zablokování CxVCap, Video capture driver

[motji]

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[CharlesXXX]

tak ten log z toho kaspersky virus removal tool, mi tu nejde zkopirovat a nevim proc:-( jeslti je tak dlouhý nebo nevim

[motji]

Už jste dělal combofix?

[CharlesXXX]

ano tady to je;-)

ComboFix 12-01-19.02 - Kaja 21.01.2012 10:58:19.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.773 [GMT 1:00]
Spuštěný z: c:\users\Kaja\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Kaja\AppData\Local\assembly\tmp
c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Recent\Age 3 Survey.url
c:\users\Kaja\AppData\Roaming\Uninstal.exe
c:\windows\system32\SET8F38.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-21 do 2012-01-21 )))))))))))))))))))))))))))))))
.
.
2012-01-21 10:12 . 2012-01-21 10:12 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-01-21 10:12 . 2012-01-21 10:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-21 02:19 . 2012-01-21 02:19 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{26742BCF-0FF2-433E-AFD2-4AAC80B06238}\offreg.dll
2012-01-20 06:21 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{26742BCF-0FF2-433E-AFD2-4AAC80B06238}\mpengine.dll
2012-01-20 03:34 . 2012-01-20 03:59 97961 ----a-w- c:\windows\system32\drivers\klick.dat
2012-01-20 03:34 . 2012-01-20 03:59 115369 ----a-w- c:\windows\system32\drivers\klin.dat
2012-01-20 03:31 . 2012-01-20 03:31 -------- d-----w- c:\program files\Kaspersky Lab
2012-01-19 11:45 . 2012-01-21 08:45 -------- d-----w- c:\programdata\Kaspersky Lab
2012-01-19 07:41 . 2012-01-19 07:52 -------- d-----w- c:\program files\trend micro
2012-01-19 07:41 . 2012-01-19 07:42 -------- d-----w- C:\rsit
2012-01-15 11:03 . 2011-10-15 08:53 6350144 ----a-w- c:\windows\system32\nvcpl.dll
2012-01-15 11:03 . 2011-10-15 08:53 3840320 ----a-w- c:\windows\system32\nvsvc.dll
2012-01-15 11:03 . 2011-10-15 08:53 3074368 ----a-w- c:\windows\system32\nvsvcr.dll
2012-01-15 11:03 . 2011-10-15 08:53 203072 ----a-w- c:\windows\system32\nvmctray.dll
2012-01-15 11:03 . 2011-10-15 08:53 123712 ----a-w- c:\windows\system32\nvshext.dll
2012-01-15 11:03 . 2011-10-15 08:53 1136448 ----a-w- c:\windows\system32\nvvsvc.exe
2012-01-15 11:03 . 2011-10-15 08:53 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2012-01-15 11:02 . 2011-10-15 08:53 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-01-15 11:02 . 2011-10-15 08:53 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
2012-01-15 11:02 . 2011-10-15 08:53 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-01-15 11:02 . 2011-10-15 08:53 5578560 ----a-w- c:\windows\system32\nvcuda.dll
2012-01-15 11:02 . 2011-10-15 08:53 2458432 ----a-w- c:\windows\system32\nvapi.dll
2012-01-15 11:02 . 2011-10-15 08:53 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
2012-01-15 11:02 . 2011-10-15 08:53 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-01-15 11:02 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
2012-01-15 11:02 . 2011-10-15 08:53 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
2012-01-15 08:58 . 2012-01-15 10:05 -------- d-----w- c:\program files\TeamViewerPortable
2012-01-15 08:58 . 2012-01-15 08:58 -------- d-----w- c:\users\Kaja\Nová složka
2012-01-15 06:02 . 2012-01-15 06:02 -------- d-----w- c:\program files\HmelyoffLabs
2012-01-15 05:09 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2012-01-15 05:09 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2012-01-15 05:09 . 2010-06-02 03:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2012-01-15 05:09 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-01-15 05:09 . 2010-05-26 10:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-01-15 05:09 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2012-01-15 05:09 . 2010-05-26 10:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2012-01-15 05:09 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-01-15 05:06 . 2012-01-15 05:06 -------- d-----w- c:\program files\Common Files\Futuremark Shared
2012-01-15 05:05 . 2012-01-15 05:05 -------- d-----w- c:\program files\Futuremark
2012-01-12 06:03 . 2012-01-12 06:03 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-12 06:03 . 2012-01-12 06:03 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-12 06:03 . 2012-01-12 06:03 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-12 06:03 . 2012-01-12 06:03 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-11 15:27 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 15:27 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-11 15:27 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 15:27 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-10 03:56 . 2012-01-10 04:39 -------- d-----w- c:\users\Kaja\SystemRequirementsLab
