 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80u.dll
+ 2009-07-11 23:19 . 2009-07-11 23:19 69632 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfcm80.dll
+ 2010-06-29 10:52 . 2010-06-29 10:52 16384 c:\windows\temp\Perflib_Perfdata_7c0.dat
+ 2006-09-28 16:56 . 2009-07-13 16:16 64512 c:\windows\system32\WudfSvc.dll
+ 2006-09-28 18:13 . 2009-07-13 16:16 39936 c:\windows\system32\WUDFCoinstaller.dll
- 2007-08-19 19:15 . 2008-10-13 12:55 26144 c:\windows\system32\spupdsvc.exe
+ 2007-08-19 19:15 . 2008-11-07 16:55 26144 c:\windows\system32\spupdsvc.exe
+ 2009-02-09 14:19 . 2008-11-07 16:55 16928 c:\windows\system32\spmsgXP_2k3.dll
+ 2009-06-26 15:35 . 2008-11-07 16:55 16928 c:\windows\system32\spmsg.dll
+ 2004-08-04 12:00 . 2010-06-28 14:30 68156 c:\windows\system32\perfc009.dat
- 2004-08-04 12:00 . 2010-06-24 13:59 68156 c:\windows\system32\perfc009.dat
+ 2007-11-23 14:13 . 2010-02-26 12:32 92672 c:\windows\system32\nmwcdcls.dll
- 2009-02-09 13:55 . 2008-08-26 08:26 18816 c:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2010-06-28 11:06 . 2008-08-26 08:26 18816 c:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2010-06-28 09:38 . 2010-02-26 12:32 22528 c:\windows\system32\DRVSTORE\ccdcmbo_86369E3C3E199189C5EAD7421471A08D93A69835\ccdcmbo.sys
+ 2010-06-28 09:38 . 2010-02-26 12:32 92672 c:\windows\system32\DRVSTORE\ccdcmb_86369E3C3E199189C5EAD7421471A08D93A69835\nmwcdcls.dll
+ 2010-06-28 09:38 . 2010-02-26 12:32 18176 c:\windows\system32\DRVSTORE\ccdcmb_86369E3C3E199189C5EAD7421471A08D93A69835\ccdcmb.sys
+ 2006-09-28 16:55 . 2009-07-13 14:50 91904 c:\windows\system32\drivers\WudfPf.sys
+ 2008-03-27 15:27 . 2009-07-14 08:35 37608 c:\windows\system32\drivers\wdfldr.sys
+ 2010-06-28 11:04 . 2010-06-28 11:04 78336 c:\windows\Installer\3e1d54.msi
+ 2010-06-28 10:45 . 2010-06-28 10:45 10134 c:\windows\Installer\{70B31335-50EE-4834-8431-27412CDE62BD}\ARPPRODUCTICON.exe
+ 2010-06-28 09:42 . 2010-06-28 09:42 15086 c:\windows\Installer\{18756A46-652E-4ED4-A029-C4940D59F09B}\ARPPRODUCTICON.exe
+ 2010-06-28 09:49 . 2010-06-28 09:49 10134 c:\windows\Installer\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\ARPPRODUCTICON.exe
+ 2010-06-28 11:06 . 2010-06-28 11:06 10134 c:\windows\Installer\{089DD780-DB3F-4CDB-A0C2-111360247298}\ARPPRODUCTICON.exe
+ 2010-06-28 09:39 . 2010-02-26 12:21 8320 c:\windows\system32\DRVSTORE\nmwcdnsuc_86369E3C3E199189C5EAD7421471A08D93A69835\nmwcdnsuc.sys
+ 2010-06-28 09:38 . 2010-02-26 12:32 8192 c:\windows\system32\DRVSTORE\ccdcmbm_86369E3C3E199189C5EAD7421471A08D93A69835\usbser_lowerflt.sys
+ 2010-06-28 09:39 . 2010-02-26 12:32 8192 c:\windows\system32\DRVSTORE\ccdcmbcj_86369E3C3E199189C5EAD7421471A08D93A69835\usbser_lowerfltj.sys
+ 2010-06-28 09:39 . 2010-06-28 09:39 3262 c:\windows\Installer\{1B9B5B3B-28E7-4E59-A80D-D670AA984514}\ARPPRODUCTICON.exe
+ 2010-06-28 09:49 . 2010-06-28 09:49 8854 c:\windows\Installer\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
+ 2010-06-28 09:49 . 2010-06-28 09:49 8854 c:\windows\Installer\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\NewShortcut35_E2CBBE559A074AF98E8596196B075190.exe
+ 2010-06-28 09:49 . 2010-06-28 09:49 8854 c:\windows\Installer\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
+ 2009-07-11 22:02 . 2009-07-11 22:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2009-07-11 23:12 . 2009-07-11 23:12 632656 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
+ 2009-07-11 23:09 . 2009-07-11 23:09 554832 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
+ 2009-07-11 23:08 . 2009-07-11 23:08 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcm80.dll
+ 2006-09-28 16:56 . 2009-07-13 16:16 567808 c:\windows\system32\WUDFx.dll
+ 2006-09-28 16:56 . 2009-07-13 14:50 148480 c:\windows\system32\WudfPlatform.dll
+ 2006-09-28 16:56 . 2009-07-13 16:14 195584 c:\windows\system32\WudfHost.exe
+ 2004-08-04 12:00 . 2010-06-28 14:30 435260 c:\windows\system32\perfh009.dat
- 2004-08-04 12:00 . 2010-06-24 13:59 435260 c:\windows\system32\perfh009.dat
+ 2010-06-28 11:06 . 2010-04-14 09:40 590848 c:\windows\system32\DRVSTORE\pccswpddri_8FC79B5C76B12B345CB05ADB7D73AF7091A57405\PCCSWpdDriver.dll
+ 2010-06-28 09:39 . 2010-02-26 12:21 137344 c:\windows\system32\DRVSTORE\nmwcdnsu_86369E3C3E199189C5EAD7421471A08D93A69835\nmwcdnsu.sys
