Adobe reader

[jarko]

Zdravím Vás, mrzí ma to ale tie 2 subory čo mám dať otestovať nemôžem nájsť.V prvom sa dostanem len po:system32, a vtom druhom po :Hanka, ten súbor mmf.sys tam nie je. Dal som si záležať ale neviem ako ďalej.

[jarko]

0 bytes size received / Se ha recibido un archivo vacio
Ten ďalší som skopíroval ale ho nenašlo.

[motji]

To 0 recivio .. platí pro tento soubor?
c:\windows\system32\mmf.sys

[jarko]

ComboFix 10-08-04.01 - Hanka 04.08.2010 20:09:19.2.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1023.589 [GMT 2:00]
Running from: c:\documents and settings\Hanka\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Hanka\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100804-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Kerio Personal Firewall *enabled* {333BECA0-DED8-4139-A516-8D9E44E22669}

FILE ::
"d:\fxdrv.sys"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_FXDRV
-------\Service_FXDRV


((((((((((((((((((((((((( Files Created from 2010-07-04 to 2010-08-04 )))))))))))))))))))))))))))))))
.

2010-08-03 21:31 . 2010-08-03 21:32 3749567 ----a-r- C:\ComboFix.exe
2010-08-03 08:57 . 2010-08-03 08:58 -------- d-----w- c:\program files\trend micro
2010-08-03 08:57 . 2010-08-03 09:16 -------- d-----w- C:\rsit
2010-08-01 17:31 . 2010-08-01 17:31 -------- d-----w- c:\documents and settings\Hanka\Moje dokumenty
2010-07-21 11:55 . 2010-08-04 18:21 237184 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-03 21:26 . 2010-05-25 06:26 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-08-03 20:44 . 2010-03-15 15:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-03 20:39 . 2004-11-12 08:19 48856 ----a-w- c:\documents and settings\Hanka\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-01 17:33 . 2006-06-02 07:30 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-23 15:22 . 2010-07-29 04:38 1496064 ----a-w- c:\documents and settings\Hanka\Application Data\Mozilla\Firefox\Profiles\cgkboggk.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-07-23 15:22 . 2010-07-29 04:38 43008 ----a-w- c:\documents and settings\Hanka\Application Data\Mozilla\Firefox\Profiles\cgkboggk.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-07-23 15:22 . 2010-07-29 04:38 338944 ----a-w- c:\documents and settings\Hanka\Application Data\Mozilla\Firefox\Profiles\cgkboggk.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-07-23 15:22 . 2010-07-29 04:38 346112 ----a-w- c:\documents and settings\Hanka\Application Data\Mozilla\Firefox\Profiles\cgkboggk.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-07-23 10:30 . 2005-12-03 23:30 -------- d-----w- c:\documents and settings\Hanka\Application Data\Skype
2010-07-23 10:17 . 2008-02-25 14:31 -------- d-----w- c:\documents and settings\Hanka\Application Data\skypePM
2010-07-01 11:11 . 2007-09-29 10:45 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-07-01 08:40 . 2010-07-01 07:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Soluto
2010-07-01 08:21 . 2009-02-15 07:19 5112 ----a-w- c:\windows\GPCIDrv.sys
2010-07-01 08:21 . 2008-05-14 19:42 17962 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2010-07-01 08:14 . 2010-07-01 08:14 -------- d-----w- c:\program files\Soluto
2010-07-01 08:11 . 2010-07-01 08:11 -------- d-----w- c:\program files\MSBuild
2010-07-01 07:15 . 2010-07-01 07:56 926568 ----a-w- c:\documents and settings\All Users\Application Data\Soluto\Installer\SolutoInstaller.exe
2010-06-28 07:05 . 2010-07-01 08:14 179656 ----a-w- c:\windows\system32\drivers\PCGenFAM.sys
2010-06-23 07:20 . 2010-06-23 07:20 501936 ----a-w- c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtbA.tmp.exe
2010-04-23 17:46 . 2006-07-08 14:56 4270 ----a-w- c:\program files\Rekorde.dsv
2010-04-23 17:46 . 2006-07-08 14:52 3581 ----a-w- c:\program files\Config119.dsv
2010-04-23 17:27 . 2006-07-08 14:54 4709 ----a-w- c:\program files\TEAMs.dsv
2010-01-31 07:34 . 2010-01-31 07:24 280651484 ----a-w- c:\program files\cs16full.rar
2010-01-31 07:26 . 2010-01-31 07:25 13895018 ----a-w- c:\program files\fy2.rar
2010-01-31 07:26 . 2010-01-31 07:25 3750445 ----a-w- c:\program files\awp.rar
2010-01-31 07:25 . 2010-01-31 07:25 1438018 ----a-w- c:\program files\fy.rar
2010-01-31 07:25 . 2010-01-31 07:25 4424343 ----a-w- c:\program files\aim.rar
2010-01-30 21:36 . 2010-01-30 17:05 397857244 ----a-w- c:\program files\steaminstall_cs.exe
2009-02-06 20:28 . 2006-11-21 20:03 569344 ----a-w- c:\program files\AutoRun.exe
2008-08-31 16:30 . 2008-03-23 20:18 32 ------w- c:\program files\Default.fil
2008-04-18 15:59 . 2008-04-18 16:00 774144 ------w- c:\program files\RngInterstitial.dll
2008-04-08 11:55 . 2008-04-04 14:08 169720 ------w- c:\program files\replay.rp3
2008-04-04 14:08 . 2008-04-04 14:08 24042 ------w- c:\program files\ghost.gst
2008-04-04 14:02 . 2008-04-04 14:02 579 ------w- c:\program files\install.win
2006-11-21 20:15 . 2006-08-15 09:24 5632 ------w- c:\program files\Thumbs.db
2006-10-25 13:17 . 2006-11-21 20:03 528384 ------w- c:\program files\AutoRunGUI.dll
2006-10-25 13:17 . 2006-11-21 20:03 258 ------w- c:\program files\dat.bin
2006-10-25 13:17 . 2006-11-21 20:03 253952 ------w- c:\program files\eauninstall.exe
2005-09-15 09:28 . 2005-09-15 09:28 3584 ------w- c:\program files\1033.MST
2005-01-24 18:51 . 2005-01-24 18:51 63696 ------w- c:\program files\slovencina.xml
