[ Príspevkov: 26 ] 
AutorSpráva
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
NapísalOffline : 14.06.2008 12:46 | problem pri instalacii antiviru

Instaloval som si antivir panda a pri dokoncovani instalacie my vypadol el. prud.Potom pri spusteni pc sa mi nezapne iba my to nacitava o potom sa akoby vypol a zase nacitava a tak ma hodi do nudzoveho rezimu.Skusal som ten antivir odinstalovat a precistil som to antispyware,antivirusom a cleanerom.Skontroloval som si online log z HJT moc sa vtom neviznam ale virusi tam neboli,zakazal som pande star cez msconfig.Po restarte ziadny ucinok zase ma to hodi do nudzoveho rezimu.Poradte prosim co mam robit. :loony:


Offline

Užívateľ
Užívateľ
problem pri instalacii antiviru

Registrovaný: 22.07.07
Prihlásený: 06.05.17
Príspevky: 1201
Témy: 47 | 47
Bydlisko: Levice
NapísalOffline : 14.06.2008 12:51 | problem pri instalacii antiviru

Len nechapem ako ta win moze hodit sam do nudzoveho rezimuak myslis ciernu obrazovku kde je safe mode a dole ti odpictava 30 sekund tak uplne dole je ze start windows normaly to potrved enterom
A ten log s HIjACKTHIS hod sem


_________________
NOTEBOOK | TYP: ASUS EeePC 1215B | CPU: AMD Brazos E-350 | RAM: 4GB | LCD:12 " | SSD: Samsung 840 EVO 250 GB


STOLNÝ PC | MB: GIGABYTE MA770 UD3 rev 2.1 | CASE: CoolerMaster Centurion II Black Edition | CPU: AMD Phenom II 965 BE 3.4 GHz
| CPU Cooler: CoolerMaster Hyper 212+ (AC MX2) | GPU: Gigabyte Nvidia GeForce GTX 660 | RAM: Apacer DDR2 800 Mhz 7 GB | LCD: SAMSUNG SyncMaster 940 BW | HDD1: Seagate 1,5 TB 7200 ot./ min. | HDD2: WD 500GB 7200 ot./ min. | PSU: Seasonic S 12 II 430 W 80 Plus Bronze | Keyboard: Microsoft Wireless Keyboard 2000 | Mouse: GIGABYTE ECO660.
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 14.06.2008 13:04 | problem pri instalacii antiviru

tu je ten log z HJT
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:02:50, on 14.6.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe


pri tom nacitavani ma hodi stranku tam je spustit obvyklim sposobom
nudzovi rezim
nudzovi rezim s pracou v sieti

C:\Program Files\Opera\Opera.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Dokumenty\software\Antivirusove programy\Nový priečinok\antivir_workstation_winu_en_h.exe
C:\DOCUME~1\admin\LOCALS~1\Temp\RarSFX0\basic\setup.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Documents and Settings\admin\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=66022
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1638664
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66022
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66022
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66022
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66022
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
R3 - URLSearchHook: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbRega.dll
R3 - URLSearchHook: Smart PC Toolbar - {e3aaf71e-b295-4156-ae11-777237a1db3c} - C:\Program Files\Smart_PC\tbSma0.dll
O1 - Hosts: 210.72.13.14 chixas.com
O1 - Hosts: 82.98.86.169 MULTIMEDIABABE.NET
O1 - Hosts: 82.98.86.171 HOPE2ACTION.COM
O1 - Hosts: 82.98.86.172 chemecol.com
O1 - Hosts: 82.98.86.172 inclosiablogs.com
O1 - Hosts: 82.98.86.169 aias.com
O1 - Hosts: 82.98.86.170 nbgjg.com
O1 - Hosts: 209.85.51.247 supportcentre.com
O1 - Hosts: 82.98.86.171 IMG4YOU.com
O1 - Hosts: 82.98.86.170 rlulwm.com
O1 - Hosts: 82.98.86.162 idsftp.com
O1 - Hosts: 82.98.86.174 97991.net
O1 - Hosts: 82.98.86.173 neodel.info
O1 - Hosts: 72.52.4.90 ytdiy.com
O1 - Hosts: 82.98.86.177 ravina.info
O1 - Hosts: 82.98.86.163 zymulty.biz
O1 - Hosts: 82.98.86.173 amkiln.com
O1 - Hosts: 82.98.86.175 qs78y.com
O1 - Hosts: 64.14.244.60, 64.34.46.60 sathma.com
O1 - Hosts: 64.34.46.60 aoldiamond.com
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7B7F5ACA-0A87-4214-B867-7D9BC8F7EBF5} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbRega.dll
O2 - BHO: Smart PC Toolbar - {e3aaf71e-b295-4156-ae11-777237a1db3c} - C:\Program Files\Smart_PC\tbSma0.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: Reganam Toolbar - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - C:\Program Files\Reganam\tbRega.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - D:\Dokumenty\Bit Defender 2008 v11.0.16\IEToolbar.dll
O3 - Toolbar: Smart PC Toolbar - {e3aaf71e-b295-4156-ae11-777237a1db3c} - C:\Program Files\Smart_PC\tbSma0.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\713xRMTMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Dokumenty\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKCU\..\RunOnce: [SpywareTerminatorScan] "C:\Program Files\Spyware Terminator\SpywareTerminator.exe" /SCAN
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Scheduler for OEM.lnk = C:\Program Files\honestech\honestech TVR\scheduleTV.exe
O4 - Global Startup: SDNotify.lnk = C:\Program Files\SDClock\SDNotify.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{847ACA74-2A02-4D31-A433-A6DA489740FF}: NameServer = 85.255.114.194,85.255.112.120
O17 - HKLM\System\CCS\Services\Tcpip\..\{D11426F2-AB6D-4DA3-9F44-0FA7C97813EE}: NameServer = 85.255.114.194,85.255.112.120
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.194 85.255.112.120
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.194 85.255.112.120
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.194 85.255.112.120
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O23 - Service: AFinding Service (AFinding) - Unknown owner - C:\WINDOWS\system32\afinding.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: perfmons Service (perfmons) - Unknown owner - C:\WINDOWS\system32\perfs.exe
O23 - Service: Panda Network Manager (PNMSRV) - Unknown owner - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE (file missing)
O23 - Service: UAZ-2 Drivers Auto Removal (pr2aqr2b) (pr2aqr2b) - 1C Multimedia - C:\WINDOWS\system32\pr2aqr2b.exe
O23 - Service: SDClockService - BlueCosmos(kt) - C:\WINDOWS\system32\SDClockService.exe
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - D:\Dokumenty\Spy Emergency 2008\SpyEmergencySrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: WServing Service (WServing) - Unknown owner - C:\WINDOWS\system32\wserving.exe

--
End of file - 17243 bytes


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.07.07
Príspevky: 3210
Témy: 41 | 41
Bydlisko: Brno
NapísalOffline : 14.06.2008 13:08 | problem pri instalacii antiviru

pouzi Combofix http://www.pcforum.sk/cistime-napadnuty ... 27265.html
log vloz sem


_________________
PC: CPU: Intel i7 5820k @ 4.2 Ghz Cooler: NZXT Kraken x41 MB: ASUS X99-A GPU: ASUS Stryx 970 GTX 4GB RAM: 32 GB Kingston 2133 DDR4 SSD: Kingston Hyperx 240 GB HDD1: Seagate Barracuda 7200.14 3TB HDD2: Seagate Barracuda 7200 1TB PSU: Corsair RM 850 Case: NZXT Phantom 410 white LCD: DELL P2416D @ 75Hz AUDIO: Yamaha RN500 Repro: DALI Zensor 5 Phone: Galaxy S8+
NB: Lenovo Y500
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 14.06.2008 13:51 | problem pri instalacii antiviru

ComboFix 08-06-12.2 - admin 2008-06-14 13:24:01.1 - NTFSx86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.182 [GMT 2:00]
Running from: C:\Documents and Settings\admin\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\admin\Application Data\inst.exe
C:\Documents and Settings\admin\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Program Files\NetProject
C:\Program Files\NetProject\ot.ico
C:\Program Files\NetProject\ts.ico
C:\WINDOWS\Fonts\CALIBRIB.TTF
C:\WINDOWS\system32\8_exception.nls
C:\WINDOWS\system32\afinding.exe
C:\WINDOWS\system32\andt.sys
C:\WINDOWS\system32\comsa32.sys
C:\WINDOWS\system32\drmgs.sys
C:\WINDOWS\system32\tmp0_133469520260.bk
C:\WINDOWS\system32\tmp0_136919203322.bk
C:\WINDOWS\system32\tmp0_189226834660.bk
C:\WINDOWS\system32\tmp0_191083364212.bk
C:\WINDOWS\system32\tmp0_227370267045.bk
C:\WINDOWS\system32\tmp0_253780439940.bk
C:\WINDOWS\system32\tmp0_28083795974.bk
C:\WINDOWS\system32\tmp0_290195801920.bk
C:\WINDOWS\system32\tmp0_315996458263.bk
C:\WINDOWS\system32\tmp0_354229188494.bk
C:\WINDOWS\system32\tmp0_36142010955.bk
C:\WINDOWS\system32\tmp0_461932535588.bk
C:\WINDOWS\system32\tmp0_47266989159.bk
C:\WINDOWS\system32\tmp0_548753448308.bk
C:\WINDOWS\system32\tmp0_61337210783.bk
C:\WINDOWS\system32\tmp0_622017579359.bk
C:\WINDOWS\system32\tmp0_661833594819.bk
C:\WINDOWS\system32\tmp0_688049724874.bk
C:\WINDOWS\system32\tmp0_694729346467.bk
C:\WINDOWS\system32\tmp0_724521389108.bk
C:\WINDOWS\system32\tmp0_744178289857.bk
C:\WINDOWS\system32\tmp0_814132695351.bk
C:\WINDOWS\system32\tmp0_855069665239.bk
C:\WINDOWS\system32\tmp0_860298894712.bk
C:\WINDOWS\system32\tmp0_880636856687.bk
C:\WINDOWS\system32\tmp1_108775566822.bk
C:\WINDOWS\system32\tmp1_261799546046.bk
C:\WINDOWS\system32\tmp1_438559285763.bk
C:\WINDOWS\system32\tmp1_507546721486.bk
C:\WINDOWS\system32\tmp1_523662275691.bk
C:\WINDOWS\system32\tmp1_5383912752.bk
C:\WINDOWS\system32\tmp1_753945799666.bk
C:\WINDOWS\system32\tmp1_84958075884.bk
C:\WINDOWS\system32\tmp3_113840121703.bk
C:\WINDOWS\system32\tmp3_168522895100.bk
C:\WINDOWS\system32\tmp3_170673177196.bk
C:\WINDOWS\system32\tmp3_196162793526.bk
C:\WINDOWS\system32\tmp3_205395555884.bk
C:\WINDOWS\system32\tmp3_239447320743.bk
C:\WINDOWS\system32\tmp3_24828964758.bk
C:\WINDOWS\system32\tmp3_290933742976.bk
C:\WINDOWS\system32\tmp3_292636371602.bk
C:\WINDOWS\system32\tmp3_320258701837.bk
C:\WINDOWS\system32\tmp3_35643663307.bk
C:\WINDOWS\system32\tmp3_430652492632.bk
C:\WINDOWS\system32\tmp3_502468197456.bk
C:\WINDOWS\system32\tmp3_54978191003.bk
C:\WINDOWS\system32\tmp3_58061946728.bk
C:\WINDOWS\system32\tmp3_665997300569.bk
C:\WINDOWS\system32\tmp3_691079796996.bk
C:\WINDOWS\system32\tmp3_766902461912.bk
C:\WINDOWS\system32\tmp3_77703642289.bk
C:\WINDOWS\system32\tmp3_803798565547.bk
C:\WINDOWS\system32\tmp3_804172282053.bk
C:\WINDOWS\system32\tmp3_834754322197.bk
C:\WINDOWS\system32\tmp3_83969349080.bk
C:\WINDOWS\system32\tmp3_871951664783.bk
C:\WINDOWS\system32\tmp3_898556167872.bk
C:\WINDOWS\system32\tmp4_147863200004.bk
C:\WINDOWS\system32\tmp4_150856583749.bk
C:\WINDOWS\system32\tmp4_162711535356.bk
C:\WINDOWS\system32\tmp4_169615754146.bk
C:\WINDOWS\system32\tmp4_175322691275.bk
C:\WINDOWS\system32\tmp4_29471368555.bk
C:\WINDOWS\system32\tmp4_442562473814.bk
C:\WINDOWS\system32\tmp4_458320105509.bk
C:\WINDOWS\system32\tmp4_482796692571.bk
C:\WINDOWS\system32\tmp4_52428172531.bk
C:\WINDOWS\system32\tmp4_560132409731.bk
C:\WINDOWS\system32\tmp4_564661775369.bk
C:\WINDOWS\system32\tmp4_569562289150.bk
C:\WINDOWS\system32\tmp4_60640728018.bk
C:\WINDOWS\system32\tmp4_662707776290.bk
C:\WINDOWS\system32\tmp4_6992689937.bk
C:\WINDOWS\system32\tmp4_764043172152.bk
C:\WINDOWS\system32\tmp4_78465120890.bk
C:\WINDOWS\system32\tmp4_789582777787.bk
C:\WINDOWS\system32\tmp4_835160430982.bk
C:\WINDOWS\system32\tmp4_860070674815.bk
C:\WINDOWS\system32\tmp4_863650560582.bk
C:\WINDOWS\system32\tmp4_876253461336.bk
C:\WINDOWS\system32\tmp4_892876467280.bk
C:\WINDOWS\system32\WServing.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AFINDING
-------\Legacy_PERFMONS
-------\Legacy_ROUTING
-------\Legacy_RUNTIME
-------\Legacy_RUNTIME2
-------\Legacy_WSERVING
-------\Service_AFinding
-------\Service_perfmons
-------\Service_WServing