+ 2010-06-28 09:38 . 2010-02-26 12:32 662016 c:\windows\system32\DRVSTORE\ccdcmb_86369E3C3E199189C5EAD7421471A08D93A69835\nmwcdcocls.dll
+ 2006-09-28 17:00 . 2009-07-13 14:50 132224 c:\windows\system32\drivers\WudfRd.sys
+ 2008-03-27 15:27 . 2009-07-14 08:35 444136 c:\windows\system32\drivers\wdf01000.sys
+ 2010-04-14 09:40 . 2010-04-14 09:40 590848 c:\windows\system32\drivers\UMDF\PCCSWpdDriver.dll
+ 2010-06-28 11:06 . 2010-06-28 11:06 495616 c:\windows\Installer\3e1d88.msi
+ 2010-06-28 09:46 . 2010-06-28 09:46 424960 c:\windows\Installer\258403.msi
+ 2010-06-28 09:42 . 2010-06-28 09:42 860160 c:\windows\Installer\2583fa.msi
+ 2010-06-28 09:39 . 2010-06-28 09:39 331776 c:\windows\Installer\2583c1.msi
+ 2010-06-28 09:37 . 2010-06-28 09:37 215552 c:\windows\Installer\2583a7.msi
+ 2010-06-28 10:36 . 2010-06-28 10:36 228352 c:\windows\Installer\23685b.msi
+ 2010-06-28 09:49 . 2010-06-28 09:49 458752 c:\windows\Installer\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\NewShortcut20_F7578A24A4B240E4BA057EF931EB25B5.exe
+ 2010-06-28 09:49 . 2010-06-28 09:49 458752 c:\windows\Installer\{09C468CA-2940-466A-AAE8-DCC0C6E9323C}\NewShortcut16_F7578A24A4B240E4BA057EF931EB25B5.exe
+ 2009-07-11 22:02 . 2009-07-11 22:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2009-07-11 18:46 . 2009-07-11 18:46 1093120 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80u.dll
+ 2009-07-11 18:46 . 2009-07-11 18:46 1105920 c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\mfc80.dll
+ 2006-07-28 10:55 . 2010-06-29 10:52 1608472 c:\windows\system32\FNTCACHE.DAT
+ 2010-06-28 11:06 . 2010-04-14 08:26 1837296 c:\windows\system32\DRVSTORE\pccswpddri_8FC79B5C76B12B345CB05ADB7D73AF7091A57405\WUDFUpdate_01009.dll
+ 2010-06-28 09:38 . 2010-02-26 12:19 1461992 c:\windows\system32\DRVSTORE\ccdcmb_86369E3C3E199189C5EAD7421471A08D93A69835\wdfcoinstaller01009.dll
+ 2010-06-28 09:49 . 2010-06-28 09:49 1633792 c:\windows\Installer\258408.msi
+ 2010-06-28 10:45 . 2010-06-28 10:45 5863424 c:\windows\Installer\236872.msi
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-08-17 949376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"LXCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-07-20 73728]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-03-24 18:17 952768 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-02 18:05 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
2005-07-12 09:36 299008 ----a-w- c:\program files\Lexmark Fax Solutions\fm3032.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxccmon.exe]
2005-07-21 00:16 192512 ----a-w- c:\program files\Lexmark 3300 Series\LXCCmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-04-03 17:23 110696 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shockwave Updater]
2010-01-18 07:23 459032 ----a-w- c:\windows\system32\Adobe\Shockwave 11\SwHelper_1156606.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Softick\\PPP\\Bin\\pppgate.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\Program Files\\Ubisoft\\Crytek\\Far Cry\\Bin32\\FarCry.exe"=
"c:\\Documents and Settings\\user\\Desktop\\marvolo\\Mobil\\Hry\\instal java\\Uploader.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.ICD"=
"c:\\Documents and Settings\\user\\Local Settings\\Application Data\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"c:\\Games\\Paintball2\\paintball2.exe"=
"c:\\Program Files\\Antik Phone\\AntikSIPsoftPhone.atk"=
"c:\\Program Files\\Antik Phone\\AntikSIPsoftPhone.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\EA SPORTS\\FIFA Online\\NFE.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hlds.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31.7.2008 20:45 20616]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [30.4.2010 18:44 64288]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [17.8.2007 20:04 15424]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\ACEDRV11.sys [23.1.2008 10:19 501560]
S3 A368;A368 Filter;c:\windows\system32\drivers\A368.sys [24.12.2006 21:58 28864]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 14:58 26248]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys --> c:\windows\system32\DRIVERS\ManyCam.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-06-29 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36]