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-09 22:11 . 2011-06-25 21:45 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-24 04:25 . 2011-12-14 08:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-15 13:29 . 2010-03-21 14:46 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-11-05 04:35 . 2011-12-14 08:27 981504 ----a-w- c:\windows\system32\wininet.dll
2011-11-05 04:26 . 2011-12-14 08:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 02:48 . 2011-12-14 08:27 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-26 04:47 . 2011-12-14 08:25 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 04:47 . 2011-12-14 08:25 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 04:28 . 2011-12-14 08:25 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-01-12 06:03 . 2011-06-25 21:45 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTo2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\prxtbuTo2.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-04-20 399736]
"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-09-01 966712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-02-12 188416]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-02-12 77824]
"TNOD UP"="c:\program files\TNod User & Password Finder\TNODUP.exe" [2010-04-01 1811968]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 202296]
.
c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
_uninst_19272670.lnk - c:\users\Kaja\AppData\Local\Temp\_uninst_19272670.bat [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-01-26 14:31 2144088 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R3 cpuz130;cpuz130;c:\users\Kaja\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 Mkd2Bthf;Mkd2Bthf;c:\windows\system32\drivers\Mkd2Bthf.sys [2010-10-29 79984]
R3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNt.sys [2010-10-29 142320]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2010-11-19 88304]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-05-03 4116984]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-06 1343400]
R3 XDva341;XDva341;c:\windows\system32\XDva341.sys [x]
R3 XDva343;XDva343;c:\windows\system32\XDva343.sys [x]
R3 XDva346;XDva346;c:\windows\system32\XDva346.sys [x]
R3 XDva347;XDva347;c:\windows\system32\XDva347.sys [x]
R3 XDva349;XDva349;c:\windows\system32\XDva349.sys [x]
R3 XDva385;XDva385;c:\windows\system32\XDva385.sys [x]
R3 XDva386;XDva386;c:\windows\system32\XDva386.sys [x]
R3 XDva387;XDva387;c:\windows\system32\XDva387.sys [x]
R3 XDva389;XDva389;c:\windows\system32\XDva389.sys [x]
R3 XDva390;XDva390;c:\windows\system32\XDva390.sys [x]
R3 XDva391;XDva391;c:\windows\system32\XDva391.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-22 691696]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 23856]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2011-10-14 745832]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - 19272670
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Kaja\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Kaja\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\bulh7wmp.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz Search
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-Nektra OEAPI - (no file)
HKCU-Run-OEXPRESS - (no file)
HKCU-Run-NCsoft - (no file)
HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
MSConfigStartUp-Akamai NetSession Interface - c:\users\Kaja\AppData\Local\Akamai\netsession_win.exe
MSConfigStartUp-facemoods - c:\program files\facemoods.com\facemoods\1.4.17.5\facemoodssrv.exe
AddRemove-Kalender - c:\windows\Uninstall_tkexe -kalender
AddRemove-Minecraft 1.2.0_02 - c:\users\Kaja\AppData\Roaming\Uninstal.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1812801154-4259043845-1558195945-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0C2A1921-BB08-564D-55AC-2A2859B6DFDB}*]
"habmllloichndbjj"=hex:63,62,61,65,6d,68,6b,6e,68,6c,65,6c,68,65,61,66,6b,6c,
70,69,6d,62,68,66,68,67,67,62,64,66,68,67,6d,61,6b,67,6d,6d,00,00
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-01-21 11:18:56
ComboFix-quarantined-files.txt 2012-01-21 10:18
.
Před spuštěním: Volných bajtů: 35 682 205 696
Po spuštění: Volných bajtů: 37 205 139 456
.
- - End Of File - - 3E5E9E780BDD315438A7E959B2EFF4BB

[motji]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=-
[-HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"=-
[-HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"=-
[-HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"=-

