Prosil by som o kontrolu logu

[JaRon]

aj som to cakal - subor je spravny, musis prepnut jazyk na anglicky >> slovensky Win je vlastne anglicky, ktory je poslovenceny
namiesto CSY budes mat v nazve ENU

[jakoncek]

No , takze niekde je chyba.
Anglicky to asi nepojde.

Instalacni program nemuze aktualizovat protoze jeho jazykova verze je jinanez jazykova verze
aktualizace.



Co skusit ?

[jakoncek]

Bola by este nejaka moznost ?

[JaRon]

ina moznost je, ze by si mal cesky Win
pozri napr. ci mas hledat alebo hladat ovladaci alebo ovladacie panely

[jakoncek]

No tak mam to vsetko v slovenčine .
Štart , Nastavenie , Ovládací panel .......

[JaRon]

bud s prikazoveho riadku spust prikaz ver
alebo tento pocitac vlastnosti
toto Ti musi jednoznacne napisat, ci je Win aglicky, alebo cesky
chybova hlaska bola totiz v cestine ,,,

[jakoncek]

Win mam podla mna Sk .
Microsoft Windows XP Professional ( Verzia 5.1.2600 )
Vsetko je pisane v slovenčine .

[JaRon]

ak ma stiahnuty subor nazov windowsxp-kb936929-sp3-x86-enu tak to musi fungovat ,,,

[jakoncek]

Ano je to tento subor :
WindowsXP-KB936929-SP3-x86-ENU.exe 316.4MB

Hlasenie :

WindowsXP-KB936929-SP3-x86-ENU.exe nie je platnou aplikaciou win32.

[JaRon]

jaaaj ale toto je diametralne ina hlaska ako vcera 14:03
pouzi CF, ak by bol problem so spustenim premenuj ho na cudo.com
>> stiahni a uloz na plochu ComboFix

potom spust pod uctom s administratorskym opravnenim


akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie

Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.

po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)

[jakoncek]