2010-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 17:41]

2010-06-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 17:41]

2009-09-12 c:\windows\Tasks\NeroLiveEpgUpdate-YOUR-C8536FD031_user.job
- c:\program files\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 12:51]

2010-06-29 c:\windows\Tasks\User_Feed_Synchronization-{C6C29FDB-6BC2-4ACF-BACC-00C0D686AF8B}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 01:01]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.zoznam.sk/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.winamp.com/plugins
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
LSP: c:\windows\system32\imon.dll
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/update ... 0.53.0.cab
FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\kqt5yk9q.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.zoznam.sk/
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\kqt5yk9q.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
FF - plugin: c:\documents and settings\user\Local Settings\Application Data\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-NokiaMusic FastStart - c:\program files\Nokia\Ovi Player\NokiaOviPlayer.exe
MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-29 19:15
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2803272282-1147624186-4157288278-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-2803272282-1147624186-4157288278-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{385A3904-A1D4-225C-B927-7FD7C1C76FA0}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"oabjaooholmhaeldbaeheofnoeaema"=hex:6a,61,6e,6d,6d,70,6d,61,6f,67,6b,6c,6d,70,
70,6f,6e,6f,61,70,00,ee
"nalioopiehoaihaobamkmbhgclkm"=hex:6b,61,6e,6d,63,61,63,6e,68,6c,66,65,6c,6c,
63,61,63,6c,63,62,6a,6f,00,00
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(788)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll

- - - - - - - > 'explorer.exe'(4708)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-06-29 19:24:40
ComboFix-quarantined-files.txt 2010-06-29 17:24
ComboFix2.txt 2010-06-26 10:51
ComboFix3.txt 2010-05-07 14:35
ComboFix4.txt 2010-05-02 18:27

Pre-Run: 5 754 150 912 bytes free
Post-Run: 6 109 024 256 bytes free

- - End Of File - - D0873E05B334499170DFED28A8DB7111

#18 Příspěvek od **motji** » 29 čer 2010 21:17

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000

Regnull::
[HKEY_USERS\S-1-5-21-2803272282-1147624186-4157288278-1005\Software\Microsoft\SystemCertificates\AddressBook*]
[HKEY_USERS\S-1-5-21-2803272282-1147624186-4157288278-1005\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{385A3904-A1D4-225C-B927-7FD7C1C76FA0}*]

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

marvolo · #19 Příspěvek od **marvolo** » 01 črc 2010 10:24

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Nechapem tu poslednu znamu funkcnu konfiguraciu.
A ak mozem co spravi toto?

Kód: Vybrat vše

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000

#20 Příspěvek od **motji** » 01 črc 2010 19:51

Prosím Vás přečtte si to ještě jednou.
Otevřete notepad a ten zelený text tam zkopírujete...

Poslední známou funkční konfiguraci amčkáte, jen když by pc nechtěl naběhnout.

marvolo · #21 Příspěvek od **marvolo** » 02 črc 2010 13:12

Nemam problem s navodom, len nemam dalsie PC aby som pisal potom ak by nahodou Win nenabehol. Restart Ok chapem a potom F8 cim sa dostanem do menu ktore vyuzivam ked chcem ist do SAFE MOD ale co tam mam v tom menu hladat?
+ Mohli by ste my vysvetlit ten prikaz co som sa pytal minule?

#22 Příspěvek od **motji** » 02 črc 2010 21:20

Když chcete jít do safe modu, máte na výběr právě i poslední známou funkční konfiguraci.

#23 Příspěvek od **motji** » 04 črc 2010 20:11

Jak to tu vypadá?

marvolo · #24 Příspěvek od **marvolo** » 05 črc 2010 16:04

Prepačte spomenul som si ešte na jeden problem a CF som este nespustil

Občas sa stáva, že sa sám zmenší Stránkovací súbor na nastavenú minimálnu hodnotu.
To sa stáva asi len raz za týždeň ale štve ma to, keď musím pred spustením FIFA meniť nastavenia.
Môžem Vás poprosiť o jednu vec? Váš kolega mi zrejme zablokoval funkciu Autorun jednoducho nevyhadzuje okná s automatickým spustením a rovnako aj nezapína hry z disku musim otvoriť disk a nájsť spúšťacie exe.
Mohli by ste napísať nejaký príkaz ktorý by opravil tie problémy? Ale aby sa dala veľkosť stránkovacieho súboru meniť normalne ako doteraz. A k tomu problemu s firawall je brana zapnutá alebo nie? Lebo bolo by super keby bola zapnutá a aby to nevyskakovalo ale všimol som si že to nerobí vždy

Idem si ešte pozrieť to menu cez F8 aby som potom (ak by boli problemy) nemusel bootovať 3 ročny Knopix z PC Revue

o 10 min neskôr
Uz som to nasiel. Sice este neviem na akom principe to funguje, ale viem ze take je.
Last Known Good Configuration (your mostrecent settings that worked)

Este som pozeral moznosti menu a nasiel som tam pri výbere OS okrem XP aj moznost Microsoft Windows Recovery Console Co to vlastne je?