((((((((((((((((((((((((( Files Created from 2008-05-14 to 2008-06-14 )))))))))))))))))))))))))))))))
.

2008-06-14 13:01 . 2008-06-14 13:01 <DIR> d-------- C:\Program Files\Avira
2008-06-13 21:12 . 2008-06-14 12:06 <DIR> d-------- C:\Program Files\WinClamAVShield
2008-06-13 21:10 . 2008-06-14 13:21 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-06-13 21:10 . 2008-06-14 12:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-06-13 21:10 . 2008-06-14 13:21 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Spyware Terminator
2008-06-13 21:10 . 2008-06-13 21:10 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-06-13 15:51 . 2008-06-13 15:51 <DIR> d-------- C:\WINDOWS\system32\PAV
2008-06-13 15:51 . 2008-06-13 15:51 <DIR> d-------- C:\WINDOWS\LastGood.Tmp
2008-06-13 13:47 . 2008-06-13 13:47 146,156 --a------ C:\WINDOWS\system32\drivers\APPFCONT.DAT
2008-06-13 13:47 . 2008-06-13 13:47 1,092 --a------ C:\WINDOWS\system32\drivers\APPFLTR.CFG
2008-06-13 13:46 . 2006-08-04 11:58 140,416 --a------ C:\WINDOWS\system32\drivers\netflt.sys
2008-06-13 13:46 . 2006-05-11 22:26 103,936 --a------ C:\WINDOWS\system32\drivers\netfltdi.sys
2008-06-13 13:46 . 2006-08-03 16:37 44,544 --a------ C:\WINDOWS\system32\drivers\APPFLT.SYS
2008-06-13 13:46 . 2006-08-02 14:15 23,296 --a------ C:\WINDOWS\system32\drivers\smsflt.sys
2008-06-13 13:46 . 2006-08-02 14:17 16,000 --a------ C:\WINDOWS\system32\drivers\wnmflt.sys
2008-06-13 13:44 . 2006-07-10 11:50 245,760 --a------ C:\WINDOWS\system32\PavSHook.dll
2008-06-13 13:44 . 2006-07-21 14:35 139,264 --a------ C:\WINDOWS\system32\TpUtil.dll
2008-06-13 13:44 . 2006-06-27 19:36 101,888 --a------ C:\WINDOWS\system32\SYSTOOLS.DLL
2008-06-13 13:44 . 2006-06-16 14:44 57,344 --a------ C:\WINDOWS\system32\pavipc.dll
2008-06-13 13:44 . 2005-09-27 12:13 45,056 --a------ C:\WINDOWS\system32\avldr.dll
2008-06-13 13:44 . 2005-08-12 14:36 16,640 --a------ C:\WINDOWS\system32\drivers\cpoint.sys
2008-06-13 13:40 . 2008-06-13 13:40 <DIR> d-------- C:\Program Files\Panda Software
2008-06-13 13:39 . 2008-06-13 13:39 <DIR> d-------- C:\Program Files\Common Files\Panda Software
2008-06-13 13:39 . 2006-04-25 19:02 165,120 --a------ C:\WINDOWS\system32\drivers\PavProc.sys
2008-06-13 13:36 . 2006-02-22 12:43 71,552 --a------ C:\WINDOWS\system32\drivers\pavdrv51.sys
2008-06-10 16:50 . 2007-07-19 02:39 1,278,104 -ra------ C:\WINDOWS\system32\drivers\LV302V32.SYS
2008-06-10 15:38 . 2008-06-10 15:39 <DIR> d-------- C:\Program Files\ABBYY FineReader 6.0 Sprint
2008-06-09 20:36 . 2008-06-13 15:51 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Spy Emergency
2008-06-09 20:35 . 2008-06-09 20:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NETGATE
2008-06-09 20:35 . 2008-03-01 17:09 23,096 --a------ C:\WINDOWS\system32\sremcon.exe
2008-06-09 20:35 . 2008-02-05 12:10 14,392 --a------ C:\WINDOWS\system32\drivers\spyemrg_guard.sys
2008-06-09 20:35 . 2008-02-05 12:10 12,344 --a------ C:\WINDOWS\system32\drivers\spyemrg.sys
2008-06-09 16:34 . 2008-06-09 16:37 6,300,672 --a--c--- C:\JoinVideo.avi
2008-06-08 11:25 . 2008-06-08 11:26 <DIR> d----c--- C:\Documents and Settings\admin\avidemux
2008-06-07 21:26 . 2004-10-12 14:40 2,255,360 --a------ C:\WINDOWS\system32\libavcodec.dll
2008-06-07 21:26 . 2004-10-12 14:46 1,761,280 --a------ C:\WINDOWS\system32\ffdshow.ax
2008-06-07 21:26 . 2004-10-05 16:16 395,776 --a------ C:\WINDOWS\system32\libmplayer.dll
2008-06-07 21:26 . 2004-10-12 14:42 262,144 --a------ C:\WINDOWS\system32\TomsMoComp_ff.dll
2008-06-07 21:26 . 2004-10-04 01:50 112,640 --a------ C:\WINDOWS\system32\libmpeg2_ff.dll
2008-06-07 18:45 . 1999-05-18 19:29 808,700 --a------ C:\WINDOWS\system32\Win.tlb
2008-06-07 18:45 . 1998-04-24 00:00 368,912 --a------ C:\WINDOWS\system32\vbar332.dll
2008-06-07 18:45 . 2002-07-05 18:13 45,056 --a------ C:\WINDOWS\system32\CxxProgressBar.ocx
2008-06-07 16:18 . 2008-06-09 18:27 <DIR> d-------- C:\Program Files\vso
2008-06-07 11:49 . 2008-06-07 11:49 <DIR> d----c--- C:\VideoOutput
2008-06-07 10:48 . 2008-06-07 10:48 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Ulead Systems
2008-06-06 20:19 . 2008-06-06 20:19 <DIR> d-------- C:\Program Files\Common Files\InterVideo
2008-06-06 20:10 . 2008-06-06 20:10 <DIR> d-------- C:\Program Files\Windows Media Components
2008-06-06 20:07 . 2008-06-07 11:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-06-06 14:54 . 2007-04-03 14:59 99,080 -ra------ C:\WINDOWS\system32\drivers\s616unic.sys
2008-06-06 14:54 . 2007-04-03 14:59 23,176 -ra------ C:\WINDOWS\system32\drivers\s616nd5.sys
2008-06-06 14:54 . 2007-04-03 14:59 11,016 -ra------ C:\WINDOWS\system32\drivers\s616cr.sys
2008-06-03 18:14 . 2007-08-15 12:09 417,792 --a------ C:\WINDOWS\system32\vbalCmdBar6.ocx
2008-06-03 18:14 . 2007-08-15 12:09 262,144 --a------ C:\WINDOWS\system32\lst_v.ocx
2008-06-03 18:14 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-06-03 18:14 . 2007-08-15 12:09 167,683 --a------ C:\WINDOWS\system32\COMCT232.OCX
2008-06-03 18:14 . 2007-08-15 12:09 159,744 --a------ C:\WINDOWS\system32\wt_menu.dll
2008-06-03 18:14 . 2007-08-15 12:09 94,208 --a------ C:\WINDOWS\system32\img_lst.ocx
2008-06-03 18:14 . 2007-08-15 12:09 40,960 --a------ C:\WINDOWS\system32\ssubtmr6.dll
2008-06-03 16:31 . 2008-06-03 18:29 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Hide IP NG
2008-06-03 15:53 . 2008-06-03 16:15 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Smart PC Solutions
2008-06-03 15:52 . 2008-06-13 13:41 <DIR> d-------- C:\Program Files\Smart_PC
2008-06-03 14:53 . 2008-06-14 13:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-06-02 17:23 . 2008-06-13 20:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-06-01 20:05 . 2008-06-01 20:05 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-05-31 17:02 . 2008-06-01 19:43 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\BitDefender
2008-05-31 16:59 . 2008-06-01 19:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-05-31 16:27 . 2008-05-31 20:04 121 --a------ C:\WINDOWS\bdagent.INI
2008-05-31 16:06 . 2008-06-01 19:43 <DIR> d-------- C:\Program Files\Common Files\BitDefender
2008-05-30 19:06 . 2007-04-03 14:57 100,488 -ra------ C:\WINDOWS\system32\drivers\s116mgmt.sys
2008-05-30 19:06 . 2007-04-03 14:57 99,080 -ra------ C:\WINDOWS\system32\drivers\s116unic.sys
2008-05-30 19:06 . 2007-04-03 14:57 98,696 -ra------ C:\WINDOWS\system32\drivers\s116obex.sys
2008-05-30 19:06 . 2007-04-03 14:57 23,176 -ra------ C:\WINDOWS\system32\drivers\s116nd5.sys
2008-05-30 19:06 . 2007-04-03 14:57 11,016 -ra------ C:\WINDOWS\system32\drivers\s116cr.sys
2008-05-30 19:05 . 2007-04-03 14:57 108,680 -ra------ C:\WINDOWS\system32\drivers\s116mdm.sys
2008-05-30 19:05 . 2007-04-03 14:57 15,112 -ra------ C:\WINDOWS\system32\drivers\s116mdfl.sys
2008-05-30 19:05 . 2007-04-03 14:57 12,424 -ra------ C:\WINDOWS\system32\drivers\s116cmnt.sys
2008-05-30 19:05 . 2007-04-03 14:57 12,424 -ra------ C:\WINDOWS\system32\drivers\s116cm.sys
2008-05-30 16:18 . 2007-04-03 14:57 83,336 -ra------ C:\WINDOWS\system32\drivers\s116bus.sys
2008-05-30 16:18 . 2007-04-03 14:57 12,424 -ra------ C:\WINDOWS\system32\drivers\s116whnt.sys
2008-05-30 16:18 . 2007-04-03 14:57 12,424 -ra------ C:\WINDOWS\system32\drivers\s116wh.sys
2008-05-29 23:42 . 2008-05-29 23:42 295,936 --a------ C:\WINDOWS\system32\ndt2.sys
2008-05-29 21:54 . 2008-06-01 19:41 <DIR> d-------- C:\Program Files\mTC
2008-05-29 18:10 . 2008-05-29 18:10 31 --a------ C:\WINDOWS\idc.ini
2008-05-29 18:10 . 2008-05-29 18:10 18 --a------ C:\WINDOWS\usdthank.ini
2008-05-28 17:31 . 2007-04-03 14:59 108,680 -ra------ C:\WINDOWS\system32\drivers\s616mdm.sys
2008-05-28 17:31 . 2007-04-03 14:59 100,360 -ra------ C:\WINDOWS\system32\drivers\s616mgmt.sys
2008-05-28 17:31 . 2007-04-03 14:59 98,568 -ra------ C:\WINDOWS\system32\drivers\s616obex.sys
2008-05-28 17:31 . 2007-04-03 14:59 83,208 -ra------ C:\WINDOWS\system32\drivers\s616bus.sys
2008-05-28 17:31 . 2007-04-03 14:59 15,112 -ra------ C:\WINDOWS\system32\drivers\s616mdfl.sys