2004-12-30 21:27 . 2008-09-25 15:37 14648 ------w- c:\program files\rg.nfo
2004-06-30 11:20 . 2006-05-08 15:28 160768 ------w- c:\program files\fmod.dll
2003-12-21 05:44 . 2003-12-21 05:42 696 ------w- c:\program files\index.html
2003-07-22 20:28 . 2003-07-22 20:28 5 ------w- c:\program files\DISK1.ID
2003-07-22 20:27 . 2003-07-22 20:27 206906 ------w- c:\program files\_SETUP.LIB
2002-10-10 19:32 . 2002-10-10 19:32 542368 ------w- c:\program files\QuickTimeInstaller.exe
2002-10-10 19:26 . 2002-10-10 19:26 10570062 ------w- c:\program files\QuickTimeInstallCache.qdat
2002-06-04 08:59 . 2002-06-04 08:59 204800 ------w- c:\program files\Restoration.exe
1998-09-24 07:48 . 2008-01-03 14:21 925 ------w- c:\program files\BENCH.EPD
1998-08-11 11:15 . 2008-01-03 14:21 3121 ------w- c:\program files\BS75
1998-02-24 14:26 . 2008-01-03 14:21 1339 ------w- c:\program files\BS50
1997-10-03 10:52 . 2008-01-03 14:21 3408 ------w- c:\program files\TSR.EXE
1997-07-14 19:22 . 2008-03-23 20:16 66382 ------w- c:\program files\H_SIGNS.PIC
1997-07-08 10:10 . 2008-03-23 20:16 106318 ------w- c:\program files\N_SYSGFX.PIC
1997-07-05 20:01 . 2008-03-23 20:16 89028 ------w- c:\program files\POKAL.PIC
1997-07-04 19:58 . 2008-03-23 20:16 62363 ------w- c:\program files\N_PANGFX.PIC
1997-07-03 14:08 . 2008-03-23 20:16 82766 ------w- c:\program files\H_PAN2.PIC
1997-07-01 15:01 . 2008-03-23 20:16 17943 ------w- c:\program files\S_PANGFX.PIC
1997-05-31 23:45 . 2008-03-23 20:16 39642 ------w- c:\program files\FLAGGOR.PIC
1997-05-23 13:16 . 2008-03-23 20:16 776 ------w- c:\program files\SYS.COL
1997-05-23 10:21 . 2008-03-23 20:16 13390 ------w- c:\program files\N_SIGNS.PIC
1997-05-23 10:17 . 2008-03-23 20:16 3982 ------w- c:\program files\S_SIGNS.PIC
1997-05-23 10:10 . 2008-03-23 20:16 42470 ------w- c:\program files\N_SYSG_2.PIC
1997-05-07 10:31 . 2008-03-23 20:16 66382 ------w- c:\program files\H_PAN1.PIC
1997-04-24 16:26 . 2008-03-23 20:16 37720 ------w- c:\program files\MENUBKG.DAT
1996-10-03 10:19 . 1996-10-03 10:19 65999 ------w- c:\program files\SETUP.INS
1996-07-24 03:00 . 1996-07-24 03:00 316789 ------w- c:\program files\_INST32I.EX_
1996-04-29 07:25 . 1996-04-29 07:25 5984 ------w- c:\program files\_SETUP.DLL
1995-09-07 19:22 . 1995-09-07 19:22 8192 ------w- c:\program files\_ISDEL.EXE
1993-12-16 08:11 . 2008-01-03 14:21 4647 ------w- c:\program files\BOOK.TRX
1993-11-16 08:56 . 2008-01-03 14:21 1048 ------w- c:\program files\FRAGILE
2008-10-11 18:26 . 2008-10-11 18:24 24 --sh--w- c:\windows\SE632CF17.tmp
2004-11-14 08:33 . 2004-11-14 08:33 593 --sha-w- c:\windows\system32\mmf.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2003-03-31 59392]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Ponuka ćtart\Programy\Pri spustenˇ\
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2005-3-8 184320]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^All Users^start menu^programs^startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\All Users\start menu\programs\startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
2006-10-17 01:20 398944 ------w- c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-09-26 15:57 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 ------w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2006-01-30 19:13 35328 ------w- c:\program files\Winamp\winampa.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Soluto\\Soluto.exe"=
"c:\\Program Files\\Soluto\\SolutoService.exe"=
"c:\\Program Files\\Soluto\\SolutoConsole.exe"=
"c:\\Program Files\\Soluto\\SolutoUpdateService.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 PCGenFAM;PCGenFAM;c:\windows\system32\drivers\PCGenFAM.sys [1.7.2010 10:14 179656]
R0 VOBID;VOBID;c:\windows\system32\drivers\vobid.sys [1.8.2003 15:47 29239]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6.8.2008 13:45 114768]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.9.2005 11:05 286720]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26.9.2005 11:05 81920]
R1 SSHDRV82;SSHDRV82;c:\windows\system32\drivers\SSHDRV82.sys [25.12.2006 12:12 76288]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [22.2.2007 22:30 51072]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6.8.2008 13:45 20560]
R2 LicCtrlService;LicCtrl Service;rundll32.exe c:\windows\mmfs.dll,Service --> rundll32.exe c:\windows\mmfs.dll,Service [?]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [28.6.2010 14:14 339520]
R3 PAC207;VideoCAM GE111;c:\windows\system32\drivers\PFC027.sys [8.4.2005 10:46 162176]
S3 GPCIDrv;GPCIDrv;c:\windows\GPCIDrv.sys [15.2.2009 9:19 5112]
S3 gupdate1c9869f5644a592;Google Update Service (gupdate1c9869f5644a592);c:\program files\Google\Update\GoogleUpdate.exe [4.2.2009 10:05 133104]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [14.5.2008 21:42 17962]
S3 SER120;OTI Serial port driver;c:\windows\system32\drivers\ser120.sys [4.8.2005 23:52 32782]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.1.2007 20:39 639224]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-07-18 15:53 451872 ------w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-08-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-27 17:13]

2010-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 08:04]

2010-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 08:04]

