VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

notebook nefunguje spravne, prosim o kontrolu logu

https://forum.viry.cz:443/viewtopic.php?t=100010

Stránka 1 z 1

notebook nefunguje spravne, prosim o kontrolu logu

Napsal: 12 dub 2010 18:12
od fefkus
Zdravim vas.
Prisla za mnou kamaratka s pekne zasvinenym notebookom. Prestal jej fungovat touchpad a klavesnica v klasickom rezime (Vista Home). V nudzovom rezime CCleaner odstranil na prvy sup 14 GB bordelu, co som este v zivote nevidel.. MBAM nenasiel nic, ale notebook v klasickom rezime stale nefunguje, spravil som log z RSIT v nudzovom rezime a vyhodil nasledovne, mozete mi poradit, pokial je to mozne? (nema toho vela pozalohovaneho, cize ak to bude vazne, tak mi prosim dajte vediet, co to zazalohujem..)
Log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by silvia at 2010-04-12 19:00:05
Microsoft« Windows VistaÖ Home Basic Service Pack 2
System drive C: has 39 GB (28%) free of 142 GB
Total RAM: 2037 MB (79% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{F4CB088C-9E01-4857-AA3E-93589A896CC5}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-02-14 304736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll [2010-01-31 812528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2009-04-24 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-06-30 196608]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-03-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-03-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-03-11 133656]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-03-12 3563520]
"Dell Webcam Central"=C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [2008-06-03 446635]
"PCMService"=C:\Program Files\Dell\MediaDirect\PCMService.exe [2008-01-14 132392]
"NSLauncher"=C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [2007-08-02 3096576]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-07 57344]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-02-14 185872]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2008-06-26 442467]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-12-03 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-01-25 39408]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"nodenable"=C:\Program Files\eset\nodenable.exe [2008-09-22 326829]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe
T-Mobile Communication Center.lnk - C:\Program Files\T-Mobile Communication Center\TMCC.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

C:\Users\silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-03-11 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{27d6e2c9-92fe-11de-9763-8847cfae2fc7}]
shell\AutoRun\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\fix.exe
shell\open\command - F:\RECYCLE\D-0-060-0000000000-1111111-2222222\fix.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64b1e8f1-fa77-11dd-a952-001644ffa86f}]
shell\AutoRun\command - F:\qphdin.com
shell\open\command - F:\qphdin.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{826844fd-b17b-11dd-8925-001644ffa86f}]
shell\AutoRun\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\wiseni32.exe
shell\open\command - F:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\wiseni32.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a55c029e-9500-11dd-b1b5-001644ffa86f}]
shell\AutoRun\command - adb.com
shell\explore\command - adb.com
shell\open\command - adb.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c41ad441-9c3f-11dd-964f-001644ffa86f}]
shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e295e330-bf9c-11dd-b42a-001644ffa86f}]
shell\AutoRun\command - F:\i.bat
shell\explore\command - F:\i.bat
shell\open\command - F:\i.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eefd6b1b-0d44-11de-a8e9-00217074994a}]
shell\AutoRun\command - F:\ij.bat
shell\explore\command - F:\ij.bat
shell\open\command - F:\ij.bat


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-04-12 19:00:05 ----D---- C:\rsit
2010-04-12 19:00:05 ----D---- C:\Program Files\trend micro
2010-04-12 18:59:52 ----D---- C:\Program Files\RSIT
2010-04-11 22:47:22 ----D---- C:\Users\silvia\AppData\Roaming\Malwarebytes
2010-04-11 22:47:18 ----D---- C:\ProgramData\Malwarebytes
2010-04-11 22:47:18 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-11 22:43:10 ----A---- C:\Windows\ntbtlog.txt
2010-04-11 22:30:29 ----D---- C:\Program Files\CCleaner
2010-04-05 07:13:07 ----D---- C:\ProgramData\Real
2010-03-26 20:42:47 ----D---- C:\Program Files\Common Files\Skype
2010-03-14 22:07:42 ----D---- C:\Program Files\Common Files\Lingea Shared
2010-03-14 22:05:01 ----D---- C:\Program Files\Lingea

