Obsah fóra
PravidláRegistrovaťPrihlásenie

Obsah fóra » Software » Antivíry, bezpečnosť a sieť » Bezpečnosť a firewally » Automatické aktualizácie





Odpovedať na tému Stránka: 1 z 1
 [ Príspevkov: 14 ] 
AutorSpráva
Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66
Bydlisko: Bratislava
Príspevok NapísalOffline pukepulos: 26.02.2009 23:26

zdravim,

uz hodne dlhu dobu mam na nb problem...automaticke aktualizacie su z nejakeho dovodu vypnute a neviem za toho certa prist na to ako ich zapnut...lebo to nejde ani manualne

prosim o radu

dikes


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4
Príspevok NapísalOffline Kosak: 26.02.2009 23:28

Pošli log z UPM.


Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66
Bydlisko: Bratislava
Príspevok Napísal autor témyOffline pukepulos: 26.02.2009 23:36

no neviem cim to je ale ked chcem vytvorit log tak to v polovici sekne ze sa vyskytol problem a aplikaciu bude nutne ukoncit..


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4
Príspevok NapísalOffline Kosak: 26.02.2009 23:37

Tak teda z ComboFixu.


Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66
Bydlisko: Bratislava
Príspevok Napísal autor témyOffline pukepulos: 26.02.2009 23:51

okej nejak sa mi podarilo to UPM

Windows XP SP 2 (build 2600)
Boot Mode: Normal
Overení sůborů Microsoftu: Áno
Whitelist: Áno
Internet Explorer v7.00.6000.16674 (vista_gdr.080415-1732)
Log vygenerovaný:26. 2. 2009 23:47:20
================================================================

SmallARK
================================================================
[?]NtCreateKey -> spci.sys
[?]NtEnumerateKey -> spci.sys
[?]NtEnumerateValueKey -> spci.sys
[?]NtOpenKey -> spci.sys
[?]NtQueryKey -> spci.sys
[?]NtQueryValueKey -> spci.sys
[?]NtSetValueKey -> spci.sys


Bežiace procesy
================================================================

C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\ACER\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE
C:\PROGRAM FILES\COMMON FILES\LIGHTSCRIBE\LSSRVC.EXE
C:\PROGRAM FILES\ESET\NOD32KRN.EXE
C:\PROGRAM FILES\RAXCO\PERFECTDISK\PDSCHED.EXE
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRAM FILES\ESET\NOD32KUI.EXE
C:\ACER\EMPOWERING TECHNOLOGY\EPOWER\EPOWER_DMC.EXE
C:\WINDOWS\BRICOPACKS\VISTA INSPIRAT 2\ROCKETDOCK\ROCKETDOCK.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\QIP INFIUM\INFIUM.EXE
C:\PROGRAM FILES\VISTA RAINBAR\RAINMETER.EXE
C:\PROGRAM FILES\UPM\UPM.EXE

Scanner
================================================================
[?] ati2evxx.exe
Non Microsoft v System32:

[?] MemCheck.exe
EntryPoint v sekcii:
|_ Celkový počet sekcií: 3
Nemá okno
Súbor 7%

[?] LSSrvc.exe
Nemá okno
Súbor 7%

[?] nod32krn.exe
Súbor 7%

[?] PDSched.exe
Nemá okno
Súbor 7%

[?] ati2evxx.exe
Non Microsoft v System32:

[S, novf!] explorer.exe
Overený Microsoft: Nie
Spúšťa sa po štarte HKLM Winlogon [Shell]
Súbor 25%

[S] ehtray.exe
Spúšťa sa po štarte HKLM Run [ehTray]

[?] RTHDCPL.exe
Spúšťa sa po štarte HKLM Run [RTHDCPL]

[?] nod32kui.exe
Spúšťa sa po štarte HKLM Run [nod32kui]
Súbor 14%

[?] ePower_DMC.exe
Bez výrobcu
Spúšťa sa po štarte HKLM Run [ePower_DMC]
EntryPoint v sekcii:
|_ Celkový počet sekcií: 5
Súbor 12%

[S] ctfmon.exe
Spúšťa sa po štarte HKCU Run [ctfmon.exe]

[R] GoogleUpdate.exe
Spúšťa sa po štarte HKCU Run [Google Update]

[?] RocketDock.exe
Bez výrobcu
Spúšťa sa po štarte Po spustení [RocketDock.lnk]
Súbor 12%

[?] hpgs2wnf.exe
Nemá okno
Súbor 7%

[?] infium.exe
EntryPoint v sekcii: CODE
|_ Celkový počet sekcií: 9
Súbor 63%

[?] Rainmeter.exe
Bez výrobcu
Spúšťa sa po štarte HKCU Run [Vista Rainbar]
Súbor 25%

[R] everest.exe
EntryPoint v sekcii: UPX1
|_ Celkový počet sekcií: 3

[?] UPM.exe
Súbor 7%


Po spustení
================================================================

HKCU Run
|_ [R][Google Update] C:\Documents and Settings\Vlado\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c
|_ [?][Vista Rainbar] C:\Program Files\Vista Rainbar\Rainmeter.exe

HKLM Run
|_ [X][LaunchApp] (Súbor nebol nájdený)
|_ (Súbor nebol nájdený)
|_ [S][IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
|_ [?][MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
|_ [S][PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
|_ [S][PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
|_ [?][RTHDCPL] C:\WINDOWS\RTHDCPL.EXE
|_ [?][Alcmtr] C:\WINDOWS\ALCMTR.EXE
|_ [?][nod32kui] C:\Program Files\Eset\nod32kui.exe /WAITSERVICE
|_ [X][pdfSaver3] (Súbor nebol nájdený)
|_ [X][Microsoft Windows Sound] svghost.exe (Súbor nebol nájdený)
|_ [?][ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

HKLM RunServices
|_ [X][Microsoft Windows Sound] svghost.exe (Súbor nebol nájdený)

HKLM ShellServiceObjectDelayLoad
|_ [?][PostBootReminder] C:\WINDOWS\system32\SHELL32.dll
|_ [?][CDBurn] C:\WINDOWS\system32\SHELL32.dll
|_ [?][WebCheck] C:\WINDOWS\system32\webcheck.dll
|_ [?][SysTray] C:\WINDOWS\system32\stobject.dll

HKU Run
|_ [?][PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

HKLM IC
|_ [?][<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] C:\WINDOWS\system32\ieudinit.exe
|_ [X][>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP (Súbor nebol nájdený)
|_ [X][>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP (Súbor nebol nájdený)
|_ [?][KB910393] C:\WINDOWS\INF\EasyCDBlock.inf ,PerUserInstall
|_ [?][{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] C:\WINDOWS\INF\msnetmtg.inf ,NetMtg.Install.PerUser.NT
|_ [?][{5945c046-1e7d-11d1-bc44-00c04fd912be}] C:\WINDOWS\INF\msmsgs.inf ,BLC.QuietInstall.PerUser
|_ [?][{6BF52A52-394A-11d3-B153-00C04F79FAA6}] C:\WINDOWS\INF\wmp11.inf ,PerUserStub
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll
|_ [?][{8b15971b-5355-4c82-8c07-7e181ea07608}] C:\WINDOWS\INF\fxsocm.inf ,Fax.Install.PerUser

HKLM Winlogon
|_ [?][Shell] C:\WINDOWS\Explorer.exe

HKLM Winlogon Notify
|_ [?][AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll

Po spustení
|_ [?][RocketDock.lnk] C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
|_ [!][TransBar.lnk] C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe


HKLM BHO
|_ [X][{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] (Súbor nebol nájdený)

HKCU IE WebBrowser Toolbar
|_ [?][{01E04581-4EEE-11D0-BFE9-00AA005B4383}] C:\WINDOWS\system32\browseui.dll
|_ [?][{0E5CBF21-D15F-11D0-8301-00AA005B4383}] C:\WINDOWS\system32\SHELL32.dll
|_ [X][{EF99BD32-C1FB-11D2-892F-0090271D4F88}] (Súbor nebol nájdený)

Služby (Zobraz bežiace: True, Zobraz zastavené: False, Zobraz i bezpečné: False)
================================================================
[?] Memory Check Service
|_ Cesta: C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
| |_ Výrobca: Acer Inc.
| |_ Popis:
| |_ MD5: 3CAABC2D0F87413EB1E0C7E0B3245E67
|
|_ Meno: AcerMemUsageCheckService
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ:
|_ Dependency:

[?] Ati HotKey Poller
|_ Cesta: C:\WINDOWS\system32\Ati2evxx.exe
| |_ Výrobca: ATI Technologies Inc.
| |_ Popis: ATI External Event Utility EXE Module
| |_ MD5: B8DBF155EAE86B1468FEEA472E94AEFB
|
|_ Meno: Ati HotKey Poller
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ:
|_ Dependency:

[?] ATI Smart
|_ Cesta: C:\WINDOWS\system32\ati2sgag.exe
| |_ Výrobca:
| |_ Popis: ATI Smart
| |_ MD5: AD1865C5E1842C8BA06BE3B1799315AA
|
|_ Meno: ATI Smart
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Zastavené
|_ Typ:
|_ Dependency:

[?] LightScribeService Direct Disc Labeling Service
|_ Cesta: C:\Program Files\Common Files\LightScribe\LSSrvc.exe
| |_ Výrobca: Hewlett-Packard Company
| |_ Popis:
| |_ MD5: AB8134127F786C9603817B5318DCEEAA
|
|_ Meno: LightScribeService
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Win32 Own Process
|_ Dependency:

[?] NOD32 Kernel Service
|_ Cesta: C:\Program Files\Eset\nod32krn.exe
| |_ Výrobca: Eset
| |_ Popis: NOD32 Kernel Service
| |_ MD5: 5300E3715347A5DA5B94AEC3177F5F31
|
|_ Meno: NOD32krn
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ:
|_ Dependency:

[?] PDScheduler
|_ Cesta: C:\Program Files\Raxco\PerfectDisk\PDSched.exe
| |_ Výrobca: Raxco Software, Inc.
| |_ Popis: PDSched Module
| |_ MD5: 3261CB59AAF88A395F3B71273A1FF001
|
|_ Meno: PDSched
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ:
|_ Dependency: PDEngine


Ovládače (Zobraz bežiace: True, Zobraz zastavené: False, Zobraz i bezpečné: False)
================================================================
[?] abp480n5
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
| |_ Výrobca: Microsoft Corporation
| |_ Popis: AdvanSys SCSI Controller Driver
| |_ MD5: 6ABB91494FE6C59089B9336452AB2EA3
|
|_ Meno: abp480n5
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] adpu160m
|_ Cesta: C:\WINDOWS\system32\DRIVERS\adpu160m.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Adaptec Ultra160 SCSI miniport
| |_ MD5: 9A11864873DA202C996558B2106B0BBC
|
|_ Meno: adpu160m
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] AFS2k
|_ Cesta: C:\WINDOWS\system32\drivers\AFS2K.sys
| |_ Výrobca: Oak Technology Inc.
| |_ Popis: Audio File System
| |_ MD5: 0EBB674888CBDEFD5773341C16DD6A07
|
|_ Meno: AFS2K
|_ StartName:
|_ Typ spúšťania: System Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Aha154x
|_ Cesta: C:\WINDOWS\system32\DRIVERS\aha154x.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Adaptec AHA-154x series SCSI miniport
| |_ MD5: C23EA9B5F46C7F7910DB3EAB648FF013
|
|_ Meno: Aha154x
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] aic78u2
|_ Cesta: C:\WINDOWS\system32\DRIVERS\aic78u2.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Adaptec Ultra2 SCSI miniport
| |_ MD5: 19DD0FB48B0C18892F70E2E7D61A1529
|
|_ Meno: aic78u2
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] aic78xx
|_ Cesta: C:\WINDOWS\system32\DRIVERS\aic78xx.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Adaptec Ultra SCSI miniport
| |_ MD5: B7FE594A7468AA0132DEB03FB8E34326
|
|_ Meno: aic78xx
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] AMD AGP Bus Filter Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\amdagp.sys
| |_ Výrobca: Advanced Micro Devices, Inc.
| |_ Popis: AMD Win2000 AGP Filter
| |_ MD5: 675C16A3C1F8482F85EE4A97FC0DDE3D
|
|_ Meno: amdagp
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Ovladač procesoru AMD
|_ Cesta: C:\WINDOWS\system32\DRIVERS\AmdK8.sys
| |_ Výrobca: Advanced Micro Devices
| |_ Popis: AMD Processor Driver
| |_ MD5: D2B80A58ED4082DA1D2F382F64621DC9
|
|_ Meno: AmdK8
|_ StartName:
|_ Typ spúšťania: System Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Atheros Wireless Network Adapter Service
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ar5211.sys
| |_ Výrobca: Atheros Communications, Inc.
| |_ Popis: Driver for Atheros AR5001 Wireless Network Adapter
| |_ MD5: BAA6B3CC74A4377D063C5A92DD9C4098
|
|_ Meno: AR5211
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] asc
|_ Cesta: C:\WINDOWS\system32\DRIVERS\asc.sys
| |_ Výrobca: Advanced System Products, Inc.
| |_ Popis: AdvanSys SCSI Controller Driver
| |_ MD5: 62D318E9A0C8FC9B780008E724283707
|
|_ Meno: asc
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] asc3350p
|_ Cesta: C:\WINDOWS\system32\DRIVERS\asc3350p.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: AdvanSys SCSI Card Driver
| |_ MD5: 69EB0CC7714B32896CCBFD5EDCBEA447
|
|_ Meno: asc3350p
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] asc3550
|_ Cesta: C:\WINDOWS\system32\DRIVERS\asc3550.sys
| |_ Výrobca: Advanced System Products, Inc.
| |_ Popis: AdvanSys Ultra-Wide PCI SCSI Driver
| |_ MD5: 5D8DE112AA0254B907861E9E9C31D597
|
|_ Meno: asc3550
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ati2mtag
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
| |_ Výrobca: ATI Technologies Inc.
| |_ Popis: ATI Radeon WindowsNT Miniport Driver
| |_ MD5: 1DB0E5F78A67307F9C68D777873C1164
|
|_ Meno: ati2mtag
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] atksgt
|_ Cesta: C:\WINDOWS\system32\DRIVERS\atksgt.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5: 6E996CF8459A2594E0E9609D0E34D41F
|
|_ Meno: atksgt
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Acer OrbiCam
|_ Cesta: C:\WINDOWS\System32\Drivers\BisonCam.sys
| |_ Výrobca: Bison Electronics. Inc.
| |_ Popis: Universal Serial Bus Camera Driver
| |_ MD5: C75927F7BD22F298ADA922A946DA4586
|
|_ Meno: Cam5603D
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] cd20xrnt
|_ Cesta: C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: IBM Portable CD-ROM Drive Miniport
| |_ MD5: F3EC03299634490E97BBCE94CD2954C7
|
|_ Meno: cd20xrnt
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] CmdIde
|_ Cesta: C:\WINDOWS\system32\DRIVERS\cmdide.sys
| |_ Výrobca: CMD Technology, Inc.
| |_ Popis: CMD PCI IDE Bus Driver
| |_ MD5: E5DCB56C533014ECBC556A8357C929D5
|
|_ Meno: CmdIde
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] dac2w2k
|_ Cesta: C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
| |_ Výrobca: Mylex Corporation
| |_ Popis: Mylex Disk Array Controller Driver
| |_ MD5: E550E7418984B65A78299D248F0A7F36
|
|_ Meno: dac2w2k
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Team MFP Comm Driver
|_ Cesta: C:\WINDOWS\System32\Drivers\DgiVecp.sys
| |_ Výrobca: DeviceGuys, Inc.
| |_ Popis: Windows NT 4.0 IEEE-1284 parallel class driver for ECP, Byte, and Nibble modes
| |_ MD5: 1EC27A51A2F9DF052BC2B4C8376C8FEA
|
|_ Meno: DgiVecp
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Zastavené
|_ Typ: Kernel Driver
|_ Dependency: +Parallel Arbitrator

[?] Dritek Keyboard Filter Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
| |_ Výrobca: Dritek System Inc.
| |_ Popis: Dritek PS2 Keyboard Filter Driver
| |_ MD5: 08D30AF92C270F2E76787C81589DBAD6
|
|_ Meno: DKbFltr
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] dpti2o
|_ Cesta: C:\WINDOWS\system32\DRIVERS\dpti2o.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: DPT SmartRAID miniport
| |_ MD5: 40F3B93B4E5B0126F2F5C0A7A5E22660
|
|_ Meno: dpti2o
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Dritek General Port I/O
|_ Cesta: C:\PROGRA~1\LAUNCH~1\DPortIO.sys
| |_ Výrobca: Dritek System Inc.
| |_ Popis: General Port I/O
| |_ MD5: 5BEB3BDAECC6C9348FC0D169CE65ECC6
|
|_ Meno: DritekPortIO
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[X] eLock2BurnerLockDriver
|_ Cesta: C:\WINDOWS\system32\eLock2BurnerLockDriver.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5:
|
|_ Meno: eLock2BurnerLockDriver
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Zastavené
|_ Typ: File System Driver
|_ Dependency:

[X] eLock2FSCTLDriver
|_ Cesta: C:\WINDOWS\system32\eLock2FSCTLDriver.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5:
|
|_ Meno: eLock2FSCTLDriver
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Zastavené
|_ Typ: File System Driver
|_ Dependency:

[?] EMSCR
|_ Cesta: C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
| |_ Výrobca: ENE Technology Inc.
| |_ Popis: ENE PCI Memory Stick Card Reader Driver
| |_ MD5: 5AEE9EEDCFBF2B0F9DEC53C27EE722A3
|
|_ Meno: EMSCR
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ESDCR
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
| |_ Výrobca: ENE Technology Inc.
| |_ Popis: ENE PCI Secure Digital / MMC Card Reader Driver
| |_ MD5: 8E56AB21D10C368029CEA57DE47D79C2
|
|_ Meno: ESDCR
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ESMCR
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
| |_ Výrobca: ENE Technology Inc.
| |_ Popis: ENE PCI SmartMedia / XD Card Reader Driver
| |_ MD5: 0A58FADE5E12D3A611427292073362CB
|
|_ Meno: ESMCR
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] HSFHWAZL
|_ Cesta: C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
| |_ Výrobca: Conexant Systems, Inc.
| |_ Popis: HSF_HWAZL WDM driver
| |_ MD5: 358AE1D350E05F5C45F65DCA0BE6BA40
|
|_ Meno: HSFHWAZL
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] HSF_DPV
|_ Cesta: C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
| |_ Výrobca: Conexant Systems, Inc.
| |_ Popis: HSF_DP driver
| |_ MD5: C17B97F331A08BED979961245331413D
|
|_ Meno: HSF_DPV
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ini910u
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ini910u.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: INITIO ini910u SCSI miniport
| |_ MD5: 4A40E045FAEE58631FD8D91AFC620719
|
|_ Meno: ini910u
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] int15
|_ Cesta: C:\WINDOWS\system32\drivers\int15.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5: 4D8D5B1C895EA0F2A721B98A7CE198F1
|
|_ Meno: int15
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Service for Realtek HD Audio (WDM)
|_ Cesta: C:\WINDOWS\system32\drivers\RtkHDAud.sys
| |_ Výrobca: Realtek Semiconductor Corp.
| |_ Popis: Realtek(r) High Definition Audio Function Driver
| |_ MD5: 909D03B3B7FB7C830B74F74F4D0EA7CE
|
|_ Meno: IntcAzAudAddService
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] lirsgt
|_ Cesta: C:\WINDOWS\system32\DRIVERS\lirsgt.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5: 975B6CF65F44E95883F3855BAE8CECAF
|
|_ Meno: lirsgt
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] mdmxsdk
|_ Cesta: C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
| |_ Výrobca: Conexant
| |_ Popis: Diagnostic Interface x86 Driver
| |_ MD5: 74F4372AF97A587ECEC527EC34955712
|
|_ Meno: mdmxsdk
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] mraid35x
|_ Cesta: C:\WINDOWS\system32\DRIVERS\mraid35x.sys
| |_ Výrobca: American Megatrends Inc.
| |_ Popis: MegaRAID RAID Controller Driver for Windows Whistler 32
| |_ MD5: 3F4BB95E5A44F3BE34824E8E7CAF0737
|
|_ Meno: mraid35x
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ql1080
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ql1080.sys
| |_ Výrobca: QLogic Corporation
| |_ Popis: Miniport Driver for QLogic ISP PCI Adapters
| |_ MD5: 0A63FB54039EB5662433CABA3B26DBA7
|
|_ Meno: ql1080
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Ql10wnt
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Miniport Driver for QLogic ISP PCI Adapters
| |_ MD5: 6503449E1D43A0FF0201AD5CB1B8C706
|
|_ Meno: Ql10wnt
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ql12160
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ql12160.sys
| |_ Výrobca: QLogic Corporation
| |_ Popis: Miniport Driver for QLogic ISP PCI Adapters
| |_ MD5: 156ED0EF20C15114CA097A34A30D8A01
|
|_ Meno: ql12160
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ql1280
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ql1280.sys
| |_ Výrobca: QLogic Corporation
| |_ Popis: Miniport Driver for QLogic ISP PCI Adapters
| |_ MD5: 907F0AEEA6BC451011611E732BD31FCF
|
|_ Meno: ql1280
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Realtek 10/100/1000 PCI NIC Family NDIS XP Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
| |_ Výrobca: Realtek Semiconductor Corporation
| |_ Popis: Realtek 10/100/1000 NDIS 5.1 Driver
| |_ MD5: 911E07056B865760C0762F6221145999
|
|_ Meno: RTL8023xp
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] SIS AGP Bus Filter
|_ Cesta: C:\WINDOWS\system32\DRIVERS\sisagp.sys
| |_ Výrobca: Silicon Integrated Systems Corporation
| |_ Popis: SiS NT AGP Filter
| |_ MD5: 732D859B286DA692119F286B21A2A114
|
|_ Meno: sisagp
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Sparrow
|_ Cesta: C:\WINDOWS\system32\DRIVERS\sparrow.sys
| |_ Výrobca: Adaptec, Inc.
| |_ Popis: Adaptec AIC-6x60 series SCSI miniport
| |_ MD5: 83C0F71F86D3BDAF915685F3D568B20E
|
|_ Meno: Sparrow
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] sptd
|_ Cesta: C:\WINDOWS\System32\Drivers\sptd.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5:
|
|_ Meno: sptd
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] SSHDRV65
|_ Cesta: C:\WINDOWS\system32\drivers\SSHDRV65.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5: A322501277D7733F5266581B79B8CC79
|
|_ Meno: SSHDRV65
|_ StartName:
|_ Typ spúšťania: System Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] SSHDRV85
|_ Cesta: C:\WINDOWS\system32\drivers\SSHDRV85.sys
| |_ Výrobca: ?
| |_ Popis: Direct Port Access - Helper Driver
| |_ MD5: F0BE373861A3F34CFAB55C1B7CE1FEB5
|
|_ Meno: SSHDRV85
|_ StartName:
|_ Typ spúšťania: System Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] symc810
|_ Cesta: C:\WINDOWS\system32\DRIVERS\symc810.sys
| |_ Výrobca: Symbios Logic Inc.
| |_ Popis: Symbios Logic Inc. SCSI Miniport Driver
| |_ MD5: 1FF3217614018630D0A6758630FC698C
|
|_ Meno: symc810
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] symc8xx
|_ Cesta: C:\WINDOWS\system32\DRIVERS\symc8xx.sys
| |_ Výrobca: LSI Logic
| |_ Popis: Symbios 8XX SCSI Miniport Driver
| |_ MD5: 070E001D95CF725186EF8B20335F933C
|
|_ Meno: symc8xx
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] sym_hi
|_ Cesta: C:\WINDOWS\system32\DRIVERS\sym_hi.sys
| |_ Výrobca: LSI Logic
| |_ Popis: Symbios Hi-Perf SCSI Miniport Driver
| |_ MD5: 80AC1C4ABBE2DF3B738BF15517A51F2C
|
|_ Meno: sym_hi
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Synaptics TouchPad Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\SynTP.sys
| |_ Výrobca: Synaptics, Inc.
| |_ Popis: Synaptics Touchpad Driver
| |_ MD5: 66F680409FC3BDDF62741E3E920A8454
|
|_ Meno: SynTP
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] TCP/IP Protocol Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\tcpip.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: TCP/IP Protocol Driver
| |_ MD5: 68F3459253226D8DACF1051C6F835C56
|
|_ Meno: Tcpip
|_ StartName:
|_ Typ spúšťania: System Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency: IPSec

[?] TosIde
|_ Cesta: C:\WINDOWS\system32\DRIVERS\toside.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Toshiba PCI IDE Controller
| |_ MD5: F2790F6AF01321B172AA62F8E1E187D9
|
|_ Meno: TosIde
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] tvicport
|_ Cesta: C:\WINDOWS\system32\drivers\tvicport.sys
| |_ Výrobca: EnTech Taiwan
| |_ Popis: TVicPort Driver for Windows NT/2000/XP
| |_ MD5: 97DD70FECA64FB4F63DE7BB7E66A80B1
|
|_ Meno: tvicport
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ultra
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ultra.sys
| |_ Výrobca: Promise Technology, Inc.
| |_ Popis: Promise Ultra66 Miniport Driver
| |_ MD5: 1B698A51CD528D8DA4FFAED66DFC51B9
|
|_ Meno: ultra
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] uscbs109
|_ Cesta: C:\WINDOWS\system32\DRIVERS\uscbs109.sys
| |_ Výrobca:
| |_ Popis: Extended PnP BIOS Enumerator
| |_ MD5: 88DCF14CCBDD645E6B8B20EB0810831B
|
|_ Meno: uscbs109
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] uscsc109
|_ Cesta: C:\WINDOWS\system32\DRIVERS\uscsc109.sys
| |_ Výrobca:
| |_ Popis: SCSI miniport
| |_ MD5: 80018637740C8F80E3AB237AC9FCA704
|
|_ Meno: uscsc109
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ViaIde
|_ Cesta: C:\WINDOWS\system32\DRIVERS\viaide.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Generic PCI IDE Bus Driver
| |_ MD5: 59CB1338AD3654417BEA49636457F65D
|
|_ Meno: ViaIde
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] winachsf
|_ Cesta: C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
| |_ Výrobca: Conexant Systems, Inc.
| |_ Popis: HSF_CNXT driver
| |_ MD5: 6F25B08EBBAC9E02E6A0829F2C28999B
|
|_ Meno: winachsf
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] zntport
|_ Cesta: C:\WINDOWS\system32\drivers\zntport.sys
| |_ Výrobca: Zeal SoftStudio
| |_ Popis: zntport
| |_ MD5: 40AC8590CC9006DBB99FFCB37879D4C6
|
|_ Meno: zntport
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:


lNetStat
================================================================
Typ: PID Proces Local <-> Remote Status
----------------------------------------------------------------------------------------
TCP (1072) svchost.exe 0.0.0.0:135 LISTENING
TCP (4) Systém 0.0.0.0:445 LISTENING
TCP (512) MemCheck.exe 0.0.0.0:9999 LISTENING
TCP (4) Systém 5.250.191.163:139 LISTENING
TCP (3752) alg.exe 127.0.0.1:1030 LISTENING
TCP (2024) firefox.exe 127.0.0.1:3820 <-> 127.0.0.1:3821 ESTABLISHED
TCP (2024) firefox.exe 127.0.0.1:3821 <-> 127.0.0.1:3820 ESTABLISHED
TCP (2024) firefox.exe 127.0.0.1:3822 <-> 127.0.0.1:3823 ESTABLISHED
TCP (2024) firefox.exe 127.0.0.1:3823 <-> 127.0.0.1:3822 ESTABLISHED
TCP (868) mDNSResponder.exe 127.0.0.1:5354 LISTENING
TCP (4) Systém 192.168.1.3:139 LISTENING
TCP (548) infium.exe 192.168.1.3:3241 <-> 195.68.160.23:5222 ESTABLISHED
TCP (548) infium.exe 192.168.1.3:3242 <-> 205.188.7.145:5190 ESTABLISHED
UDP (4) Systém 0.0.0.0:445 <-> 65.212.118.29:80 ESTABLISHED
UDP (820) lsass.exe 0.0.0.0:500
UDP (868) mDNSResponder.exe 0.0.0.0:1025
UDP (1440) svchost.exe 0.0.0.0:1037
UDP (1440) svchost.exe 0.0.0.0:1115
UDP (1440) svchost.exe 0.0.0.0:1208
UDP (1440) svchost.exe 0.0.0.0:1311
UDP (1440) svchost.exe 0.0.0.0:1312
UDP (1440) svchost.exe 0.0.0.0:3098
UDP (548) infium.exe 0.0.0.0:3238
UDP (1440) svchost.exe 0.0.0.0:3627
UDP (1440) svchost.exe 0.0.0.0:3628
UDP (2144) mcrdsvc.exe 0.0.0.0:3776
UDP (820) lsass.exe 0.0.0.0:4500
UDP (1220) svchost.exe 5.250.191.163:123
UDP (4) Systém 5.250.191.163:137
UDP (4) Systém 5.250.191.163:138
UDP (920) svchost.exe 5.250.191.163:1900
UDP (868) mDNSResponder.exe 5.250.191.163:5353
UDP (1220) svchost.exe 127.0.0.1:123
UDP (920) svchost.exe 127.0.0.1:1900
UDP (4048) wmplayer.exe 127.0.0.1:3451
UDP (1220) svchost.exe 192.168.1.3:123
UDP (4) Systém 192.168.1.3:137
UDP (4) Systém 192.168.1.3:138
UDP (920) svchost.exe 192.168.1.3:1900
UDP (868) mDNSResponder.exe 192.168.1.3:5353

Moduly (Zobraz i bezpečné: False, Len bez výrobcu: True, Zobraz registrované: False)
================================================================
[?] imon.dll
|_ Cesta: C:\WINDOWS\system32\imon.dll
|_ MD5: 3EA8F8EDC6F364B576FA26BF28AAE6B4
|_ Výrobca: Eset
|_ Procesy
|_ lsass.exe (820)
|_ svchost.exe (1072)
|_ svchost.exe (1220)
|_ svchost.exe (1440)
|_ MemCheck.exe (512)
|_ mDNSResponder.exe (868)
|_ ehSched.exe (1736)
|_ nod32krn.exe (1460)
|_ svchost.exe (920)
|_ mcrdsvc.exe (2144)
|_ alg.exe (3752)
|_ infium.exe (548)
|_ Rainmeter.exe (1324)
|_ wmplayer.exe (4048)
|_ firefox.exe (2024)
|_ UPM.exe (3116)

[?] pr_imon.dll
|_ Cesta: C:\Program Files\Eset\pr_imon.dll
|_ MD5: 9DFCE2A0538CF31C74CE3E6188BF99C2
|_ Výrobca:
|_ Procesy
|_ lsass.exe (820)
|_ svchost.exe (1072)
|_ svchost.exe (1220)
|_ svchost.exe (1440)
|_ MemCheck.exe (512)
|_ mDNSResponder.exe (868)
|_ ehSched.exe (1736)
|_ nod32krn.exe (1460)
|_ svchost.exe (920)
|_ mcrdsvc.exe (2144)
|_ alg.exe (3752)
|_ nod32kui.exe (1660)
|_ infium.exe (548)
|_ Rainmeter.exe (1324)
|_ wmplayer.exe (4048)
|_ firefox.exe (2024)
|_ UPM.exe (3116)

[?] mdnsnsp.dll
|_ Cesta: C:\Program Files\Bonjour\mdnsNSP.dll
|_ MD5: 1F5A570AD942DFCFE4500326ABDD72B2
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ svchost.exe (1072)
|_ svchost.exe (1220)
|_ spoolsv.exe (1836)
|_ MemCheck.exe (512)
|_ nod32krn.exe (1460)
|_ infium.exe (548)
|_ Rainmeter.exe (1324)
|_ wmplayer.exe (4048)
|_ firefox.exe (2024)
|_ UPM.exe (3116)

[?] pxc25pm.dll
|_ Cesta: C:\WINDOWS\system32\pxc25pm.dll
|_ MD5: BB424A2D6E6B14BEC688B64E02DBE159
|_ Výrobca: Tracker Software
|_ Procesy
|_ spoolsv.exe (1836)

[?] fusion.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
|_ MD5: 7C87A5FB95777E4132B11FC3D92CAAF5
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)

[?] acermemusagecheckservinterface.dll
|_ Cesta: C:\Acer\Empowering Technology\ePerformance\acermemusagecheckservinterface.dll
|_ MD5: 74F02BC1911EE611A6D44DD74A89FD1D
|_ Výrobca:
|_ Procesy
|_ MemCheck.exe (512)

[?] system.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.resources\1.0.5000.0_cs_b77a5c561934e089\System.resources.dll
|_ MD5: AF8BB295854B19605349E5B7EF2F0457
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)

[?] system.serviceprocess.resources.dll
|_ Cesta: c:\windows\assembly\gac\system.serviceprocess.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\system.serviceprocess.resources.dll
|_ MD5: 9B04A757F3346F8B5547CD22EEB6433F
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)

[?] perfcounter.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
|_ MD5: FFFB49BA718EB2D100E58129265D002C
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)

[?] acer.empowering.shared.dll
|_ Cesta: C:\Acer\Empowering Technology\ePerformance\acer.empowering.shared.dll
|_ MD5: B551BA7E3EB363FC312E6D00DEFE3030
|_ Výrobca: Acer Inc.
|_ Procesy
|_ MemCheck.exe (512)

[?] diasymreader.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
|_ MD5: 69A406B6BDA95A18A1B4E6A88B0AF2D8
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)

[?] mscorwks.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
|_ MD5: BA79B29E74194882F3530FB2C4CF0903
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)

[?] mscorjit.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
|_ MD5: 17E4D4ED3C4CF86C144195BDCB39141A
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)

[?] mscorsn.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
|_ MD5: AB782AEB258225399B6DA1F1F33D4944
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)

[?] system.runtime.remoting.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
|_ MD5: 1E1B73FC9C17EFFE04F5676A40C82026
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)

[?] mscorlib.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
|_ MD5: 7C2E09AD420E050FDBDF83445C708287
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)
|_ ePower_DMC.exe (536)

[?] aspnet_isapi.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
|_ MD5: A54235D77F14C5DBA7931BE1EBFD1763
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)

[?] system.serviceprocess.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
|_ MD5: 0716C52D0A75F8A3CDB120875F523A43
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)

[?] system.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
|_ MD5: 0E207D5060F29D7860F88DE86DD0F7E1
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)
|_ ePower_DMC.exe (536)

[?] nod32krr.dll
|_ Cesta: C:\Program Files\Eset\nod32krr.dll
|_ MD5: 7E2B718203C97D6E3341A30AB6F31C11
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)

[?] ps_upd.dll
|_ Cesta: C:\Program Files\Eset\ps_upd.dll
|_ MD5: 8F9F4C65FA9C2797B57676CE12C60FD2
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)

[?] pr_upd.dll
|_ Cesta: C:\Program Files\Eset\pr_upd.dll
|_ MD5: EF3835FC6EE6DFCAC15FF5E6A349BDEA
|_ Výrobca:
|_ Procesy
|_ nod32krn.exe (1460)
|_ nod32kui.exe (1660)

[?] ps_amon.dll
|_ Cesta: C:\Program Files\Eset\ps_amon.dll
|_ MD5: 0B143B49FC5CD226757AF2742640559A
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)