2010-08-04 c:\windows\Tasks\User_Feed_Synchronization-{627239F6-56A3-4121-ADB1-B8C10B573123}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.tipos.sk/Default.aspx?CatID=38
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Settings,ProxyServer = proxy.telecom.sk:3128
uInternet Settings,ProxyOverride = 127.0.0.1; *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} -
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} -
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Hanka\Application Data\Mozilla\Firefox\Profiles\cgkboggk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://zoznam.sk
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\Hanka\Application Data\Mozilla\Firefox\Profiles\cgkboggk.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-04 20:22
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1202660629-1500820517-1801674531-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1202660629-1500820517-1801674531-1004\Software\SecuROM\License information*]
"datasecu"=hex:87,cf,e6,55,71,be,53,7b,bc,58,97,99,e4,e8,e1,64,99,58,fc,70,ca,
a7,f9,5a,0b,cd,b8,cb,3e,5c,8c,41,65,37,b7,48,8e,48,15,1a,c1,a4,d5,4a,41,98,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44

[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"Licence0"="REMOVED"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3796)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2010-08-04 20:32:06 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-04 18:31
ComboFix2.txt 2010-08-03 22:10

Pre-Run: 43 709 296 640 bytes free
Post-Run: 24 adresárov, 43 686 465 536 voľných bajtov

- - End Of File - - 3BE1B1F3ABD0967B2FF3D4FC5A3AB81B

[jarko]

Dobrý večer, áno je to ten súbor.

[jarko]

Dobrý večer, skúšal som otvoriť PDF dokumenty cez Internet explorer a normálne išli otvoriť bez problémov, ale keď dám Mozillu tak tam neotvorí: Napíše toto:C:\DOCUME~1\Hanka\LOCALS~1\Temp\einvoice.pl.pdf sa nedá uložiť, pretože nemáte právo meniť obsah cieľového priečinka.

Zmeňte vlastnosti priečinka a skúste to znova, alebo skúste uložiť dokument na iné miesto.
Rozmýšlam , či by nepomohlo preinštalovať Mozillu?

[motji]

Zkuste ji uplně odinstalovat , vyčistit registry CCleanerem a zase nainstalovat.


Dejte soubor otestovat na http://www.virustotal.com


c:\program files\AutoRun.exe

-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
-pokud se Vás zeptá, dejte soubor otestovat znovu, tak aby to byl soubor z Vašeho počítače

[jarko]

Dobré ráno , Mozillu som odinštaloval a potom som dal registry vyčistiť Ccleanerom, už mi to aj stiahlo PDF súbor ale ešte mi tam niečo napísalo ohladom popisu miesta spomenulo Temp atď... Posielam ten test: Soubor AutoRun.exe přijatý 2010.08.05 04:31:14 (UTC)
Současný stav: Čekejte ... Ve frontě Čekání Testování Dokončeno NENALEZENO ZASTAVENO
Výsledek: 1/42 (2.39%)
Načítám informace ze serveru...
Váš soubor čeká ve frontě na pozici: 1.
Odhadovaný čas začátku mezi 43 a 62 sekundami.
Nezavírejte toto okno dokud nebude test dokončen.
Právě testující program byl je zastaven, probíhá čekání na program.
Za chvíli bude proveden další pokus o otestování souboru.
Pokud budete čekat déle než-li pět minut odešlete Váš soubor znovu.
Váš soubor je nyní testován pomocí VirusTotal,
výsledky budou zobrazeny po dokončení.
Formátované Formátované
Vytisknout výsledky Vytisknout výsledky
Váš soubor není platný, nebo neexistuje.
Služba je pozastavena v tuto chvíli, váš soubor čeká na otestování (pozice: ) po nespecifikovanou dobu.

Nyní čekejte na odezvu webu (automatické obnovení), nebo napište email do pole a klikněte na "vyžádat" a systém Vám zašle email s výsledky až bude test hotov.
Email:

Antivirus Verze Poslední aktualizace Výsledek
AhnLab-V3 2010.08.05.00 2010.08.04 -
AntiVir 8.2.4.32 2010.08.04 -
Antiy-AVL 2.0.3.7 2010.08.03 Virus/Win32.Downloader.gen
Authentium 5.2.0.5 2010.08.05 -
Avast 4.8.1351.0 2010.08.04 -
Avast5 5.0.332.0 2010.08.04 -
AVG 9.0.0.851 2010.08.04 -
BitDefender 7.2 2010.08.05 -
CAT-QuickHeal 11.00 2010.08.05 -
ClamAV 0.96.0.3-git 2010.08.05 -
Comodo 5645 2010.08.04 -
DrWeb 5.0.2.03300 2010.08.05 -
Emsisoft 5.0.0.36 2010.08.05 -
eSafe 7.0.17.0 2010.08.04 -
eTrust-Vet 36.1.7767 2010.08.05 -
F-Prot 4.6.1.107 2010.08.05 -
F-Secure 9.0.15370.0 2010.08.05 -
Fortinet 4.1.143.0 2010.08.04 -
GData 21 2010.08.05 -
Ikarus T3.1.1.84.0 2010.08.05 -
Jiangmin 13.0.900 2010.08.03 -
Kaspersky 7.0.0.125 2010.08.05 -
McAfee 5.400.0.1158 2010.08.05 -
McAfee-GW-Edition 2010.1 2010.08.05 -
Microsoft 1.6004 2010.08.04 -
NOD32 5341 2010.08.04 -
Norman 6.05.11 2010.08.04 -
nProtect 2010-08-04.01 2010.08.04 -
Panda 10.0.2.7 2010.08.04 -
PCTools 7.0.3.5 2010.08.04 -
Prevx 3.0 2010.08.05 -
Rising 22.59.03.01 2010.08.05 -
Sophos 4.56.0 2010.08.05 -
Sunbelt 6687 2010.08.05 -
SUPERAntiSpyware 4.40.0.1006 2010.08.05 -
Symantec 20101.1.1.7 2010.08.05 -
TheHacker 6.5.2.1.332 2010.08.05 -
TrendMicro 9.120.0.1004 2010.08.05 -
TrendMicro-HouseCall 9.120.0.1004 2010.08.05 -
VBA32 3.12.12.8 2010.08.04 -
ViRobot 2010.8.4.3971 2010.08.05 -
VirusBuster 5.0.27.0 2010.08.04 -
Rozšiřující informace
File size: 569344 bytes
MD5...: ddc02b75f8d2aec3d1c7ea91f0997d27
SHA1..: b056b24ec55331f20218bb2d0b1a24ad19f54057
SHA256: e79b5d4665c9188c651c5b14e91ac6f0934edb08aedbea2ad7f4ce9f03884202
ssdeep: 3072:OwX8yGvhRD3PHqv3Mb5+LF+tgms80CT8UlSxslkx3dh0j1smqe3x9sd6JK7
eAXMI:nX83brPi45+yK0+3dEk2
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x991d
timedatestamp.....: 0x452e8213 (Thu Oct 12 17:57:39 2006)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x20294 0x21000 6.50 c0644ef7c245e07929be1029d07f6995
.rdata 0x22000 0x9746 0xa000 5.09 39bcbfb5f501076b2c283f3879828cd0
.data 0x2c000 0x53b4 0x2000 3.50 2dcac50082343810b2e721a566c30897
.rsrc 0x32000 0x5c410 0x5d000 4.32 60aea8781394f7594b21af949a893795