======List of files/folders modified in the last 1 months======

2010-04-12 19:00:05 ----RD---- C:\Program Files
2010-04-12 18:59:53 ----D---- C:\Windows\System32
2010-04-12 18:59:53 ----D---- C:\Windows\inf
2010-04-12 18:59:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-12 18:52:14 ----SHD---- C:\System Volume Information
2010-04-12 18:51:48 ----D---- C:\Windows
2010-04-11 23:11:03 ----D---- C:\Windows\system32\config
2010-04-11 23:10:42 ----D---- C:\Windows\winsxs
2010-04-11 23:10:42 ----D---- C:\Windows\system32\Tasks
2010-04-11 23:10:42 ----D---- C:\Windows\system32\spool
2010-04-11 23:10:42 ----D---- C:\Windows\system32\Msdtc
2010-04-11 23:10:41 ----D---- C:\Windows\system32\CodeIntegrity
2010-04-11 23:10:41 ----D---- C:\Windows\system32\catroot2
2010-04-11 23:10:39 ----D---- C:\Windows\system32\wbem
2010-04-11 23:10:39 ----D---- C:\Windows\registration
2010-04-11 22:47:21 ----D---- C:\Windows\system32\drivers
2010-04-11 22:47:18 ----HD---- C:\ProgramData
2010-04-11 22:45:33 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-11 22:45:33 ----D---- C:\Program Files\Dell Webcam
2010-04-11 22:45:06 ----D---- C:\Program Files\Google
2010-04-11 22:42:48 ----D---- C:\Program Files\BS.Player ControlBar
2010-04-11 22:35:03 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-04-11 22:34:48 ----D---- C:\Windows\Minidump
2010-04-11 22:34:48 ----D---- C:\Windows\Debug
2010-04-11 22:34:34 ----D---- C:\Windows\Temp
2010-04-11 22:15:43 ----D---- C:\Users\silvia\AppData\Roaming\Skype
2010-04-11 22:14:45 ----D---- C:\Windows\Tasks
2010-04-11 22:14:37 ----D---- C:\Windows\Prefetch
2010-04-11 21:50:19 ----D---- C:\Users\silvia\AppData\Roaming\skypePM
2010-04-05 07:17:45 ----D---- C:\Windows\system32\catroot
2010-04-05 07:12:54 ----D---- C:\Users\silvia\AppData\Roaming\Real
2010-03-26 20:43:57 ----SHD---- C:\Windows\Installer
2010-03-26 20:42:47 ----D---- C:\Program Files\Common Files
2010-03-25 04:00:36 ----D---- C:\Program Files\Internet Explorer
2010-03-23 01:04:25 ----D---- C:\Program Files\Mozilla Firefox
2010-03-20 12:49:00 ----SD---- C:\Users\silvia\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-03-11 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2008-03-11 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2008-03-11 38400]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-06-30 170032]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2008-03-14 54784]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
S2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2009-02-06 92800]
S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2008-03-12 18424]
S3 BCM43XX;OvladaΦ bezdrßtovΘ karty Dell WLAN; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-03-12 1205240]
S3 BthEnum;Slu₧ba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Za°φzenφ Bluetooth (sφ¥ PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BthPort;OvladaΦ portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;OvladaΦ rozhranφ USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-06-16 81960]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2008-06-16 100392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-06-16 29736]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-06-16 17448]
S3 CmBatt;OvladaΦ baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
S3 drmkaud;DekodΘr zvuk∙ DRM jßdra spoleΦnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-21 220672]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-03-11 2302976]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service; C:\Windows\system32\drivers\IntcHdmi.sys [2008-03-11 111616]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2008-03-11 203264]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-01-09 9216]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2008-12-03 38496]
S3 MSKSSRV;Server proxy slu₧by datov²ch proud∙ Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datov²ch proud∙ Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy sprßvce kvality datov²ch proud∙ Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jφmka-jφmka typu T datov²ch proud∙ Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\Windows\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 OA001Ufd;Creative Camera OA001 Upper Filter Driver; C:\Windows\system32\DRIVERS\OA001Ufd.sys [2008-03-11 149208]
S3 OA001Vid;Creative Camera OA001 Function Driver; C:\Windows\system32\DRIVERS\OA001Vid.sys [2008-03-11 277624]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 RFCOMM;Za°φzenφ Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual; C:\Windows\system32\DRIVERS\livecamv.sys [2007-01-15 31616]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
S3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2008-06-26 380928]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2010-01-09 104960]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2010-01-09 105344]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2010-01-09 104960]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\aestsrv.exe [2008-06-26 73728]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-06-05 518696]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
S2 gupdate1c9fbff7376e4ca;Slu₧ba Google Update (gupdate1c9fbff7376e4ca); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-03 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-03 190448]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\STacSV.exe [2008-06-26 221273]
S2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-03-12 24064]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-02-08 212480]

-----------------EOF-----------------

Re: notebook nefunguje spravne, prosim o kontrolu logu

Napsal: 12 dub 2010 18:28
od Rudy
Dejte log z ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Re: notebook nefunguje spravne, prosim o kontrolu logu

Napsal: 12 dub 2010 19:12
od fefkus
Vdaka za odpoved. System sa spustil v standardnom rezime, touchpad aj klavesnica opat funguju.. Tu je log:

ComboFix 10-04-12.01 - silvia . 04. 2010 19:50:34.1.2 - x86 MINIMAL
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.421.1029.18.2037.1367 [GMT 2:00]
Running from: c:\users\silvia\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\$recycle.bin\S-1-5-21-495348235-4098444299-2901337794-500
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_Audiosrv
-------\Service_hkmsvc
-------\Service_IKEEXT
-------\Service_SessionEnv


((((((((((((((((((((((((( Files Created from 2010-03-12 to 2010-04-12 )))))))))))))))))))))))))))))))
.