Folder::
c:\program files\TNod User & Password Finder

File::
c:\windows\system32\XDva341.sys 
c:\windows\system32\XDva343.sys 
c:\windows\system32\XDva346.sys 
c:\windows\system32\XDva347.sys
 c:\windows\system32\XDva349.sys 
c:\windows\system32\XDva385.sys 
c:\windows\system32\XDva386.sys 
c:\windows\system32\XDva387.sys 
c:\windows\system32\XDva389.sys 
c:\windows\system32\XDva390.sys 
c:\windows\system32\XDva391.sys 

Driver::
XDva391.sys 
XDva390.sys 
XDva389.sys 
XDva387.sys 
XDva386.sys 
XDva385.sys 
XDva349.sys 
XDva347.sys 
XDva346.sys 
XDva341.sys 
XDva343.sys 
19272670

DDS::
uStart Page = about:blank
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

[CharlesXXX]

tady to je;-)

ComboFix 12-01-21.02 - Kaja 21.01.2012 22:54:16.2.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1351 [GMT 1:00]
Spuštěný z: c:\users\Kaja\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Kaja\Desktop\CFScript.txt
AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\XDva341.sys"
"c:\windows\system32\XDva343.sys"
"c:\windows\system32\XDva346.sys"
"c:\windows\system32\XDva347.sys"
"c:\windows\system32\XDva349.sys"
"c:\windows\system32\XDva385.sys"
"c:\windows\system32\XDva386.sys"
"c:\windows\system32\XDva387.sys"
"c:\windows\system32\XDva389.sys"
"c:\windows\system32\XDva390.sys"
"c:\windows\system32\XDva391.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\TNod User & Password Finder
c:\program files\TNod User & Password Finder\CREDITOS.txt
c:\program files\TNod User & Password Finder\LEEME.txt
c:\program files\TNod User & Password Finder\tnodicons.icl
c:\program files\TNod User & Password Finder\TNODUP.exe
c:\program files\TNod User & Password Finder\uninst-tnod.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_19272670
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-21 do 2012-01-21 )))))))))))))))))))))))))))))))
.
.
2012-01-21 22:04 . 2012-01-21 22:04 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-01-21 22:04 . 2012-01-21 22:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-21 02:19 . 2012-01-21 02:19 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{26742BCF-0FF2-433E-AFD2-4AAC80B06238}\offreg.dll
2012-01-20 06:21 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{26742BCF-0FF2-433E-AFD2-4AAC80B06238}\mpengine.dll
2012-01-20 03:34 . 2012-01-20 03:59 97961 ----a-w- c:\windows\system32\drivers\klick.dat
2012-01-20 03:34 . 2012-01-20 03:59 115369 ----a-w- c:\windows\system32\drivers\klin.dat
2012-01-20 03:31 . 2012-01-20 03:31 -------- d-----w- c:\program files\Kaspersky Lab
2012-01-19 11:45 . 2012-01-21 22:07 -------- d-----w- c:\programdata\Kaspersky Lab
2012-01-19 07:41 . 2012-01-19 07:52 -------- d-----w- c:\program files\trend micro
2012-01-19 07:41 . 2012-01-19 07:42 -------- d-----w- C:\rsit
2012-01-15 11:03 . 2011-10-15 08:53 6350144 ----a-w- c:\windows\system32\nvcpl.dll
2012-01-15 11:03 . 2011-10-15 08:53 3840320 ----a-w- c:\windows\system32\nvsvc.dll
2012-01-15 11:03 . 2011-10-15 08:53 3074368 ----a-w- c:\windows\system32\nvsvcr.dll
2012-01-15 11:03 . 2011-10-15 08:53 203072 ----a-w- c:\windows\system32\nvmctray.dll
2012-01-15 11:03 . 2011-10-15 08:53 123712 ----a-w- c:\windows\system32\nvshext.dll
2012-01-15 11:03 . 2011-10-15 08:53 1136448 ----a-w- c:\windows\system32\nvvsvc.exe
2012-01-15 11:03 . 2011-10-15 08:53 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2012-01-15 11:02 . 2011-10-15 08:53 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-01-15 11:02 . 2011-10-15 08:53 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
2012-01-15 11:02 . 2011-10-15 08:53 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-01-15 11:02 . 2011-10-15 08:53 5578560 ----a-w- c:\windows\system32\nvcuda.dll
2012-01-15 11:02 . 2011-10-15 08:53 2458432 ----a-w- c:\windows\system32\nvapi.dll
2012-01-15 11:02 . 2011-10-15 08:53 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
2012-01-15 11:02 . 2011-10-15 08:53 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-01-15 11:02 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
2012-01-15 11:02 . 2011-10-15 08:53 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
2012-01-15 08:58 . 2012-01-15 10:05 -------- d-----w- c:\program files\TeamViewerPortable
2012-01-15 08:58 . 2012-01-15 08:58 -------- d-----w- c:\users\Kaja\Nová složka
2012-01-15 06:02 . 2012-01-15 06:02 -------- d-----w- c:\program files\HmelyoffLabs
2012-01-15 05:09 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2012-01-15 05:09 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2012-01-15 05:09 . 2010-06-02 03:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2012-01-15 05:09 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-01-15 05:09 . 2010-05-26 10:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-01-15 05:09 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2012-01-15 05:09 . 2010-05-26 10:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2012-01-15 05:09 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-01-15 05:06 . 2012-01-15 05:06 -------- d-----w- c:\program files\Common Files\Futuremark Shared