Viem som otravny

#25 Příspěvek od **motji** » 05 črc 2010 18:54

Microsoft Windows Recovery Console Co to vlastne je?

To je konzole zotavení. Kdyby Vám někdy pc nenaběhl, dá se použít.

Až spustíte ten combofix se skriptem, ta opravíme ten autorun a ostatní..ted by nám ho combofix zase smazal

.

Nebojte se ten skript na combofix spustit

marvolo · #26 Příspěvek od **marvolo** » 06 črc 2010 17:07

Zmenilo to sice predvoleny prehliadac ale inak ziadne problemy

Log z ComboFix
ComboFix 10-07-05.03 - user 06.07.2010 17:41:58.5.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.255.87 [GMT 2:00]
Running from: c:\documents and settings\user\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\user\Desktop\CFScript.txt
AV: Eset NOD32 Antivirus 2.70 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
.

((((((((((((((((((((((((( Files Created from 2010-06-06 to 2010-07-06 )))))))))))))))))))))))))))))))
.

2010-07-04 11:01 . 2010-07-05 16:15 -------- d-----w- c:\program files\Passware
2010-07-03 13:07 . 2010-07-03 13:08 -------- d-----w- c:\program files\Opera
2010-07-01 10:59 . 2010-07-01 10:59 -------- d-----w- c:\program files\Hasbro
2010-06-28 11:24 . 2010-06-28 11:24 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\NokiaAccount
2010-06-28 11:06 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-06-28 11:05 . 2010-06-28 11:05 -------- d-----w- c:\program files\PC Connectivity Solution
2010-06-28 11:03 . 2010-06-28 11:03 12212040 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X86-ENU.exe
2010-06-28 11:03 . 2010-06-28 11:03 13930312 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMFDist11-WindowsXP-X64-ENU.exe
2010-06-28 11:03 . 2010-06-28 11:03 77824 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\Run_XML6_SP1.exe
2010-06-28 11:03 . 2010-06-28 11:03 50000 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\pcswpc.exe
2010-06-28 11:03 . 2010-06-28 11:03 38912 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx86.exe
2010-06-28 11:03 . 2010-06-28 11:03 38912 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer\CommonCustomActions\WMF11Runx64.exe
2010-06-28 11:02 . 2010-06-28 10:41 103404272 ----a-w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
2010-06-28 10:48 . 2010-06-28 11:39 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Nokia
2010-06-28 10:47 . 2010-06-28 14:31 -------- d-----w- c:\windows\Globalization
2010-06-28 10:45 . 2010-06-28 10:45 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaMusic
2010-06-28 10:42 . 2010-06-28 10:42 -------- d-----w- c:\documents and settings\All Users\Application Data\NokiaInstallerCache
2010-06-28 09:39 . 2010-02-26 12:32 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-06-28 09:38 . 2010-02-26 12:32 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-06-28 09:38 . 2010-02-26 12:32 22528 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-06-28 09:38 . 2010-02-26 12:32 662016 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-06-28 09:38 . 2010-02-26 12:32 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-06-28 09:38 . 2010-02-26 12:19 1461992 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2010-06-28 09:36 . 2010-06-28 09:29 36665824 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Nokia_PC_Suite_slk_web.exe
2010-06-28 09:36 . 2010-06-28 09:36 95232 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\pcswpcsi.exe
2010-06-28 09:36 . 2010-06-28 09:36 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\UninstPCSFEMsi.exe
2010-06-28 09:36 . 2010-06-28 09:36 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\UninstPCS.exe
2010-06-28 09:36 . 2010-06-28 09:36 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\UninstCCD.exe
2010-06-27 09:24 . 2010-06-27 10:49 -------- d-----w- c:\documents and settings\user\Application Data\DAEMON Tools Lite
2010-06-27 09:24 . 2010-06-27 09:24 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2010-06-26 10:59 . 2010-06-26 10:59 -------- d-----w- C:\_OTM
2010-06-17 12:56 . 2010-06-17 13:04 -------- d-----w- c:\documents and settings\user\Application Data\Hamachi
2010-06-17 12:55 . 2010-06-17 12:55 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-06-15 15:47 . 2010-06-18 13:27 -------- d-----w- c:\program files\Counter-Strike 1.6
2010-06-13 10:53 . 2010-06-13 10:56 -------- d-----w- c:\documents and settings\user\Application Data\ManyCam
2010-06-13 10:53 . 2010-06-24 13:44 -------- d-----w- c:\program files\ManyCam 2.4
2010-06-11 12:20 . 2010-06-11 12:21 -------- d-----w- c:\program files\vbNFSMWMegaTrainer
2010-06-07 17:48 . 2010-06-07 17:48 -------- d-----w- c:\windows\system32\wbem\Repository
2010-06-07 17:24 . 2010-06-07 17:24 -------- d-----w- c:\program files\Kerio