2010-04-12 17:00 . 2010-04-12 17:00 -------- d-----w- C:\rsit
2010-04-12 17:00 . 2010-04-12 17:00 -------- d-----w- c:\program files\trend micro
2010-04-12 16:59 . 2010-04-12 16:59 -------- d-----w- c:\program files\RSIT
2010-04-11 20:47 . 2010-04-11 20:47 -------- d-----w- c:\users\silvia\AppData\Roaming\Malwarebytes
2010-04-11 20:47 . 2008-12-03 17:52 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-11 20:47 . 2008-12-03 17:52 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-11 20:47 . 2010-04-11 20:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-11 20:47 . 2010-04-11 20:47 -------- d-----w- c:\programdata\Malwarebytes
2010-04-11 20:30 . 2010-04-11 20:30 -------- d-----w- c:\program files\CCleaner
2010-03-26 18:42 . 2010-03-26 18:42 -------- d-----w- c:\program files\Common Files\Skype
2010-03-14 20:07 . 2010-03-14 20:08 -------- d-----w- c:\program files\Common Files\Lingea Shared
2010-03-14 20:05 . 2010-03-14 20:05 -------- d-----w- c:\program files\Lingea

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-12 18:00 . 2008-01-21 06:13 590348 ----a-w- c:\windows\system32\perfh005.dat
2010-04-12 18:00 . 2008-01-21 06:13 114900 ----a-w- c:\windows\system32\perfc005.dat
2010-04-12 17:58 . 2008-09-22 18:31 -------- d-----w- c:\users\silvia\AppData\Roaming\skypePM
2010-04-12 17:57 . 2008-09-22 18:30 -------- d-----w- c:\users\silvia\AppData\Roaming\Skype
2010-04-11 20:45 . 2008-09-10 19:39 -------- d-----w- c:\program files\Dell Webcam
2010-04-11 20:45 . 2008-09-10 19:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-11 20:45 . 2008-09-22 18:29 -------- d-----w- c:\program files\Google
2010-04-11 20:42 . 2008-09-26 08:05 -------- d-----w- c:\program files\BS.Player ControlBar
2010-04-11 20:35 . 2008-11-04 18:40 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-04-07 19:30 . 2008-09-10 19:39 3204 ----a-w- c:\windows\bthservsdp.dat
2010-04-05 13:17 . 2010-04-05 13:15 20841968 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\rp\RealPlayerSPGold.exe
2010-04-05 13:15 . 2010-04-05 13:15 8405312 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2010-04-05 13:14 . 2010-04-05 13:14 149000 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\chr_helper\LaunchHelper.exe
2010-04-05 13:14 . 2010-04-05 13:14 10309448 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\chr\ChromeInstaller.exe
2010-04-05 13:13 . 2010-04-05 13:13 79368 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\RUP\vista.exe
2010-04-05 13:13 . 2010-04-05 13:13 64000 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\RUP\inst_config\gcapi_dll.dll
2010-04-05 13:13 . 2010-04-05 13:13 52288 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\RUP\inst_config\gtapi.dll
2010-04-05 13:13 . 2010-04-05 13:13 50688 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\RUP\inst_config\fftbapi.dll
2010-04-05 13:13 . 2010-04-05 13:13 49152 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\RUP\inst_config\CarboniteCompatibility.dll
2010-04-05 13:13 . 2010-04-05 13:13 118784 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\RUP\inst_config\compat.dll
2010-04-05 05:13 . 2010-04-05 05:13 439816 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\setup.exe
2010-03-12 02:05 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-05 17:57 . 2010-03-05 17:57 -------- d-----w- c:\program files\Audio-Text Synchronized Books
2010-03-05 06:46 . 2008-09-22 18:12 -------- d-----w- c:\users\silvia\AppData\Roaming\ICQ
2010-02-26 20:48 . 2010-01-31 09:47 -------- d-----w- c:\program files\Last.fm
2010-02-26 20:47 . 2010-01-31 09:48 -------- d-----w- c:\programdata\Last.fm
2010-02-26 16:14 . 2009-08-14 23:18 -------- d-----w- c:\program files\iTunes
2010-02-24 09:16 . 2009-10-02 23:33 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-24 07:32 . 2009-06-01 05:53 -------- d-----w- c:\program files\Graboid
2010-02-24 06:44 . 2008-09-19 13:34 101512 ----a-w- c:\users\silvia\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr
2010-02-12 10:32 . 2010-03-12 02:03 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-01-31 10:31 . 2010-01-31 09:48 683801 ----a-w- c:\programdata\Last.fm\Client\UninstWMP\unins000.exe
2010-01-31 10:31 . 2010-01-31 09:48 683801 ----a-w- c:\programdata\Last.fm\Client\UninstITW\unins000.exe
2010-01-31 09:48 . 2010-01-31 09:48 108 ----a-w- c:\programdata\Last.fm\Client\uninst2.bat
2010-01-31 09:02 . 2010-01-31 09:02 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb1B2.tmp.exe
2010-01-25 12:00 . 2010-02-24 00:28 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:00 . 2010-02-24 00:27 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:00 . 2010-02-24 00:27 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:00 . 2010-02-24 00:28 471552 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 11:58 . 2010-02-24 00:27 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:21 . 2010-02-24 00:27 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:21 . 2010-02-24 00:27 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:21 . 2010-02-24 00:27 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-25 08:21 . 2010-02-24 00:27 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-23 09:26 . 2010-02-24 00:29 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-15 11:19 . 2010-01-15 11:15 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-15 11:19 . 2009-01-11 16:30 38784 ----a-w- c:\users\silvia\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2008-09-11 05:09 . 2008-09-11 05:08 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-24 39408]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"nodenable"="c:\program files\eset\nodenable.exe" [2008-09-22 326829]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-03-09 26100520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-06-30 196608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-11 133656]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-03-12 3563520]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-01-14 132392]
"NSLauncher"="c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-08-02 3096576]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-02-14 185872]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-26 442467]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

c:\users\silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Lingea Update Center.lnk - c:\program files\Common Files\Lingea Shared\luc.exe [2008-9-30 275736]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-3-17 1207376]
T-Mobile Communication Center.lnk - c:\program files\T-Mobile Communication Center\TMCC.exe [2010-1-9 749568]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-5-11 525640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):0a,7a,9e,56,c5,7b,ca,01

