Pracovna plocha

Zpráva

Milanco · #1 Příspěvek od **Milanco** » 15 led 2011 20:27

Dobry vecer, mam problem s jednym PC, po nabehnuti sa mi zobrazi len tapeta pracovnej plochy a nic ine, ziadne ikony alebo spodna lista. Mozem sa ale dostat do nudzoveho rezimu, chcel som spustit kontrolu MBAM ale nepodarilo sa mi to. Co s tym moze byt? Bude potrebny log z RSIT alebo nieco ine?

#2 Příspěvek od **Diallix** » 15 led 2011 20:56

ano, daj sem log z rsitu.

Milanco · #3 Příspěvek od **Milanco** » 15 led 2011 20:58

pri tom PC budem zajtra niekedy poobede, tak to sem dam potom. Budes tu zajtra niekedy v tom case?

#4 Příspěvek od **Diallix** » 15 led 2011 21:26

budem, ak smiem vediet, koho to je pocitac, tvoj?

Milanco · #5 Příspěvek od **Milanco** » 15 led 2011 21:29

nie, svagrov

#6 Příspěvek od **Diallix** » 15 led 2011 21:30

no dobre, tak ak tak, zajtra.

Milanco · #7 Příspěvek od **Milanco** » 15 led 2011 21:35

dobre, ja to sem dam tak okolo 14:00

#8 Příspěvek od **Diallix** » 15 led 2011 21:36

v pohode

Milanco · #9 Příspěvek od **Milanco** » 16 led 2011 14:24

Logfile of random's system information tool 1.08 (written by random/random)
Run by Administrator at 2010-10-16 14:22:09
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 98 GB (41%) free of 238 GB
Total RAM: 2047 MB (88% free)

HijackThis download failed

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-1801674531-725345543-1004Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-1801674531-725345543-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00F5B5BA-E3C2-4b70-BF51-42A557914FAD}]
CashBackAssistant - C:\Program Files\Nice Prosper\CashBackAssistant\CashBackAssistantIE.dll [2008-12-22 835584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D023EBF-70B8-45A6-9ED5-556515FA0FE4}]
UrlHelper Class - C:\Program Files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll [2008-04-17 398776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - BearShare MediaBar - C:\Program Files\BearShare Applications\BearShare MediaBar\BSMediaBar.dll [2008-04-17 611768]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2007-03-21 16126464]
"Alcmtr"=C:\windows\ALCMTR.EXE [2005-05-03 69632]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"VX1000"=C:\WINDOWS\vVX1000.exe [2007-04-10 709992]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-07-12 132496]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-05-20 1043968]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-12-31 3395600]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-07 1753192]
"NvMediaCenter"=C:\windows\system32\NvMcTray.dll [2010-07-09 110696]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2010-07-09 13923432]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\CTFMON.EXE [2008-04-14 15360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NeroHomeFirstStart"=C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [2007-06-27 16680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^uzivatel^Start Menu^Programs^Startup^MarvellTrayStartup.lnk]
C:\PROGRA~1\Marvell\61xx\tray\RaidTray.bat []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^uzivatel^Start Menu^Programs^Startup^SkyDownloader (Minimized).lnk]
C:\PROGRA~1\SKYDOW~1\SKYDOW~1.EXE []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-08-24 133120]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe"="C:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe:*:Disabled:Apache HTTP Server"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Disabled:Nero Home"
"C:\Documents and Settings\BearShare.exe"="C:\Documents and Settings\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\Swapper\swapper.exe"="C:\Program Files\Swapper\swapper.exe:*:Disabled:swapper"
"C:\Program Files\Microsoft LifeCam\LifeExp.exe"="C:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe"
"C:\Program Files\Microsoft LifeCam\LifeCam.exe"="C:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\Program Files\mIRC\mIRC.exe"="C:\Program Files\mIRC\mIRC.exe:*:Enabled:Mirc Edit By yönetim"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Documents and Settings\uzivatel\Desktop\Delta Force Xtreme 2\Crack\dfx2.exe"="C:\Documents and Settings\uzivatel\Desktop\Delta Force Xtreme 2\Crack\dfx2.exe:*:Disabled:dfx2"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Java\jre1.6.0_02\bin\javaw.exe"="C:\Program Files\Java\jre1.6.0_02\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-10-15 17:22:54 ----D---- C:\Documents and Settings\Administrator\Application Data\Opera
2010-10-15 17:20:40 ----D---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2010-10-15 17:20:40 ----ASH---- C:\Documents and Settings\Administrator\Application Data\desktop.ini
2010-10-15 17:20:21 ----A---- C:\windows\ntbtlog.txt
2010-10-14 08:54:39 ----HDC---- C:\windows\$NtUninstallKB2419632$