[?] pr_amon.dll
|_ Cesta: C:\Program Files\Eset\pr_amon.dll
|_ MD5: CC3FD042CDC2196849B5A7A0A4CA7A30
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)
|_ nod32kui.exe (1660)

[?] ps_nod32.dll
|_ Cesta: C:\Program Files\Eset\ps_nod32.dll
|_ MD5: 47E0678E7527B3537E6535E187B1C52E
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)

[?] pr_nod32.dll
|_ Cesta: C:\Program Files\Eset\pr_nod32.dll
|_ MD5: 2D6ED7796EFADE03D383F53526BBF12A
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)
|_ nod32kui.exe (1660)

[?] ps_dmon.dll
|_ Cesta: C:\Program Files\Eset\ps_dmon.dll
|_ MD5: B489AFC44511026AC302F5B6C1F72107
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)

[?] pr_dmon.dll
|_ Cesta: C:\Program Files\Eset\pr_dmon.dll
|_ MD5: A7AE529BA043A1E5C6F7AF641E3AB189
|_ Výrobca:
|_ Procesy
|_ nod32krn.exe (1460)
|_ nod32kui.exe (1660)

[?] ps_emon.dll
|_ Cesta: C:\Program Files\Eset\ps_emon.dll
|_ MD5: 6DA1417BC230B7306A240EBEA1FD001B
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)

[?] pr_emon.dll
|_ Cesta: C:\Program Files\Eset\pr_emon.dll
|_ MD5: BA8B1C552BB89F7E5B19B382F90DBEF9
|_ Výrobca:
|_ Procesy
|_ nod32krn.exe (1460)
|_ nod32kui.exe (1660)

[?] pdlangen.dll
|_ Cesta: C:\Program Files\Raxco\PerfectDisk\PDLangEN.dll
|_ MD5: 9DCF09D9E88157C01E9A846A209D424E
|_ Výrobca: Raxco Software, Inc.
|_ Procesy
|_ PDSched.exe (2364)

[?] pdschedps.dll
|_ Cesta: C:\Program Files\Raxco\PerfectDisk\PDSchedPS.dll
|_ MD5: 48FEC4198D09D90268D551D2EB88BF12
|_ Výrobca: Raxco Software, Inc.
|_ Procesy
|_ PDSched.exe (2364)

[?] pdengineps.dll
|_ Cesta: C:\Program Files\Raxco\PerfectDisk\PDEnginePS.dll
|_ MD5: BC202E8F2B74AC94A783CD59EB05C9D5
|_ Výrobca: Raxco Software, Inc.
|_ Procesy
|_ PDSched.exe (2364)

[?] pdcommon.dll
|_ Cesta: C:\Program Files\Raxco\PerfectDisk\PDCommon.dll
|_ MD5: AEAA69955DF3604B6ABAD16B09602156
|_ Výrobca: Raxco Software, Inc.
|_ Procesy
|_ PDSched.exe (2364)

[?] dscrt30.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\dscrt30.dll
|_ MD5: 94A980A8AC13F2CC33A3ACEFE12BB857
|_ Výrobca: Tracker Software Products Ltd.
|_ Procesy
|_ wmiprvse.exe (3168)

[?] fm30xmf.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\fm30xmf.dll
|_ MD5: AEE42CDD860EE064542241C623ECF39F
|_ Výrobca:
|_ Procesy
|_ wmiprvse.exe (3168)

[?] fm30base.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\fm30base.dll
|_ MD5: 05F2A0F7F4928C208D674F582B5AC1E5
|_ Výrobca: Tracker Software Products Ltd.
|_ Procesy
|_ wmiprvse.exe (3168)

[?] mdiui.dll
|_ Cesta: C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
|_ MD5: 4CA195A73CF64142D50B387B07289A64
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ wmiprvse.exe (3168)

[?] xccdx30.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\xccdx30.dll
|_ MD5: 5A014477C74BAD389F3A6B480FEB1BF2
|_ Výrobca: Tracker Software Products
|_ Procesy
|_ wmiprvse.exe (3168)

[?] ixclib30.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\ixclib30.dll
|_ MD5: FCF1120F1E82338ED7661562D663B571
|_ Výrobca: Tracker Software Products
|_ Procesy
|_ wmiprvse.exe (3168)

[?] fm30tiff.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\Fm30Tiff.dll
|_ MD5: 25FF553233D63AB83FC91947C5DA05D0
|_ Výrobca: Tracker Software
|_ Procesy
|_ wmiprvse.exe (3168)

[?] drvui30.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\drvui30.dll
|_ MD5: 5D1A419EECD2ECD6EF13440750B0B12F
|_ Výrobca: Tracker Software Products Ltd.
|_ Procesy
|_ wmiprvse.exe (3168)

[?] syshook.dll
|_ Cesta: C:\Acer\Empowering Technology\ePower\SysHook.dll
|_ MD5: 20744A88413C4CFE5F18A00786718ADE
|_ Výrobca: Copyright (C) 2003
|_ Procesy
|_ explorer.exe (2192)
|_ nod32kui.exe (1660)
|_ ePower_DMC.exe (536)
|_ RocketDock.exe (1976)
|_ infium.exe (548)
|_ Rainmeter.exe (1324)
|_ wmplayer.exe (4048)
|_ everest.exe (2740)
|_ firefox.exe (2024)
|_ UPM.exe (3116)

[?] hpgs2wns.dll
|_ Cesta: C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wns.dll
|_ MD5: 6B11C675FF97A9740A46BDD6C7BDBA78
|_ Výrobca: Hewlett-Packard
|_ Procesy
|_ explorer.exe (2192)

[?] hpgs2wnfps.dll
|_ Cesta: C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
|_ MD5: 17093F35832F0DEA598FDD1059668153
|_ Výrobca:
|_ Procesy
|_ explorer.exe (2192)
|_ hpgs2wnf.exe (2272)

[?] pdfshell.dll
|_ Cesta: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll
|_ MD5: 4B0991CD076B617A2231B19A6663C1C9
|_ Výrobca: Adobe Systems, Inc.
|_ Procesy
|_ explorer.exe (2192)

[?] connapi.dll
|_ Cesta: C:\Program Files\PC Connectivity Solution\ConnAPI.dll
|_ MD5: 3A42E0CE06B4AD78C07C80A419AD039C
|_ Výrobca: Nokia.
|_ Procesy
|_ explorer.exe (2192)

[?] pcscm.dll
|_ Cesta: C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll
|_ MD5: CA33B4B0AAFE8C667B330738C8623A61
|_ Výrobca: Nokia
|_ Procesy
|_ explorer.exe (2192)

[?] rocketdock.dll
|_ Cesta: C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
|_ MD5: B84E20C5487E3F6FD5F9E8943AC4674A
|_ Výrobca:
|_ Procesy
|_ explorer.exe (2192)
|_ RTHDCPL.exe (2712)
|_ nod32kui.exe (1660)
|_ ePower_DMC.exe (536)
|_ ctfmon.exe (1996)
|_ RocketDock.exe (1976)
|_ hpgs2wnf.exe (2272)
|_ infium.exe (548)
|_ Rainmeter.exe (1324)
|_ wmplayer.exe (4048)
|_ everest.exe (2740)
|_ firefox.exe (2024)
|_ UPM.exe (3116)

[?] atiacmxx.dll
|_ Cesta: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
|_ MD5: 600DA90CE91D371810ABBFCA31954972
|_ Výrobca: Advanced Micro Devices, Inc.
|_ Procesy
|_ explorer.exe (2192)

[?] nodshex.dll
|_ Cesta: C:\Program Files\Eset\nodshex.dll
|_ MD5: BFBC64A5FEF3E2D553338B10B3D1A2F0
|_ Výrobca:
|_ Procesy
|_ explorer.exe (2192)

[?] rarext.dll
|_ Cesta: C:\Program Files\WinRAR\RarExt.dll
|_ MD5: CE1FF0C418276F34728CC0CA525FD959
|_ Výrobca:
|_ Procesy
|_ explorer.exe (2192)

[X] rarlng.dll
|_ Cesta: C:\Program Files\WinRAR\rarlng.dll
|_ MD5: A00FB3D1DB98C1C055B2FCB906F893FB
|_ Výrobca: ?
|_ Procesy
|_ explorer.exe (2192)

[?] phonebrowser.dll
|_ Cesta: C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
|_ MD5: D1D12242118CCEF2E2279DF2182CA2D6
|_ Výrobca: Nokia
|_ Procesy
|_ explorer.exe (2192)

[?] nod32rui.dll
|_ Cesta: C:\Program Files\Eset\nod32rui.dll
|_ MD5: 61A2C037427DD26D3201F3D7AD46259D
|_ Výrobca:
|_ Procesy
|_ nod32kui.exe (1660)

[?] pu_upd.dll
|_ Cesta: C:\Program Files\Eset\pu_upd.dll
|_ MD5: BCF76CBDF3E12871D2C838740C9EF9DA
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (1660)