( 10 imports )
> EAInstall.dll: _EAINSTALL_getUserIEVersionString@@YA_NPAD@Z, _EAINSTALL_getUserIEVersion@@YA_NPAM@Z, _EAINSTALL_getOS@@YAXPAD@Z, _EAINSTALL_installGameSpy@@YA_NXZ, _EAINSTALL_isGameSpyInstallRequired@@YA_NXZ, __1CEARegistry@@QAE@XZ, _EAINSTALL_installEAD@@YA_NXZ, _EAINSTALL_launchEAD@@YA_NPAD@Z, _getValue@CEARegistry@@QAEHPBDPADPAK@Z, _openKey@CEARegistry@@QAEHPAUHKEY__@@PBD@Z, __0CEARegistry@@QAE@XZ, _EAINSTALL_isEADInstallRequired@@YA_NXZ, _EAINSTALL_isFlashInstallRequired@@YA_NXZ, _EAINSTALL_InstallFlashAndShockwave@@YA_NXZ, _EAINSTALL_isFlashInstallRequiredForOnlineOnly@@YA_NXZ, _EAINSTALL_getCDFlashVersion@@YA_NPAD@Z, _EAINSTALL_getMinimumFlashVersion@@YA_NPAD@Z, _EAINSTALL_getUserFlashVersion@@YA_NPAD@Z, _EAINSTALL_InstallCommonEASO@@YA_NXZ, _EAINSTALL_isCommonEASOInstallRequired@@YA_NXZ, _EAINSTALL_getLocalizedReadmeFilename@@YAXPAD@Z, _EAINSTALL_createDesktopItem@@YA_NXZ, _EAINSTALL_runGameInstallSpecificExe@@YAHXZ, _EAINSTALL_createStartMenuItems@@YA_NXZ, _EAINSTALL_getStartMenuLocation@@YA_NPAD@Z, _EAINSTALL_getUseSlideShow@@YA_NXZ, _EAINSTALL_copyCacheFiles@@YA_NHPAHPADPAM0_JPAPAX@Z, _EAINSTALL_getInstallSize@@YA_JH@Z, _EAINSTALL_createDirectory@@YA_NPAD@Z, _EAINSTALL_askUserElectronicRegistation@@YAHXZ, _EAINSTALL_getIsGameElectronicRegistered@@YA_NXZ, _EAINSTALL_setStandardGameRegistryItems@@YA_NXZ, _EAINSTALL_setStartMenuLocation@@YAXPAD@Z, _EAINSTALL_getIsValidEAStartMenuLocation@@YA_NPAD@Z, _EAINSTALL_getProductDivision@@YAXPAD@Z, _EAINSTALL_getIsSufficentSpace@@YA_NPAD_J@Z, _EAINSTALL_getGameCacheSize@@YA_JXZ, _EAINSTALL_setGameSwapSize@@YAX_J@Z, _EAINSTALL_getGameHasStreaming@@YA_NXZ, _EAINSTALL_setGameCacheLocation@@YAXPAD@Z, _EAINSTALL_getIsValidEAPath@@YA_AW4PathStatus@@PAD@Z, _EAINSTALL_getIsValidDrive@@YA_NPAD@Z, _EAINSTALL_getToolsEULADeclineContinue@@YA_NXZ, _EAINSTALL_getToolsEULAAgreement@@YA_NPAD@Z, _EAINSTALL_getDisplayToolsEULA@@YA_NXZ, _EAINSTALL_getMinimumIEVersion@@YA_NPAM@Z, _EAINSTALL_setInstallationCompleted@@YAX_N@Z, _EAINSTALL_getSwapSize@@YAHPA_J@Z, _EAINSTALL_getCacheFull@@YAHPA_J@Z, _EAINSTALL_getCacheSatisfactory@@YAHPA_J@Z, _EAINSTALL_getCacheMinimum@@YAHPA_J@Z, _EAINSTALL_rebootSystem@@YA_NXZ, _EAINSTALL_getIsRebootRequired@@YA_NXZ, _EAINSTALL_runOnceOnReboot@@YAHPAD00@Z, _EAINSTALL_setRestartedStatus@@YA_N_N@Z, _EAINSTALL_askForCDKey@@YA_NXZ, _EAINSTALL_getERegDisplayName@@YAXPAD@Z, _EAINSTALL_setERegDisplayName@@YAXPAD@Z, _EAINSTALL_getIsCDKeyValid@@YA_NXZ, _EAINSTALL_isAdministrator@@YA_NXZ, _EAINSTALL_runGame@@YAHPAD@Z, _EAINSTALL_getGameCacheLocation@@YAXPAD@Z, _EAINSTALL_requestStartupCD@@YAHXZ, _EAINSTALL_getUseSplashScreen@@YA_NXZ, _EAINSTALL_getLanguagePrefix@@YA_NPAD@Z, _EAINSTALL_requestSpecificCD@@YAHH@Z, _EAINSTALL_setLanguage@@YA_NH@Z, _EAINSTALL_getAvailableLanguages@@YAPA_NXZ, _EAINSTALL_autoSelectLanguage@@YA_NPAHPAD@Z, _EAINSTALL_getWasGamePreviouslyInstalled@@YA_NXZ, _EAINSTALL_getSuppressionExe@@YA_NPAD@Z, _EAINSTALL_isThisProgramRunning@@YA_NPADH@Z, _EAINSTALL_getInstallFromLocation@@YAXPAD@Z, _EAINSTALL_setDirectXInstalled@@YAX_N@Z, _EAINSTALL_getDirectXInstalled@@YA_NXZ, _EAINSTALL_getRestartedStatus@@YA_NPAD@Z, _EAINSTALL_setFriendlyProductName@@YA_NPAD@Z, _EAINSTALL_getFriendlyProductName@@YA_NPAD@Z, _EAINSTALL_getProductName@@YA_NPAD@Z, _EAINSTALL_readSettings@@YA_NXZ, _EAINSTALL_forceLanguage@@YA_NH@Z, _EAINSTALL_setProductName@@YA_NPAD@Z, _EAINSTALL_init@@YA_NPAD@Z, _EAINSTALL_SetScreenSaverState@@YAXH@Z, _EAINSTALL_exeToTempAndRestart@@YAXPAD00@Z, _EAINSTALL_setAfterCDRequest@@YAXP6GHH@Z@Z, _EAINSTALL_setBeforeCDRequest@@YAXP6GHH@Z@Z, _EAINSTALL_setMessageBox@@YAXP6GHPAUHWND__@@PBD1I@Z@Z, _EAINSTALL_setDebugMode@@YAX_N@Z, _EAINSTALL_setInstallerWindowHandle@@YAXPAUHWND__@@@Z, _EAINSTALL_installDirectX@@YA_NPA_N@Z, _EAINSTALL_getMinimumIEVersionString@@YA_NPAD@Z, _EAINSTALL_getCDIEVersion@@YA_NPAM@Z, _EAINSTALL_getCDIEVersionString@@YA_NPAD@Z, _EAINSTALL_isDemo@@YA_NXZ, _EAINSTALL_getIsIEInstallerPresent@@YA_NXZ, _EAINSTALL_removeRunOnceOnReboot@@YA_NH@Z, _EAINSTALL_isIEInstallRequiredForOnlineOnly@@YA_NXZ, _EAINSTALL_InstallIE@@YA_NXZ, _EAINSTALL_InstallIE55Patch@@YA_NXZ, _EAINSTALL_isIEInstallRequired@@YA_NXZ, _EAINSTALL_getDebugMode@@YA_NXZ, _DebugMessageBox@@YGHPAUHWND__@@PBD1I@Z, _EAINSTALL_getMinimumDirectXVersionString@@YA_NPAD@Z, _EAINSTALL_getMinimumDirectXVersion@@YA_NPAM@Z, _EAINSTALL_getCDDirectXVersion@@YA_NPAM@Z, _EAINSTALL_getUserDirectXVersion@@YA_NPAM@Z, _EAINSTALL_isDirectXInstallRequired@@YA_NXZ, _EAINSTALL_getIsDirectXInstallerPresent@@YA_NXZ, _EAINSTALL_getCurrentlySelectedLanguage@@YAHPAD@Z, _EAINSTALL_getDirectXLicenseAgreement@@YA_NPAD@Z, _EAINSTALL_getDirectXEULAText@@YA_NPAPADPAIH@Z, _EAINSTALL_getStringFromDLLorEXE@@YA_NHPADH@Z, _EAINSTALL_freeDirectXEULAText@@YA_NPAPAD@Z, _EAINSTALL_cancelInstallGame@@YA_NPAH0PAM0@Z, _EAINSTALL_restore@@YA_NXZ, _EAINSTALL_setGameCacheSize@@YAX_J@Z