R2 gupdate1c9fbff7376e4ca;Služba Google Update (gupdate1c9fbff7376e4ca);c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 133104]
R2 TBS;Služba TPM Base Services;c:\windows\System32\svchost.exe [2008-01-21 21504]
R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\drivers\brfiltlo.sys [2006-11-02 13568]
R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\drivers\brfiltup.sys [2006-11-02 5248]
R3 CertPropSvc;Šíření certifikátů;c:\windows\system32\svchost.exe [2008-01-21 21504]
R3 DFSR;Replikace distribuovaného systému souborů (DFSR);c:\windows\system32\DFSR.exe [2009-04-11 2092544]
R3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver;c:\windows\system32\DRIVERS\E1G60I32.sys [2008-01-21 118784]
R3 fdPHost;Hostitel poskytovatele rozpoznávání funkce;c:\windows\system32\svchost.exe [2008-01-21 21504]
R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [2008-01-21 27648]
R3 FontCache;Mezipaměť písem Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
R3 IPBusEnum;Rozpoznávací modul sběrnice PnP-X IP;c:\windows\system32\svchost.exe [2008-01-21 21504]
R3 lltdsvc;Mapovač zjišťování topologie linkové vrstvy;c:\windows\System32\svchost.exe [2008-01-21 21504]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-01-09 9216]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2008-12-03 38496]
R3 MSiSCSI;Služba iniciátoru iSCSI společnosti Microsoft;c:\windows\system32\svchost.exe [2008-01-21 21504]
R3 MsRPC;MsRPC; [x]
R3 pla;Výstrahy a protokolování výkonu;c:\windows\System32\svchost.exe [2008-01-21 21504]
R3 PNRPAutoReg;Služba publikování názvu počítače pomocí protokolu PNRP;c:\windows\System32\svchost.exe [2008-01-21 21504]
R3 SCPolicySvc;Zásady odebrání čipové karty;c:\windows\system32\svchost.exe [2008-01-21 21504]
R3 SDRSVC;Zálohování systému Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
R3 sffp_mmc;SFF Storage Protocol Driver for MMC;c:\windows\system32\drivers\sffp_mmc.sys [2008-01-21 12288]
R3 SLUINotify;Služba SL UI Notification Service;c:\windows\system32\svchost.exe [2008-01-21 21504]
R3 THREADORDER;Server pro řazení podprocesů;c:\windows\system32\svchost.exe [2008-01-21 21504]
R3 TrustedInstaller;Instalace modulů systému Windows;c:\windows\servicing\TrustedInstaller.exe [2009-04-11 39424]
R3 tssecsrv;Terminal Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [2008-01-21 23552]
R3 UI0Detect;Zjišťování interaktivních služeb;c:\windows\system32\UI0Detect.exe [2008-01-21 35840]
R3 uliagpkx;Uli AGP Bus Filter;c:\windows\system32\drivers\uliagpkx.sys [2008-01-21 60984]
R3 wcncsvc;Technologie Windows Connect Now – Registrátor konfigurací;c:\windows\System32\svchost.exe [2008-01-21 21504]
R3 WcsPlugInService;Windows Color System;c:\windows\system32\svchost.exe [2008-01-21 21504]
R3 WdiServiceHost;Hostitel diagnostické služby;c:\windows\System32\svchost.exe [2008-01-21 21504]
R3 Wecsvc;Sběr událostí systému Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
R3 wercplsupport;Podpora ovládacího panelu Hlášení a řešení problémů;c:\windows\System32\svchost.exe [2008-01-21 21504]
R3 WinRM;Vzdálená správa systému Windows (WS-Management);c:\windows\System32\svchost.exe [2008-01-21 21504]
R3 WPCSvc;Rodičovská kontrola;c:\windows\system32\svchost.exe [2008-01-21 21504]
R4 adp94xx;adp94xx;c:\windows\system32\drivers\adp94xx.sys [2008-01-21 422968]
R4 adpahci;adpahci;c:\windows\system32\drivers\adpahci.sys [2008-01-21 300600]
R4 arcsas;arcsas;c:\windows\system32\drivers\arcsas.sys [2008-01-21 79928]
R4 blbdrive;blbdrive;c:\windows\system32\drivers\blbdrive.sys [2008-01-21 45568]
R4 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\system32\drivers\brserid.sys [2006-11-02 71808]
R4 BrSerWdm;Brother WDM Serial driver;c:\windows\system32\drivers\brserwdm.sys [2006-11-02 62336]
R4 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\system32\drivers\brusbmdm.sys [2006-11-02 12160]
R4 Crusoe;Transmeta Crusoe Processor Driver;c:\windows\system32\drivers\crusoe.sys [2008-01-21 40960]
R4 elxstor;elxstor;c:\windows\system32\drivers\elxstor.sys [2008-01-21 342584]
R4 HpCISSs;HpCISSs;c:\windows\system32\drivers\hpcisss.sys [2008-01-21 40504]
R4 iaStorV;Intel RAID Controller Vista;c:\windows\system32\drivers\iastorv.sys [2008-01-21 235064]
R4 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\ipmidrv.sys [2008-01-21 64512]
R4 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [2006-11-02 35944]
R4 LSI_FC;LSI_FC;c:\windows\system32\drivers\lsi_fc.sys [2008-01-21 96312]
R4 LSI_SAS;LSI_SAS;c:\windows\system32\drivers\lsi_sas.sys [2008-01-21 89656]
R4 LSI_SCSI;LSI_SCSI;c:\windows\system32\drivers\lsi_scsi.sys [2008-01-21 96312]
R4 megasas;megasas;c:\windows\system32\drivers\megasas.sys [2008-01-21 31288]
R4 mpio;Microsoft Multi-Path Bus Driver;c:\windows\system32\drivers\mpio.sys [2008-01-21 105016]
R4 msahci;msahci;c:\windows\system32\drivers\msahci.sys [2008-09-11 28728]
R4 msdsm;Microsoft Multi-Path Device Specific Module;c:\windows\system32\drivers\msdsm.sys [2008-01-21 94776]
R4 nfrd960;nfrd960;c:\windows\system32\drivers\nfrd960.sys [2006-11-02 45160]
R4 ntrigdigi;N-trig HID Tablet Driver;c:\windows\system32\drivers\ntrigdigi.sys [2006-11-02 20608]
R4 nvstor;nvstor;c:\windows\system32\drivers\nvstor.sys [2008-01-21 45112]
R4 ql2300;QLogic Fibre Channel Miniport Driver;c:\windows\system32\drivers\ql2300.sys [2008-01-21 1122360]
R4 ql40xx;QLogic iSCSI Miniport Driver;c:\windows\system32\drivers\ql40xx.sys [2006-11-02 106088]
R4 SiSRaid4;SiSRaid4;c:\windows\system32\drivers\sisraid4.sys [2008-01-21 74808]
R4 uliahci;uliahci;c:\windows\system32\drivers\uliahci.sys [2008-01-21 238648]
R4 ulsata2;ulsata2;c:\windows\system32\drivers\ulsata2.sys [2008-01-21 115816]
R4 usbcir;eHome Infrared Receiver (USBCIR);c:\windows\system32\drivers\usbcir.sys [2006-11-02 68608]
R4 ViaC7;VIA C7 Processor Driver;c:\windows\system32\drivers\viac7.sys [2008-01-21 41472]
R4 vsmraid;vsmraid;c:\windows\system32\drivers\vsmraid.sys [2008-01-21 130616]
R4 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [2006-11-02 20608]
R4 Wd;Microsoft Watchdog Timer Driver;c:\windows\system32\drivers\wd.sys [2008-01-21 22072]