[?] pu_amon.dll
|_ Cesta: C:\Program Files\Eset\pu_amon.dll
|_ MD5: 9CB007F11CC9700AE77E79DF8CBFA617
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (1660)

[?] pu_nod32.dll
|_ Cesta: C:\Program Files\Eset\pu_nod32.dll
|_ MD5: F9B434EB5B827E16E9D3AF15175485AF
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (1660)

[?] pu_imon.dll
|_ Cesta: C:\Program Files\Eset\pu_imon.dll
|_ MD5: 2D567A829D4FF75E4C46A4E3F7D9B6F1
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (1660)

[?] pu_dmon.dll
|_ Cesta: C:\Program Files\Eset\pu_dmon.dll
|_ MD5: D40703FFF46E2DE778B600622AC4F81E
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (1660)

[?] pu_emon.dll
|_ Cesta: C:\Program Files\Eset\pu_emon.dll
|_ MD5: B4FAAD19570AAD30B6CDAF0203AA59EA
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (1660)

[?] dialogdll.dll
|_ Cesta: C:\Acer\Empowering Technology\ePower\DialogDLL.dll
|_ MD5: 66A038F6E700A063380DF8D51BDCE7F8
|_ Výrobca: Copyright (C) 2005
|_ Procesy
|_ ePower_DMC.exe (536)

[?] acer.empowering.windows.forms.dll
|_ Cesta: C:\Acer\Empowering Technology\ePower\Acer.Empowering.Windows.Forms.dll
|_ MD5: D4C9FE4558F087177C7C4F5B928FAE15
|_ Výrobca: acer inc.
|_ Procesy
|_ ePower_DMC.exe (536)

[?] system.drawing.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
|_ MD5: BCF15390DE7368639C593735BF938D7A
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ ePower_DMC.exe (536)
|_ ePower_DMC.exe (536)

[?] system.windows.forms.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
|_ MD5: 2814E9BDB75088C0B4CF6C1123F6EC8E
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ ePower_DMC.exe (536)
|_ ePower_DMC.exe (536)

[?] openlibeay32.dll
|_ Cesta: C:\Program Files\QIP Infium\Core\openlibeay32.dll
|_ MD5: 2FA1A7DB587A4AFDD9C2152606F80A01
|_ Výrobca: The OpenSSL Project, http://www.openssl.org/
|_ Procesy
|_ infium.exe (548)

[?] openssleay32.dll
|_ Cesta: C:\Program Files\QIP Infium\Core\openssleay32.dll
|_ MD5: E7A5153678A68DE58816AB6A32FFA826
|_ Výrobca: The OpenSSL Project, http://www.openssl.org/
|_ Procesy
|_ infium.exe (548)

[?] voip.dll
|_ Cesta: C:\Program Files\QIP Infium\Core\voip.dll
|_ MD5: 57F10965E9450DC6686BD301EEF0FCFF
|_ Výrobca:
|_ Procesy
|_ infium.exe (548)

[?] ylusbtel.dll
|_ Cesta: C:\Program Files\QIP Infium\Core\YLUSBTEL.dll
|_ MD5: CAE0EF3934CFB0F0B063B20ED0AAE3B2
|_ Výrobca: ?
|_ Procesy
|_ infium.exe (548)

[X] english.dll
|_ Cesta: C:\Program Files\QIP Infium\Langs\English.dll
|_ MD5: 245F5B5574860BCA5553428F9DC4D972
|_ Výrobca:
|_ Procesy
|_ infium.exe (548)

[X] inficq.dll
|_ Cesta: C:\Program Files\QIP Infium\Protos\InfICQ\inficq.dll
|_ MD5: 2AFF03FA24C23254842DC7B774F3AA14
|_ Výrobca:
|_ Procesy
|_ infium.exe (548)

[X] pics.dll
|_ Cesta: C:\Program Files\QIP Infium\Protos\InfICQ\pics.dll
|_ MD5: BC2D320E65A1A6B5268394DB6A683095
|_ Výrobca:
|_ Procesy
|_ infium.exe (548)
|_ infium.exe (548)

[?] jabber.dll
|_ Cesta: C:\Program Files\QIP Infium\Protos\Jabber\jabber.dll
|_ MD5: 8BDE53C1F1B507AB9DF86C676BFDE17D
|_ Výrobca: mmc
|_ Procesy
|_ infium.exe (548)

[X] mra.dll
|_ Cesta: C:\Program Files\QIP Infium\Protos\MRA\mra.dll
|_ MD5: E98DF11D863DAD9682AFEFE0E8510F10
|_ Výrobca:
|_ Procesy
|_ infium.exe (548)

[?] ximss.dll
|_ Cesta: C:\Program Files\QIP Infium\Protos\XIMSS\Ximss.dll
|_ MD5: E9AADE20CAFDF3E2ECFB88B2944C02E3
|_ Výrobca: mmc
|_ Procesy
|_ infium.exe (548)

[X] graph.dll
|_ Cesta: C:\Program Files\QIP Infium\Skins\QIP\graph.dll
|_ MD5: 8A15079F96C3EF0F421FA7E43988F60F
|_ Výrobca:
|_ Procesy
|_ infium.exe (548)

[?] webparser.dll
|_ Cesta: C:\Program Files\Vista Rainbar\Plugins\WebParser.dll
|_ MD5: 59565A61A30F34D9DD4CFC96C4890557
|_ Výrobca:
|_ Procesy
|_ Rainmeter.exe (1324)

[?] powerplugin.dll
|_ Cesta: C:\Program Files\Vista Rainbar\Plugins\PowerPlugin.dll
|_ MD5: F00DA59903E198CAE3808523DA028F20
|_ Výrobca:
|_ Procesy
|_ Rainmeter.exe (1324)

[?] rainmeter.dll
|_ Cesta: C:\Program Files\Vista Rainbar\Rainmeter.dll
|_ MD5: 75FA29FBC5CE4AB46DFD0BC09228EA3D
|_ Výrobca:
|_ Procesy
|_ Rainmeter.exe (1324)

[?] ffdshow.ax
|_ Cesta: C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
|_ MD5: 37AD159BFC18CFAAAFE16BF80BD99407
|_ Výrobca: ?
|_ Procesy
|_ wmplayer.exe (4048)

[?] vsfilter.dll
|_ Cesta: C:\Program Files\K-Lite Codec Pack\Filters\vsfilter.dll
|_ MD5: 1F4F89E35FC00A0DCDC004CB0E66CBB2
|_ Výrobca: Gabest
|_ Procesy
|_ wmplayer.exe (4048)

[?] softokn3.dll
|_ Cesta: C:\Program Files\Mozilla Firefox\softokn3.dll
|_ MD5: 4BEAC266AFF1D2F1ED20E8E9372A4078
|_ Výrobca: Mozilla Foundation
|_ Procesy
|_ firefox.exe (2024)

[?] freebl3.dll
|_ Cesta: C:\Program Files\Mozilla Firefox\freebl3.dll
|_ MD5: 0822B1E65F049909715E7BDC75A8C36A
|_ Výrobca: Mozilla Foundation
|_ Procesy
|_ firefox.exe (2024)



================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ]
[/url]


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4
Príspevok NapísalOffline Kosak: 27.02.2009 13:35

Otestuj na www.virustotal.com:

C:\WINDOWS\system32\ieudinit.exe
C:\WINDOWS\system32\pxc25pm.dll


Spusť upm.exe => Ďalšie nástroje => Po spustení => Odstrániť:

[Microsoft Windows Sound]
[{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[{EF99BD32-C1FB-11D2-892F-0090271D4F88}]


Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66
Bydlisko: Bratislava
Príspevok Napísal autor témyOffline pukepulos: 27.02.2009 14:27

oki tie subory som odstranil ...tu mas link na testovane subory

http://www.virustotal.com/analisis/b707 ... 16618073b2
http://www.virustotal.com/analisis/a0d5 ... 207f075940


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4
Príspevok NapísalOffline Kosak: 27.02.2009 14:32

Ok, pošli ešte ten ďalší log.


Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66
Bydlisko: Bratislava
Príspevok Napísal autor témyOffline pukepulos: 27.02.2009 14:51

ComboFix 09-02-26.02 - Vlado 2009-02-27 14:38:43.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1033.18.446.158 [GMT 1:00]
Spuštěný z: c:\documents and settings\Vlado\Desktop\ComboFix.exe
AV: Eset NOD32 Antivirus 2.70 *On-access scanning enabled* (Updated)
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\npf.sys
c:\windows\system32\packet.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF


((((((((((((((((((((((((( Soubory vytvořené od 2009-01-27 do 2009-02-27 )))))))))))))))))))))))))))))))
.