2008-05-28 17:31 . 2007-04-03 14:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616whnt.sys
2008-05-28 17:31 . 2007-04-03 14:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616wh.sys
2008-05-28 17:31 . 2007-04-03 14:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616cmnt.sys
2008-05-28 17:31 . 2007-04-03 14:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616cm.sys
2008-05-26 15:36 . 2006-03-13 19:52 96,224 -ra------ C:\WINDOWS\system32\drivers\w800mdm.sys
2008-05-26 15:36 . 2006-03-13 19:52 87,792 -ra------ C:\WINDOWS\system32\drivers\w800mgmt.sys
2008-05-26 15:36 . 2006-03-13 19:52 85,664 -ra------ C:\WINDOWS\system32\drivers\w800obex.sys
2008-05-26 15:36 . 2006-03-13 19:52 60,768 -ra------ C:\WINDOWS\system32\drivers\w800bus.sys
2008-05-26 15:36 . 2006-03-13 19:52 9,264 -ra------ C:\WINDOWS\system32\drivers\w800mdfl.sys
2008-05-26 15:36 . 2006-03-13 19:52 6,144 -ra------ C:\WINDOWS\system32\drivers\w800cmnt.sys
2008-05-26 15:36 . 2006-03-13 19:52 6,144 -ra------ C:\WINDOWS\system32\drivers\w800cm.sys
2008-05-26 15:36 . 2006-03-13 19:52 5,744 -ra------ C:\WINDOWS\system32\drivers\w800whnt.sys
2008-05-26 15:36 . 2006-03-13 19:52 5,744 -ra------ C:\WINDOWS\system32\drivers\w800wh.sys
2008-05-26 11:43 . 2008-05-26 11:43 33,824 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2008-05-26 11:07 . 2006-03-01 10:25 8,704 --a------ C:\WINDOWS\system32\drivers\ggsemc.sys
2008-05-24 17:33 . 2008-05-24 17:42 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Off Road
2008-05-24 17:30 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-05-24 17:30 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2008-05-23 13:10 . 2008-05-23 13:10 <DIR> d----c--- C:\Program Files (x86)
2008-05-22 15:47 . 2008-05-22 17:37 <DIR> d-------- C:\Program Files\EA SPORTS
2008-05-20 17:36 . 2008-06-08 18:35 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\gtk-2.0
2008-05-20 17:36 . 2008-05-20 17:36 <DIR> d----c--- C:\Documents and Settings\admin\.thumbnails
2008-05-20 17:31 . 2008-05-22 15:26 <DIR> d----c--- C:\Documents and Settings\admin\.gimp-2.4
2008-05-20 17:31 . 2008-05-20 17:31 <DIR> d----c--- C:\Documents and Settings\admin\.fontconfig
2008-05-20 17:26 . 2008-05-20 17:26 <DIR> d-------- C:\Program Files\GIMP-2.0
2008-05-15 18:44 . 2008-05-15 18:56 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Winamp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-14 11:13 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-14 10:02 --------- d-----w C:\Program Files\Crawler
2008-06-13 11:49 139,096,864 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-13 11:47 5,081,120 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-13 11:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-13 11:42 --------- d-----w C:\Program Files\Winamp
2008-06-13 11:42 --------- d-----w C:\Program Files\Common Files\Teleca Shared
2008-06-13 11:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\LangSoft
2008-06-13 11:41 --------- d-----w C:\Program Files\Reganam
2008-06-13 11:41 --------- d-----w C:\Program Files\Opera
2008-06-13 11:41 --------- d-----w C:\Program Files\ICQLite
2008-06-13 11:41 --------- d-----w C:\Program Files\Common Files\Sony Ericsson Shared
2008-06-13 11:41 --------- d-----w C:\Program Files\Common Files\602PHS
2008-06-13 11:41 --------- d-----w C:\Program Files\Bonjour
2008-06-13 11:41 --------- d-----w C:\Program Files\7-Zip
2008-06-13 11:12 --------- dc----w C:\Documents and Settings\admin\Application Data\Skype
2008-06-13 10:52 --------- dc----w C:\Documents and Settings\admin\Application Data\MegauploadToolbar
2008-06-13 10:13 --------- dc----w C:\Documents and Settings\admin\Application Data\skypePM
2008-06-13 07:07 478,268 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-06-13 07:07 1,864,124 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-12 10:35 --------- d-----w C:\Program Files\AskTBar
2008-06-10 13:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\UDL
2008-06-10 13:37 --------- d-----w C:\Program Files\epson
2008-06-09 16:26 47,360 -c--a-w C:\Documents and Settings\admin\Application Data\pcouffin.sys
2008-06-09 16:26 --------- dc----w C:\Documents and Settings\admin\Application Data\Vso
2008-06-09 15:58 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
2008-06-08 15:26 --------- dc----w C:\Documents and Settings\admin\Application Data\XnView
2008-06-07 09:25 --------- d-----w C:\Program Files\Google
2008-06-05 17:14 --------- dc----w C:\Documents and Settings\admin\Application Data\BearShare
2008-06-02 13:04 --------- d-----w C:\Program Files\totalcmd
2008-06-02 13:04 --------- d-----w C:\Program Files\FDN
2008-05-28 22:08 --------- d-----w C:\Program Files\Kaspersky Lab
2008-05-27 17:18 --------- dc----w C:\Documents and Settings\admin\Application Data\AdobeUM
2008-05-14 17:39 --------- dc----w C:\Documents and Settings\admin\Application Data\LangSoft
2008-05-11 18:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania
2008-05-10 20:25 --------- dc----w C:\Documents and Settings\admin\Application Data\vlc
2008-05-07 07:56 --------- d-----w C:\Program Files\GSpot
2008-05-01 17:17 --------- d-----w C:\Program Files\Logitech
2008-05-01 17:13 --------- d-----w C:\Program Files\Common Files\LogiShrd
2008-05-01 17:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logitech
2008-05-01 17:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-04-29 08:39 --------- dc----w C:\Documents and Settings\admin\Application Data\Talkback
2008-04-29 08:38 --------- d-----w C:\Program Files\Common Files\xing shared
2008-04-29 08:38 --------- d-----w C:\Program Files\Common Files\Real
2008-04-29 08:37 --------- d-----w C:\Program Files\Real
2008-04-28 07:05 --------- d-----w C:\Program Files\Trend Micro
2008-04-27 19:52 --------- d-----w C:\Program Files\CyberLink DVD Solution
2008-04-26 18:05 --------- d-----w C:\Program Files\WMV9_VCM
2008-04-24 14:09 --------- dc----w C:\Documents and Settings\admin\Application Data\DAEMON Tools
2008-04-24 14:02 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-04-22 14:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-04-18 18:50 --------- d-----w C:\Program Files\BitComet
2008-04-18 18:05 --------- d-----w C:\Program Files\QIP
2008-04-17 18:29 --------- d-----w C:\Program Files\Keyboard Layout Manager 32 bit
2008-04-17 17:59 --------- d-----w C:\Program Files\Clock Tray Skins
2008-04-17 07:16 --------- dc----w C:\Documents and Settings\admin\Application Data\fltk.org
2008-04-16 19:00 --------- d-----w C:\Program Files\Pcsx2
2008-04-16 10:58 --------- d-----w C:\Program Files\videofixer
2008-04-16 10:14 --------- d-----w C:\Program Files\thriXXX
2008-04-16 07:14 --------- d-----w C:\Program Files\Juiced
2008-04-16 07:09 --------- d-----w C:\Program Files\SDClock
2008-03-04 17:25 21,160 -c--a-w C:\Documents and Settings\admin\Application Data\GDIPFONTCACHEV1.DAT
2008-02-07 08:57 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
2007-09-14 19:02 1,094 -csha-r C:\WINDOWS\system32\stanby.reg
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7B7F5ACA-0A87-4214-B867-7D9BC8F7EBF5}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]
2008-04-03 10:40 1523736 --a------ C:\Program Files\Reganam\tbRega.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e3aaf71e-b295-4156-ae11-777237a1db3c}]
2008-05-21 00:43 1526296 --a------ C:\Program Files\Smart_PC\tbSma0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{DB9D7A78-A76C-4BF2-97C6-258925EE1542}"= "C:\Program Files\Reganam\tbRega.dll" [2008-04-03 10:40 1523736]
"{E3AAF71E-B295-4156-AE11-777237A1DB3C}"= "C:\Program Files\Smart_PC\tbSma0.dll" [2008-05-21 00:43 1526296]

[HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]

[HKEY_CLASSES_ROOT\clsid\{e3aaf71e-b295-4156-ae11-777237a1db3c}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{DB9D7A78-A76C-4BF2-97C6-258925EE1542}"= C:\Program Files\Reganam\tbRega.dll [2008-04-03 10:40 1523736]
"{E3AAF71E-B295-4156-AE11-777237A1DB3C}"= C:\Program Files\Smart_PC\tbSma0.dll [2008-05-21 00:43 1526296]

[HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]