2012-01-15 05:05 . 2012-01-15 05:05 -------- d-----w- c:\program files\Futuremark
2012-01-12 06:03 . 2012-01-12 06:03 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-12 06:03 . 2012-01-12 06:03 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-12 06:03 . 2012-01-12 06:03 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-12 06:03 . 2012-01-12 06:03 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-11 15:27 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 15:27 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-11 15:27 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 15:27 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-01-10 03:56 . 2012-01-10 04:39 -------- d-----w- c:\users\Kaja\SystemRequirementsLab
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2012-01-03 13:10 . 2012-01-03 13:10 182672 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-09 22:11 . 2011-06-25 21:45 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-24 04:25 . 2011-12-14 08:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-15 13:29 . 2010-03-21 14:46 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-11-05 04:35 . 2011-12-14 08:27 981504 ----a-w- c:\windows\system32\wininet.dll
2011-11-05 04:26 . 2011-12-14 08:26 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-05 02:48 . 2011-12-14 08:27 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-26 04:47 . 2011-12-14 08:25 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 04:47 . 2011-12-14 08:25 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 04:28 . 2011-12-14 08:25 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-01-12 06:03 . 2011-06-25 21:45 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-09-01 966712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-02-12 188416]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-02-12 77824]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 202296]
.
c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
_uninst_19272670.lnk - c:\users\Kaja\AppData\Local\Temp\_uninst_19272670.bat [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-01-26 14:31 2144088 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R3 cpuz130;cpuz130;c:\users\Kaja\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 Mkd2Bthf;Mkd2Bthf;c:\windows\system32\drivers\Mkd2Bthf.sys [2010-10-29 79984]
R3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNt.sys [2010-10-29 142320]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2010-11-19 88304]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-05-03 4116984]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-06 1343400]
R3 XDva341;XDva341;c:\windows\system32\XDva341.sys [x]
R3 XDva343;XDva343;c:\windows\system32\XDva343.sys [x]
R3 XDva346;XDva346;c:\windows\system32\XDva346.sys [x]
R3 XDva347;XDva347;c:\windows\system32\XDva347.sys [x]
R3 XDva349;XDva349;c:\windows\system32\XDva349.sys [x]
R3 XDva385;XDva385;c:\windows\system32\XDva385.sys [x]
R3 XDva386;XDva386;c:\windows\system32\XDva386.sys [x]
R3 XDva387;XDva387;c:\windows\system32\XDva387.sys [x]
R3 XDva389;XDva389;c:\windows\system32\XDva389.sys [x]
R3 XDva390;XDva390;c:\windows\system32\XDva390.sys [x]
R3 XDva391;XDva391;c:\windows\system32\XDva391.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-22 691696]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 23856]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2011-10-14 745832]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc
.
.
------- Doplňkový sken -------
.
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Add to Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Kaja\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Kaja\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\bulh7wmp.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz Search
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-TNOD UP - c:\program files\TNod User & Password Finder\TNODUP.exe
AddRemove-TNod - c:\program files\TNod User & Password Finder\uninst-TNod.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1812801154-4259043845-1558195945-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0C2A1921-BB08-564D-55AC-2A2859B6DFDB}*]
"habmllloichndbjj"=hex:63,62,61,65,6d,68,6b,6e,68,6c,65,6c,68,65,61,66,6b,6c,
70,69,6d,62,68,66,68,67,67,62,64,66,68,67,6d,61,6b,67,6d,6d,00,00
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
.
**************************************************************************
.
Celkový čas: 2012-01-21 23:17:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-21 22:17
ComboFix2.txt 2012-01-21 10:18
.
Před spuštěním: Volných bajtů: 36 175 036 416
Po spuštění: Volných bajtů: 35 969 781 760
.
- - End Of File - - BCE4E43845C3A5222FED134AC6AAF9F7