2009-02-26 23:36 . 2009-02-27 14:19 <DIR> d-------- c:\program files\UPM
2009-02-26 20:26 . 2009-02-26 20:26 <DIR> d-------- c:\program files\Vista Rainbar
2009-02-23 17:29 . 2009-02-23 17:29 64,342 --a------ c:\windows\BricoPackUninst.cmd
2009-02-23 17:26 . 2009-02-23 17:26 <DIR> d-------- c:\windows\BricoPacks
2009-02-23 17:26 . 2009-02-23 17:29 6,114 --a------ c:\windows\BricoPackFoldersDelete.cmd
2009-02-22 17:46 . 2009-02-22 18:02 <DIR> d-------- c:\documents and settings\Vlado\Application Data\THQ
2009-02-20 21:27 . 2009-02-20 21:27 <DIR> d-------- c:\program files\Microsoft Reader
2009-02-20 21:27 . 2003-06-05 17:15 57,436 --a------ c:\windows\DASShp.dll
2009-02-19 14:16 . 2009-02-19 14:16 <DIR> d-------- c:\program files\Lavalys
2009-02-13 18:44 . 2009-02-13 18:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\2DBoy
2009-02-01 10:51 . 2009-02-01 10:51 <DIR> d-------- c:\documents and settings\All Users\Application Data\ATI
2009-02-01 10:49 . 2009-02-01 10:49 <DIR> d-------- c:\program files\ATI
2009-01-31 23:35 . 2009-02-04 21:07 <DIR> d-------- c:\program files\Fraps
2009-01-31 23:27 . 2009-01-31 23:27 <DIR> d-------- c:\program files\Common Files\DirectX
2009-01-29 18:59 . 2009-01-29 18:59 <DIR> d-------- c:\documents and settings\Vlado\Application Data\DivX
2009-01-29 18:09 . 2009-01-29 18:09 <DIR> d-------- c:\program files\MediaCell Video Converter
2009-01-29 18:09 . 2009-01-29 18:09 57 --a------ C:\ioAskNo.ini

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-26 15:14 --------- d-----w c:\program files\Garena
2009-02-23 19:14 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-22 21:39 --------- d-----w c:\documents and settings\Vlado\Application Data\uTorrent
2009-02-15 08:35 --------- d-----w c:\program files\QIP Infium
2009-02-08 10:41 --------- d-----w c:\program files\uTorrent
2009-02-04 20:08 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-02-01 09:47 --------- d-----w c:\program files\ATI Technologies
2009-01-29 18:02 --------- d-----w c:\program files\DivX
2009-01-26 19:46 --------- d-----w c:\program files\Common Files\DVDVideoSoft
2009-01-25 18:14 --------- d-----w c:\program files\ElcomSoft
2009-01-14 07:14 3,455,488 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2009-01-14 03:43 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll
2009-01-04 20:54 --------- d-----w c:\program files\CCleaner
2009-01-04 20:52 --------- d-----w c:\program files\Yahoo!
2009-01-04 20:48 --------- d-----w c:\program files\Opera 9.5 beta
2009-01-04 20:48 --------- d-----w c:\program files\Opera
2009-01-04 20:47 --------- d-----w c:\program files\Miranda IM
2009-01-04 20:46 --------- d-----w c:\program files\Creative
2008-12-30 11:11 --------- d-----w c:\documents and settings\Vlado\Application Data\Hamachi
2008-12-28 18:01 --------- d-----w c:\program files\Hamachi
2008-12-28 18:00 25,280 ----a-w c:\windows\system32\drivers\hamachi.sys
2008-12-07 20:04 2,829 ----a-w c:\windows\War3Unin.pif
2008-12-07 20:04 139,264 ----a-w c:\windows\War3Unin.exe
2002-02-24 18:40 172,032 ----a-w c:\program files\opera\program\plugins\dsp_enh.dll
2004-04-09 08:09 208,896 ----a-w c:\program files\opera\program\plugins\enc_aac.dll
2005-08-26 01:30 541,184 ----a-w c:\program files\opera\program\plugins\enc_aacplus.dll
2004-04-09 03:58 10,752 ----a-w c:\program files\opera\program\plugins\enc_lame.dll
2005-08-04 02:33 50,176 ----a-w c:\program files\opera\program\plugins\enc_mp4.dll
2005-01-05 16:46 1,204,224 ----a-w c:\program files\opera\program\plugins\enc_vorbis.dll
2005-08-27 01:49 74,240 ----a-w c:\program files\opera\program\plugins\enc_wma.dll
2004-07-27 14:28 18,944 ----a-w c:\program files\opera\program\plugins\gen_hotkeys.dll
2005-08-31 03:28 521,728 ----a-w c:\program files\opera\program\plugins\gen_ml.dll
2005-08-31 01:09 646,656 ----a-w c:\program files\opera\program\plugins\IN_MP3.DLL
2005-08-31 03:31 73,728 ----a-w c:\program files\opera\program\plugins\in_mp4.dll
2005-04-29 03:49 179,200 ----a-w c:\program files\opera\program\plugins\in_nsv.dll
2005-08-04 02:26 231,424 ----a-w c:\program files\opera\program\plugins\in_vorbis.dll
2005-08-24 01:48 288,256 ----a-w c:\program files\opera\program\plugins\in_wm.dll
2001-08-03 07:11 270,336 ----a-w c:\program files\opera\program\plugins\lamedll.dll
2004-04-12 11:37 174,592 ----a-w c:\program files\opera\program\plugins\lame_enc.dll
2005-07-29 00:22 243,712 ----a-w c:\program files\opera\program\plugins\libmp4v2.dll
2003-11-26 17:55 66,560 ----a-w c:\program files\opera\program\plugins\nsvdec_vp5.dll
2004-03-21 06:39 69,120 ----a-w c:\program files\opera\program\plugins\nsvdec_vp6.dll
2005-08-24 01:59 41,984 ----a-w c:\program files\opera\program\plugins\wmahelp.dll
.

------- Sigcheck -------

2007-08-20 11:02 825344 357d54bf94fe9d6d8505a96b5c2a3bca c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
2007-10-11 00:47 825344 0e5d918f87efa7d2424d66b499c7eb04 c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
2007-12-07 03:01 825344 b5b411bb229ae6ead7652a32ed47bfb9 c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
2008-03-01 14:03 827392 6316c2f0c61271c8abdff7429174879e c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
2008-04-23 04:35 827392 41546b396a526918da7995a02ea04e51 c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
2004-08-10 19:00 656384 c0823fc5469663ba63e7db88f9919d70 c:\windows\$NtUninstallKB912945$\wininet.dll
2006-01-09 19:02 662016 dde9597a3311748c1519444e2bc147bd c:\windows\$NtUninstallKB918899$\wininet.dll
2006-06-23 12:25 664576 64ce26db72810b30f7855ea51e1df836 c:\windows\$NtUninstallKB922760$\wininet.dll
2006-09-14 09:31 664576 d207370287cf769aebebf03837784963 c:\windows\$NtUninstallKB925454$\wininet.dll
2006-10-23 16:34 664576 231ef4179acabe486376b5ca893f1076 c:\windows\$NtUninstallKB928090$\wininet.dll
2007-01-04 15:05 665088 3ffa1573fc274e5aa7467d03941c45ee c:\windows\$NtUninstallKB931768$\wininet.dll
2007-02-20 10:52 665600 b258c922d22deec880b60720531d7627 c:\windows\$NtUninstallKB933566$\wininet.dll
2007-04-18 13:46 665600 4261ba03afd659de04f0a17dfbdd454d c:\windows\$NtUninstallKB939653$\wininet.dll
2007-08-22 13:55 665600 a1bc17eb3758d73c3938b2318820f5b4 c:\windows\ie7\wininet.dll
2007-08-13 18:54 818688 a4a0fc92358f39538a6494c42ef99fe9 c:\windows\ie7updates\KB939653-IE7\wininet.dll
2007-08-20 11:04 824832 774435e499d8e9643ec961a6103c361f c:\windows\ie7updates\KB942615-IE7\wininet.dll
2007-10-11 00:56 824832 30c1e0f34ad2972c72a01db5c74ab065 c:\windows\ie7updates\KB944533-IE7\wininet.dll
2007-12-07 03:21 824832 806d274c9a6c3aaea5eae8e4af841e04 c:\windows\ie7updates\KB947864-IE7\wininet.dll
2008-03-01 14:06 826368 ad21461aef8244edec2ef18e55e1dcf3 c:\windows\ie7updates\KB950759-IE7\wininet.dll
2008-04-23 05:16 817152 f82dc979e1f334df0c893b3bfdeb404e c:\windows\system32\wininet.dll
2008-04-23 05:16 817152 f82dc979e1f334df0c893b3bfdeb404e c:\windows\system32\dllcache\wininet.dll

2006-04-20 13:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
2004-08-10 19:00 359040 9f4b36614a0fc234525ba224957de55c c:\windows\$NtUninstallKB917953$\tcpip.sys
2006-04-20 12:51 359808 1dbf125862891817f374f407626967f4 c:\windows\$NtUninstallKB941644$\tcpip.sys
2008-10-30 18:40 360064 68f3459253226d8dacf1051c6f835c56 c:\windows\system32\dllcache\tcpip.sys
2008-10-30 18:40 360064 68f3459253226d8dacf1051c6f835c56 c:\windows\system32\drivers\tcpip.sys