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-06 15:11 . 2006-12-24 18:19 -------- d-----w- c:\program files\Lx_cats
2010-07-06 15:02 . 2007-04-30 16:39 -------- d-----w- c:\documents and settings\user\Application Data\Skype
2010-07-05 17:12 . 2006-07-31 23:06 93744 ----a-w- c:\documents and settings\user\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-05 16:20 . 2009-10-05 18:27 -------- d-----w- c:\program files\Nokia
2010-07-05 16:19 . 2007-11-23 14:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2010-06-30 15:30 . 2010-04-16 13:21 -------- d-----w- c:\documents and settings\user\Application Data\ICQ
2010-06-30 15:20 . 2010-04-16 13:21 -------- d-----w- c:\program files\ICQ7.1
2010-06-29 16:40 . 2007-11-23 14:15 -------- d-----w- c:\documents and settings\user\Application Data\Nokia
2010-06-28 10:15 . 2010-06-28 10:15 0 ---ha-w- c:\windows\system32\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2010-06-28 10:15 . 2010-06-28 10:15 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_user_01_09_00.Wdf
2010-06-28 10:13 . 2007-11-23 14:15 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2010-06-28 10:13 . 2010-06-28 10:13 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-06-28 10:13 . 2010-06-28 10:13 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-06-28 09:40 . 2007-11-23 14:14 -------- d-----w- c:\program files\DIFX
2010-06-27 11:30 . 2009-12-27 11:50 2656 ----a-w- c:\documents and settings\user\Local Settings\Application Data\config.dat
2010-06-24 13:42 . 2006-08-09 18:18 -------- d-----w- c:\program files\EA GAMES
2010-06-24 13:42 . 2006-07-28 19:27 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-13 09:55 . 2010-05-14 15:05 138968 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-13 09:54 . 2010-05-14 15:04 214592 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-13 09:21 . 2007-04-24 12:38 -------- d-----w- c:\program files\Google
2010-06-12 14:44 . 2006-08-09 16:10 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-11 12:20 . 2009-11-16 18:44 249856 ------w- c:\windows\Setup1.exe
2010-06-11 12:20 . 2009-11-16 18:44 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-06-09 15:35 . 2008-03-03 10:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-06-07 17:44 . 2010-06-07 17:26 3219 ----a-w- c:\windows\system32\drivers\kwfupper.log
2010-06-07 17:25 . 2010-06-07 17:25 5255 ----a-w- c:\windows\system32\drivers\kwflower.log
2010-06-05 20:49 . 2008-08-03 13:53 -------- d-----w- c:\documents and settings\user\Application Data\Thinstall
2010-06-05 08:36 . 2010-06-05 08:35 -------- d-----w- c:\documents and settings\user\Application Data\Stella
2010-06-05 08:23 . 2008-05-20 14:07 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-29 08:34 . 2010-05-14 15:04 139152 ----a-w- c:\documents and settings\user\Application Data\PnkBstrK.sys
2010-05-29 08:34 . 2010-05-14 15:04 139152 ----a-w- c:\documents and settings\user\Application Data\PnkBstrK.sys
2010-05-29 08:33 . 2010-05-29 08:33 794408 ----a-w- c:\windows\system32\pbsvc.exe
2010-05-29 08:33 . 2006-08-09 15:22 -------- d-----w- c:\program files\EA SPORTS
2010-05-20 17:15 . 2009-05-04 17:22 -------- d-----w- c:\documents and settings\user\Application Data\Any Video Converter Professional
2010-05-19 16:34 . 2010-01-30 14:28 -------- d-----w- c:\program files\Lexmark 3300 Series
2010-05-19 16:26 . 2010-05-19 16:25 -------- d-----w- c:\program files\Lexmark Fax Solutions
2010-05-17 18:58 . 2010-05-17 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-05-17 18:57 . 2010-05-17 18:57 -------- d-----w- c:\program files\NVIDIA Corporation
2010-05-15 16:42 . 2009-01-04 17:18 -------- d-----w- c:\documents and settings\user\Application Data\dvdcss
2010-05-14 15:04 . 2009-07-05 16:49 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-05-14 15:04 . 2010-05-14 15:04 2427248 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2010-05-09 14:34 . 2009-07-06 16:44 -------- d-----w- c:\documents and settings\user\Application Data\vlc
2010-05-02 05:22 . 2004-08-04 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30 . 2004-08-04 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-14 08:26 . 2010-04-14 08:26 1837296 ----a-w- c:\windows\system32\WUDFUpdate_01009.dll
2010-04-10 17:08 . 2006-08-04 00:19 12134 ----a-w- c:\documents and settings\user\Application Data\wklnhst.dat
2008-03-05 17:22 . 2008-03-05 17:22 0 -c--a-w- c:\program files\temp01
2007-10-19 17:33 . 2007-10-19 17:33 2686551 ----a-w- c:\program files\PNTSE.exe
2007-08-20 11:12 . 2007-08-20 11:12 15505200 ----a-w- c:\program files\IE7-WindowsXP-x86-enu.exe
.