======List of files/folders modified in the last 1 months======

2011-01-13 09:47:32 ----A---- C:\windows\system32\aswBoot.exe
2010-11-18 20:12:44 ----A---- C:\windows\system32\isign32.dll
2010-11-09 16:52:35 ----A---- C:\windows\system32\odbc32.dll
2010-11-05 07:05:36 ----A---- C:\windows\system32\wininet.dll
2010-11-05 07:05:36 ----A---- C:\windows\system32\urlmon.dll
2010-11-05 07:05:36 ----A---- C:\windows\system32\shdocvw.dll
2010-11-05 07:05:36 ----A---- C:\windows\system32\mstime.dll
2010-11-05 07:05:36 ----A---- C:\windows\system32\mshtmled.dll
2010-11-05 07:05:35 ----A---- C:\windows\system32\mshtml.dll
2010-11-05 07:05:35 ----A---- C:\windows\system32\iepeers.dll
2010-11-05 07:05:35 ----A---- C:\windows\system32\ieencode.dll
2010-11-05 07:05:35 ----A---- C:\windows\system32\browseui.dll
2010-11-03 15:12:40 ----N---- C:\windows\system32\tzchange.exe
2010-10-28 15:13:22 ----A---- C:\windows\system32\atmfd.dll
2010-10-15 17:53:44 ----D---- C:\windows\Temp
2010-10-15 17:39:49 ----A---- C:\windows\SchedLgU.Txt
2010-10-15 17:38:53 ----D---- C:\windows\Internet Logs
2010-10-15 17:38:41 ----D---- C:\windows\system32\CatRoot2
2010-10-15 17:20:39 ----D---- C:\Documents and Settings
2010-10-15 17:20:21 ----D---- C:\WINDOWS
2010-10-14 13:10:45 ----D---- C:\windows\Prefetch
2010-10-14 09:41:30 ----D---- C:\windows\system32
2010-10-14 09:40:55 ----D---- C:\Program Files\Mozilla Firefox
2010-10-14 08:54:50 ----A---- C:\windows\system32\MRT.exe
2010-10-14 08:54:46 ----HD---- C:\windows\inf
2010-10-14 08:54:43 ----RSHDC---- C:\windows\system32\dllcache
2010-10-13 19:53:15 ----A---- C:\windows\NeroDigital.ini
2010-10-13 09:01:25 ----HD---- C:\windows\$hf_mig$
2010-10-07 11:59:39 ----D---- C:\Program Files\Total Video Converter
2010-10-07 11:59:17 ----RD---- C:\Program Files
2010-10-06 09:25:54 ----D---- C:\windows\system32\CatRoot
2010-09-24 11:04:19 ----A---- C:\windows\system32\PnkBstrB.exe
2010-09-20 16:07:26 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-20 12:18:41 ----SHD---- C:\windows\Installer
2010-09-20 12:18:41 ----SHD---- C:\Config.Msi
2010-09-18 12:23:26 ----A---- C:\windows\system32\mfc42u.dll
2010-09-18 08:53:25 ----A---- C:\windows\system32\mfc42.dll
2010-09-18 08:53:25 ----A---- C:\windows\system32\mfc40u.dll
2010-09-18 08:53:25 ----A---- C:\windows\system32\mfc40.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\windows\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\windows\system32\DRIVERS\Rockey4.sys [2008-11-26 22016]
R3 usbstor;USB Mass Storage Driver; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S0 mv61xx;mv61xx; C:\windows\system32\DRIVERS\mv61xx.sys []
S0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2009-12-02 691696]
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\windows\system32\drivers\Aavmker4.sys [2011-01-13 29392]
S1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-01-13 23632]
S1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-01-13 294608]
S1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-01-13 47440]
S1 intelppm;Intel Processor Driver; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
S1 kbdhid;Keyboard HID Driver; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S1 NTGDT;NTGDT; \??\C:\WINDOWS\system32\Drivers\NTGDT.SYS []
S1 vsdatant;vsdatant; C:\windows\System32\vsdatant.sys [2010-05-13 532224]
S2 Aspi32;Aspi32; C:\windows\System32\drivers\aspi32.sys [2005-11-21 16512]
S2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2010-12-31 17744]
S2 aswMon2;avast! Standard Shield Support; C:\windows\system32\drivers\aswMon2.sys [2011-01-13 100176]
S2 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\windows\system32\DRIVERS\l151x86.sys [2009-04-06 37376]
S3 CCDECODE;Closed Caption Decoder; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dtscsi;dtscsi; C:\windows\System32\Drivers\dtscsi.sys [2008-07-10 223128]
S3 esihdrv;esihdrv; \??\C:\DOCUME~1\uzivatel\LOCALS~1\Temp\esihdrv.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2007-03-26 4395008]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2008-05-02 17536]
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2008-05-02 20864]
S3 nv;nv; C:\windows\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2008-12-22 47360]
S3 PSI;PSI; C:\windows\system32\DRIVERS\psi_mf.sys [2010-07-07 14904]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbaudio;USB Audio Driver (WDM); C:\windows\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;Nokia USB Serial Port; C:\windows\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-02 8064]
S3 VX1000;VX-1000; C:\windows\system32\DRIVERS\VX1000.sys [2007-04-10 1966312]
S3 Wdf01000;Wdf01000; C:\windows\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WSTCODEC;World Standard Teletext Codec; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-12-31 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-21 135664]
S2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2007-05-17 271720]
S2 NVSvc;NVIDIA Display Driver Service; C:\windows\system32\nvsvc32.exe [2010-07-09 155752]
S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-01-04 66872]
S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
S2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-05-20 2437176]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 WSearch;Windows Search; C:\windows\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WinRM;Windows Remote Management (WS-Management); C:\windows\system32\svchost.exe [2008-04-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#10 Příspěvek od **Diallix** » 16 led 2011 15:17