S0 CLFS;Common Log (CLFS);c:\windows\System32\CLFS.sys [2009-04-11 245736]
S0 Ecache;ReadyBoost Caching Driver;c:\windows\System32\drivers\ecache.sys [2009-04-11 141288]
S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2008-01-21 58936]
S0 msisadrv;Ovladač třídy ISA/EISA;c:\windows\system32\drivers\msisadrv.sys [2008-01-21 16440]
S0 spldr;Security Processor Loader Driver; [x]
S0 volmgr;Ovladač správce svazků;c:\windows\system32\drivers\volmgr.sys [2008-01-21 52792]
S0 volmgrx;Dynamic Volume Manager;c:\windows\System32\drivers\volmgrx.sys [2009-04-11 292840]
S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2009-04-11 75264]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S1 nsiproxy;NSI proxy service;c:\windows\system32\drivers\nsiproxy.sys [2008-01-21 16384]
S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [2008-01-21 6144]
S1 Smb;Protokol TCP/IP a TCP/IPv6 orientovaný na zprávy (relace SMB);c:\windows\system32\DRIVERS\smb.sys [2009-04-11 66560]
S1 tdx;Ovladač pro podporu zastaralého rozhraní TDI NetIO;c:\windows\system32\DRIVERS\tdx.sys [2009-04-11 72192]
S1 Wanarpv6;Remote Access IPv6 ARP Driver;c:\windows\system32\DRIVERS\wanarp.sys [2008-01-21 62464]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\aestsrv.exe [2008-06-26 73728]
S2 AudioEndpointBuilder;Koncové vytváření služby Windows Audio;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 BFE;Služba BFE;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 DPS;Služba DPS (Diagnostic Policy Service);c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
S2 EMDMgmt;ReadyBoost;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-02-06 92800]
S2 FDResPub;Publikování prostředků rozpoznávání funkcí;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 gpsvc;Klient zásad skupiny;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 iphlpsvc;Pomocník IP;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 KtmRm;Služba KTMRM pro koordinátor DTC;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [2008-01-21 47104]
S2 luafv;UAC File Virtualization;c:\windows\system32\drivers\luafv.sys [2008-01-21 84480]
S2 MMCSS;Služba Plánovač multimédií;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 MpsSvc;Brána firewall systému Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 netprofm;Služba seznamu sítí;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 NlaSvc;Sledování umístění v síti (NLA);c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 nsi;Služba rozhraní síťového úložiště;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [2006-11-02 878080]
S2 ProfSvc;Služba Profil uživatele;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 slsvc;Licencování softwaru;c:\windows\system32\SLsvc.exe [2009-04-11 3408896]
S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 TabletInputService;Služba Vstupní panel počítače Tablet PC;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2009-12-08 30720]
S2 UxSms;Správce relací správce oken plochy;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 WerSvc;Služba Zasílání zpráv o chybách systému Windows;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 Wlansvc;Automatická konfigurace sítě WLAN;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 WPDBusEnum;Služba Výčet přenosných zařízení;c:\windows\system32\svchost.exe [2008-01-21 21504]
S3 Appinfo;Informace o aplikaci;c:\windows\system32\svchost.exe [2008-01-21 21504]
S3 bowser;bowser;c:\windows\system32\DRIVERS\bowser.sys [2008-01-21 69632]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-06-16 29736]
S3 circlass;Uživatelská infračervená zařízení;c:\windows\system32\DRIVERS\circlass.sys [2008-01-21 35328]
S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2009-09-25 634880]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-03-11 111616]
S3 iScsiPrt;Ovladač iScsiPort;c:\windows\system32\DRIVERS\msiscsi.sys [2009-04-11 180712]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2008-03-14 54784]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2008-03-11 203264]
S3 KeyIso;Izolace klíče CNG;c:\windows\system32\lsass.exe [2009-06-15 9728]
S3 monitor;Služba ovladače funkce třídy monitorů Microsoft;c:\windows\system32\DRIVERS\monitor.sys [2008-01-21 41984]
S3 mpsdrv;Ovladač ověření brány firewall systému Windows;c:\windows\system32\drivers\mpsdrv.sys [2008-01-21 64000]
S3 mrxsmb10;SMB 1.x MiniRedirector;c:\windows\system32\DRIVERS\mrxsmb10.sys [2009-12-04 212992]
S3 mrxsmb20;SMB 2.0 MiniRedirector;c:\windows\system32\DRIVERS\mrxsmb20.sys [2009-04-11 79360]
S3 NativeWifiP;Filtr NativeWiFi;c:\windows\system32\DRIVERS\nwifi.sys [2009-04-11 148480]
S3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\DRIVERS\OA001Ufd.sys [2008-03-11 149208]
S3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\DRIVERS\OA001Vid.sys [2008-03-11 277624]
S3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\DRIVERS\livecamv.sys [2007-01-15 31616]
S3 srv2;srv2;c:\windows\system32\DRIVERS\srv2.sys [2009-09-14 144896]
S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [2009-12-11 98816]
S3 tunnel;Microsoft IPv6 Tunnel Miniport Adapter Driver;c:\windows\system32\DRIVERS\tunnel.sys [2008-01-21 23040]
S3 umbus;Ovladač sběrnice UMBus Enumerator;c:\windows\system32\DRIVERS\umbus.sys [2008-01-21 34816]
S3 WdiSystemHost;Hostitel diagnostického systému;c:\windows\System32\svchost.exe [2008-01-21 21504]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
WerSvcGroup REG_MULTI_SZ wersvc
swprv REG_MULTI_SZ swprv
regsvc REG_MULTI_SZ RemoteRegistry
wcssvc REG_MULTI_SZ WcsPlugInService
DcomLaunch REG_MULTI_SZ PlugPlay DcomLaunch
wdisvc REG_MULTI_SZ WdiServiceHost
sdrsvc REG_MULTI_SZ sdrsvc
secsvcs REG_MULTI_SZ WinDefend
GPSvcGroup REG_MULTI_SZ GPSvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
AeLookupSvc
wercplsupport
Themes
CertPropSvc
SCPolicySvc
lanmanserver
gpsvc
FastUserSwitchingCompatibility
Nla
NWCWorkstation
SRService
Wmi
WmdmPmSp
TermService
wuauserv
BITS
ShellHWDetection
LogonHours
PCAudit
helpsvc
uploadmgr
iphlpsvc
seclogon
AppInfo
msiscsi
MMCSS
ProfSvc
EapHost
winmgmt
schedule
browser
.
Contents of the 'Scheduled Tasks' folder