> KERNEL32.dll: GetSystemInfo, VirtualQuery, RtlUnwind, ExitProcess, TerminateProcess, GetStartupInfoA, GetCommandLineA, HeapReAlloc, HeapSize, HeapDestroy, HeapCreate, VirtualFree, IsBadWritePtr, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, GetStringTypeA, GetStringTypeW, GetStdHandle, UnhandledExceptionFilter, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetHandleCount, GetFileType, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, IsBadReadPtr, IsBadCodePtr, SetStdHandle, InterlockedExchange, MultiByteToWideChar, WideCharToMultiByte, GetLastError, GetVersion, lstrcmpiA, lstrlenA, SizeofResource, LockResource, LoadResource, FindResourceA, Sleep, FreeLibrary, GetProcAddress, LoadLibraryA, GetCurrentDirectoryA, GetModuleHandleA, SetCurrentDirectoryA, GetACP, GetLocaleInfoA, GetThreadLocale, GetVersionExA, FreeResource, GlobalFree, GlobalUnlock, GlobalLock, lstrcpyA, EnumResourceLanguagesA, ConvertDefaultLocale, GetModuleFileNameA, VirtualAlloc, VirtualProtect, HeapFree, HeapAlloc, lstrcmpA, SetErrorMode, GetOEMCP, GetCPInfo, CreateFileA, GetCurrentProcess, SetEndOfFile, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, TlsFree, LocalReAlloc, TlsSetValue, TlsAlloc, TlsGetValue, EnterCriticalSection, GlobalHandle, GlobalReAlloc, LeaveCriticalSection, LocalAlloc, InterlockedIncrement, WritePrivateProfileStringA, GlobalFlags, DeleteCriticalSection, InitializeCriticalSection, RaiseException, InterlockedDecrement, GlobalGetAtomNameA, GlobalFindAtomA, lstrcatA, lstrcmpW, CloseHandle, GlobalAddAtomA, SetLastError, MulDiv, FormatMessageA, lstrcpynA, LocalFree, GetCurrentThread, GetCurrentThreadId, GlobalAlloc, GlobalDeleteAtom
> USER32.dll: GetMenuItemInfoA, InflateRect, GetSysColorBrush, wsprintfA, LoadMenuA, DestroyMenu, UnpackDDElParam, ReuseDDElParam, ReleaseCapture, LoadAcceleratorsA, InvalidateRect, InsertMenuItemA, CreatePopupMenu, SetRectEmpty, BringWindowToTop, SetMenu, TranslateAcceleratorA, EndPaint, BeginPaint, GetWindowDC, ReleaseDC, GetDC, ClientToScreen, GrayStringA, DrawTextExA, DrawTextA, TabbedTextOutA, FillRect, RegisterWindowMessageA, WinHelpA, GetCapture, CreateWindowExA, GetClassLongA, GetClassInfoExA, GetClassNameA, SetPropA, GetPropA, RemovePropA, GetForegroundWindow, BeginDeferWindowPos, EndDeferWindowPos, GetTopWindow, UnhookWindowsHookEx, GetMessageTime, GetMessagePos, LoadIconA, MapWindowPoints, TrackPopupMenu, SetForegroundWindow, UpdateWindow, GetClientRect, GetSysColor, AdjustWindowRectEx, ScreenToClient, EqualRect, DeferWindowPos, GetClassInfoA, RegisterClassA, UnregisterClassA, DefWindowProcA, CallWindowProcA, OffsetRect, IntersectRect, SystemParametersInfoA, IsIconic, GetWindowPlacement, GetWindowRect, CopyRect, PtInRect, GetWindow, GetWindowTextA, SetWindowPos, SetFocus, LoadBitmapA, EnableWindow, LoadCursorA, MessageBoxA, LoadImageA, EndDialog, SendMessageA, GetNextDlgTabItem, GetParent, IsWindowEnabled, ShowWindow, SetWindowLongA, GetDlgCtrlID, SetWindowTextA, IsDialogMessageA, SendDlgItemMessageA, SetMenuItemBitmaps, GetFocus, ModifyMenuA, EnableMenuItem, CheckMenuItem, GetMenuCheckMarkDimensions, SetWindowsHookExA, CallNextHookEx, GetMessageA, TranslateMessage, DispatchMessageA, IsWindowVisible, GetKeyState, GetMenu, GetDlgItem, GetWindowLongA, IsWindow, DestroyWindow, CreateDialogIndirectParamA, GetSystemMetrics, SetActiveWindow, GetActiveWindow, GetDesktopWindow, PostQuitMessage, PostMessageA, GetSubMenu, GetMenuItemCount, GetMenuItemID, PeekMessageA, GetCursorPos, ValidateRect, GetLastActivePopup, ShowOwnedPopups, SetCursor, GetMenuState
> GDI32.dll: BitBlt, GetPixel, PtVisible, RectVisible, TextOutA, ExtTextOutA, Escape, SelectObject, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, DeleteDC, CreatePatternBrush, CreateCompatibleDC, GetStockObject, CreateSolidBrush, CreateCompatibleBitmap, GetTextExtentPoint32A, CreateFontIndirectA, DeleteObject, GetDeviceCaps, SetMapMode, SetBkMode, RestoreDC, SaveDC, GetObjectA, SetBkColor, SetTextColor, GetClipBox, CreateBitmap
> WINSPOOL.DRV: OpenPrinterA, DocumentPropertiesA, ClosePrinter
> ADVAPI32.dll: RegCloseKey, RegQueryValueExA, RegOpenKeyExA, RegOpenKeyA, RegDeleteKeyA, RegEnumKeyA, RegQueryValueA, RegCreateKeyExA, RegSetValueExA
> SHELL32.dll: DragFinish, DragQueryFileA, ShellExecuteA
> COMCTL32.dll: -, ImageList_Draw, ImageList_GetImageInfo, ImageList_Destroy
> SHLWAPI.dll: PathFindFileNameA, PathFindExtensionA
> OLEAUT32.dll: -, -, -

