xpetrix Odesláno 16. září 2012 Autor Odesláno 16. září 2012 Takze v prvom rade sa chcem vsetkym podakovat za zaujem a cas,ochotu pomoct/poradit.Vysvetlim,co sa mi podarilo.Mozno neodborne/salamunsky,ale mam len zdravotnicke vzdelanie.Ucim sa sam na vlastnych chybach.Ako prve som vybral HDD z NTB a napojil cez USB adapter na NTB deti.Z instalacneho CD WIN som prekopiroval winlogon.exe na moj HDD tam,kde patri.No po starte WIN ziadny uspech.Druhy pokus,na mojom HDD cez ten USB adapter som nasiel winlogon.exe v adresari na C:Combofix s oznacenim winlogon.exeND,kory som premenoval na winlogon.exe a nakopiroval som ho na moj HDD,kde patri.No zase ziadny uspech.A treti uspesny pokus,nasiel som na mojom HDD v novom adresari na C:Qoobox winlogon.exe.vir.Ten som premenoval na winlogon.exe a nakopiroval ho tam,kde patri.Vsetko bezi,windows je podstatne zivsi,rychly start,rychlo sa vypina a hlavne,svchost.exe je ticho.Odisla ma iba jedna utilitka,ale uz je opravena.Dam este pre istotu sken Avastom. Citovat
Marcel00 Odesláno 16. září 2012 Odesláno 16. září 2012 kde ine antiviraky koncia tam nastupuje combofix aby docistil nenajdene... tak je dobry ten combofix;) Citovat
xpetrix Odesláno 16. září 2012 Autor Odesláno 16. září 2012 ComboFix 12-09-15.02 - petrix 16.09.2012 13:02:42.1.1 - x86 Systém Microsoft Windows XP Professional 5.1.2600.2.1250.421.1033.18.1919.1293 [GMT 2:00] Running from: c:\\documents and settings\\petrix\\Desktop\\ComboFix.exe AV: avast! Internet Security *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: AVG Internet Security 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66} FW: AVG Internet Security 2012 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\\documents and settings\\All Users\\Application Data\\TEMP c:\\documents and settings\\All Users\\Application Data\\TEMP\\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\\PostBuild.exe c:\\documents and settings\\All Users\\Application Data\\TEMP\\0B4227B4.TMP c:\\documents and settings\\petrix\\Application Data\\ACD Systems\\ACDSee\\ImageDB.ddf c:\\documents and settings\\petrix\\Application Data\\dach100.dll c:\\documents and settings\\petrix\\WINDOWS c:\\program files\\Atomic Alarm Clock\\AtomicAlarmClock.exe c:\\windows\\56360.exe c:\\windows\\system32\\Cache c:\\windows\\system32\\Cache\\06761685be372bbb.fb c:\\windows\\system32\\Cache\\110142febdb8c2ad.fb c:\\windows\\system32\\Cache\\272512937d9e61a4.fb c:\\windows\\system32\\Cache\\287204568329e189.fb c:\\windows\\system32\\Cache\\28bc8f716fd76a47.fb c:\\windows\\system32\\Cache\\2c53092c95605355.fb c:\\windows\\system32\\Cache\\31a0997e9a5b5eb3.fb c:\\windows\\system32\\Cache\\32c84fe32bb74d60.fb c:\\windows\\system32\\Cache\\3917078cb68ec657.fb c:\\windows\\system32\\Cache\\590ba23ce359fd0c.fb c:\\windows\\system32\\Cache\\5bced770eb2f9bd8.fb c:\\windows\\system32\\Cache\\610289e025a3ee9a.fb c:\\windows\\system32\\Cache\\651c5d3cdbfb8bd1.fb c:\\windows\\system32\\Cache\\6c59ac5e7e7a3ad0.fb