[CharlesXXX]

tak co ? je tam neco spatne?:-(

[cernohous13]

Zdravím,

než se Motji uvolní, použij nový script pro ComboFix

Kód: Vybrat vše

KillAll::

Driver::
XDva391
XDva390
XDva389
XDva387
XDva386
XDva385
XDva349
XDva347
XDva346
XDva341
XDva343
cpuz130

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=-
"QuickTime Task"=-
[-HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_USERS\S-1-5-21-1812801154-4259043845-1558195945-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0C2A1921-BB08-564D-55AC-2A2859B6DFDB}*]

File::
c:\users\Kaja\AppData\Local\Temp\_uninst_19272670.bat
c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_19272670.lnk

Pak dej log a pokračuj v její režii

[CharlesXXX]

no chyba se mi znovu objevila tak jsme udělal nový combofix, tady je log, a pod to hodim log z toho co jste mi dali jeste

ComboFix 12-02-09.04 - Kaja 09.02.2012 17:31:56.3.1 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.2047.1320 [GMT 1:00]
Spuštěný z: c:\users\Kaja\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Kaja\AppData\Local\assembly\tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-09 do 2012-02-09 )))))))))))))))))))))))))))))))
.
.
2012-02-09 16:42 . 2012-02-09 16:42 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-02-09 16:42 . 2012-02-09 16:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-09 16:21 . 2012-02-09 16:21 -------- d-----w- c:\users\Kaja\AppData\Roaming\Nokia Suite
2012-02-09 16:19 . 2012-02-09 16:19 -------- d-----w- c:\windows\LastGood
2012-02-08 15:32 . 2012-01-06 04:19 6557240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FC1CB7B4-A11A-453E-B1DC-C166E10D5300}\mpengine.dll
2012-01-31 13:15 . 2011-11-17 05:41 67440 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-31 13:15 . 2011-11-17 05:41 134000 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-01-31 13:15 . 2011-11-17 05:39 369352 ----a-w- c:\windows\system32\drivers\cng.sys
2012-01-31 13:15 . 2011-11-17 05:34 224768 ----a-w- c:\windows\system32\schannel.dll
2012-01-31 13:15 . 2011-11-17 05:32 1038848 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-31 13:15 . 2011-11-17 05:35 314880 ----a-w- c:\windows\system32\webio.dll
2012-01-31 13:15 . 2011-11-17 05:34 100352 ----a-w- c:\windows\system32\sspicli.dll
2012-01-31 13:15 . 2011-11-17 05:29 22528 ----a-w- c:\windows\system32\lsass.exe
2012-01-31 13:15 . 2011-11-17 05:34 15872 ----a-w- c:\windows\system32\sspisrv.dll
2012-01-31 13:15 . 2011-11-17 05:34 22016 ----a-w- c:\windows\system32\secur32.dll
2012-01-20 03:34 . 2012-01-20 03:59 97961 ----a-w- c:\windows\system32\drivers\klick.dat
2012-01-20 03:34 . 2012-01-20 03:59 115369 ----a-w- c:\windows\system32\drivers\klin.dat
2012-01-20 03:31 . 2012-01-20 03:31 -------- d-----w- c:\program files\Kaspersky Lab
2012-01-19 11:45 . 2012-02-09 16:25 -------- d-----w- c:\programdata\Kaspersky Lab
2012-01-19 07:41 . 2012-01-19 07:52 -------- d-----w- c:\program files\trend micro
2012-01-19 07:41 . 2012-01-19 07:42 -------- d-----w- C:\rsit
2012-01-15 11:03 . 2011-10-15 08:53 6350144 ----a-w- c:\windows\system32\nvcpl.dll
2012-01-15 11:03 . 2011-10-15 08:53 3840320 ----a-w- c:\windows\system32\nvsvc.dll
2012-01-15 11:03 . 2011-10-15 08:53 3074368 ----a-w- c:\windows\system32\nvsvcr.dll
2012-01-15 11:03 . 2011-10-15 08:53 203072 ----a-w- c:\windows\system32\nvmctray.dll
2012-01-15 11:03 . 2011-10-15 08:53 123712 ----a-w- c:\windows\system32\nvshext.dll
2012-01-15 11:03 . 2011-10-15 08:53 1136448 ----a-w- c:\windows\system32\nvvsvc.exe
2012-01-15 11:03 . 2011-10-15 08:53 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll
2012-01-15 11:02 . 2011-10-15 08:53 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-01-15 11:02 . 2011-10-15 08:53 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
2012-01-15 11:02 . 2011-10-15 08:53 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-01-15 11:02 . 2011-10-15 08:53 5578560 ----a-w- c:\windows\system32\nvcuda.dll
2012-01-15 11:02 . 2011-10-15 08:53 2458432 ----a-w- c:\windows\system32\nvapi.dll
2012-01-15 11:02 . 2011-10-15 08:53 2401088 ----a-w- c:\windows\system32\nvcuvid.dll
2012-01-15 11:02 . 2011-10-15 08:53 2099520 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-01-15 11:02 . 2011-10-15 08:53 17248576 ----a-w- c:\windows\system32\nvcompiler.dll
2012-01-15 11:02 . 2011-10-15 08:53 13205312 ----a-w- c:\windows\system32\nvd3dum.dll
2012-01-15 08:58 . 2012-01-15 10:05 -------- d-----w- c:\program files\TeamViewerPortable
2012-01-15 08:58 . 2012-01-15 08:58 -------- d-----w- c:\users\Kaja\Nová složka
2012-01-15 06:02 . 2012-01-15 06:02 -------- d-----w- c:\program files\HmelyoffLabs