Tak tu je pozadovany log :
=================

ComboFix 11-05-02.04 - Admin 03.05.2011 15:09:50.8.1 - x86
Running from: d:\documents and settings\Admin\Desktop\ComboFix.exe
AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\windows\ST6UNST.000
.
.
((((((((((((((((((((((((( Files Created from 2011-04-03 to 2011-05-03 )))))))))))))))))))))))))))))))
.
.
2011-05-02 05:23 . 2011-05-02 05:23 -------- d-----w- D:\!KillBox
2011-04-29 05:57 . 2011-04-29 06:45 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\panda2_0dn
2011-04-29 05:56 . 2011-05-03 07:42 -------- d-----w- d:\documents and settings\All Users\Application Data\Panda Security URL Filtering
2011-04-29 05:56 . 2011-05-01 14:10 -------- d-----w- d:\documents and settings\Admin\Application Data\pandasecuritytb
2011-04-28 13:50 . 2011-04-28 13:52 -------- d-----w- d:\program files\DTaskManager - Systemove info o PC
2011-04-28 10:57 . 2011-04-28 10:55 388608 ----a-w- d:\windows\system32\CF9460.exe
2011-04-28 08:43 . 2011-04-28 08:43 2 --shatr- d:\windows\winstart.bat
2011-04-27 17:53 . 2011-04-27 17:53 -------- dc-h--w- d:\documents and settings\All Users\Application Data\{6DAA3B20-D487-4FA2-81D5-50404CCB868D}
2011-04-27 16:23 . 2011-04-29 05:57 -------- d-----w- d:\program files\Panda Security
2011-04-27 15:06 . 2011-04-27 15:06 -------- d-----w- d:\windows\system32\wbem\Repository
2011-04-11 16:22 . 2009-07-01 16:34 98304 ----a-w- d:\program files\Windows Media Player\in_midi.dll
2011-04-11 16:21 . 2010-02-11 07:56 155648 ----a-w- d:\program files\Windows Media Player\vlwmp.dll
2011-04-11 16:16 . 2011-04-11 16:16 -------- d-----w- d:\documents and settings\Admin\Application Data\VividLyrics
2011-04-11 09:01 . 2011-04-11 09:01 796672 ----a-w- d:\windows\GPInstall.exe
2011-04-09 21:05 . 2011-04-09 21:05 -------- d-----w- d:\documents and settings\Admin\Application Data\bearsharemediabartb
2011-04-09 15:36 . 2011-04-09 15:37 -------- d-----w- d:\documents and settings\Admin\Application Data\mediabarbs
2011-04-09 15:32 . 2011-04-09 21:32 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\BearShare
2011-04-09 13:36 . 2011-04-09 13:36 -------- d-----w- d:\documents and settings\All Users\Application Data\NCH Swift Sound
2011-04-09 13:15 . 2011-04-09 13:42 -------- d-----w- d:\documents and settings\Admin\Application Data\FMZilla
2011-04-09 09:54 . 2008-11-19 07:41 16640 ----a-w- d:\windows\system32\drivers\WsAudioDevice_383.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-13 13:46 . 2011-02-12 16:03 2560 ----a-w- d:\windows\_MSRSTRT.EXE
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-28_11.33.00 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-29 05:58 . 2011-04-29 05:58 28672 d:\windows\assembly\GAC_MSIL\Interop.SurfSecret_FormFiller\1.0.0.0__d7e6797a04c5c135\Interop.SurfSecret_FormFiller.dll
- 2011-04-27 16:27 . 2011-04-27 16:27 28672 d:\windows\assembly\GAC_MSIL\Interop.SurfSecret_FormFiller\1.0.0.0__d7e6797a04c5c135\Interop.SurfSecret_FormFiller.dll
+ 2011-04-29 06:01 . 2011-04-29 06:01 53248 d:\windows\assembly\GAC_MSIL\diCrSysAPINet\4.2.0.37021__6ab76b58d88c4cc4\diCrSysAPINet.dll
- 2011-04-27 16:31 . 2011-04-27 16:31 53248 d:\windows\assembly\GAC_MSIL\diCrSysAPINet\4.2.0.37021__6ab76b58d88c4cc4\diCrSysAPINet.dll
+ 2011-04-30 05:56 . 2011-04-30 05:56 405504 d:\windows\Installer\33a8ac5.msp
- 2011-04-27 16:24 . 2011-04-27 16:24 339968 d:\windows\Installer\{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}\Shortcuts_ProductN_A17DF807A25C4F9396D48EA53C96348F.exe
+ 2011-04-30 20:14 . 2011-04-30 20:14 339968 d:\windows\Installer\{FEB2D0CA-9912-4AA1-8FBE-CFD852F9F1FC}\Shortcuts_ProductN_A17DF807A25C4F9396D48EA53C96348F.exe
+ 2011-04-29 05:59 . 2011-04-29 05:59 139264 d:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__d7e6797a04c5c135\Interop.SHDocVw.dll