[HKEY_CLASSES_ROOT\clsid\{e3aaf71e-b295-4156-ae11-777237a1db3c}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-09-13 12:12 139264]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-21 19:34 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 01:06 1667584]
"BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-11-07 17:06 1881400]
"OEXPRESS"="C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE" [2008-05-14 19:40 26624]
"DAEMON Tools Lite"="D:\Dokumenty\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]
"PowerBar"="C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" [2004-04-21 10:26 86016]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-27 20:12 3142236]
"SpywareTerminatorScan"="C:\Program Files\Spyware Terminator\SpywareTerminator.exe" [2008-05-01 03:41 9260392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-10-10 15:49 7286784]
"nwiz"="nwiz.exe" [2005-10-10 15:49 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-10-10 15:49 86016]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-14 11:01 16010752 C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [2005-05-03 12:43 69632 C:\WINDOWS\Alcmtr.exe]
"TV Card Remote Control Device Monitor"="C:\WINDOWS\713xRMTMon.exe" [2005-07-20 06:00 352256]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 15:07 49263]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2006-11-08 18:28 155751]
"@"="" []
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-27 20:12 3142236]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 07:28 36352]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 11:14 528384]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40 155648]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 01:47 31016]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 06:03 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 06:03 81920]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-29 10:37 185896]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 16:02 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06 2027792]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 00:56 158208]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"combofix"="C:\WINDOWS\system32\CF24278.exe" [2004-08-04 00:56 388608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"combofix"="C:\WINDOWS\system32\CF24278.exe" [2004-08-04 00:56 388608]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [ ]

C:\Documents and Settings\admin\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 21:24:54 98632]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Scheduler for OEM.lnk - C:\Program Files\honestech\honestech TVR\scheduleTV.exe [2007-08-27 09:29:06 307200]
SDNotify.lnk - C:\Program Files\SDClock\SDNotify.exe [2008-04-16 09:09:47 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll 2005-09-27 12:13 45056 C:\WINDOWS\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 2006-10-09 12:40 225280 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.HFYU"= huffyuv.dll
"msacm.avis"= ff_acm.acm
"vidc.i263"= C:\WINDOWS\system32\i263_32.drv
"msacm.imc"= C:\WINDOWS\system32\imc32.acm
"msacm.fraunhoferacm"= l3codecp.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\runtime2.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyEmergency]
D:\Dokumenty\Spy Emergency 2008\SpyEmergency.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"XCOMM"=2 (0x2)
"VSSERV"=2 (0x2)
"scan"=3 (0x3)
"LIVESRV"=2 (0x2)
"SamSs"=2 (0x2)
"PSIMSVC"=2 (0x2)
"PAVSRV"=2 (0x2)
"PAVFNSVR"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQLite\\ICQLite.exe"=
"C:\\Documents and Settings\\admin\\Desktop\\Nitro\\nitro.exe"=
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"C:\\WINDOWS\\system32\\msdnc0.exe"=
"C:\\Program Files\\Opera\\Opera.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\ImagingShop\\Agent.exe"=
"C:\\Program Files\\ImagingShop\\ImagingShop.exe"=
"C:\\Program Files\\Valve\\hl.exe"=
"C:\\Program Files\\LowRateVoip\\LowRateVoip.exe"=
"C:\\Games\\Paintball2\\paintball2.exe"=
"C:\\Program Files\\Xfire\\ua_lsp_inst.exe"=
"C:\\Program Files\\EA GAMES\\Medal of Honor Pacific Assault(tm)\\mohpa.exe"=
"C:\\Documents and Settings\\admin\\My Documents\\EA Games\\Medal of Honor Pacific Assault(tm)\\mohpa.exe"=
"D:\\Hry\\mohpa.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"C:\\Program Files\\Counter-Strike Source\\srcds.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"D:\\Dokumenty\\SRS - Street Racing Syndicate\\Bin\\SRS.exe"=
"D:\\Hry\\Live_For_Speed\\LFS.exe"=
"D:\\Hry\\Counter-Strike Source\\hl2.exe"=
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Juiced\\Juiced.exe"=
"C:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"D:\\Dokumenty\\BearShare.exe"=
"D:\\Hry\\hl.exe"=
"D:\\Dokumenty\\Hry\\CSS\\Counter-Strike Source\\hl2.exe"=
"C:\\Program Files\\BearShare applications\\BearShare\\BearShare.exe"=
"D:\\Dokumenty\\Spontania Video Collaboration\\dialcomwcs.exe"=
"D:\\Dokumenty\\Spontania Video Collaboration\\SpontaniaVideoCollaboration.exe"=
"C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"D:\\Dokumenty\\fifa\\fifa07.exe"=
"D:\\Dokumenty\\TmNationsForever\\TmForever.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"D:\\Dokumenty\\NHL 2008\\nhl2008.exe"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"22556:TCP"= 22556:TCP:BitComet 22556 TCP
"22556:UDP"= 22556:UDP:BitComet 22556 UDP

R0 netflt;Panda Net Driver [NDIS Layer];C:\WINDOWS\system32\Drivers\NETFLT.SYS [2006-08-04 11:58]
R1 NETFLTDI;Panda Net Driver [TDI Layer];C:\WINDOWS\system32\Drivers\NETFLTDI.SYS [2006-05-11 22:26]
S1 APPFLT;App Filter Plugin;C:\WINDOWS\system32\Drivers\APPFLT.SYS [2006-08-03 16:37]
S2 713xTVCard;SAA7135 TV Card;C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2006-05-20 22:00]
S2 cpoint;Panda CPoint Driver;C:\WINDOWS\system32\Drivers\cpoint.sys [2005-08-12 14:36]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
cb47356232
sb56124232

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-14 13:30:15
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************
.
Completion time: 2008-06-14 13:42:31 - machine was rebooted
ComboFix-quarantined-files.txt 2008-06-14 11:41:28

Pre-Run: 7,882,682,368 bytes free
Post-Run: 7,893,688,320 bytes free

477


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.07.07
Príspevky: 3210
Témy: 41 | 41
Bydlisko: Brno
NapísalOffline : 14.06.2008 15:07 | problem pri instalacii antiviru

Fixni v Hjt:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT1638664
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file)
O1 - Hosts: 210.72.13.14 chixas.com
O1 - Hosts: 82.98.86.169 MULTIMEDIABABE.NET
O1 - Hosts: 82.98.86.171 HOPE2ACTION.COM
O1 - Hosts: 82.98.86.172 chemecol.com
O1 - Hosts: 82.98.86.172 inclosiablogs.com
O1 - Hosts: 82.98.86.169 aias.com
O1 - Hosts: 82.98.86.170 nbgjg.com
O1 - Hosts: 209.85.51.247 supportcentre.com
O1 - Hosts: 82.98.86.171 IMG4YOU.com
O1 - Hosts: 82.98.86.170 rlulwm.com
O1 - Hosts: 82.98.86.162 idsftp.com
O1 - Hosts: 82.98.86.174 97991.net
O1 - Hosts: 82.98.86.173 neodel.info
O1 - Hosts: 72.52.4.90 ytdiy.com
O1 - Hosts: 82.98.86.177 ravina.info
O1 - Hosts: 82.98.86.163 zymulty.biz
O1 - Hosts: 82.98.86.173 amkiln.com
O1 - Hosts: 82.98.86.175 qs78y.com
O1 - Hosts: 64.14.244.60, 64.34.46.60 sathma.com
O1 - Hosts: 64.34.46.60 aoldiamond.com
O2 - BHO: (no name) - {7B7F5ACA-0A87-4214-B867-7D9BC8F7EBF5} - (no file)
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O3 - Toolbar: (no name) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)
O4 - Global Startup: SDNotify.lnk = C:\Program Files\SDClock\SDNotify.exe
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)

stiahni a spusti http://downloads.subratam.org/Fixwareout.exe
klikni na Next - Install - zaskrtni moznost Run fixit a klikni na Finish, potom pokracuj podla instrukcii..
po teste potom vloz sem na forum log, ak nevyskoci, bude v C:\fixwareout\report.txt



dalej spusti poznamkovy blok - skopiruj donho:

Kód:
File::
C:\WINDOWS\system32\drivers\netflt.sys
C:\WINDOWS\system32\drivers\netfltdi.sys
C:\WINDOWS\system32\drivers\APPFCONT.DAT
C:\WINDOWS\system32\drivers\APPFLTR.CFG
C:\WINDOWS\system32\drivers\APPFLT.SYS
C:\WINDOWS\system32\drivers\smsflt.sys
C:\WINDOWS\system32\drivers\wnmflt.sys
C:\WINDOWS\system32\PavSHook.dll
C:\WINDOWS\system32\TpUtil.dll
C:\WINDOWS\system32\SYSTOOLS.DLL
C:\WINDOWS\system32\pavipc.dll
C:\WINDOWS\system32\avldr.dll
C:\WINDOWS\system32\drivers\cpoint.sys
C:\WINDOWS\system32\drivers\PavProc.sys
C:\WINDOWS\system32\drivers\pavdrv51.sys
C:\WINDOWS\system32\ndt2.sys

Folder::
C:\Program Files\AskTBar
C:\Program Files\Reganam

Driver::
netflt
NETFLTDI
APPFLT
cpoint


uloz ako CFScript.txt a prenes do ComboFix

problem pri instalacii antiviru

vloz sem aj z Combofixu log co vyskoci /dufam :) / + novy z Hijackthis


_________________
PC: CPU: Intel i7 5820k @ 4.2 Ghz Cooler: NZXT Kraken x41 MB: ASUS X99-A GPU: ASUS Stryx 970 GTX 4GB RAM: 32 GB Kingston 2133 DDR4 SSD: Kingston Hyperx 240 GB HDD1: Seagate Barracuda 7200.14 3TB HDD2: Seagate Barracuda 7200 1TB PSU: Corsair RM 850 Case: NZXT Phantom 410 white LCD: DELL P2416D @ 75Hz AUDIO: Yamaha RN500 Repro: DALI Zensor 5 Phone: Galaxy S8+
NB: Lenovo Y500
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 14.06.2008 15:09 | problem pri instalacii antiviru

STIAHOL SOM SI AVIRA ANTIVIR A ZNOVA SOM SPRAVIL LOG HJT A DAL NA STRANKU http://www.hijackthis.de/#anl A PRI AVIRE MY DALO TAKY STIT ZE JE TO VIRUS


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.07.07
Príspevky: 3210
Témy: 41 | 41
Bydlisko: Brno
NapísalOffline : 14.06.2008 15:11 | problem pri instalacii antiviru

zabudol som tam dopisat, ze script ma mat nazov CFscript.txt ....takze uloz takto pretiahni na combofix....


_________________
PC: CPU: Intel i7 5820k @ 4.2 Ghz Cooler: NZXT Kraken x41 MB: ASUS X99-A GPU: ASUS Stryx 970 GTX 4GB RAM: 32 GB Kingston 2133 DDR4 SSD: Kingston Hyperx 240 GB HDD1: Seagate Barracuda 7200.14 3TB HDD2: Seagate Barracuda 7200 1TB PSU: Corsair RM 850 Case: NZXT Phantom 410 white LCD: DELL P2416D @ 75Hz AUDIO: Yamaha RN500 Repro: DALI Zensor 5 Phone: Galaxy S8+
NB: Lenovo Y500
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 14.06.2008 15:17 | problem pri instalacii antiviru

TIE 01HOST TAM UZ NEMAM NEVADI TO?