((((((((((((((((((((((((((((( SnapShot_2010-06-29_17.15.51 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-07-06 07:26 . 2010-07-06 07:26 16384 c:\windows\temp\Perflib_Perfdata_bc.dat
+ 2010-07-03 13:08 . 2010-07-03 13:08 2648064 c:\windows\Installer\fa6a66.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-08-17 949376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"LXCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-07-20 73728]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-02 18:05 40368 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
2005-07-12 09:36 299008 ----a-w- c:\program files\Lexmark Fax Solutions\fm3032.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxccmon.exe]
2005-07-21 00:16 192512 ----a-w- c:\program files\Lexmark 3300 Series\LXCCmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2010-04-03 17:23 110696 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shockwave Updater]
2010-01-18 07:23 459032 ----a-w- c:\windows\system32\Adobe\Shockwave 11\SwHelper_1156606.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\Program Files\\Ubisoft\\Crytek\\Far Cry\\Bin32\\FarCry.exe"=
"c:\\Documents and Settings\\user\\Desktop\\marvolo\\Mobil\\Hry\\instal java\\Uploader.exe"=
"c:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.ICD"=
"c:\\Documents and Settings\\user\\Local Settings\\Application Data\\AntikVirtualSTB\\AntikVirtualSTB.exe"=
"c:\\Games\\Paintball2\\paintball2.exe"=
"c:\\Program Files\\ICQ7.1\\ICQ.exe"=
"c:\\Program Files\\ICQ7.1\\aolload.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\speed2.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\EA SPORTS\\FIFA Online\\NFE.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hlds.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31.7.2008 20:45 20616]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [30.4.2010 18:44 64288]
R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [17.8.2007 20:04 15424]
R2 acedrv11;acedrv11;c:\windows\system32\drivers\ACEDRV11.sys [23.1.2008 10:19 501560]
S3 A368;A368 Filter;c:\windows\system32\drivers\A368.sys [24.12.2006 21:58 28864]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 14:58 26248]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam.sys --> c:\windows\system32\DRIVERS\ManyCam.sys [?]
S3 SetupNTGLM7X;SetupNTGLM7X; [x]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-07-06 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36]

2010-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 17:41]

2010-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-13 17:41]

2009-09-12 c:\windows\Tasks\NeroLiveEpgUpdate-YOUR-C8536FD031_user.job
- c:\program files\Nero\Nero 9\Nero Live\NeroLive.exe [2008-09-18 12:51]

2010-07-06 c:\windows\Tasks\User_Feed_Synchronization-{C6C29FDB-6BC2-4ACF-BACC-00C0D686AF8B}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 01:01]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.zoznam.sk/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.winamp.com/plugins
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Application Data\LangSoft\WebIE.dll
LSP: c:\windows\system32\imon.dll
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/update ... 0.53.0.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-06 17:56
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
LXCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2803272282-1147624186-4157288278-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(788)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll

- - - - - - - > 'explorer.exe'(2740)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-07-06 18:04:23
ComboFix-quarantined-files.txt 2010-07-06 16:04
ComboFix2.txt 2010-06-29 17:24
ComboFix3.txt 2010-06-26 10:51
ComboFix4.txt 2010-05-07 14:35
ComboFix5.txt 2010-07-06 15:38

Pre-Run: 11 285 254 144 bytes free
Post-Run: 29 adresárov, 11 283 660 800 voľných bajtov

- - End Of File - - BCC1FFC3E230A96F7E1E8FCE7A415755

#27 Příspěvek od **motji** » 06 črc 2010 17:34

Dejte soubor otestovat na http://www.virustotal.com

c:\program files\PNTSE.exe
c:\windows\system32\drivers\pccsmcfd.sys
c:\windows\system32\wdfcoinstaller01009.dll
c:\documents and settings\All Users\Application Data\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\pcswpcsi.exe

-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
-pokud se Vás zeptá, dejte soubor otestovat znovu, tak aby to byl soubor z Vašeho počítače

marvolo · #28 Příspěvek od **marvolo** » 06 črc 2010 17:56

c:\program files\PNTSE.exe
http://www.virustotal.com/analisis/43a7 ... 1278434625

c:\windows\system32\drivers\pccsmcfd.sys
eSafe ma nepotesil
http://www.virustotal.com/analisis/dece ... 1278434807

c:\windows\system32\wdfcoinstaller01009.dll
http://www.virustotal.com/analisis/7a6b ... 1278434976

c:\documents and settings\All Users\Application Data\Installations\{18756A46-652E-4ED4-A029-C4940D59F09B}\Installer\CommonCustomActions\pcswpcsi.exe
http://www.virustotal.com/analisis/3721 ... 1278435161

#29 Příspěvek od **motji** » 06 črc 2010 19:04

E safe - falešná dtekce, je to ok.
Jak to vypadá s počítačem?

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

marvolo · #30 Příspěvek od **marvolo** » 07 črc 2010 11:17

Najprv napisem co s PC. Vsetko vyzera byt v pohode (uz neblika screen, Firewall nestrajkuje, Strankovaci subor vyzera byt OK) ale Autorun negunguje (skusal som kluc DVD CD a nic)
Mozno ze nie je vsetko vporiadku lebo nie vsetko som skusal (to chce cas kym sa nieco objavi) ale tie veci co robili problem su opravene no az na Autorun.
POMOHOL BY TENTO PROGRAM???
http://www.softpedia.com/get/Tweak/Syst ... zard.shtml