- 2011-04-27 16:28 . 2011-04-27 16:28 139264 d:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__d7e6797a04c5c135\Interop.SHDocVw.dll
- 2011-04-27 16:25 . 2011-04-27 16:25 200704 d:\windows\assembly\GAC_MSIL\ICSharpCode.SharpZipLib\0.85.1.271__1b03e6acf1164f73\ICSharpCode.SharpZipLib.dll
+ 2011-04-29 05:57 . 2011-04-29 05:57 200704 d:\windows\assembly\GAC_MSIL\ICSharpCode.SharpZipLib\0.85.1.271__1b03e6acf1164f73\ICSharpCode.SharpZipLib.dll
+ 2011-04-29 05:55 . 2011-04-29 05:55 6127104 d:\windows\Installer\7f534.msi
+ 2011-04-29 06:01 . 2011-04-29 06:01 8007680 d:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
- 2011-04-27 16:30 . 2011-04-27 16:30 8007680 d:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2010-12-19 14:46 86696 ----a-w- d:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "d:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2010-12-19 86696]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
2010-12-16 16:18 320832 ----a-w- d:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
2010-12-16 16:18 320832 ----a-w- d:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB Firewall Protection"="2" [X]
"POP Peeper"="d:\program files\POP Peeper\POPPeeper.exe" [2010-09-09 1511424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tsnp325"="d:\windows\tsnp325.exe" [2006-10-10 270336]
"snp325"="d:\windows\vsnp325.exe" [2006-10-10 827392]
"SunJavaUpdateSched"="d:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"Malwarebytes' Anti-Malware"="d:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
"TkBellExe"="d:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-09-15 198160]
"PSUNMain"="d:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-02-24 423232]
"Panda Security URL Filtering"="d:\documents and settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2010-12-19 223400]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="d:\program files\Windows Sidebar\sidebar.exe" [2006-12-08 1253376]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
.
d:\documents and settings\Admin\Start Menu\Programs\Startup\
SJphone 1.65.lnk - d:\windows\Installer\{E1A45BFD-FD3E-45D7-AD5C-A29A506C2EB3}\SoftphoneIcon.exe [2010-10-13 20480]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"StartMenuLogoff"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- d:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 14:13 49152 ----a-w- d:\progra~1\COMMON~1\stardock\MCPStub.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=xgusb.cpl
"midi2"=xgusb.cpl
"midi3"=xgusb.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- d:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 18:50 155648 -c--a-w- d:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2011-01-29 14:50 46592 ----a-w- d:\windows\SOUNDMAN.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"d:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"d:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\SJphone 1.65\\SJphone.exe"=
"d:\\Program Files\\Java\\jre1.6.0_05\\bin\\javaw.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
"d:\\Program Files\\Avant Browser\\avant.exe"=
"d:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\POP Peeper\\POPPeeper.exe"=
"d:\\Moje dokumenty\\Strong DC++\\StrongDC++\\StrongDC.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8000:UDP"= 8000:UDP:Express Talk RTP Incoming Audio (UDP)
"8001:UDP"= 8001:UDP:Express Talk RTP Incoming Audio (UDP)
"8002:UDP"= 8002:UDP:Express Talk RTP Incoming Audio (UDP)
"8003:UDP"= 8003:UDP:Express Talk RTP Incoming Audio (UDP)
"8004:UDP"= 8004:UDP:Express Talk RTP Incoming Audio (UDP)
"8005:UDP"= 8005:UDP:Express Talk RTP Incoming Audio (UDP)
"8006:UDP"= 8006:UDP:Express Talk RTP Incoming Audio (UDP)
"8007:UDP"= 8007:UDP:Express Talk RTP Incoming Audio (UDP)
"8008:UDP"= 8008:UDP:Express Talk RTP Incoming Audio (UDP)