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.07.07
Príspevky: 3210
Témy: 41 | 41
Bydlisko: Brno
NapísalOffline : 14.06.2008 15:19 | problem pri instalacii antiviru

najprv vloz sem Hijackthis log novy


_________________
PC: CPU: Intel i7 5820k @ 4.2 Ghz Cooler: NZXT Kraken x41 MB: ASUS X99-A GPU: ASUS Stryx 970 GTX 4GB RAM: 32 GB Kingston 2133 DDR4 SSD: Kingston Hyperx 240 GB HDD1: Seagate Barracuda 7200.14 3TB HDD2: Seagate Barracuda 7200 1TB PSU: Corsair RM 850 Case: NZXT Phantom 410 white LCD: DELL P2416D @ 75Hz AUDIO: Yamaha RN500 Repro: DALI Zensor 5 Phone: Galaxy S8+
NB: Lenovo Y500
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 14.06.2008 15:32 | problem pri instalacii antiviru

Username "admin" - 2008-06-14 15:21:22 [Fixwareout edited 9/01/2007]

~~~~~ Prerun check

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.114.194 85.255.112.120" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{847ACA74-2A02-4D31-A433-A6DA489740FF}
"nameserver"="85.255.114.194,85.255.112.120" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{D11426F2-AB6D-4DA3-9F44-0FA7C97813EE}
"nameserver"="85.255.114.194,85.255.112.120" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{8B2602D0-FD4F-4ABC-B572-FAACD84D1B88}
"DhcpNameServer"="85.255.114.194,85.255.112.120" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{D11426F2-AB6D-4DA3-9F44-0FA7C97813EE}
"DhcpNameServer"="85.255.114.194,85.255.112.120" <Value cleared.

Vyrovnávacia pamäť prekladania DNS sa úspešne vyprázdnila.


System was rebooted successfully.

~~~~~ Postrun check
HKLM\SOFTWARE\~\Winlogon\ "System"=""
....
....
~~~~~ Misc files.
....
~~~~~ Checking for older varients.
....

~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"RTHDCPL"="RTHDCPL.EXE"
"Alcmtr"="ALCMTR.EXE"
"TV Card Remote Control Device Monitor"="C:\\WINDOWS\\713xRMTMon.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
"AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\""
"ICQ Lite"="\"C:\\Program Files\\ICQLite\\ICQLite.exe\" -minimize"
"WinampAgent"="\"C:\\Program Files\\Winamp\\winampa.exe\""
"Sony Ericsson PC Suite"="\"C:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions"
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"GrooveMonitor"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""
"ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup"
"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"LogitechCommunicationsManager"="\"C:\\Program Files\\Common Files\\LogiShrd\\LComMgr\\Communications_Helper.exe\""
"LogitechQuickCamRibbon"="\"C:\\Program Files\\Logitech\\QuickCam\\Quickcam.exe\" /hide"
"MSConfig"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\MSConfig.exe /auto"
"avgnt"="\"C:\\Program Files\\Avira\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"combofix"="C:\\WINDOWS\\system32\\CF24278.exe /c C:\\ComboFix\\Combobatch.bat"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\""
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"BitComet"="\"C:\\Program Files\\BitComet\\BitComet.exe\" /tray"
"OEXPRESS"="C:\\Documents and Settings\\All Users\\Application Data\\LangSoft\\OETRN.EXE"
"DAEMON Tools Lite"="\"D:\\Dokumenty\\DAEMON Tools Lite\\daemon.exe\" -autorun"
"PowerBar"="\"C:\\Program Files\\CyberLink DVD Solution\\Multimedia Launcher\\PowerBar.exe\" /AtBootTime"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater]
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 14.06.2008 16:22 | problem pri instalacii antiviru

ComboFix 08-06-12.2 - admin 2008-06-14 15:33:58.2 - NTFSx86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1033.18.193 [GMT 2:00]
Running from: C:\Documents and Settings\admin\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\admin\Desktop\CFscript.txt

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\Program Files\Common Files\Panda Software
C:\Program Files\Panda Software
C:\WINDOWS\system32\avldr.dll
C:\WINDOWS\system32\drivers\APPFCONT.DAT
C:\WINDOWS\system32\drivers\APPFLT.SYS
C:\WINDOWS\system32\drivers\APPFLTR.CFG
C:\WINDOWS\system32\drivers\cpoint.sys
C:\WINDOWS\system32\drivers\netflt.sys
C:\WINDOWS\system32\drivers\netfltdi.sys
C:\WINDOWS\system32\drivers\pavdrv51.sys
C:\WINDOWS\system32\drivers\PavProc.sys
C:\WINDOWS\system32\drivers\smsflt.sys
C:\WINDOWS\system32\drivers\wnmflt.sys
C:\WINDOWS\system32\ndt2.sys
C:\Windows\system32\PAV
C:\WINDOWS\system32\pavipc.dll
C:\WINDOWS\system32\PavSHook.dll
C:\WINDOWS\system32\SYSTOOLS.DLL
C:\WINDOWS\system32\TpUtil.dll
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\AskTBar
C:\Program Files\AskTBar\PopSwatr\History\allowed
C:\Program Files\AskTBar\PopSwatr\History\notallow
C:\Program Files\Reganam
C:\Program Files\Reganam\INSTALL.LOG
C:\Program Files\Reganam\ReganamToolbarHelper.exe
C:\Program Files\Reganam\tbRega.dll
C:\Program Files\Reganam\toolbar.cfg
C:\Program Files\Reganam\UNWISE.EXE
C:\WINDOWS\system32\avldr.dll
C:\WINDOWS\system32\drivers\APPFCONT.DAT
C:\WINDOWS\system32\drivers\APPFLT.SYS
C:\WINDOWS\system32\drivers\APPFLTR.CFG
C:\WINDOWS\system32\drivers\cpoint.sys
C:\WINDOWS\system32\drivers\netflt.sys
C:\WINDOWS\system32\drivers\netfltdi.sys
C:\WINDOWS\system32\drivers\pavdrv51.sys
C:\WINDOWS\system32\drivers\PavProc.sys
C:\WINDOWS\system32\drivers\smsflt.sys
C:\WINDOWS\system32\drivers\wnmflt.sys
C:\WINDOWS\system32\ndt2.sys
C:\WINDOWS\system32\pavipc.dll
C:\WINDOWS\system32\PavSHook.dll
C:\WINDOWS\system32\SYSTOOLS.DLL
C:\WINDOWS\system32\TpUtil.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_AFINDING
-------\Legacy_CPOINT
-------\Legacy_NETFLT
-------\Legacy_NETFLTDI
-------\Legacy_PERFMONS
-------\Legacy_ROUTING
-------\Legacy_RUNTIME
-------\Legacy_RUNTIME2
-------\Legacy_WSERVING
-------\Service_AFinding
-------\Service_APPFLT
-------\Service_cpoint
-------\Service_netflt
-------\Service_NETFLTDI
-------\Service_perfmons
-------\Service_WServing
-------\Legacy_PavProc
-------\Service_PavProc
-------\Service_SMSFLT
-------\Service_WNMFLT


((((((((((((((((((((((((( Files Created from 2008-05-14 to 2008-06-14 )))))))))))))))))))))))))))))))
.