c:\\windows\\system32\\Cache\\6d03dad1035885d3.fb c:\\windows\\system32\\Cache\\70f8c8e840479e22.fb c:\\windows\\system32\\Cache\\8dc12d7cd2d66988.fb c:\\windows\\system32\\Cache\\8f58f5b71dbf07eb.fb c:\\windows\\system32\\Cache\\a8556537add6dfc5.fb c:\\windows\\system32\\Cache\\ad10a52aff5e038d.fb c:\\windows\\system32\\Cache\\c1fa887b03019701.fb c:\\windows\\system32\\Cache\\c4d28dca2e7648be.fb c:\\windows\\system32\\Cache\\cc36acea50fcbbdc.fb c:\\windows\\system32\\Cache\\d201ef9910cd39de.fb c:\\windows\\system32\\Cache\\d2e94710a5708128.fb c:\\windows\\system32\\Cache\\d79b9dfe81484ec4.fb c:\\windows\\system32\\Cache\\e0de16f883bea794.fb c:\\windows\\system32\\Cache\\e5321a98ecbece18.fb c:\\windows\\system32\\Cache\\e8f41e1b1c2ade89.fb c:\\windows\\system32\\Cache\\f998975c9cc711ee.fb c:\\windows\\system32\\MUI\\041b\\tourstart.exe c:\\windows\\system32\\URTTemp c:\\windows\\system32\\URTTemp\\regtlib.exe c:\\windows\\XSxS D:\\RealPlayer.exe . Infected copy of c:\\windows\\system32\\winlogon.exe was found and disinfected Restored copy from - c:\\windows\\system32\\winlogon.bak . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\\Legacy_AFPANSI -------\\Legacy_SSHNAS -------\\Service_AFPAnsi -------\\Service_SSHNAS . . ((((((((((((((((((((((((( Files Created from 2012-08-16 to 2012-09-16 ))))))))))))))))))))))))))))))) . . 2012-09-16 00:24 . 2012-09-16 00:24 -------- d-----w- c:\\documents and settings\\petrix\\Application Data\\Blitware 2012-09-15 22:51 . 2012-08-21 09:13 21256 ----a-w- c:\\windows\\system32\\drivers\\aswFsBlk.sys 2012-09-15 22:51 . 2012-08-21 09:13 355632 ----a-w- c:\\windows\\system32\\drivers\\aswSP.sys 2012-09-15 22:50 . 2012-08-21 09:13 113776 ----a-w- c:\\windows\\system32\\drivers\\aswFW.sys 2012-09-15 22:50 . 2012-08-21 09:13 202928 ----a-w- c:\\windows\\system32\\drivers\\aswNdis2.sys 2012-09-15 22:50 . 2012-08-21 09:13 35928 ----a-w- c:\\windows\\system32\\drivers\\aswRdr.sys 2012-09-15 22:50 . 2012-08-21 09:13 54232 ----a-w- c:\\windows\\system32\\drivers\\aswTdi.sys 2012-09-15 22:50 . 2012-08-21 09:13 18544 ----a-w- c:\\windows\\system32\\drivers\\aswKbd.sys 2012-09-15 22:50 . 2012-08-21 09:13 729752 ----a-w- c:\\windows\\system32\\drivers\\aswSnx.sys 2012-09-15 22:50 . 2012-08-21 09:13 97608 ----a-w- c:\\windows\\system32\\drivers\\aswmon2.sys 2012-09-15 22:50 . 2012-08-21 09:13 89624 ----a-w- c:\\windows\\system32\\drivers\\aswmon.sys 2012-09-15 22:49 . 2012-08-21 09:13 25256 ----a-w- c:\\windows\\system32\\drivers\\aavmker4.sys 2012-09-15 22:46 . 2012-06-27 20:33 12112 ----a-w- c:\\windows\\system32\\drivers\\aswNdis.sys 2012-09-15 22:46 . 2012-08-21 09:12 41224 ----a-w- c:\\windows\\avastSS.scr 2012-09-15 22:46 . 2012-08-21 09:12 227648 ----a-w- c:\\windows\\system32\\aswBoot.exe 2012-09-15 22:44 . 2012-09-15 22:44 -------- d-----w- c:\\program files\\AVAST Software 2012-09-15 22:44 . 2012-09-15 22:44 -------- d-----w- c:\\documents and settings\\All Users\\Application Data\\AVAST Software 2012-09-15 21:26 . 