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
sigcheck:
publisher....: Electronic Arts Inc.
copyright....: (c) 2004-2005 Electronic Arts Inc.
product......: Electronic Arts AutoRun
description..: Electronic Arts AutoRun
original name: AutoRun7.exe
internal name: AutoRun7.exe
file version.: 1.09.02
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

[motji]

Kam si stažené soubory ukládáte? Zkuste změnit místo, kd eobvykle tyto věci ukládáte.

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Collect::
c:\windows\SE632CF17.tmp
c:\windows\system32\mmf.sys

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[jarko]

ComboFix 10-08-04.05 - Hanka 05.08.2010 11:45:52.3.1 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1023.579 [GMT 2:00]
Running from: c:\documents and settings\Hanka\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Hanka\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100804-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Kerio Personal Firewall *enabled* {333BECA0-DED8-4139-A516-8D9E44E22669}

file zipped: c:\windows\SE632CF17.tmp
file zipped: c:\windows\system32\mmf.sys
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\SE632CF17.tmp
c:\windows\system32\mmf.sys

.
((((((((((((((((((((((((( Files Created from 2010-07-05 to 2010-08-05 )))))))))))))))))))))))))))))))
.

2010-08-05 04:48 . 2010-08-05 09:38 119648 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-08-03 21:31 . 2010-08-03 21:32 3749567 ----a-r- C:\ComboFix.exe
2010-08-03 08:57 . 2010-08-03 08:58 -------- d-----w- c:\program files\trend micro
2010-08-03 08:57 . 2010-08-03 09:16 -------- d-----w- C:\rsit
2010-08-01 17:31 . 2010-08-01 17:31 -------- d-----w- c:\documents and settings\Hanka\Moje dokumenty