"8009:UDP"= 8009:UDP:Express Talk RTP Incoming Audio (UDP)
"5070:UDP"= 5070:UDP:Express Talk Sip Incoming Calls (UDP)
"94:TCP"= 94:TCP:VRS Recording System Web Control Panel
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R2 gupdate1ca24c7f0166fb0;Služba Google Update (gupdate1ca24c7f0166fb0); [x]
R3 MEMSWEEP2;MEMSWEEP2;d:\windows\system32\6.tmp [x]
R3 SNP325;USB PC Camera (SNPSTD325);d:\windows\system32\DRIVERS\snp325.sys [2007-04-03 10251904]
R4 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine);d:\program files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [x]
R4 DUMeterSvc;DU Meter Service; [x]
S1 PSINKNC;PSINKNC;d:\windows\system32\DRIVERS\psinknc.sys [2010-12-16 130376]
S1 SASDIFSV;SASDIFSV;d:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;d:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 NanoServiceMain;Panda Cloud Antivirus Service;d:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2010-12-16 140608]
S2 PSINAflt;PSINAflt;d:\windows\system32\DRIVERS\PSINAflt.sys [2010-12-16 141768]
S2 PSINFile;PSINFile;d:\windows\system32\DRIVERS\PSINFile.sys [2010-12-16 97352]
S2 PSINProc;PSINProc;d:\windows\system32\DRIVERS\PSINProc.sys [2010-12-16 111944]
S2 PSINProt;PSINProt;d:\windows\system32\DRIVERS\PSINProt.sys [2010-12-16 113096]
S3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [2010-12-20 20952]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{34A19196-274E-4D75-9D30-D7A45A0A4178}]
2004-08-04 04:00 11776 -c--a-w- d:\program files\Windows Sidebar\regsvr32.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6B9228DA-9C15-419e-856C-19E768A13BDC}]
2004-08-04 04:00 11776 -c--a-w- d:\program files\Windows Sidebar\regsvr32.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{BADA65A0-86B7-462B-B720-CE66655C73F5}]
2006-11-09 05:57 38912 -c--a-w- d:\vaio\vshellext.dll
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-02 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1202660629-1957994488-1003Core.job
- d:\documents and settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-02-03 14:51]
.
2011-05-03 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1202660629-1957994488-1003UA.job
- d:\documents and settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-02-03 14:51]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.szm.sk/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - d:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - d:\program files\Verdict Free\etnxp.dll
Trusted Zone: stv.sk\www
FF - ProfilePath - d:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://search.bearshare.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda&type=PCAFSI1190&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - %profile%\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
FF - Ext: MediaBar: {E84D42CA-64EB-11DE-A65F-8C3656D89593} - %profile%\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
FF - Ext: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - %profile%\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - d:\program files\Real\RealPlayer\browserrecord
FF - Ext: Panda Identity Protect: widgetruntime@surfsecret.com - d:\program files\Panda Security\Panda ID Protect\Firefox
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-03 15:30
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\d:\windows\system32\6.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1715567821-1202660629-1957994488-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1052)
d:\program files\SUPERAntiSpyware\SASWINLO.DLL
d:\progra~1\COMMON~1\Stardock\mcpstub.dll
.
Completion time: 2011-05-03 15:38:30
ComboFix-quarantined-files.txt 2011-05-03 13:38
.
Pre-Run: 15 086 718 976 bytes free
Post-Run: 9 adresárov, 15 087 484 928 voľných bajtov
.
- - End Of File - - 692EDAD1CB4302461CEFA30536346E35