LOG z RSIT
Logfile of random's system information tool 1.07 (written by random/random)
Run by user at 2010-07-07 12:10:26
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 16 GB (21%) free of 79 GB
Total RAM: 255 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:10:45, on 7.7.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Eset\nod32kui.exe
C:\Documents and Settings\user\Desktop\RSIT.exe
C:\Program Files\trend micro\user.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zoznam.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.winamp.com/plugins
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/stati ... 0.53.0.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://activex.webcam.nl/AxisCamControl.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate1c98e025a80f790) (gupdate1c98e025a80f790) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LiveUpdate - Lavasoft AB - (no file)
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 11429 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\NeroLiveEpgUpdate-YOUR-C8536FD031_user.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C6C29FDB-6BC2-4ACF-BACC-00C0D686AF8B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-04-02 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-07-15 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2009-01-10 520192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-21 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-21 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-21 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll [2009-01-10 520192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2007-08-17 949376]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-04-03 13670504]
"LXCCCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2010-04-02 40368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]
C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2005-07-12 299008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxccmon.exe]
C:\Program Files\Lexmark 3300 Series\lxccmon.exe [2005-07-21 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2010-04-03 110696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shockwave Updater]
C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1156606.exe [2010-01-18 459032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Disabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe"="C:\Program Files\Ubisoft\Crytek\Far Cry\Bin32\FarCry.exe:*:Disabled:Far Cry"
"C:\Documents and Settings\user\Desktop\marvolo\Mobil\Hry\instal java\Uploader.exe"="C:\Documents and Settings\user\Desktop\marvolo\Mobil\Hry\instal java\Uploader.exe:*:Enabled:Uploader"
"C:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.ICD"="C:\Program Files\Microsoft Games\Age of Empires II\EMPIRES2.ICD:*:Disabled:Age of Empires II"
"C:\Documents and Settings\user\Local Settings\Application Data\AntikVirtualSTB\AntikVirtualSTB.exe"="C:\Documents and Settings\user\Local Settings\Application Data\AntikVirtualSTB\AntikVirtualSTB.exe:*:Enabled:AntikVirtualSTB"
"C:\Games\Paintball2\paintball2.exe"="C:\Games\Paintball2\paintball2.exe:*:Enabled:paintball2"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe"="C:\Program Files\EA GAMES\Need for Speed Underground 2\speed2.exe:*:Disabled:speed2"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\EA SPORTS\FIFA Online\NFE.exe"="C:\Program Files\EA SPORTS\FIFA Online\NFE.exe:*:Enabled:EA SPORTS™ FIFA Online"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Counter-Strike 1.6\hlds.exe"="C:\Program Files\Counter-Strike 1.6\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.1\aolload.exe"="C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe"

======File associations======

.js - edit -

======List of files/folders created in the last 1 months======

2010-07-07 12:10:28 ----D---- C:\Program Files\trend micro
2010-07-07 12:10:26 ----D---- C:\rsit
2010-07-07 11:33:15 ----SHD---- C:\RECYCLER
2010-07-05 18:17:43 ----D---- C:\Config.Msi
2010-07-04 13:01:59 ----D---- C:\Program Files\Passware
2010-07-03 15:07:41 ----D---- C:\Program Files\Opera
2010-07-01 12:59:17 ----D---- C:\Program Files\Hasbro
2010-06-28 13:05:50 ----D---- C:\Program Files\PC Connectivity Solution
2010-06-28 12:47:37 ----D---- C:\WINDOWS\Globalization
2010-06-28 12:45:32 ----D---- C:\Documents and Settings\All Users\Application Data\NokiaMusic
2010-06-28 12:42:41 ----D---- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
2010-06-28 12:14:49 ----HDC---- C:\WINDOWS\$NtUninstallWudf01009$
2010-06-28 12:12:51 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2010-06-28 11:38:51 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-06-28 11:38:51 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-06-27 11:24:40 ----D---- C:\Documents and Settings\user\Application Data\DAEMON Tools Lite
2010-06-27 11:24:35 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2010-06-17 14:56:42 ----D---- C:\Documents and Settings\user\Application Data\Hamachi
2010-06-15 17:47:30 ----D---- C:\Program Files\Counter-Strike 1.6
2010-06-13 12:53:59 ----D---- C:\Documents and Settings\user\Application Data\ManyCam
2010-06-13 12:53:56 ----D---- C:\Program Files\ManyCam 2.4
2010-06-11 14:20:43 ----D---- C:\Program Files\vbNFSMWMegaTrainer