2008-06-14 15:21 . 2008-06-14 15:24 <DIR> d----c--- C:\fixwareout
2008-06-14 13:01 . 2008-06-14 13:01 <DIR> d-------- C:\Program Files\Avira
2008-06-13 21:12 . 2008-06-14 12:06 <DIR> d-------- C:\Program Files\WinClamAVShield
2008-06-13 21:10 . 2008-06-14 13:21 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-06-13 21:10 . 2008-06-14 12:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-06-13 21:10 . 2008-06-14 15:55 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Spyware Terminator
2008-06-13 21:10 . 2008-06-13 21:10 141,312 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-06-13 15:51 . 2008-06-13 15:51 <DIR> d-------- C:\WINDOWS\system32\PAV
2008-06-13 15:51 . <DIR> C:\WINDOWS\LastGood.Tmp
2008-06-13 13:40 . 2008-06-13 13:40 <DIR> d-------- C:\Program Files\Panda Software
2008-06-13 13:39 . 2008-06-13 13:39 <DIR> d-------- C:\Program Files\Common Files\Panda Software
2008-06-10 16:50 . 2007-07-19 02:39 1,278,104 -ra------ C:\WINDOWS\system32\drivers\LV302V32.SYS
2008-06-10 15:38 . 2008-06-10 15:39 <DIR> d-------- C:\Program Files\ABBYY FineReader 6.0 Sprint
2008-06-09 20:36 . 2008-06-13 15:51 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Spy Emergency
2008-06-09 20:35 . 2008-06-09 20:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NETGATE
2008-06-09 20:35 . 2008-03-01 17:09 23,096 --a------ C:\WINDOWS\system32\sremcon.exe
2008-06-09 20:35 . 2008-02-05 12:10 14,392 --a------ C:\WINDOWS\system32\drivers\spyemrg_guard.sys
2008-06-09 20:35 . 2008-02-05 12:10 12,344 --a------ C:\WINDOWS\system32\drivers\spyemrg.sys
2008-06-09 16:34 . 2008-06-09 16:37 6,300,672 --a--c--- C:\JoinVideo.avi
2008-06-08 11:25 . 2008-06-08 11:26 <DIR> d----c--- C:\Documents and Settings\admin\avidemux
2008-06-07 21:26 . 2004-10-12 14:40 2,255,360 --a------ C:\WINDOWS\system32\libavcodec.dll
2008-06-07 21:26 . 2004-10-12 14:46 1,761,280 --a------ C:\WINDOWS\system32\ffdshow.ax
2008-06-07 21:26 . 2004-10-05 16:16 395,776 --a------ C:\WINDOWS\system32\libmplayer.dll
2008-06-07 21:26 . 2004-10-12 14:42 262,144 --a------ C:\WINDOWS\system32\TomsMoComp_ff.dll
2008-06-07 21:26 . 2004-10-04 01:50 112,640 --a------ C:\WINDOWS\system32\libmpeg2_ff.dll
2008-06-07 18:45 . 1999-05-18 19:29 808,700 --a------ C:\WINDOWS\system32\Win.tlb
2008-06-07 18:45 . 1998-04-24 00:00 368,912 --a------ C:\WINDOWS\system32\vbar332.dll
2008-06-07 18:45 . 2002-07-05 18:13 45,056 --a------ C:\WINDOWS\system32\CxxProgressBar.ocx
2008-06-07 16:18 . 2008-06-09 18:27 <DIR> d-------- C:\Program Files\vso
2008-06-07 11:49 . 2008-06-07 11:49 <DIR> d----c--- C:\VideoOutput
2008-06-07 10:48 . 2008-06-07 10:48 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Ulead Systems
2008-06-06 20:19 . 2008-06-06 20:19 <DIR> d-------- C:\Program Files\Common Files\InterVideo
2008-06-06 20:10 . 2008-06-06 20:10 <DIR> d-------- C:\Program Files\Windows Media Components
2008-06-06 20:07 . 2008-06-07 11:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-06-06 14:54 . 2007-04-03 14:59 99,080 -ra------ C:\WINDOWS\system32\drivers\s616unic.sys
2008-06-06 14:54 . 2007-04-03 14:59 23,176 -ra------ C:\WINDOWS\system32\drivers\s616nd5.sys
2008-06-06 14:54 . 2007-04-03 14:59 11,016 -ra------ C:\WINDOWS\system32\drivers\s616cr.sys
2008-06-03 18:14 . 2007-08-15 12:09 417,792 --a------ C:\WINDOWS\system32\vbalCmdBar6.ocx
2008-06-03 18:14 . 2007-08-15 12:09 262,144 --a------ C:\WINDOWS\system32\lst_v.ocx
2008-06-03 18:14 . 2004-03-09 00:00 212,240 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-06-03 18:14 . 2007-08-15 12:09 167,683 --a------ C:\WINDOWS\system32\COMCT232.OCX
2008-06-03 18:14 . 2007-08-15 12:09 159,744 --a------ C:\WINDOWS\system32\wt_menu.dll
2008-06-03 18:14 . 2007-08-15 12:09 94,208 --a------ C:\WINDOWS\system32\img_lst.ocx
2008-06-03 18:14 . 2007-08-15 12:09 40,960 --a------ C:\WINDOWS\system32\ssubtmr6.dll
2008-06-03 16:31 . 2008-06-03 18:29 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Hide IP NG
2008-06-03 15:53 . 2008-06-03 16:15 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Smart PC Solutions
2008-06-03 15:52 . 2008-06-13 13:41 <DIR> d-------- C:\Program Files\Smart_PC
2008-06-03 14:53 . 2008-06-14 13:01 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-06-02 17:23 . 2008-06-13 20:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-06-01 20:05 . 2008-06-01 20:05 23,600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS
2008-05-31 17:02 . 2008-06-01 19:43 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\BitDefender
2008-05-31 16:59 . 2008-06-01 19:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-05-31 16:27 . 2008-05-31 20:04 121 --a------ C:\WINDOWS\bdagent.INI
2008-05-31 16:06 . 2008-06-01 19:43 <DIR> d-------- C:\Program Files\Common Files\BitDefender
2008-05-30 19:06 . 2007-04-03 14:57 100,488 -ra------ C:\WINDOWS\system32\drivers\s116mgmt.sys
2008-05-30 19:06 . 2007-04-03 14:57 99,080 -ra------ C:\WINDOWS\system32\drivers\s116unic.sys
2008-05-30 19:06 . 2007-04-03 14:57 98,696 -ra------ C:\WINDOWS\system32\drivers\s116obex.sys
2008-05-30 19:06 . 2007-04-03 14:57 23,176 -ra------ C:\WINDOWS\system32\drivers\s116nd5.sys
2008-05-30 19:06 . 2007-04-03 14:57 11,016 -ra------ C:\WINDOWS\system32\drivers\s116cr.sys
2008-05-30 19:05 . 2007-04-03 14:57 108,680 -ra------ C:\WINDOWS\system32\drivers\s116mdm.sys
2008-05-30 19:05 . 2007-04-03 14:57 15,112 -ra------ C:\WINDOWS\system32\drivers\s116mdfl.sys
2008-05-30 19:05 . 2007-04-03 14:57 12,424 -ra------ C:\WINDOWS\system32\drivers\s116cmnt.sys
2008-05-30 19:05 . 2007-04-03 14:57 12,424 -ra------ C:\WINDOWS\system32\drivers\s116cm.sys
2008-05-30 16:18 . 2007-04-03 14:57 83,336 -ra------ C:\WINDOWS\system32\drivers\s116bus.sys
2008-05-30 16:18 . 2007-04-03 14:57 12,424 -ra------ C:\WINDOWS\system32\drivers\s116whnt.sys
2008-05-30 16:18 . 2007-04-03 14:57 12,424 -ra------ C:\WINDOWS\system32\drivers\s116wh.sys
2008-05-29 21:54 . 2008-06-01 19:41 <DIR> d-------- C:\Program Files\mTC
2008-05-29 18:10 . 2008-05-29 18:10 31 --a------ C:\WINDOWS\idc.ini
2008-05-29 18:10 . 2008-05-29 18:10 18 --a------ C:\WINDOWS\usdthank.ini
2008-05-28 17:31 . 2007-04-03 14:59 108,680 -ra------ C:\WINDOWS\system32\drivers\s616mdm.sys
2008-05-28 17:31 . 2007-04-03 14:59 100,360 -ra------ C:\WINDOWS\system32\drivers\s616mgmt.sys
2008-05-28 17:31 . 2007-04-03 14:59 98,568 -ra------ C:\WINDOWS\system32\drivers\s616obex.sys
2008-05-28 17:31 . 2007-04-03 14:59 83,208 -ra------ C:\WINDOWS\system32\drivers\s616bus.sys
2008-05-28 17:31 . 2007-04-03 14:59 15,112 -ra------ C:\WINDOWS\system32\drivers\s616mdfl.sys
2008-05-28 17:31 . 2007-04-03 14:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616whnt.sys
2008-05-28 17:31 . 2007-04-03 14:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616wh.sys
2008-05-28 17:31 . 2007-04-03 14:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616cmnt.sys
2008-05-28 17:31 . 2007-04-03 14:59 12,424 -ra------ C:\WINDOWS\system32\drivers\s616cm.sys
2008-05-26 15:36 . 2006-03-13 19:52 96,224 -ra------ C:\WINDOWS\system32\drivers\w800mdm.sys
2008-05-26 15:36 . 2006-03-13 19:52 87,792 -ra------ C:\WINDOWS\system32\drivers\w800mgmt.sys
2008-05-26 15:36 . 2006-03-13 19:52 85,664 -ra------ C:\WINDOWS\system32\drivers\w800obex.sys
2008-05-26 15:36 . 2006-03-13 19:52 60,768 -ra------ C:\WINDOWS\system32\drivers\w800bus.sys
2008-05-26 15:36 . 2006-03-13 19:52 9,264 -ra------ C:\WINDOWS\system32\drivers\w800mdfl.sys
2008-05-26 15:36 . 2006-03-13 19:52 6,144 -ra------ C:\WINDOWS\system32\drivers\w800cmnt.sys
2008-05-26 15:36 . 2006-03-13 19:52 6,144 -ra------ C:\WINDOWS\system32\drivers\w800cm.sys
2008-05-26 15:36 . 2006-03-13 19:52 5,744 -ra------ C:\WINDOWS\system32\drivers\w800whnt.sys
2008-05-26 15:36 . 2006-03-13 19:52 5,744 -ra------ C:\WINDOWS\system32\drivers\w800wh.sys
2008-05-26 11:43 . 2008-05-26 11:43 33,824 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2008-05-26 11:07 . 2006-03-01 10:25 8,704 --a------ C:\WINDOWS\system32\drivers\ggsemc.sys
2008-05-24 17:33 . 2008-05-24 17:42 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Off Road
2008-05-24 17:30 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-05-24 17:30 . 2006-12-08 12:02 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2008-05-23 13:10 . 2008-05-23 13:10 <DIR> d----c--- C:\Program Files (x86)
2008-05-22 15:47 . 2008-05-22 17:37 <DIR> d-------- C:\Program Files\EA SPORTS
2008-05-20 17:36 . 2008-06-08 18:35 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\gtk-2.0
2008-05-20 17:36 . 2008-05-20 17:36 <DIR> d----c--- C:\Documents and Settings\admin\.thumbnails
2008-05-20 17:31 . 2008-05-22 15:26 <DIR> d----c--- C:\Documents and Settings\admin\.gimp-2.4
2008-05-20 17:31 . 2008-05-20 17:31 <DIR> d----c--- C:\Documents and Settings\admin\.fontconfig
2008-05-20 17:26 . 2008-05-20 17:26 <DIR> d-------- C:\Program Files\GIMP-2.0
2008-05-15 18:44 . 2008-05-15 18:56 <DIR> d----c--- C:\Documents and Settings\admin\Application Data\Winamp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-14 11:13 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-14 10:02 --------- d-----w C:\Program Files\Crawler
2008-06-13 11:49 139,096,864 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-13 11:47 5,081,120 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-13 11:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-13 11:42 --------- d-----w C:\Program Files\Winamp
2008-06-13 11:42 --------- d-----w C:\Program Files\Common Files\Teleca Shared
2008-06-13 11:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\LangSoft
2008-06-13 11:41 --------- d-----w C:\Program Files\Opera
2008-06-13 11:41 --------- d-----w C:\Program Files\ICQLite
2008-06-13 11:41 --------- d-----w C:\Program Files\Common Files\Sony Ericsson Shared
2008-06-13 11:41 --------- d-----w C:\Program Files\Common Files\602PHS
2008-06-13 11:41 --------- d-----w C:\Program Files\Bonjour
2008-06-13 11:41 --------- d-----w C:\Program Files\7-Zip
2008-06-13 11:12 --------- dc----w C:\Documents and Settings\admin\Application Data\Skype
2008-06-13 10:52 --------- dc----w C:\Documents and Settings\admin\Application Data\MegauploadToolbar
2008-06-13 10:13 --------- dc----w C:\Documents and Settings\admin\Application Data\skypePM
2008-06-13 07:07 478,268 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-06-13 07:07 1,864,124 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-10 13:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\UDL
2008-06-10 13:37 --------- d-----w C:\Program Files\epson
2008-06-09 16:26 47,360 -c--a-w C:\Documents and Settings\admin\Application Data\pcouffin.sys
2008-06-09 16:26 --------- dc----w C:\Documents and Settings\admin\Application Data\Vso
2008-06-09 15:58 47,360 ----a-w C:\WINDOWS\system32\drivers\pcouffin.sys
2008-06-08 15:26 --------- dc----w C:\Documents and Settings\admin\Application Data\XnView
2008-06-07 09:25 --------- d-----w C:\Program Files\Google
2008-06-05 17:14 --------- dc----w C:\Documents and Settings\admin\Application Data\BearShare
2008-06-02 13:04 --------- d-----w C:\Program Files\totalcmd
2008-06-02 13:04 --------- d-----w C:\Program Files\FDN
2008-05-28 22:08 --------- d-----w C:\Program Files\Kaspersky Lab
2008-05-27 17:18 --------- dc----w C:\Documents and Settings\admin\Application Data\AdobeUM
2008-05-14 17:39 --------- dc----w C:\Documents and Settings\admin\Application Data\LangSoft
2008-05-11 18:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania
2008-05-10 20:25 --------- dc----w C:\Documents and Settings\admin\Application Data\vlc
2008-05-07 07:56 --------- d-----w C:\Program Files\GSpot
2008-05-01 17:17 --------- d-----w C:\Program Files\Logitech
2008-05-01 17:13 --------- d-----w C:\Program Files\Common Files\LogiShrd
2008-05-01 17:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logitech
2008-05-01 17:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-04-30 17:10 4,608 ----a-w C:\WINDOWS\system32\w95inf32.dll
2008-04-30 17:10 2,272 ----a-w C:\WINDOWS\system32\w95inf16.dll
2008-04-29 08:39 --------- dc----w C:\Documents and Settings\admin\Application Data\Talkback
2008-04-29 08:38 --------- d-----w C:\Program Files\Common Files\xing shared
2008-04-29 08:38 --------- d-----w C:\Program Files\Common Files\Real
2008-04-29 08:37 --------- d-----w C:\Program Files\Real
2008-04-28 07:05 --------- d-----w C:\Program Files\Trend Micro
2008-04-27 19:52 --------- d-----w C:\Program Files\CyberLink DVD Solution
2008-04-26 18:05 --------- d-----w C:\Program Files\WMV9_VCM
2008-04-24 14:09 --------- dc----w C:\Documents and Settings\admin\Application Data\DAEMON Tools
2008-04-24 14:02 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-04-22 14:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-04-18 18:50 --------- d-----w C:\Program Files\BitComet
2008-04-18 18:05 --------- d-----w C:\Program Files\QIP
2008-04-17 18:29 --------- d-----w C:\Program Files\Keyboard Layout Manager 32 bit
2008-04-17 17:59 --------- d-----w C:\Program Files\Clock Tray Skins
2008-04-17 07:16 --------- dc----w C:\Documents and Settings\admin\Application Data\fltk.org
2008-04-16 19:00 --------- d-----w C:\Program Files\Pcsx2
2008-04-16 10:58 --------- d-----w C:\Program Files\videofixer
2008-04-16 10:14 --------- d-----w C:\Program Files\thriXXX
2008-04-16 07:14 --------- d-----w C:\Program Files\Juiced
2008-04-16 07:09 --------- d-----w C:\Program Files\SDClock
2008-03-04 17:25 21,160 -c--a-w C:\Documents and Settings\admin\Application Data\GDIPFONTCACHEV1.DAT
2008-02-07 08:57 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2004-10-01 13:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
2007-09-14 19:02 1,094 -csha-r C:\WINDOWS\system32\stanby.reg
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]
C:\Program Files\Reganam\tbRega.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e3aaf71e-b295-4156-ae11-777237a1db3c}]
2008-05-21 00:43 1526296 --a------ C:\Program Files\Smart_PC\tbSma0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{DB9D7A78-A76C-4BF2-97C6-258925EE1542}"= "C:\Program Files\Reganam\tbRega.dll" [ ]
"{E3AAF71E-B295-4156-AE11-777237A1DB3C}"= "C:\Program Files\Smart_PC\tbSma0.dll" [2008-05-21 00:43 1526296]

[HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]

[HKEY_CLASSES_ROOT\clsid\{e3aaf71e-b295-4156-ae11-777237a1db3c}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{DB9D7A78-A76C-4BF2-97C6-258925EE1542}"= C:\Program Files\Reganam\tbRega.dll [ ]
"{E3AAF71E-B295-4156-AE11-777237A1DB3C}"= C:\Program Files\Smart_PC\tbSma0.dll [2008-05-21 00:43 1526296]

[HKEY_CLASSES_ROOT\clsid\{db9d7a78-a76c-4bf2-97c6-258925ee1542}]

[HKEY_CLASSES_ROOT\clsid\{e3aaf71e-b295-4156-ae11-777237a1db3c}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [2006-09-13 12:12 139264]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-21 19:34 68856]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 01:06 1667584]
"BitComet"="C:\Program Files\BitComet\BitComet.exe" [2007-11-07 17:06 1881400]
"OEXPRESS"="C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE" [2008-05-14 19:40 26624]
"DAEMON Tools Lite"="D:\Dokumenty\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]
"PowerBar"="C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" [2004-04-21 10:26 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-10-10 15:49 7286784]
"nwiz"="nwiz.exe" [2005-10-10 15:49 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-10-10 15:49 86016]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-14 11:01 16010752 C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [2005-05-03 12:43 69632 C:\WINDOWS\Alcmtr.exe]
"TV Card Remote Control Device Monitor"="C:\WINDOWS\713xRMTMon.exe" [2005-07-20 06:00 352256]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 15:07 49263]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2006-11-08 18:28 155751]
"@"="" []
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-27 20:12 3142236]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-10-10 07:28 36352]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-05-28 11:14 528384]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 17:40 155648]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 01:47 31016]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-16 06:03 221184]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 06:03 81920]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-29 10:37 185896]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 16:02 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 16:06 2027792]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"combofix"="C:\WINDOWS\system32\CF17053.exe" [2004-08-04 00:56 388608]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-06-13 21:10 1817600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 15360]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [ ]

C:\Documents and Settings\admin\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 21:24:54 98632]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Scheduler for OEM.lnk - C:\Program Files\honestech\honestech TVR\scheduleTV.exe [2007-08-27 09:29:06 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 2006-10-09 12:40 225280 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.HFYU"= huffyuv.dll
"msacm.avis"= ff_acm.acm
"vidc.i263"= C:\WINDOWS\system32\i263_32.drv
"msacm.imc"= C:\WINDOWS\system32\imc32.acm
"msacm.fraunhoferacm"= l3codecp.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\runtime2.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyEmergency]
D:\Dokumenty\Spy Emergency 2008\SpyEmergency.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"XCOMM"=2 (0x2)
"VSSERV"=2 (0x2)
"scan"=3 (0x3)
"LIVESRV"=2 (0x2)
"SamSs"=2 (0x2)
"PSIMSVC"=2 (0x2)
"PAVSRV"=2 (0x2)
"PAVFNSVR"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\ICQLite\\ICQLite.exe"=
"C:\\Documents and Settings\\admin\\Desktop\\Nitro\\nitro.exe"=
"C:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"C:\\WINDOWS\\system32\\msdnc0.exe"=
"C:\\Program Files\\Opera\\Opera.exe"=
"C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"=
"C:\\Program Files\\ImagingShop\\Agent.exe"=
"C:\\Program Files\\ImagingShop\\ImagingShop.exe"=
"C:\\Program Files\\Valve\\hl.exe"=
"C:\\Program Files\\LowRateVoip\\LowRateVoip.exe"=
"C:\\Games\\Paintball2\\paintball2.exe"=
"C:\\Program Files\\Xfire\\ua_lsp_inst.exe"=
"C:\\Program Files\\EA GAMES\\Medal of Honor Pacific Assault(tm)\\mohpa.exe"=
"C:\\Documents and Settings\\admin\\My Documents\\EA Games\\Medal of Honor Pacific Assault(tm)\\mohpa.exe"=
"D:\\Hry\\mohpa.exe"=
"C:\\Program Files\\BitComet\\BitComet.exe"=
"C:\\Program Files\\Counter-Strike Source\\hl2.exe"=
"C:\\Program Files\\Counter-Strike Source\\srcds.exe"=
"C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
"D:\\Dokumenty\\SRS - Street Racing Syndicate\\Bin\\SRS.exe"=
"D:\\Hry\\Live_For_Speed\\LFS.exe"=
"D:\\Hry\\Counter-Strike Source\\hl2.exe"=
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Juiced\\Juiced.exe"=
"C:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"D:\\Dokumenty\\BearShare.exe"=
"D:\\Hry\\hl.exe"=
"D:\\Dokumenty\\Hry\\CSS\\Counter-Strike Source\\hl2.exe"=
"C:\\Program Files\\BearShare applications\\BearShare\\BearShare.exe"=
"D:\\Dokumenty\\Spontania Video Collaboration\\dialcomwcs.exe"=
"D:\\Dokumenty\\Spontania Video Collaboration\\SpontaniaVideoCollaboration.exe"=
"C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"D:\\Dokumenty\\fifa\\fifa07.exe"=
"D:\\Dokumenty\\TmNationsForever\\TmForever.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"D:\\Dokumenty\\NHL 2008\\nhl2008.exe"=
"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"22556:TCP"= 22556:TCP:BitComet 22556 TCP
"22556:UDP"= 22556:UDP:BitComet 22556 UDP

R0 ps7aqr2b;UAZ-2 Synchronization Driver (ps7aqr2b);C:\WINDOWS\system32\drivers\ps7aqr2b.sys [2008-02-15 09:48]
R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2008-05-26 11:43]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-06-13 21:10]
R1 SpyEmrg;Spy Emergency Driver;C:\WINDOWS\system32\Drivers\spyemrg.sys [2008-02-05 12:10]
R2 713xTVCard;SAA7135 TV Card;C:\WINDOWS\system32\DRIVERS\SAA713x.sys [2006-05-20 22:00]
R2 AntiVirScheduler;Avira AntiVir Personal – Free Antivirus Scheduler;"C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe" [2008-03-07 12:00]
R2 WDMTVTuner;Universal WDM TV Tuner;C:\WINDOWS\system32\drivers\WDMTuner.sys [2006-05-20 22:00]
R3 PSched;QoS Packet Scheduler;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 23:04]
R3 SpyEmrgGuard;Spy Emergency Real-Time Shield Driver;C:\WINDOWS\system32\Drivers\spyemrg_guard.sys [2008-02-05 12:10]
S0 pxark;pxark;C:\WINDOWS\system32\drivers\pxark.sys []
S2 cb47356232;Mi718842t Windows Browser Servce;C:\WINDOWS\System32\svchost.exe [2004-08-04 00:56]
S2 pr2aqr2b;UAZ-2 Drivers Auto Removal (pr2aqr2b);C:\WINDOWS\system32\pr2aqr2b.exe svc []
S2 sb56124232;Wi385170Shell Control Servic;C:\WINDOWS\System32\svchost.exe [2004-08-04 00:56]
S3 s716bus;Sony Ericsson Device 716 driver (WDM);C:\WINDOWS\system32\DRIVERS\s716bus.sys [2007-04-04 12:43]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\s716mdfl.sys [2007-04-04 12:43]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\s716mdm.sys [2007-04-04 12:43]
S3 s716mgmt;Sony Ericsson Device 716 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\s716mgmt.sys [2007-04-04 12:43]
S3 s716nd5;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (NDIS);C:\WINDOWS\system32\DRIVERS\s716nd5.sys [2007-04-04 12:43]
S3 s716obex;Sony Ericsson Device 716 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\s716obex.sys [2007-04-04 12:43]
S3 s716unic;Sony Ericsson Device 716 USB Ethernet Emulation SEMC716 (WDM);C:\WINDOWS\system32\DRIVERS\s716unic.sys [2007-04-04 12:43]
S3 SDClockService;SDClockService;"C:\WINDOWS\system32\SDClockService.exe" [2007-07-26 14:58]
S3 TVICHW32;TVICHW32;C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [2008-06-01 20:05]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
cb47356232
sb56124232

*Newly Created Service* - SP_RSDRV2
*Newly Created Service* - SSMDRV
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-14 15:38:59
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
TV Card Remote Control Device Monitor = C:\WINDOWS\713xRMTMon.exe???????????????T?a??B??m?a?????????????????????????????????x???????????????????????????????????x????????B??????????T?a?x???m?a????????????????|?B??????????????????????????????????????????????????????x???????T?a?h?o?m?a???????????A????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\Dokumenty\Spy Emergency 2008\SpyEmergencySrv.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\713xRMT.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
.
**************************************************************************
.
Completion time: 2008-06-14 16:10:31 - machine was rebooted [admin]
ComboFix-quarantined-files.txt 2008-06-14 14:09:04
ComboFix2.txt 2008-06-14 11:42:32

Pre-Run: 7,960,166,400 bytes free
Post-Run: 8,004,509,696 bytes free

462


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 14.06.2008 16:31 | problem pri instalacii antiviru

zabudol som HJT


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:16:37, on 14.6.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\CF17053.exe
D:\Dokumenty\Spy Emergency 2008\SpyEmergencySrv.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\713xRMTMon.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\713xRMT.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
D:\Dokumenty\DAEMON Tools Lite\daemon.exe
C:\Program Files\honestech\honestech TVR\scheduleTV.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Spyware Terminator\SpywareTerminator.exe
C:\ComboFix\handle.cfexe
C:\ComboFix\sed.cfexe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\admin\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66022
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66022
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
R3 - URLSearchHook: (no name) - {db9d7a78-a76c-4bf2-97c6-258925ee1542} - (no file)
R3 - URLSearchHook: (no name) - {e3aaf71e-b295-4156-ae11-777237a1db3c} - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\713xRMTMon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Application Data\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Dokumenty\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Scheduler for OEM.lnk = C:\Program Files\honestech\honestech TVR\scheduleTV.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout odkaz s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Stáhnout všechna videa s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s použitím BitCometu - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Application Data\LangSoft\WebIE.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Network Manager (PNMSRV) - Unknown owner - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE (file missing)
O23 - Service: UAZ-2 Drivers Auto Removal (pr2aqr2b) (pr2aqr2b) - 1C Multimedia - C:\WINDOWS\system32\pr2aqr2b.exe
O23 - Service: SDClockService - BlueCosmos(kt) - C:\WINDOWS\system32\SDClockService.exe
O23 - Service: Spy Emergency Engine Service (SpyEmrgSrv) - NETGATE Technologies s.r.o. - D:\Dokumenty\Spy Emergency 2008\SpyEmergencySrv.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 14724 bytes


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 14.06.2008 16:37 | problem pri instalacii antiviru

Staci my ako ochrana pc Spyware terminator neriskoval by som s novou instalaciou antiviru ze sa stane to iste.Pc je teraz trochu spomaleni.