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

V nudzovom rezime pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Milanco · #11 Příspěvek od **Milanco** » 16 led 2011 16:10

ComboFix nejde spustit v nudzovom rezime, vraj mam skontrolovat nastavenia. Antivirus mu nebrani

#12 Příspěvek od **Diallix** » 16 led 2011 16:29

skus ho pomenovat na bla.exe ... co to hlasi?

Milanco · #13 Příspěvek od **Milanco** » 16 led 2011 16:32

stale to iste:

DATE ERROR
Date Error: 2010-10-16
Check your settings

#14 Příspěvek od **Diallix** » 16 led 2011 16:34

A mas v pocitaci nastaveny spravny fortmat datumu, 16.1 2011 ?

Milanco · #15 Příspěvek od **Milanco** » 16 led 2011 18:23

Ano, mal tam zly datum

tu je log z ComboFix:

ComboFix 11-01-15.01 - uzivatel 16.01.2011 17:03:14.1.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2047.1368 [GMT 1:00]
Running from: c:\documents and settings\uzivatel\Desktop\bla.exe.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\bla.exe
c:\bla.exe\NircmdB.exe
c:\documents and settings\uzivatel\Application Data\inst.exe
c:\program files\Nice Prosper
c:\program files\Nice Prosper\CashBackAssistant\CaSHbackassistantie.dll
c:\program files\Nice Prosper\CashBackAssistant\cfcpxlog.mx
c:\program files\Nice Prosper\CashBackAssistant\MatchingData.zd5
c:\program files\Nice Prosper\CashBackAssistant\setup.exe
c:\program files\Nice Prosper\CashBackAssistant\unins000.dat
c:\program files\Nice Prosper\CashBackAssistant\unins000.exe
c:\windows\system32\Drivers\NTGDT.SYS

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NTGDT
-------\Service_NTGDT

((((((((((((((((((((((((( Files Created from 2010-12-16 to 2011-01-16 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-13 08:47 . 2010-10-16 14:33 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-10-16 14:33 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-10-16 14:33 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-10-16 14:33 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:40 . 2010-10-16 14:33 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-01-13 08:39 . 2010-10-16 14:33 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-01-13 08:37 . 2010-10-16 14:33 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-10-16 14:33 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-01-13 08:37 . 2010-10-16 14:33 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-11-18 18:12 . 2008-07-10 12:35 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52 . 2006-02-28 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-05 05:05 . 2006-02-28 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2010-11-05 05:05 . 2006-02-28 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2010-11-05 05:05 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-11-03 12:59 . 2006-02-28 12:00 369664 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2006-02-28 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2006-02-28 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2006-02-28 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D023EBF-70B8-45A6-9ED5-556515FA0FE4}]
2008-04-17 07:44 398776 ----a-w- c:\program files\BearShare Applications\BearShare MediaBar\BearShareIEHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2007-06-27 152872]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 15144328]
"Google Update"="c:\documents and settings\uzivatel\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-07-18 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 16126464]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"VX1000"="c:\windows\vVX1000.exe" [2007-04-10 709992]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-05-20 1043968]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\uzivatel\Start Menu\Programs\Startup\
Secunia PSI.lnk - c:\program files\Secunia\PSI\psi.exe [2010-7-21 965176]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKLM\~\startupfolder\C:^Documents and Settings^uzivatel^Start Menu^Programs^Startup^MarvellTrayStartup.lnk]
path=c:\documents and settings\uzivatel\Start Menu\Programs\Startup\MarvellTrayStartup.lnk
backup=c:\windows\pss\MarvellTrayStartup.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^uzivatel^Start Menu^Programs^Startup^SkyDownloader (Minimized).lnk]
path=c:\documents and settings\uzivatel\Start Menu\Programs\Startup\SkyDownloader (Minimized).lnk
backup=c:\windows\pss\SkyDownloader (Minimized).lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"c:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Java\\jre1.6.0_02\\bin\\javaw.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.7.2008 11:19 691696]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [16.10.2010 15:33 294608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16.10.2010 15:33 17744]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [10.7.2008 14:08 37376]
S0 mv61xx;mv61xx;c:\windows\system32\DRIVERS\mv61xx.sys --> c:\windows\system32\DRIVERS\mv61xx.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [21.2.2010 10:59 135664]
S3 esihdrv;esihdrv;\??\c:\docume~1\uzivatel\LOCALS~1\Temp\esihdrv.sys --> c:\docume~1\uzivatel\LOCALS~1\Temp\esihdrv.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [6.10.2009 7:11 36608]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [7.7.2010 15:05 14904]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [28.2.2006 13:00 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder

2011-01-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 09:59]

2010-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-21 09:59]

2010-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-527237240-1801674531-725345543-1004Core.job
- c:\documents and settings\uzivatel\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-28 07:20]

2010-10-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-527237240-1801674531-725345543-1004UA.job
- c:\documents and settings\uzivatel\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-08-28 07:20]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1392740
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
FF - ProfilePath - c:\documents and settings\uzivatel\Application Data\Mozilla\Firefox\Profiles\xukz7n1r.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2611275&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2346211&SearchSource=2&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Softonic English Winx Toolbar: {906563dd-6f64-449a-80c9-8689bd05c060} - %profile%\extensions\{906563dd-6f64-449a-80c9-8689bd05c060}
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-{091ED936-E610-497D-B651-0E4BF73CE598}_is1 - c:\program files\Nice Prosper\CashBackAssistant\unins000.exe
AddRemove-{1D975A5E-1126-4F46-A423-41781934A63E} - c:\documents and settings\All Users\Application Data\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\Setup.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-16 18:12
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(1856)
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Microsoft LifeCam\MSCamS32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\SearchIndexer.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\windows\system32\SearchProtocolHost.exe
c:\windows\system32\SearchFilterHost.exe
.
**************************************************************************
.
Completion time: 2011-01-16 18:20:32 - machine was rebooted
ComboFix-quarantined-files.txt 2011-01-16 17:20

Pre-Run: 104 237 682 688 bytes free
Post-Run: 104 184 377 344 bytes free

- - End Of File - - 2AAADA6EEC2E88CDA86E10B1AF6CAE16

VIRY.CZ

Pracovna plocha

Pracovna plocha

Re: Pracovna plocha

Re: Pracovna plocha

Re: Pracovna plocha

Re: Pracovna plocha

Re: Pracovna plocha

Re: Pracovna plocha

Re: Pracovna plocha

Re: Pracovna plocha

Re: Pracovna plocha

Re: Pracovna plocha

Re: Pracovna plocha

Re: Pracovna plocha

Re: Pracovna plocha

Re: Pracovna plocha