2010-04-12 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-22 16:56]

2010-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 16:58]

2010-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 16:58]

2010-04-12 c:\windows\Tasks\User_Feed_Synchronization-{F4CB088C-9E01-4857-AA3E-93589A896CC5}.job
- c:\windows\system32\msfeedssync.exe [2010-01-21 04:56]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.icq.com/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.ez-tracks.com/?fromOMB=1
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download Link Using Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\progra~1\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\progra~1\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\progra~1\PCTRAN~1\webie.dll
Trusted Zone: umb.sk\ais2
FF - ProfilePath - c:\users\silvia\AppData\Roaming\Mozilla\Firefox\Profiles\exdht3il.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://home.ez-tracks.com/?fromOMB=1
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\users\silvia\AppData\Roaming\Mozilla\Firefox\Profiles\exdht3il.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-sacsvr



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-12 19:56
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(5236)
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\STacSV.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\conime.exe
c:\windows\system32\igfxsrvc.exe
c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\setup.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\DellTPad\Apntex.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
.
**************************************************************************
.
Completion time: 2010-04-12 20:08:05 - machine was rebooted
ComboFix-quarantined-files.txt 2010-04-12 18:07

Pre-Run: Systém nemůže nalézt text zprávy číslo 0x2379 v souboru zpráv pro Application.
Post-Run: Volných bajtů: 38 934 155 264