2007-06-13 11:23 975360 9784e0719124e4a23989aef9e7ca02d6 c:\windows\explorer.exe
2007-06-13 12:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-10 19:00 1032192 a0732187050030ae399b241436565e64 c:\windows\$NtUninstallKB938828$\explorer.exe
2007-06-13 11:23 975360 9784e0719124e4a23989aef9e7ca02d6 c:\windows\system32\dllcache\explorer.exe

2007-07-30 18:19 68440 84d9a61860272d6177d46c86b8431557 c:\windows\system32\wuauclt.exe
2007-07-30 18:19 68440 84d9a61860272d6177d46c86b8431557 c:\windows\system32\dllcache\wuauclt.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]
"Google Update"="c:\documents and settings\Vlado\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-11-26 133104]
"Vista Rainbar"="c:\program files\Vista Rainbar\Rainmeter.exe" [2006-01-21 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-02-18 949376]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-05-30 421888]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-27 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 1634304]

c:\documents and settings\Vlado\Start Menu\Programs\Startup\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
"vidc.ir32"= c:\windows\system32\ir32_32.dll
"vidc.ir31"= c:\windows\system32\ir32_32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Security Check.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Security Check.lnk
backup=c:\windows\pss\Security Check.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
--a------ 2006-03-31 15:39 204800 c:\acer\Empowering Technology\ePresentation\ePresentation.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
--a------ 2007-10-04 18:38 307200 c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
--------- 2006-04-14 21:35 53248 c:\program files\Realtek\InstallShield\AzMixerSel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
--a------ 2006-03-15 21:12 579584 c:\acer\Empowering Technology\ePower\Boot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-07-08 17:22 486856 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
--a------ 2006-05-30 11:11 421888 c:\acer\Empowering Technology\ePower\ePower_DMC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
--a------ 2006-06-01 13:40 413696 c:\acer\Empowering Technology\eRecovery\eRAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-11-26 17:24 133104 c:\documents and settings\Vlado\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
--a------ 2006-06-23 05:59 602112 c:\progra~1\LAUNCH~1\LManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-13 17:24 1694208 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2007-12-03 14:21 2213160 c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 14:57 153136 c:\program files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
--a------ 2005-05-11 16:15 45056 c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2006-11-08 13:27 222208 c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfSaver3]
--a------ 2004-05-19 13:29 385024 c:\program files\PDF\pdfSaver\pdfSaver3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
--a------ 2002-04-11 03:19 69632 c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
--a------ 2008-08-29 17:11 61440 c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2006-03-03 12:07 761946 c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
-ra------ 2006-03-30 15:45 313472 c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"d:\\Program Files\\Strong DC++\\StrongDC.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\3D Live Pool\\3D Live Pool.exe"=
"c:\\Program Files\\Garena\\Garena.exe"=
"c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\QIP Infium\\infium.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2006:TCP"= 2006:TCP:poort
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"25551:TCP"= 25551:TCP:BitComet 25551 TCP
"25551:UDP"= 25551:UDP:BitComet 25551 UDP
"23267:TCP"= 23267:TCP:BitComet 23267 TCP
"23267:UDP"= 23267:UDP:BitComet 23267 UDP
"8080:TCP"= 8080:TCP:hamachi

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-02-18 15424]
R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [2006-10-20 120320]
R1 SSHDRV85;SSHDRV85;c:\windows\system32\drivers\SSHDRV85.sys [2006-10-20 78848]
R3 PSched;QoS Packet Scheduler;c:\windows\system32\drivers\psched.sys [2004-08-10 69120]
R3 uscbs109;uscbs109;c:\windows\system32\drivers\uscbs109.sys [2008-08-17 8672]
R3 uscsc109;uscsc109;c:\windows\system32\drivers\uscsc109.sys [2008-08-17 102336]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2009-02-19 23152]
.
Obsah adresáře 'Naplánované úlohy'

2008-06-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 12:42]

2009-02-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353504745-702179683-907228502-1005.job
- c:\documents and settings\Vlado\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-26 17:24]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-LaunchApp - (no file)
HKLM-Run-pdfSaver3 - (no file)
MSConfigStartUp-ATICCC - c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe
MSConfigStartUp-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe
MSConfigStartUp-CTCheck - c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
MSConfigStartUp-CTSyncU - c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe
MSConfigStartUp-ICQ - c:\program files\ICQ6.5\ICQ.exe
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe


.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe"
uInternet Settings,ProxyServer = http=akcelerator.orange.sk:9990
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: imon.dll
TCP: {892A6099-2F69-4409-B7A9-D74947901A4E} = 195.146.128.60,195.146.132.59
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://www.creative.com/softwareupdate/ ... TSUEng.cab
FF - ProfilePath - c:\documents and settings\Vlado\Application Data\Mozilla\Firefox\Profiles\ewnfq2av.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox? ... k:official
FF - plugin: c:\documents and settings\Vlado\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Opera\program\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\np32dsw.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\program files\Opera\program\plugins\nppdf32.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v2.00.13);user_pref(general.useragent.extra.zencast, );user_pref(general.useragent.extra.zencast, c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-27 14:44:26
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(768)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(824)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\Eset\nod32krn.exe
c:\program files\Raxco\PerfectDisk\PDSched.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2009-02-27 14:48:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-02-27 13:48:22

Před spuštěním: 4 522 245 120 bytes free
Po spuštění: 4,446,076,416

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=AlwaysOff /usepmtimer

317 --- E O F --- 2008-06-20 21:47:00


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4
Príspevok NapísalOffline Kosak: 02.03.2009 21:25

Čo na to vraví počítač?


Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66
Bydlisko: Bratislava
Príspevok Napísal autor témyOffline pukepulos: 02.03.2009 21:26

ja neviem :D funguje normalne...akurat tie aktualizacie no


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4
Príspevok NapísalOffline Kosak: 02.03.2009 21:38

Skús tento nástroj.


Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66
Bydlisko: Bratislava
Príspevok Napísal autor témyOffline pukepulos: 02.03.2009 21:44

parada dik moc toto som potreboval :)


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4
Príspevok NapísalOffline Kosak: 02.03.2009 21:45

;)


Odpovedať na tému Stránka: 1 z 1
 [ Príspevkov: 14 ] 

Obsah fóra » Software » Antivíry, bezpečnosť a sieť » Bezpečnosť a firewally » Automatické aktualizácie


Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy. automaticke aktualizacie

v Operačné systémy Microsoft

6

692

14.11.2006 18:40

Dolmayan Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Automatické aktualizácie

v Operačné systémy Microsoft

13

760

08.01.2008 16:51

Rammstein16 Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. automaticke aktualizacie

v Operačné systémy Microsoft

4

568

04.07.2010 17:57

namornik71 Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Automatické aktualizácie

v Operačné systémy Microsoft

3

589

15.05.2011 9:16

tairikuokami Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Automatické aktualizácie

v Operačné systémy Microsoft

22

1486

17.08.2008 13:30

Gyrxiur Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Automatické aktualizácie

v Operačné systémy Microsoft

1

648

26.02.2009 23:06

Kosak Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Automatické aktualizácie XP

v Operačné systémy Microsoft

25

1238

18.11.2006 23:50

Dolmayan Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Win XP-Nefungujú Automatické Aktualizácie

v Operačné systémy Microsoft

17

1480

28.06.2009 13:33

Jeffo Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Windows XP SP3 nesťahujú sa automatické aktualizácie

v Operačné systémy Microsoft

9

548

09.01.2014 20:35

tairikuokami Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. IE 8 sa začína inštalovať cez automatické aktualizácie

v Novinky

16

2148

13.04.2009 16:29

prandof Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. aktualizácie

v Operačné systémy Microsoft

3

580

15.02.2009 17:35

tairikuokami Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. AKTUALIZACIE

v Operačné systémy Microsoft

1

588

18.10.2009 21:50

shiro Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. aktualizacie

v Operačné systémy Microsoft

3

543

03.12.2008 17:44

Jaro Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Zaseknute aktualizacie

v Operačné systémy Microsoft

2

596

22.05.2010 15:42

Nanosonda Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Debian aktualizácie

v Operačné systémy Unix a Linux

0

481

19.06.2011 9:53

tetele Zobrazenie posledných príspevkov

V tomto fóre nie sú ďalšie neprečítané témy. Windows 7 aktualizacie

v Operačné systémy Microsoft

4

506

20.08.2011 15:50

KeNNi Zobrazenie posledných príspevkov


Nemôžete zakladať nové témy v tomto fóre
Nemôžete odpovedať na témy v tomto fóre
Nemôžete upravovať svoje príspevky v tomto fóre
Nemôžete mazať svoje príspevky v tomto fóre

Skočiť na:  

Powered by phpBB Jarvis © 2005 - 2024 PCforum, webhosting by WebSupport, secured by GeoTrust, edited by JanoF
Ako väčšina webových stránok aj my používame cookies. Zotrvaním na webovej stránke súhlasíte, že ich môžeme používať.
Všeobecné podmienky, spracovanie osobných údajov a pravidlá fóra