[JaRon]

Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Driver::
MEMSWEEP2

uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:



po aplikacii by mal vzniknut dalsi log, ten vloz sem

[jakoncek]

Takze zasielam dalsi log :
==================

ComboFix 11-05-02.04 - Admin 03.05.2011 16:21:22.9.1 - x86
Running from: d:\documents and settings\Admin\Desktop\ComboFix.exe
Command switches used :: d:\documents and settings\Admin\Desktop\CFScript.txt
AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MEMSWEEP2
-------\Service_MEMSWEEP2
.
.
((((((((((((((((((((((((( Files Created from 2011-04-03 to 2011-05-03 )))))))))))))))))))))))))))))))
.
.
2011-05-02 05:23 . 2011-05-02 05:23 -------- d-----w- D:\!KillBox
2011-04-29 05:57 . 2011-04-29 06:45 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\panda2_0dn
2011-04-29 05:56 . 2011-05-03 14:46 -------- d-----w- d:\documents and settings\All Users\Application Data\Panda Security URL Filtering
2011-04-29 05:56 . 2011-05-01 14:10 -------- d-----w- d:\documents and settings\Admin\Application Data\pandasecuritytb
2011-04-28 13:50 . 2011-04-28 13:52 -------- d-----w- d:\program files\DTaskManager - Systemove info o PC
2011-04-28 10:57 . 2011-04-28 10:55 388608 ----a-w- d:\windows\system32\CF9460.exe
2011-04-28 08:43 . 2011-04-28 08:43 2 --shatr- d:\windows\winstart.bat
2011-04-27 17:53 . 2011-04-27 17:53 -------- dc-h--w- d:\documents and settings\All Users\Application Data\{6DAA3B20-D487-4FA2-81D5-50404CCB868D}
2011-04-27 16:23 . 2011-04-29 05:57 -------- d-----w- d:\program files\Panda Security
2011-04-27 15:06 . 2011-04-27 15:06 -------- d-----w- d:\windows\system32\wbem\Repository
2011-04-11 16:22 . 2009-07-01 16:34 98304 ----a-w- d:\program files\Windows Media Player\in_midi.dll
2011-04-11 16:21 . 2010-02-11 07:56 155648 ----a-w- d:\program files\Windows Media Player\vlwmp.dll
2011-04-11 16:16 . 2011-04-11 16:16 -------- d-----w- d:\documents and settings\Admin\Application Data\VividLyrics
2011-04-11 09:01 . 2011-04-11 09:01 796672 ----a-w- d:\windows\GPInstall.exe
2011-04-09 21:05 . 2011-04-09 21:05 -------- d-----w- d:\documents and settings\Admin\Application Data\bearsharemediabartb
2011-04-09 15:36 . 2011-04-09 15:37 -------- d-----w- d:\documents and settings\Admin\Application Data\mediabarbs
2011-04-09 15:32 . 2011-04-09 21:32 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\BearShare
2011-04-09 13:36 . 2011-04-09 13:36 -------- d-----w- d:\documents and settings\All Users\Application Data\NCH Swift Sound
2011-04-09 13:15 . 2011-04-09 13:42 -------- d-----w- d:\documents and settings\Admin\Application Data\FMZilla
2011-04-09 09:54 . 2008-11-19 07:41 16640 ----a-w- d:\windows\system32\drivers\WsAudioDevice_383.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-13 13:46 . 2011-02-12 16:03 2560 ----a-w- d:\windows\_MSRSTRT.EXE
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2010-12-19 14:46 86696 ----a-w- d:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "d:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2010-12-19 86696]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
2010-12-16 16:18 320832 ----a-w- d:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
2010-12-16 16:18 320832 ----a-w- d:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB Firewall Protection"="2" [X]
"POP Peeper"="d:\program files\POP Peeper\POPPeeper.exe" [2010-09-09 1511424]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tsnp325"="d:\windows\tsnp325.exe" [2006-10-10 270336]
"snp325"="d:\windows\vsnp325.exe" [2006-10-10 827392]
"SunJavaUpdateSched"="d:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"Malwarebytes' Anti-Malware"="d:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
"TkBellExe"="d:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-09-15 198160]
"PSUNMain"="d:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-02-24 423232]
"Panda Security URL Filtering"="d:\documents and settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2010-12-19 223400]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="d:\program files\Windows Sidebar\sidebar.exe" [2006-12-08 1253376]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
.
d:\documents and settings\Admin\Start Menu\Programs\Startup\
SJphone 1.65.lnk - d:\windows\Installer\{E1A45BFD-FD3E-45D7-AD5C-A29A506C2EB3}\SoftphoneIcon.exe [2010-10-13 20480]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"StartMenuLogoff"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- d:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 14:13 49152 ----a-w- d:\progra~1\COMMON~1\stardock\MCPStub.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=xgusb.cpl
"midi2"=xgusb.cpl
"midi3"=xgusb.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- d:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 18:50 155648 -c--a-w- d:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2011-01-29 14:50 46592 ----a-w- d:\windows\SOUNDMAN.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"d:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"d:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\SJphone 1.65\\SJphone.exe"=
"d:\\Program Files\\Java\\jre1.6.0_05\\bin\\javaw.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
"d:\\Program Files\\Avant Browser\\avant.exe"=
"d:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\POP Peeper\\POPPeeper.exe"=
"d:\\Moje dokumenty\\Strong DC++\\StrongDC++\\StrongDC.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8000:UDP"= 8000:UDP:Express Talk RTP Incoming Audio (UDP)