- - End Of File - - 8230AAE375A1D3CD74F4937CC6A163EA

Re: notebook nefunguje spravne, prosim o kontrolu logu

Napsal: 12 dub 2010 19:41
od Rudy
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{27d6e2c9-92fe-11de-9763-8847cfae2fc7}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a55c029e-9500-11dd-b1b5-001644ffa86f}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c41ad441-9c3f-11dd-964f-001644ffa86f}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e295e330-bf9c-11dd-b42a-001644ffa86f}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eefd6b1b-0d44-11de-a8e9-00217074994a}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nodenable"=-
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: notebook nefunguje spravne, prosim o kontrolu logu

Napsal: 12 dub 2010 20:38
od fefkus
Nech sa paci, dalsi log:

ComboFix 10-04-12.01 - silvia . 04. 2010 20:51:06.1.2 - x86
Running from: c:\users\silvia\Desktop\ComboFix.exe
Command switches used :: c:\users\silvia\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((( Files Created from 2010-03-12 to 2010-04-12 )))))))))))))))))))))))))))))))
.

2010-04-12 19:02 . 2010-04-12 19:02 -------- d-----w- c:\users\silvia\AppData\Local\temp
2010-04-12 19:02 . 2010-04-12 19:02 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-12 19:02 . 2010-04-12 19:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-12 17:00 . 2010-04-12 17:00 -------- d-----w- C:\rsit
2010-04-12 17:00 . 2010-04-12 17:00 -------- d-----w- c:\program files\trend micro
2010-04-12 16:59 . 2010-04-12 16:59 -------- d-----w- c:\program files\RSIT
2010-04-11 20:47 . 2010-04-11 20:47 -------- d-----w- c:\users\silvia\AppData\Roaming\Malwarebytes
2010-04-11 20:47 . 2008-12-03 17:52 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-11 20:47 . 2008-12-03 17:52 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-11 20:47 . 2010-04-11 20:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-11 20:47 . 2010-04-11 20:47 -------- d-----w- c:\programdata\Malwarebytes
2010-04-11 20:30 . 2010-04-11 20:30 -------- d-----w- c:\program files\CCleaner
2010-04-05 13:15 . 2010-04-05 13:17 20841968 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\rp\RealPlayerSPGold.exe
2010-04-05 13:15 . 2010-04-05 13:15 8405312 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2010-04-05 13:14 . 2010-04-05 13:14 149000 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\chr_helper\LaunchHelper.exe
2010-04-05 13:14 . 2010-04-05 13:14 10309448 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\chr\ChromeInstaller.exe
2010-04-05 13:13 . 2010-04-05 13:13 79368 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\RUP\vista.exe
2010-04-05 13:13 . 2010-04-05 13:13 64000 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\RUP\inst_config\gcapi_dll.dll
2010-04-05 13:13 . 2010-04-05 13:13 52288 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\RUP\inst_config\gtapi.dll
2010-04-05 13:13 . 2010-04-05 13:13 50688 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\RUP\inst_config\fftbapi.dll
2010-04-05 13:13 . 2010-04-05 13:13 49152 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\RUP\inst_config\CarboniteCompatibility.dll
2010-04-05 13:13 . 2010-04-05 13:13 118784 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\RUP\inst_config\compat.dll
2010-04-05 05:13 . 2010-04-05 05:13 439816 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\setup.exe
2010-03-26 18:42 . 2010-03-26 18:42 -------- d-----w- c:\program files\Common Files\Skype
2010-03-14 20:07 . 2010-03-14 20:08 -------- d-----w- c:\program files\Common Files\Lingea Shared
2010-03-14 20:05 . 2010-03-14 20:05 -------- d-----w- c:\program files\Lingea