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-03 21:26 . 2010-05-25 06:26 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-08-03 20:44 . 2010-03-15 15:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-03 20:39 . 2004-11-12 08:19 48856 ----a-w- c:\documents and settings\Hanka\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-01 17:33 . 2006-06-02 07:30 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-23 15:22 . 2010-07-29 04:38 1496064 ----a-w- c:\documents and settings\Hanka\Application Data\Mozilla\Firefox\Profiles\cgkboggk.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-07-23 15:22 . 2010-07-29 04:38 43008 ----a-w- c:\documents and settings\Hanka\Application Data\Mozilla\Firefox\Profiles\cgkboggk.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-07-23 15:22 . 2010-07-29 04:38 338944 ----a-w- c:\documents and settings\Hanka\Application Data\Mozilla\Firefox\Profiles\cgkboggk.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-07-23 15:22 . 2010-07-29 04:38 346112 ----a-w- c:\documents and settings\Hanka\Application Data\Mozilla\Firefox\Profiles\cgkboggk.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-07-23 10:30 . 2005-12-03 23:30 -------- d-----w- c:\documents and settings\Hanka\Application Data\Skype
2010-07-23 10:17 . 2008-02-25 14:31 -------- d-----w- c:\documents and settings\Hanka\Application Data\skypePM
2010-07-01 11:11 . 2007-09-29 10:45 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-07-01 08:40 . 2010-07-01 07:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Soluto
2010-07-01 08:21 . 2009-02-15 07:19 5112 ----a-w- c:\windows\GPCIDrv.sys
2010-07-01 08:21 . 2008-05-14 19:42 17962 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2010-07-01 08:14 . 2010-07-01 08:14 -------- d-----w- c:\program files\Soluto
2010-07-01 08:11 . 2010-07-01 08:11 -------- d-----w- c:\program files\MSBuild
2010-07-01 07:15 . 2010-07-01 07:56 926568 ----a-w- c:\documents and settings\All Users\Application Data\Soluto\Installer\SolutoInstaller.exe
2010-06-28 07:05 . 2010-07-01 08:14 179656 ----a-w- c:\windows\system32\drivers\PCGenFAM.sys
2010-06-23 07:20 . 2010-06-23 07:20 501936 ----a-w- c:\documents and settings\All Users\Application Data\Google\Google Toolbar\Update\gtbA.tmp.exe
2010-04-23 17:46 . 2006-07-08 14:56 4270 ----a-w- c:\program files\Rekorde.dsv
2010-04-23 17:46 . 2006-07-08 14:52 3581 ----a-w- c:\program files\Config119.dsv
2010-04-23 17:27 . 2006-07-08 14:54 4709 ----a-w- c:\program files\TEAMs.dsv
2010-01-31 07:34 . 2010-01-31 07:24 280651484 ----a-w- c:\program files\cs16full.rar
2010-01-31 07:26 . 2010-01-31 07:25 13895018 ----a-w- c:\program files\fy2.rar
2010-01-31 07:26 . 2010-01-31 07:25 3750445 ----a-w- c:\program files\awp.rar
2010-01-31 07:25 . 2010-01-31 07:25 1438018 ----a-w- c:\program files\fy.rar
2010-01-31 07:25 . 2010-01-31 07:25 4424343 ----a-w- c:\program files\aim.rar
2010-01-30 21:36 . 2010-01-30 17:05 397857244 ----a-w- c:\program files\steaminstall_cs.exe
2009-02-06 20:28 . 2006-11-21 20:03 569344 ----a-w- c:\program files\AutoRun.exe
2008-08-31 16:30 . 2008-03-23 20:18 32 ------w- c:\program files\Default.fil
2008-04-18 15:59 . 2008-04-18 16:00 774144 ------w- c:\program files\RngInterstitial.dll
2008-04-08 11:55 . 2008-04-04 14:08 169720 ------w- c:\program files\replay.rp3
2008-04-04 14:08 . 2008-04-04 14:08 24042 ------w- c:\program files\ghost.gst
2008-04-04 14:02 . 2008-04-04 14:02 579 ------w- c:\program files\install.win
2006-11-21 20:15 . 2006-08-15 09:24 5632 ------w- c:\program files\Thumbs.db
2006-10-25 13:17 . 2006-11-21 20:03 528384 ------w- c:\program files\AutoRunGUI.dll
2006-10-25 13:17 . 2006-11-21 20:03 258 ------w- c:\program files\dat.bin
2006-10-25 13:17 . 2006-11-21 20:03 253952 ------w- c:\program files\eauninstall.exe
2005-09-15 09:28 . 2005-09-15 09:28 3584 ------w- c:\program files\1033.MST
2005-01-24 18:51 . 2005-01-24 18:51 63696 ------w- c:\program files\slovencina.xml
2004-12-30 21:27 . 2008-09-25 15:37 14648 ------w- c:\program files\rg.nfo
2004-06-30 11:20 . 2006-05-08 15:28 160768 ------w- c:\program files\fmod.dll
2003-12-21 05:44 . 2003-12-21 05:42 696 ------w- c:\program files\index.html
2003-07-22 20:28 . 2003-07-22 20:28 5 ------w- c:\program files\DISK1.ID
2003-07-22 20:27 . 2003-07-22 20:27 206906 ------w- c:\program files\_SETUP.LIB
2002-10-10 19:32 . 2002-10-10 19:32 542368 ------w- c:\program files\QuickTimeInstaller.exe
2002-10-10 19:26 . 2002-10-10 19:26 10570062 ------w- c:\program files\QuickTimeInstallCache.qdat
2002-06-04 08:59 . 2002-06-04 08:59 204800 ------w- c:\program files\Restoration.exe
1998-09-24 07:48 . 2008-01-03 14:21 925 ------w- c:\program files\BENCH.EPD
1998-08-11 11:15 . 2008-01-03 14:21 3121 ------w- c:\program files\BS75
1998-02-24 14:26 . 2008-01-03 14:21 1339 ------w- c:\program files\BS50
1997-10-03 10:52 . 2008-01-03 14:21 3408 ------w- c:\program files\TSR.EXE
1997-07-14 19:22 . 2008-03-23 20:16 66382 ------w- c:\program files\H_SIGNS.PIC
1997-07-08 10:10 . 2008-03-23 20:16 106318 ------w- c:\program files\N_SYSGFX.PIC
1997-07-05 20:01 . 2008-03-23 20:16 89028 ------w- c:\program files\POKAL.PIC
1997-07-04 19:58 . 2008-03-23 20:16 62363 ------w- c:\program files\N_PANGFX.PIC
1997-07-03 14:08 . 2008-03-23 20:16 82766 ------w- c:\program files\H_PAN2.PIC
1997-07-01 15:01 . 2008-03-23 20:16 17943 ------w- c:\program files\S_PANGFX.PIC
1997-05-31 23:45 . 2008-03-23 20:16 39642 ------w- c:\program files\FLAGGOR.PIC
1997-05-23 13:16 . 2008-03-23 20:16 776 ------w- c:\program files\SYS.COL
1997-05-23 10:21 . 2008-03-23 20:16 13390 ------w- c:\program files\N_SIGNS.PIC
1997-05-23 10:17 . 2008-03-23 20:16 3982 ------w- c:\program files\S_SIGNS.PIC
1997-05-23 10:10 . 2008-03-23 20:16 42470 ------w- c:\program files\N_SYSG_2.PIC
1997-05-07 10:31 . 2008-03-23 20:16 66382 ------w- c:\program files\H_PAN1.PIC
1997-04-24 16:26 . 2008-03-23 20:16 37720 ------w- c:\program files\MENUBKG.DAT
1996-10-03 10:19 . 1996-10-03 10:19 65999 ------w- c:\program files\SETUP.INS
1996-07-24 03:00 . 1996-07-24 03:00 316789 ------w- c:\program files\_INST32I.EX_
1996-04-29 07:25 . 1996-04-29 07:25 5984 ------w- c:\program files\_SETUP.DLL
1995-09-07 19:22 . 1995-09-07 19:22 8192 ------w- c:\program files\_ISDEL.EXE
1993-12-16 08:11 . 2008-01-03 14:21 4647 ------w- c:\program files\BOOK.TRX
1993-11-16 08:56 . 2008-01-03 14:21 1048 ------w- c:\program files\FRAGILE
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-04 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2003-03-31 59392]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Ponuka ćtart\Programy\Pri spustenˇ\
InterVideo WinCinema Manager.lnk - c:\program files\InterVideo\Common\Bin\WinCinemaMgr.exe [2005-3-8 184320]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^All Users^start menu^programs^startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\All Users\start menu\programs\startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox]
2006-10-17 01:20 398944 ------w- c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-09-26 15:57 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 13:57 153136 ------w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2006-01-30 19:13 35328 ------w- c:\program files\Winamp\winampa.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
"SpybotSD TeaTimer"=c:\program files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Soluto\\Soluto.exe"=
"c:\\Program Files\\Soluto\\SolutoService.exe"=
"c:\\Program Files\\Soluto\\SolutoConsole.exe"=
"c:\\Program Files\\Soluto\\SolutoUpdateService.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 VOBID;VOBID;c:\windows\system32\drivers\vobid.sys [1.8.2003 15:47 29239]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6.8.2008 13:45 114768]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [26.9.2005 11:05 286720]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [26.9.2005 11:05 81920]
R1 SSHDRV82;SSHDRV82;c:\windows\system32\drivers\SSHDRV82.sys [25.12.2006 12:12 76288]
R2 Angelnt;Angelnt;c:\windows\system32\drivers\ANGELNT.SYS [22.2.2007 22:30 51072]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6.8.2008 13:45 20560]
R2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [28.6.2010 14:14 339520]
R3 PAC207;VideoCAM GE111;c:\windows\system32\drivers\PFC027.sys [8.4.2005 10:46 162176]
S0 PCGenFAM;PCGenFAM;c:\windows\system32\drivers\PCGenFAM.sys [1.7.2010 10:14 179656]
S2 LicCtrlService;LicCtrl Service;rundll32.exe c:\windows\mmfs.dll,Service --> rundll32.exe c:\windows\mmfs.dll,Service [?]
S3 GPCIDrv;GPCIDrv;c:\windows\GPCIDrv.sys [15.2.2009 9:19 5112]
S3 gupdate1c9869f5644a592;Google Update Service (gupdate1c9869f5644a592);c:\program files\Google\Update\GoogleUpdate.exe [4.2.2009 10:05 133104]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [14.5.2008 21:42 17962]
S3 SER120;OTI Serial port driver;c:\windows\system32\drivers\ser120.sys [4.8.2005 23:52 32782]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.1.2007 20:39 639224]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-07-18 15:53 451872 ------w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder

2010-08-04 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-27 17:13]

2010-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 08:04]

2010-08-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 08:04]

2010-08-05 c:\windows\Tasks\User_Feed_Synchronization-{627239F6-56A3-4121-ADB1-B8C10B573123}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.tipos.sk/Default.aspx?CatID=38
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Settings,ProxyServer = proxy.telecom.sk:3128
uInternet Settings,ProxyOverride = 127.0.0.1; *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} -
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} -
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Hanka\Application Data\Mozilla\Firefox\Profiles\cgkboggk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://zoznam.sk
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\Hanka\Application Data\Mozilla\Firefox\Profiles\cgkboggk.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-05 11:59
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1202660629-1500820517-1801674531-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1202660629-1500820517-1801674531-1004\Software\SecuROM\License information*]
"datasecu"=hex:87,cf,e6,55,71,be,53,7b,bc,58,97,99,e4,e8,e1,64,99,58,fc,70,ca,
a7,f9,5a,0b,cd,b8,cb,3e,5c,8c,41,65,37,b7,48,8e,48,15,1a,c1,a4,d5,4a,41,98,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44

[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"Licence0"="REMOVED"
.
Completion time: 2010-08-05 12:06:58
ComboFix-quarantined-files.txt 2010-08-05 10:06
ComboFix2.txt 2010-08-04 18:32
ComboFix3.txt 2010-08-03 22:10

Pre-Run: 43 673 362 432 bytes free
Post-Run: 24 adresárov, 43 656 339 456 voľných bajtov

- - End Of File - - BE17C6A0E01F447A1994A677F87024FB
Upload was successful

[motji]

Jak to vypadá s počítačem?

[jarko]

Zdravím, s PC to vypadá v celku dobre,pred pár dňami mi nabehoval pri spustení cca 2 minúty a 40 sek., teraz cca za 1 minútu, tak isto mi aj odstavoval , teraz odstaví za cca 15 sekúnd. Ale pri pokuse stiahnuť dokument PDF, tak mi napíše túto tabulku. Potom keď na to okno kliknem pravou myškou tak to otvorí. A ešte dá tuto Tabulku:Neplatný popisovač ponuky.

[motji]

Prosím Vás, můžete sem dát screeny těch tabulek?
Zkusím něco k tomu najít nebo se poptat kolegů

[jarko]

Dobrý večer, posielam hadam to bude dobre.

[motji]

Zkusím k tomu něco zjistit, ale bude to asi až zítra.

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?