2012-01-15 05:09 . 2010-06-02 03:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2012-01-15 05:09 . 2010-06-02 03:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2012-01-15 05:09 . 2010-06-02 03:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2012-01-15 05:09 . 2010-05-26 10:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-01-15 05:09 . 2010-05-26 10:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-01-15 05:09 . 2010-05-26 10:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2012-01-15 05:09 . 2010-05-26 10:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2012-01-15 05:09 . 2010-05-26 10:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-01-15 05:06 . 2012-01-15 05:06 -------- d-----w- c:\program files\Common Files\Futuremark Shared
2012-01-15 05:05 . 2012-01-15 05:05 -------- d-----w- c:\program files\Futuremark
2012-01-12 06:03 . 2012-01-12 06:03 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2012-01-12 06:03 . 2012-01-12 06:03 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2012-01-12 06:03 . 2012-01-12 06:03 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2012-01-12 06:03 . 2012-01-12 06:03 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2012-01-11 15:27 . 2011-11-17 05:38 1288472 ----a-w- c:\windows\system32\ntdll.dll
2012-01-11 15:27 . 2011-11-19 14:01 67072 ----a-w- c:\windows\system32\packager.dll
2012-01-11 15:27 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\system32\quartz.dll
2012-01-11 15:27 . 2011-10-26 04:32 514560 ----a-w- c:\windows\system32\qdvd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-26 23:21 . 2010-03-21 14:46 237072 ------w- c:\windows\system32\MpSigStub.exe
2011-12-09 22:11 . 2011-06-25 21:45 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-24 04:25 . 2011-12-14 08:25 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-11-17 05:34 . 2012-01-31 13:15 224768 ----a-w- c:\windows\system32\schannel.dll
2012-01-12 06:03 . 2011-06-25 21:45 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-02-09 738168]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2012-01-10 1083264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2004-02-12 188416]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2004-02-12 77824]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-24 202296]
.
c:\users\Kaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
_uninst_19272670.lnk - c:\users\Kaja\AppData\Local\Temp\_uninst_19272670.bat [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-01-26 14:31 2144088 ------w- c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R3 cpuz130;cpuz130;c:\users\Kaja\AppData\Local\Temp\cpuz130\cpuz_x32.sys [x]
R3 Mkd2Bthf;Mkd2Bthf;c:\windows\system32\drivers\Mkd2Bthf.sys [2010-10-29 79984]
R3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2kfNt.sys [2010-10-29 142320]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2010-11-19 88304]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-05-03 4116984]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-06 1343400]
R3 XDva341;XDva341;c:\windows\system32\XDva341.sys [x]
R3 XDva343;XDva343;c:\windows\system32\XDva343.sys [x]
R3 XDva346;XDva346;c:\windows\system32\XDva346.sys [x]
R3 XDva347;XDva347;c:\windows\system32\XDva347.sys [x]
R3 XDva349;XDva349;c:\windows\system32\XDva349.sys [x]
R3 XDva385;XDva385;c:\windows\system32\XDva385.sys [x]
R3 XDva386;XDva386;c:\windows\system32\XDva386.sys [x]
R3 XDva387;XDva387;c:\windows\system32\XDva387.sys [x]
R3 XDva389;XDva389;c:\windows\system32\XDva389.sys [x]
R3 XDva390;XDva390;c:\windows\system32\XDva390.sys [x]
R3 XDva391;XDva391;c:\windows\system32\XDva391.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-22 691696]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2011-03-04 11352]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2011-03-10 23856]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2011-10-14 745832]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc
.
.
------- Doplňkový sken -------
.
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Kaja\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Kaja\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Kaja\AppData\Roaming\Mozilla\Firefox\Profiles\bulh7wmp.default\
FF - prefs.js: browser.search.selectedEngine - Centrum.cz Search
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.centrum.cz/index.php?toolbar=centrum-1.0.0&q=
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1812801154-4259043845-1558195945-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0C2A1921-BB08-564D-55AC-2A2859B6DFDB}*]
"habmllloichndbjj"=hex:63,62,61,65,6d,68,6b,6e,68,6c,65,6c,68,65,61,66,6b,6c,
70,69,6d,62,68,66,68,67,67,62,64,66,68,67,6d,61,6b,67,6d,6d,00,00
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-02-09 17:48:12
ComboFix-quarantined-files.txt 2012-02-09 16:48
ComboFix2.txt 2012-01-21 22:17
ComboFix3.txt 2012-01-21 10:18
.
Před spuštěním: Volných bajtů: 62 270 595 072
Po spuštění: Volných bajtů: 62 220 288 000
.
- - End Of File - - CCCDBB81AF8B279AE67FC4017FF3EFAD