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 28.07.07
Príspevky: 3210
Témy: 41 | 41
Bydlisko: Brno
NapísalOffline : 14.06.2008 16:51 | problem pri instalacii antiviru

pouzi Smitfraudfix v nudzovom rezime podla navodu SDFix a vloz sem log


_________________
PC: CPU: Intel i7 5820k @ 4.2 Ghz Cooler: NZXT Kraken x41 MB: ASUS X99-A GPU: ASUS Stryx 970 GTX 4GB RAM: 32 GB Kingston 2133 DDR4 SSD: Kingston Hyperx 240 GB HDD1: Seagate Barracuda 7200.14 3TB HDD2: Seagate Barracuda 7200 1TB PSU: Corsair RM 850 Case: NZXT Phantom 410 white LCD: DELL P2416D @ 75Hz AUDIO: Yamaha RN500 Repro: DALI Zensor 5 Phone: Galaxy S8+
NB: Lenovo Y500
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 14.06.2008 20:17 | problem pri instalacii antiviru

podla navodu som to nainstaloval SDFix a pri restarte sa mi to vobec nezaplo v(nuzovom rezime) a ked to zapnem rucne tak my napise nobol najdeny ziadny subor


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 15.06.2008 18:02 | problem pri instalacii antiviru

teraz mam pocitac po spusteni brutalne spomaleni nacitava sa tak asi 5-7min.pred tym to bolo 2-3min.preco to je tak?


Offline

Užívateľ
Užívateľ
problem pri instalacii antiviru

Registrovaný: 22.07.07
Prihlásený: 06.05.17
Príspevky: 1201
Témy: 47 | 47
Bydlisko: Levice
NapísalOffline : 15.06.2008 18:39 | problem pri instalacii antiviru

PRecisti registre cez tune up utilities ODisntaluj programy ktore nepouzivas defragmentuj disk


_________________
NOTEBOOK | TYP: ASUS EeePC 1215B | CPU: AMD Brazos E-350 | RAM: 4GB | LCD:12 " | SSD: Samsung 840 EVO 250 GB


STOLNÝ PC | MB: GIGABYTE MA770 UD3 rev 2.1 | CASE: CoolerMaster Centurion II Black Edition | CPU: AMD Phenom II 965 BE 3.4 GHz
| CPU Cooler: CoolerMaster Hyper 212+ (AC MX2) | GPU: Gigabyte Nvidia GeForce GTX 660 | RAM: Apacer DDR2 800 Mhz 7 GB | LCD: SAMSUNG SyncMaster 940 BW | HDD1: Seagate 1,5 TB 7200 ot./ min. | HDD2: WD 500GB 7200 ot./ min. | PSU: Seasonic S 12 II 430 W 80 Plus Bronze | Keyboard: Microsoft Wireless Keyboard 2000 | Mouse: GIGABYTE ECO660.
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 15.06.2008 19:11 | problem pri instalacii antiviru

precistil som to a teraz my mizne cela plocha a nic stym neurobim len restart.


Offline

Užívateľ
Užívateľ
problem pri instalacii antiviru

Registrovaný: 03.07.06
Prihlásený: 30.07.17
Príspevky: 1488
Témy: 73 | 73
Bydlisko: Martin
Vek: 27
NapísalOffline : 15.06.2008 21:01 | problem pri instalacii antiviru

Ja viem, ze to je debilna rada, ale prislo by mi efektivnejsie rovno reinstalovat OS, to by bolo rychlejsie... A ten OS co mas uz musi byt poriadne podubany, cize ak by si ho rozchodil, bolo by to silou vole ;c)


_________________
OS: Windows 10 Pro CPU: AMD Phenom II X4 840 MB: ASRock 970 Extreme4 RAM: 2x2 GB DDR3 A-DATA 1600 MHz CL9 + 2x2 GB DDR3 Kingston 1600 MHz CL9 HDD: Intel 335 180 GB SSD & Seagate 2 TB HDD GPU: MSI GTX660 2 GB 2GD5/OC DVD-RW: ASUS 2014L1T SC: ASUS Xonar DG CASE: ASUS TA663 PSU: Seasonic 500W LCD: Samsung 2253LW
Offline

Skúsený užívateľ
Skúsený užívateľ
problem pri instalacii antiviru

Registrovaný: 27.12.07
Prihlásený: 17.02.16
Príspevky: 5460
Témy: 0 | 0
Bydlisko: Opičí ostro...
NapísalOffline : 15.06.2008 21:26 | problem pri instalacii antiviru

Neviem čo tu riešite výrusy, keď mu prdla elektrina (elektrický výrus :lol: )a určite má niečo s diskom (poškodené dáta). Treba skúsiť CHKDSK /F , či nevyhodí nejaké chyby. Pomalosť systému môže spôsobovať poškodený ovládač grafiky (miznutie plochy) asi najrozumnejšie je komplet reinstall.


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 16.06.2008 11:22 | problem pri instalacii antiviru

Co si myslel tym treba skusit CHKDSK/F co to je? kde to spustim? K tomu reinstall to by som uz davno urobil ale ked som ho mal pred viac ako rokom v servise tak my tam nainstalovali OS ale nie moj ale ich uz som tam volal ale uz ten disk nemaju. :( :cry: nerad by som sratil tie data co mam v pc.Ale mam nainstalovani aj moj OS nedalo by sa tam dostat tie subory z 1 do 2 OS?


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 15.10.07
Prihlásený: 22.08.17
Príspevky: 583
Témy: 46 | 46
Bydlisko: Borsky Mikulas
NapísalOffline : 16.06.2008 11:33 | problem pri instalacii antiviru

pedro23 píše:
Co si myslel tym treba skusit CHKDSK/F co to je? kde to spustim?


start - spustit - napises prikaz "chkdsk c: /R" , stlacis enter
potom restart
alebo v konzole pro zotaveni pri nabootovani z instalacneho cd winxp


Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 16.06.2008 13:17 | problem pri instalacii antiviru

Spustil som to ale plocha my stale zmizne po nacitani pc a nespravim nic iba restart.Teraz som iba v nuzovom rezime.Mna asi porazi s toho pc 1 rok sa my nic neposralo a teraz vsetko naraz.


Offline

Užívateľ
Užívateľ
problem pri instalacii antiviru

Registrovaný: 14.04.08
Prihlásený: 04.06.16
Príspevky: 704
Témy: 42 | 42
Bydlisko: Bratislava
Vek: 24
NapísalOffline : 16.06.2008 14:04 | problem pri instalacii antiviru

Pri tej instalaci a pade prudu sa zjavne poskodil disk, mozno aj nieco ine, ak mas stastie, tak len windows. Ak windows, tak naformatuj disk, pripadne si este predtym zalohuj data, a daj tam nanovo windows. Ak sa pokaslal disk, tak chod do zarucneho servisu, ak je to mozne, a ak nie, tak si ho sam vymen a daj tam nanovo win, pripadne ho daj do servisu alebo poziadaj o pomoc kamosa, ak si si nie isty tym, co robis. Ak je nieco prakticky nemozne, urcite to je zrestaurovanie padnuteho windowsu.


_________________
pc: MB: MSI K9N SLi (chipset nvidia nforce 570 SLi), CPU: amd athlon X2 5600+ 2.8 Ghz Windsor chladeny ac freezer 64 pro, ram:2 GB 800Mhz DDR2 A-DATA Vitesta Extreme Edition (2x1GB), grafika: Sapphire Radeon HD 3870 512MB, HDD:Hitachi deskstar SATA2 7200 rpm 500.1GB, PSU: 450W Eurocase
Offline

Užívateľ
Užívateľ
Obrázok užívateľa

Registrovaný: 14.06.08
Prihlásený: 16.06.08
Príspevky: 15
Témy: 1 | 1
Napísal autor témyOffline : 16.06.2008 14:20 | problem pri instalacii antiviru

Ale ja nemam instalacne cd mne to instalovaly v servise a tou zalohou si ako myslel ma 160GB hardisk a je takmer plny-to si mam vsetko napalit na DVD?


 [ Príspevkov: 26 ] 


problem pri instalacii antiviru



Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy.

chyba pri instalovani akeho kolevk antiviru

v Antivíry a antispywary

2

398

25.07.2011 19:01

Rot13

V tomto fóre nie sú ďalšie neprečítané témy.

Problem pri instalacii

v Operačné systémy Microsoft

12

395

04.12.2007 22:49

johnny7

V tomto fóre nie sú ďalšie neprečítané témy.

Problem pri instalacii

v Operačné systémy Microsoft

2

211

27.10.2009 1:49

deCode666

V tomto fóre nie sú ďalšie neprečítané témy.

Problem pri instalacii

v Operačné systémy Unix a Linux

0

76

29.11.2012 17:50

Custodio

V tomto fóre nie sú ďalšie neprečítané témy.

Problem pri instalacii

v Ostatné grafické karty

7

950

21.02.2009 21:09

Atrix24

V tomto fóre nie sú ďalšie neprečítané témy.

Problem pri instalacii

v ATI/AMD grafické karty

1

111

20.02.2015 11:47

void

V tomto fóre nie sú ďalšie neprečítané témy.

Problem pri inštalacii

v Ostatné programy

1

720

06.07.2008 13:02

shiro

V tomto fóre nie sú ďalšie neprečítané témy.

Problém pri inštalácii

v Operačné systémy Microsoft

5

272

23.07.2009 10:32

f4r0

V tomto fóre nie sú ďalšie neprečítané témy.

Problem pri instalacii

v Pevné disky a radiče

1

328

28.11.2007 22:47

Jaro

V tomto fóre nie sú ďalšie neprečítané témy.

Problem pri instalacii

v Operačné systémy Microsoft

1

295

25.12.2009 11:17

shiro

V tomto fóre nie sú ďalšie neprečítané témy.

IRQL_NOT_LESS_OR_EQUAL Problém pri inštalácii

v Operačné systémy Microsoft

2

483

01.12.2010 6:47

Devqr

V tomto fóre nie sú ďalšie neprečítané témy.

Photoshop - problem pri inštalácii

v Grafické programy

1

308

11.11.2010 19:30

_zero

V tomto fóre nie sú ďalšie neprečítané témy.

Problém pri inštalácii OS

v Operačné systémy Microsoft

9

137

03.07.2013 23:12

brmbo

V tomto fóre nie sú ďalšie neprečítané témy.

problem pri instalacii XP

v Operačné systémy Microsoft

3

128

11.12.2012 15:38

marek09041

V tomto fóre nie sú ďalšie neprečítané témy.

problem pri instalacii WinXP

v Operačné systémy Microsoft

6

237

23.03.2008 12:22

honda

V tomto fóre nie sú ďalšie neprečítané témy.

Problem pri instalacii Windowsu

v Operačné systémy Microsoft

3

102

28.10.2016 13:28

shiro



© 2005 - 2017 PCforum, edited by JanoF