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-12 18:57 . 2008-09-22 18:30 -------- d-----w- c:\users\silvia\AppData\Roaming\Skype
2010-04-12 18:46 . 2008-01-21 06:13 590348 ----a-w- c:\windows\system32\perfh005.dat
2010-04-12 18:46 . 2008-01-21 06:13 114900 ----a-w- c:\windows\system32\perfc005.dat
2010-04-12 17:58 . 2008-09-22 18:31 -------- d-----w- c:\users\silvia\AppData\Roaming\skypePM
2010-04-11 20:45 . 2008-09-10 19:39 -------- d-----w- c:\program files\Dell Webcam
2010-04-11 20:45 . 2008-09-10 19:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-11 20:45 . 2008-09-22 18:29 -------- d-----w- c:\program files\Google
2010-04-11 20:42 . 2008-09-26 08:05 -------- d-----w- c:\program files\BS.Player ControlBar
2010-04-11 20:35 . 2008-11-04 18:40 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-04-07 19:30 . 2008-09-10 19:39 3204 ----a-w- c:\windows\bthservsdp.dat
2010-04-05 13:14 . 2010-04-05 13:14 149000 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\chr_helper\LaunchHelper.exe
2010-04-05 13:14 . 2010-04-05 13:14 10309448 ----a-w- c:\users\silvia\AppData\Roaming\Real\Update\setup3.10\chr\ChromeInstaller.exe
2010-03-12 02:05 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-05 17:57 . 2010-03-05 17:57 -------- d-----w- c:\program files\Audio-Text Synchronized Books
2010-03-05 06:46 . 2008-09-22 18:12 -------- d-----w- c:\users\silvia\AppData\Roaming\ICQ
2010-02-26 20:48 . 2010-01-31 09:47 -------- d-----w- c:\program files\Last.fm
2010-02-26 20:47 . 2010-01-31 09:48 -------- d-----w- c:\programdata\Last.fm
2010-02-26 16:14 . 2009-08-14 23:18 -------- d-----w- c:\program files\iTunes
2010-02-24 09:16 . 2009-10-02 23:33 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-24 07:32 . 2009-06-01 05:53 -------- d-----w- c:\program files\Graboid
2010-02-24 06:44 . 2008-09-19 13:34 101512 ----a-w- c:\users\silvia\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-19 23:47 . 2010-02-19 23:47 3604480 ----a-w- c:\windows\system32\GPhotos.scr
2010-02-12 10:32 . 2010-03-12 02:03 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-01-31 10:31 . 2010-01-31 09:48 683801 ----a-w- c:\programdata\Last.fm\Client\UninstWMP\unins000.exe
2010-01-31 10:31 . 2010-01-31 09:48 683801 ----a-w- c:\programdata\Last.fm\Client\UninstITW\unins000.exe
2010-01-31 09:48 . 2010-01-31 09:48 108 ----a-w- c:\programdata\Last.fm\Client\uninst2.bat
2010-01-31 09:02 . 2010-01-31 09:02 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb1B2.tmp.exe
2010-01-25 12:00 . 2010-02-24 00:28 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:00 . 2010-02-24 00:27 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:00 . 2010-02-24 00:27 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:00 . 2010-02-24 00:28 471552 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 11:58 . 2010-02-24 00:27 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:21 . 2010-02-24 00:27 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:21 . 2010-02-24 00:27 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:21 . 2010-02-24 00:27 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-25 08:21 . 2010-02-24 00:27 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-23 09:26 . 2010-02-24 00:29 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-15 11:19 . 2010-01-15 11:15 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-15 11:19 . 2009-01-11 16:30 38784 ----a-w- c:\users\silvia\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2008-09-11 05:09 . 2008-09-11 05:08 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-24 39408]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-03-09 26100520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-06-30 196608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-11 133656]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-03-12 3563520]
"Dell Webcam Central"="c:\program files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" [2008-06-03 446635]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2008-01-14 132392]
"NSLauncher"="c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-08-02 3096576]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-02-14 185872]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-06-26 442467]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2009-12-18 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

c:\users\silvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Lingea Update Center.lnk - c:\program files\Common Files\Lingea Shared\luc.exe [2008-9-30 275736]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-3-17 1207376]
T-Mobile Communication Center.lnk - c:\program files\T-Mobile Communication Center\TMCC.exe [2010-1-9 749568]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-5-11 525640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):0a,7a,9e,56,c5,7b,ca,01

R2 gupdate1c9fbff7376e4ca;Služba Google Update (gupdate1c9fbff7376e4ca);c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 133104]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-01-09 9216]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2008-12-03 38496]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\aestsrv.exe [2008-06-26 73728]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-02-06 92800]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-06-16 29736]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-03-11 111616]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2008-03-14 54784]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2008-03-11 203264]
S3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\DRIVERS\OA001Ufd.sys [2008-03-11 149208]
S3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\DRIVERS\OA001Vid.sys [2008-03-11 277624]
S3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\DRIVERS\livecamv.sys [2007-01-15 31616]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder

2010-04-12 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-09-22 16:56]

2010-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 16:58]

2010-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-03 16:58]

2010-04-12 c:\windows\Tasks\User_Feed_Synchronization-{F4CB088C-9E01-4857-AA3E-93589A896CC5}.job
- c:\windows\system32\msfeedssync.exe [2010-01-21 04:56]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.icq.com/
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.ez-tracks.com/?fromOMB=1
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download Link Using Mega Manager... - c:\program files\Megaupload\Mega Manager\mm_file.htm
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\progra~1\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\progra~1\PCTRAN~1\webie.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\progra~1\PCTRAN~1\webie.dll
Trusted Zone: umb.sk\ais2
FF - ProfilePath - c:\users\silvia\AppData\Roaming\Mozilla\Firefox\Profiles\exdht3il.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://home.ez-tracks.com/?fromOMB=1
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - component: c:\users\silvia\AppData\Roaming\Mozilla\Firefox\Profiles\exdht3il.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1636.7222\npCIDetect13.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-12 21:02
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-04-12 21:08:27
ComboFix-quarantined-files.txt 2010-04-12 19:08
ComboFix2.txt 2010-04-12 18:08

Pre-Run: Volných bajtů: 38 595 141 632
Post-Run: Volných bajtů: 38 443 380 736

- - End Of File - - 348D556648C29E6F0A4ECB529FA0041C

Re: notebook nefunguje spravne, prosim o kontrolu logu

Napsal: 12 dub 2010 21:12
od Rudy
Log již vypadá čistý. Změnilo se něco?

Re: notebook nefunguje spravne, prosim o kontrolu logu

Napsal: 12 dub 2010 21:19
od fefkus
Vyzera to byt uz v poriadku, takze asi naozaj pomohol ComboFix. Este jej asi pomazem nejake hluposti z pocitaca, nech sa tam bordel nezbiera...
Velmi pekne dakujem.
Pekny vecer.
F

Re: notebook nefunguje spravne, prosim o kontrolu logu

Napsal: 12 dub 2010 21:33
od Rudy
Pěkný večer i vám a nemáte zač!
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz