Prosím o kontrolu logu

[milansilvia]

Tak som to dal cez ten nový program:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Milan a Silvia at 2010-01-18 13:10:28
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 4 GB (6%) free of 71 GB
Total RAM: 1013 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:10:45, on 18. 1. 2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18865)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CK351S32\RSIT[1].exe
C:\Program Files\trend micro\Milan a Silvia.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zoznam.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe /systray
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [snpstd3] C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\Windows\tsnp325.exe
O4 - HKLM\..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_ind.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6741 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ad-Aware Update (Daily 1).job
C:\Windows\tasks\Ad-Aware Update (Daily 2).job
C:\Windows\tasks\Ad-Aware Update (Daily 3).job
C:\Windows\tasks\Ad-Aware Update (Daily 4).job
C:\Windows\tasks\Ad-Aware Update (Weekly).job
C:\Windows\tasks\User_Feed_Synchronization-{998B468C-9444-443B-BAD5-61D1D44652AF}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-04-26 501384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-04-26 2193280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-04-26 2193280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-11-15 815104]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2006-12-03 167936]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
"NapsterShell"=C:\Program Files\Napster\napster.exe [2006-09-06 323216]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-11-06 159744]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2006-11-10 46704]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2006-10-18 317152]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2006-10-18 472800]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0\bin\jusched.exe [2007-04-26 77824]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-06-18 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-06-18 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-06-18 133656]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"snpstd3"=C:\Windows\vsnpstd3.exe [2005-09-05 339968]
"FixCamera"=C:\Windows\FixCamera.exe [2007-02-12 20480]
"tsnp325"=C:\Windows\tsnp325.exe [2006-10-10 270336]
"PAC207_Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2007-12-10 323584]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-08 44128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-06-18 204800]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-01-18 13:10:32 ----D---- C:\Program Files\trend micro
2010-01-18 13:10:28 ----D---- C:\rsit
2010-01-18 10:35:46 ----D---- C:\Program Files\Ultimate Process Manager
2010-01-18 09:58:12 ----A---- C:\Windows\ntbtlog.txt
2010-01-14 15:13:42 ----A---- C:\Windows\PC Image Editor Uninstaller.exe
2010-01-14 15:13:40 ----D---- C:\Program Files\PC Image Editor
2010-01-14 15:13:40 ----D---- C:\Program Files\Common Files\Program4Pc
2010-01-13 19:03:12 ----A---- C:\Windows\system32\t2embed.dll
2010-01-13 19:03:10 ----A---- C:\Windows\system32\fontsub.dll
2009-12-26 18:55:59 ----D---- C:\Windows\PixArt
2009-12-21 18:02:46 ----A---- C:\Windows\system32\vsnpx32.dll
2009-12-21 17:57:11 ----A---- C:\Windows\FixCamera.exe
2009-12-21 17:57:11 ----A---- C:\Windows\amcap.exe
2009-12-21 17:57:03 ----A---- C:\Windows\vsnp325.exe
2009-12-21 17:57:03 ----A---- C:\Windows\tsnp325.exe
2009-12-21 17:57:02 ----A---- C:\Windows\snp325.ini
2009-12-21 17:57:00 ----D---- C:\Program Files\Common Files\snp325
2009-12-21 17:57:00 ----A---- C:\Windows\system32\vsnp325.dll
2009-12-21 17:57:00 ----A---- C:\Windows\system32\rsnp325.dll
2009-12-21 17:57:00 ----A---- C:\Windows\system32\csnp325.dll
2009-12-21 17:56:18 ----D---- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\InstallShield

======List of files/folders modified in the last 1 months======

2010-01-18 13:10:32 ----RD---- C:\Program Files
2010-01-18 12:15:50 ----D---- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\Skype
2010-01-18 10:15:59 ----D---- C:\Windows\Temp
2010-01-18 10:15:59 ----D---- C:\Windows\Tasks
2010-01-18 09:58:12 ----D---- C:\WINDOWS
2010-01-18 09:50:07 ----D---- C:\Windows\system32\Tasks
2010-01-18 09:38:52 ----D---- C:\Users\Milan a Silvia.SilviaaMilan-PC\AppData\Roaming\skypePM
2010-01-17 20:12:40 ----D---- C:\Windows\Minidump
2010-01-17 17:37:28 ----D---- C:\Windows\Prefetch
2010-01-17 17:01:02 ----SHD---- C:\System Volume Information
2010-01-17 13:25:44 ----D---- C:\Incomplete
2010-01-17 13:16:02 ----D---- C:\filmy
2010-01-14 15:13:42 ----D---- C:\Windows\System32
2010-01-14 15:13:40 ----D---- C:\Program Files\Common Files
2010-01-14 15:13:03 ----D---- C:\programy
2010-01-14 10:29:28 ----D---- C:\Windows\winsxs
2010-01-14 10:13:59 ----D---- C:\Windows\system32\catroot
2010-01-14 10:13:44 ----D---- C:\Program Files\Windows Mail
2010-01-13 19:00:56 ----D---- C:\Windows\system32\catroot2
2010-01-05 19:57:16 ----D---- C:\Windows\system32\LogFiles
2010-01-05 01:17:46 ----A---- C:\Windows\system32\mrt.exe
2009-12-26 18:55:59 ----D---- C:\Windows\twain_32
2009-12-26 18:55:59 ----D---- C:\Windows\system32\drivers
2009-12-26 18:55:47 ----D---- C:\Windows\inf
2009-12-21 17:57:12 ----A---- C:\Windows\win.ini
2009-12-21 17:56:57 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-17 534016]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-09-26 50176]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-11-15 179256]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
S1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-06-28 8192]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
S2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
S2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 8192]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-17 534016]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2009-02-17 57672]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2009-02-17 72520]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2006-11-02 145920]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-18 986624]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-18 206848]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-18 2307584]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-18 2307584]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 PAC207;PC Camer@; C:\Windows\system32\DRIVERS\PFC027.SYS [2008-02-13 618112]
S3 SNP325;USB PC Camera (SNPSTD325); C:\Windows\system32\DRIVERS\snp325.sys [2007-04-03 10251904]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2005-10-13 8701824]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-18 659968]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-12-23 1181328]
S2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
S2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2006-11-21 63080]
S2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
S2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-04 386560]
S3 AddFiltr;AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [2006-06-26 126976]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-06 887544]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 73728]

-----------------EOF-----------------

[holubbn]

Zdravím, jdi na stránku www.virustotal.com
▪ Klikni na Vybrat, a najdi tento soubor: kód:
c:\windows\UnExpert8.exe


▪ Až soubor najdeš, klikni na Otevřít, pak na tlačítko Odeslat soubor.
▪ Pokud se zobrazí, že daný soubor již byl testován, klikni na tlačítko Otestovat soubor znovu.
▪ Až se testování dokončí, pošli sem pouze odkaz (link) na výsledek té analýzy.

Stejným způsobem nech otestovat i následující soubor/y: kód:
c:\windows\System32\SoundSchemes.exe
c:\windows\System32\soundschemes2.exe




(Poznámka: pokud by nějaké soubory nebyly k nalezení, ujisti se, zda máš zapnuté zobrazování skrytých souborů a složek, pokud ne, tak Nabídka Start -> Ovládací panely -> Možnosti složky -> Zobrazení -> Zobrazovat skryté soubory a složky -> OK)

_________________

[milansilvia]

Nedarí sa mi tie subory najsť. Prečo? A mam zapnuté zobrazovanie skrytých súborov.

[holubbn]

Išiel si na stranju www.virustotal.com
daj tam
c:\windows\UnExpert8.exe zafajkny daj to najskvor vybrat do tvojej tabulky a nie hned do tej stranky
potom hladať a odoslat
odpoj si usb disky ak maš .
A malo by ti to najsť .

[milansilvia]

Tak z usb som všetko vybral, no súbory v mojom počítači nie su. Neviem prečo ale nie su tu.

[holubbn]

To je divne ze ti to nenašlo daj toto tam
C:\wpabaln.exe
c:\windows\chgkey.vbs

[stell]

Zdravim
holubbn
Chcel by som vediet ze skadial beries tieto subory,
C:\wpabaln.exe
c:\windows\chgkey.vbs
c:\windows\UnExpert8.exe
c:\windows\System32\SoundSchemes.exe
c:\windows\System32\soundschemes2.exe

[holubbn]

Robil mi to jeden na
http://www.warforum.cz/
macher dal by som to tu cele ale neda sa mi tam pripojit dam to tu presne to čo pisal tak to som tu dal a tak to robia na tom fore .

[stell]

Ak dobre chapem co pises Tebe niekto cistil pocitac na war fore,a si myslel ze treba dat zkontrolova tie iste subory milansilvia ako tebe??

Zdravim
milansilvia
aky problem mas s pc??

[milansilvia]

Ahoj Stell, problém spočíva v tom ,že počítač zmrzne objavia sa také pruhy cez obrazovku. Žiadna modrá obrazovka sem tam aj to ale len vynímočne. Stale su to pruhy a celkové zmrznutie laptopu. Dakujem.

[stell]

ahoj
no pruhy na monitore ukazuje na Graficku kartu,ovladac,prehrievanie,,ale pre istotu daj log z Combofixu:

b] PROSIM CITAJTE POZORNE NAVODY!!!,[/b]

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte>>
http://download.bleepingcomputer.com/sUBs/ComboFix.exe






- ComboFix je třeba spustit pod účtem s právy administrátora.
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano;

A este raz >ANO<

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího modreho okna

- Po dokončení skenování, trvajícího maximálně 10-15 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah do svého threadu na forum
- Před použitím ComboFixu je treba vypnout všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary. NAVOD: http://www.bleepingcomputer.com/forums/topic114351.html
Mohou zasahovat do činnosti ComboFixu, což může způsobit, že nebude fungovat korektně.
V případě detekce antiviru u ComboFixu se jedná o falešný poplach.

[milansilvia]

Idem to skusiť spraviť stell, veľmi dakujem za ochotu pomôcť. Dakujem

[stell]

zatial nemas zaco a ospravodlnujem sa ze ta sikanovali s testovanim suborov,,co neexistuju.

[stell]

holubbn
prosim ta uz nedavaj sem ziadne logy z war Fora,,toho mahra poznam,,,,
Ak mas predstavu ze ako funguje operacny system tak musis vediet ze kazdy pocitac ma inu softwerovu a hardwerovu konfiguraciu,to jest,ma ine subory ,a ine smejdy,,asi takto,,preto nie je mozne dat testovovat subory z ineho logu,,
chapes,,tymto debatu uzatvaram a doporucujem aby si zacal s touto metoudou na inom fore,,napriklad na War fore,
dakujem

[milansilvia]

Nedá sa mi spustiť ten combofix. Napíše ,že treba stihnuť novšiu verziu. A keby to bola grafická karta tak neviem či sa mi bude dať externá lebo tá moja je integrovaná myslím intel 945. Neviem či sa bude dať na mojú matičnú dosku namontovať externa grafická karta??? dakujem.