2012-09-15 21:26 317 ----a-w- C:\\user.js 2012-09-15 21:25 . 2012-09-15 21:25 -------- d-----w- c:\\documents and settings\\petrix\\Application Data\\Babylon 2012-09-15 21:25 . 2012-09-15 21:25 -------- d-----w- c:\\documents and settings\\All Users\\Application Data\\Babylon 2012-09-13 18:15 . 2012-09-13 19:39 -------- d-----w- c:\\program files\\Epson Software 2012-09-13 18:11 . 2009-10-15 22:00 132560 ----a-w- c:\\windows\\system32\\esdevapp.exe 2012-09-13 18:11 . 2009-10-15 22:00 12800 ----a-w- c:\\windows\\system32\\escdev.dll 2012-09-13 18:11 . 2009-09-16 22:00 342016 ----a-w- c:\\windows\\system32\\eswiaud.dll 2012-09-13 17:53 . 2012-09-13 17:53 -------- d-----w- c:\\documents and settings\\petrix\\Application Data\\InstallShield 2012-09-13 16:45 . 2012-09-13 16:48 -------- d-----w- c:\\documents and settings\\All Users\\Application Data\\188F1432-103A-4ffb-80F1-36B633C5C9E1 2012-09-11 14:36 . 2012-09-11 14:36 -------- d-----w- c:\\documents and settings\\Administrator\\Application Data\\DAEMON Tools Pro 2012-09-07 17:38 . 2012-09-07 17:41 -------- d-----w- c:\\documents and settings\\All Users\\Application Data\\AVG 2012-09-07 17:37 . 2012-09-07 17:37 -------- d-sh--w- c:\\documents and settings\\All Users\\Application Data\\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} 2012-08-30 15:59 . 2004-08-03 20:58 15104 ----a-w- c:\\windows\\system32\\drivers\\SET12.tmp 2012-08-30 15:42 . 2012-09-13 19:14 -------- d-----w- c:\\documents and settings\\petrix\\Application Data\\Epson 2012-08-30 15:03 . 2012-08-30 15:03 -------- d-----w- c:\\program files\\Common Files\\EPSON 2012-08-30 15:02 . 2012-08-30 15:23 8192 ----a-w- c:\\windows\\system32\\E_DCINST.DLL 2012-08-30 15:02 . 2012-08-30 15:23 63488 ----a-w- c:\\windows\\system32\\E_FD4BGDE.DLL 2012-08-30 15:02 . 2008-11-12 03:00 93696 ----a-w- c:\\windows\\system32\\E_FLBGDE.DLL 2012-08-30 14:59 . 2012-09-13 19:40 -------- d-----w- c:\\documents and settings\\All Users\\Application Data\\UDL 2012-08-30 14:50 . 2012-08-30 14:50 -------- d-----w- c:\\documents and settings\\petrix\\Local Settings\\Application Data\\ABBYY 2012-08-30 14:42 . 2012-09-13 18:14 -------- d-----w- c:\\program files\\ABBYY FineReader 9.0 Sprint 2012-08-30 14:42 . 2012-08-30 14:42 -------- d-----w- c:\\program files\\Common Files\\ABBYY 2012-08-30 14:42 . 2012-08-30 14:42 -------- d-----w- c:\\documents and settings\\All Users\\Application Data\\ABBYY 2012-08-30 14:37 . 2012-09-13 19:41 -------- d-----w- c:\\documents and settings\\All Users\\Application Data\\EPSON 2012-08-30 14:36 . 2012-09-13 18:11 -------- d-----w- c:\\program files\\epson 2012-08-23 14:54 . 2012-08-23 14:54 -------- d-----w- c:\\program files\\Magic Memory Optimizer . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-16 17:56 . 2012-09-16 17:56 64512 ---ha-w- c:\\documents and settings\\petrix\\Application Data\\dach100.dll 2012-08-22 17:08 . 2012-03-30 14:00 696520 -c--a-w- c:\\windows\\system32\\FlashPlayerApp.exe 2012-08-22 17:08 . 