"8001:UDP"= 8001:UDP:Express Talk RTP Incoming Audio (UDP)
"8002:UDP"= 8002:UDP:Express Talk RTP Incoming Audio (UDP)
"8003:UDP"= 8003:UDP:Express Talk RTP Incoming Audio (UDP)
"8004:UDP"= 8004:UDP:Express Talk RTP Incoming Audio (UDP)
"8005:UDP"= 8005:UDP:Express Talk RTP Incoming Audio (UDP)
"8006:UDP"= 8006:UDP:Express Talk RTP Incoming Audio (UDP)
"8007:UDP"= 8007:UDP:Express Talk RTP Incoming Audio (UDP)
"8008:UDP"= 8008:UDP:Express Talk RTP Incoming Audio (UDP)
"8009:UDP"= 8009:UDP:Express Talk RTP Incoming Audio (UDP)
"5070:UDP"= 5070:UDP:Express Talk Sip Incoming Calls (UDP)
"94:TCP"= 94:TCP:VRS Recording System Web Control Panel
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R2 gupdate1ca24c7f0166fb0;Služba Google Update (gupdate1ca24c7f0166fb0); [x]
R3 SNP325;USB PC Camera (SNPSTD325);d:\windows\system32\DRIVERS\snp325.sys [2007-04-03 10251904]
R4 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine);d:\program files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [x]
R4 DUMeterSvc;DU Meter Service; [x]
S1 PSINKNC;PSINKNC;d:\windows\system32\DRIVERS\psinknc.sys [2010-12-16 130376]
S1 SASDIFSV;SASDIFSV;d:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;d:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 NanoServiceMain;Panda Cloud Antivirus Service;d:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2010-12-16 140608]
S2 PSINAflt;PSINAflt;d:\windows\system32\DRIVERS\PSINAflt.sys [2010-12-16 141768]
S2 PSINFile;PSINFile;d:\windows\system32\DRIVERS\PSINFile.sys [2010-12-16 97352]
S2 PSINProc;PSINProc;d:\windows\system32\DRIVERS\PSINProc.sys [2010-12-16 111944]
S2 PSINProt;PSINProt;d:\windows\system32\DRIVERS\PSINProt.sys [2010-12-16 113096]
S3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [2010-12-20 20952]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{34A19196-274E-4D75-9D30-D7A45A0A4178}]
2004-08-04 04:00 11776 -c--a-w- d:\program files\Windows Sidebar\regsvr32.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6B9228DA-9C15-419e-856C-19E768A13BDC}]
2004-08-04 04:00 11776 -c--a-w- d:\program files\Windows Sidebar\regsvr32.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{BADA65A0-86B7-462B-B720-CE66655C73F5}]
2006-11-09 05:57 38912 -c--a-w- d:\vaio\vshellext.dll
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-03 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1202660629-1957994488-1003Core.job
- d:\documents and settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-02-03 14:51]
.
2011-05-03 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1202660629-1957994488-1003UA.job
- d:\documents and settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-02-03 14:51]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.szm.sk/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - d:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - d:\program files\Verdict Free\etnxp.dll
Trusted Zone: stv.sk\www
FF - ProfilePath - d:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://search.bearshare.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=panda&type=PCAFSI1190&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - %profile%\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
FF - Ext: MediaBar: {E84D42CA-64EB-11DE-A65F-8C3656D89593} - %profile%\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
FF - Ext: Panda Security Toolbar: {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - %profile%\extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - d:\program files\Real\RealPlayer\browserrecord
FF - Ext: Panda Identity Protect: widgetruntime@surfsecret.com - d:\program files\Panda Security\Panda ID Protect\Firefox
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-03 16:46
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1715567821-1202660629-1957994488-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1052)
d:\program files\SUPERAntiSpyware\SASWINLO.DLL
d:\progra~1\COMMON~1\Stardock\mcpstub.dll
.
- - - - - - - > 'explorer.exe'(3980)
d:\documents and settings\All Users\Application Data\Panda Security URL Filtering\panda_url_filtering.dll
d:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.DLL
d:\program files\Panda Security\Panda Cloud Antivirus\PSNCGP.dll
d:\program files\Panda Security\Panda Cloud Antivirus\PSNCIPC.dll
d:\progra~1\COMMON~1\stardock\MCPCore.dll
d:\windows\system32\msi.dll
d:\windows\system32\ieframe.dll
.
------------------------ Other Running Processes ------------------------
.
d:\progra~1\COMMON~1\Stardock\SDMCP.exe
d:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
d:\program files\SJphone 1.65\SJphone.exe
d:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2011-05-03 16:56:44 - machine was rebooted
ComboFix-quarantined-files.txt 2011-05-03 14:56
ComboFix2.txt 2011-05-03 13:38
.
Pre-Run: 15 100 256 256 bytes free
Post-Run: 9 adresárov, 15 072 186 368 voľných bajtov
.
- - End Of File - - 31A44A3B5332A8C6D94A22A9836BE993

[JaRon]

stale nie je mozne nainstalovat SP

[jakoncek]

No tak uz sa mi to podarilo nainstalovat .
Vrela vdaka za pomoc , a hlboko sa klaniam Vasim vedomostiam
a pomoci , ktoru tu ponukate aj nam amaterom .

Este jedna vec . Chcel som si pozriet systemove informacie o mojom PC ( v system tools )
ale nic sa mi tam nechce nacitat . Vypise mi ze sa obnovuju systemove informacie ale vsetky
suhrne informacie ostavaju prazdne.

Tak neviem ale niekde je este asi chyba .