[CharlesXXX]

ten log od cernohous13 nemám protože to vyzadovalo restart a kdyz se mi to restartovalo tak mi to vubec nenabehlo takze log nemám:-( ale jeste me napadlo ze vám to vyfotim co mi to delá když to znovu začlo jeslti to náhodou nebude necím jiným tak prikladam fotky;-) děkuji

[CharlesXXX]

ten log od cernohous13 nemám protože to vyzadovalo restart a kdyz se mi to restartovalo tak mi to vubec nenabehlo takze log nemám:-( ale jeste me napadlo ze vám to vyfotim co mi to delá když to znovu začlo jeslti to náhodou nebude necím jiným tak prikladam fotky;-) děkuji

no a práve nechápu co to je jeslti grafika, nebo kabel od monitoru, nebo monitor, a nebo je to tím zablokováním CxVCap, Video capture driver, :-( už jsi nevím rady co stím:-(

[Pavuk29]

No ak sa ti netriasli ruky (rozostreny obraz) tak by som si zacal setrit na monitor, jednoznacne.

pokial chces, aby kolegyna - alebo ktokolvek iny s Tebou pokracoval v teme - odstran nelegalny NOD a prescanuj PC s AVPTool

A ak si nerespektoval kolegu, nepocitaj s dalsou pomocou Totiz, ja svojich kolegov respektujem

[CharlesXXX]

No ak sa ti netriasli ruky (rozostreny obraz) tak by som si zacal setrit na monitor, jednoznacne.

pokial chces, aby kolegyna - alebo ktokolvek iny s Tebou pokracoval v teme - odstran nelegalny NOD a prescanuj PC s AVPTool

A ak si nerespektoval kolegu, nepocitaj s dalsou pomocou Totiz, ja svojich kolegov respektujem

co prosim? já jsme to odsranil vsechno ted mám jiný antivirový program, pokud v PC neco zustalo tak až do takové hloubky nevidim, a pokud jsem cetl nize tak jsme pokracovali bez jakých kolik problému;-) tak nechápu ted uz vubec nic

[CharlesXXX]

[quote="Pavuk29"]No ak sa ti netriasli ruky (rozostreny obraz) tak by som si zacal setrit na monitor, jednoznacne.

tam nejde o to ze je to rozmazané ale o to proč tam jsou najednou ty proužky podélně;-):-) ne jeslti je to ostrá nebo rozmazaná fotka, psal jsem info k fotce;-)

[Pavuk29]

je to CRT monitor?