======List of files/folders modified in the last 1 months======

2010-07-07 12:10:28 ----D---- C:\Program Files
2010-07-07 12:10:13 ----D---- C:\WINDOWS\Prefetch
2010-07-07 12:09:25 ----D---- C:\WINDOWS\temp
2010-07-07 11:59:22 ----D---- C:\WINDOWS
2010-07-07 11:58:18 ----D---- C:\WINDOWS\system32\LogFiles
2010-07-07 11:57:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-07 11:54:35 ----D---- C:\WINDOWS\system32
2010-07-07 11:37:37 ----D---- C:\Program Files\CCleaner
2010-07-07 11:27:53 ----SHD---- C:\System Volume Information
2010-07-07 11:27:53 ----D---- C:\WINDOWS\system32\Restore
2010-07-06 17:56:08 ----A---- C:\WINDOWS\system.ini
2010-07-06 17:50:06 ----D---- C:\WINDOWS\system32\drivers
2010-07-06 17:50:06 ----D---- C:\WINDOWS\AppPatch
2010-07-06 17:50:03 ----D---- C:\Program Files\Common Files
2010-07-06 17:41:19 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-06 17:11:48 ----D---- C:\Program Files\Lx_cats
2010-07-06 17:02:11 ----D---- C:\Documents and Settings\user\Application Data\Skype
2010-07-05 18:21:03 ----RSD---- C:\WINDOWS\Fonts
2010-07-05 18:20:33 ----D---- C:\Program Files\Nokia
2010-07-05 18:20:24 ----SHD---- C:\WINDOWS\Installer
2010-07-05 18:19:14 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2010-07-05 18:18:40 ----HD---- C:\WINDOWS\inf
2010-07-05 18:17:52 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-04 16:06:53 ----A---- C:\WINDOWS\WINCMD.INI
2010-07-04 16:02:16 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-07-03 15:50:56 ----D---- C:\Program Files\Mozilla Firefox
2010-07-03 15:50:37 ----D---- C:\Documents and Settings\user\Application Data\Mozilla
2010-06-30 17:30:19 ----D---- C:\Documents and Settings\user\Application Data\ICQ
2010-06-30 17:20:40 ----D---- C:\Program Files\ICQ7.1
2010-06-29 18:40:39 ----D---- C:\Documents and Settings\user\Application Data\Nokia
2010-06-28 16:32:18 ----RSD---- C:\WINDOWS\assembly
2010-06-28 13:04:42 ----D---- C:\WINDOWS\WinSxS
2010-06-28 12:49:09 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-28 12:14:37 ----D---- C:\WINDOWS\system32\CatRoot
2010-06-28 12:13:40 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2010-06-28 11:40:22 ----D---- C:\Program Files\DIFX
2010-06-24 16:25:19 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-24 15:42:34 ----D---- C:\Program Files\EA GAMES
2010-06-24 15:42:26 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-21 16:41:42 ----D---- C:\WINDOWS\system32\DirectX
2010-06-20 13:03:07 ----D---- C:\WINDOWS\Debug
2010-06-20 12:59:30 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-06-17 14:54:18 ----D---- C:\Temp
2010-06-16 17:04:47 ----SD---- C:\WINDOWS\Tasks
2010-06-16 13:28:51 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-06-13 12:55:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-13 11:54:56 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-06-13 11:21:50 ----D---- C:\Program Files\Google
2010-06-12 16:44:41 ----D---- C:\Program Files\Common Files\Adobe
2010-06-11 14:20:21 ----N---- C:\WINDOWS\Setup1.exe
2010-06-11 14:20:18 ----A---- C:\WINDOWS\ST6UNST.EXE
2010-06-09 17:35:46 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-09 17:35:10 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 asuskbnt;Enhanced Display Driver Helper Service; C:\WINDOWS\system32\drivers\atkkbnt.sys [2004-07-20 20096]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 nod32drv;nod32drv; C:\WINDOWS\system32\drivers\nod32drv.sys [2007-08-17 15424]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2006-12-23 80768]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-10-03 5632]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 acedrv11;acedrv11; \??\C:\WINDOWS\system32\drivers\acedrv11.sys []
R2 AMON;AMON; C:\WINDOWS\system32\drivers\amon.sys [2007-08-17 512096]
R2 EIO;EIO; \??\C:\WINDOWS\system32\drivers\EIO.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-11-22 3804416]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2004-09-29 1036928]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2004-09-29 219136]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-04-04 10232128]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 SISNIC;SiS PCI Fast Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\sisnic.sys [2002-07-10 32256]
R3 SQTECH905C;DualCamera; C:\WINDOWS\System32\Drivers\Capt905c.sys [2006-01-26 34686]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2004-09-29 702592]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S3 A368;A368 Filter; C:\WINDOWS\system32\DRIVERS\A368.sys [2006-08-21 28864]
S3 Ad-Watch Connect Filter;Ad-Watch Connect Kernel Filter; \??\C:\WINDOWS\system32\drivers\NSDriver.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-09 36496]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GMSIPCI;GMSIPCI; C:\WINDOWS\system32\drivers\GMSIPCI.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-06-17 25280]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 NTACCESS;NTACCESS; C:\WINDOWS\system32\drivers\NTACCESS.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SetupNTGLM7X;SetupNTGLM7X; C:\WINDOWS\system32\drivers\SetupNTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ATKKeyboardService;ATK Keyboard Service; C:\WINDOWS\ATKKBService.exe [2004-07-20 90112]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-21 152984]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2007-08-17 552064]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-04-03 154216]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-05-14 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-06-13 214592]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-06-10 603904]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate1c98e025a80f790;Služba Google Update (gupdate1c98e025a80f790); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-13 133104]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-11-21 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-20 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-09-24 1169232]
S3 lxcc_device;lxcc_device; C:\WINDOWS\system32\lxcccoms.exe [2005-07-06 466944]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-06-10 360192]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Este to vyhodilo aj info, ale to asi nie je treba.
Dufam ze teraz to vyzera lepsie ako na zaciatku

VIRY.CZ

Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC

Re: Haved zrejme niekomu zasiela informacie z PC