2011-05-13 14:18 73416 -c--a-w- c:\\windows\\system32\\FlashPlayerCPLApp.cpl 2012-08-21 11:01 . 2010-07-28 15:45 106928 ----a-w- c:\\windows\\system32\\GEARAspi.dll 2012-08-21 11:01 . 2009-01-06 09:05 26840 ----a-w- c:\\windows\\system32\\drivers\\GEARAspiWDM.sys 2012-08-15 14:43 . 2012-08-15 14:43 9826504 ----a-w- c:\\windows\\system32\\FlashPlayerInstaller.exe 2012-08-15 14:12 . 2012-04-28 15:31 143872 ----a-w- c:\\windows\\system32\\javacpl.cpl 2012-08-15 14:12 . 2011-12-14 17:09 821736 -c--a-w- c:\\windows\\system32\\npdeployJava1.dll 2012-08-15 14:12 . 2010-04-17 13:28 746984 -c--a-w- c:\\windows\\system32\\deployJava1.dll 2012-08-09 14:08 . 2010-04-05 16:20 91376 ----a-w- c:\\windows\\system32\\bcmwlcoi.dll 2012-08-09 14:08 . 2010-04-05 16:20 3551232 ----a-w- c:\\windows\\system32\\bcmihvui.dll 2012-08-09 14:08 . 2010-04-05 16:20 2494968 ----a-w- c:\\windows\\system32\\drivers\\BCMWL6.SYS 2012-08-09 14:08 . 2010-04-05 16:20 3862528 ----a-w- c:\\windows\\system32\\bcmihvsrv.dll 2012-08-07 20:35 . 2008-05-02 15:47 46592 ----a-w- c:\\windows\\system32\\drivers\\risdptsk.sys 2012-08-07 19:51 . 2008-05-02 15:47 90112 ----a-w- c:\\windows\\system32\\snymsico.dll 2012-08-07 19:51 . 2008-05-02 15:47 43008 ----a-w- c:\\windows\\system32\\drivers\\rimsptsk.sys 2012-08-07 18:42 . 2012-08-07 18:42 516096 ----a-w- c:\\windows\\system32\\sm56co85.dll 2012-08-07 18:42 . 2008-05-02 15:28 1095936 ----a-w- c:\\windows\\system32\\drivers\\smserial.sys 2012-08-07 16:58 . 2006-02-02 21:16 168936 ----a-w- c:\\windows\\system32\\drivers\\tosrfbd.sys 2012-08-07 16:57 . 2006-02-08 15:33 79872 ----a-w- c:\\windows\\system32\\drivers\\Tosrfhid.sys 2012-08-07 16:54 . 2005-08-01 14:45 69480 ----a-w- c:\\windows\\system32\\drivers\\tosrfcom.sys 2012-08-07 15:17 . 2010-12-29 20:20 1461992 ----a-w- c:\\windows\\system32\\WdfCoInstaller01009.dll 2012-08-07 15:17 . 2012-08-07 15:17 122128 ----a-w- c:\\windows\\system32\\SynTPCo9.dll 2012-08-07 15:17 . 2010-04-01 19:34 311696 ----a-w- c:\\windows\\system32\\drivers\\SynTP.sys 2012-08-07 15:17 . 2010-04-01 19:34 175376 ----a-w- c:\\windows\\system32\\SynTPAPI.dll 2012-08-07 15:17 . 2010-04-01 19:34 224528 ----a-w- c:\\windows\\system32\\SynCtrl.dll 2012-08-07 15:17 . 2010-04-01 19:34 183568 ----a-w- c:\\windows\\system32\\SynCOM.dll 2012-08-07 15:13 . 2010-04-11 12:25 16400 -c--a-w- c:\\windows\\system32\\drivers\\LNonPnP.sys 2012-08-07 15:12 . 2010-03-29 18:57 38864 ----a-w- c:\\windows\\system32\\drivers\\LHidFilt.Sys 2012-08-07 15:12 . 2010-03-29 18:57 37328 ----a-w- c:\\windows\\system32\\drivers\\LMouFilt.Sys 2012-08-07 15:12 . 2009-11-10 11:55 53328 ----a-w- c:\\windows\\system32\\LMouFiltCoInst.dll 2012-08-07 15:12 . 2009-11-10 11:55 1581136 ----a-w- c:\\windows\\system32\\LkmdfCoInst.dll 2012-08-07 15:12 . 2012-08-07 15:12 20304 ----a-w- c:\\windows\\system32\\drivers\\L8042Kbd.sys 2012-08-06 16:59 . 2006-07-11 17:35 348160 ----a-w- c:\\windows\\system32\\msvcr71.dll 2012-07-20 14:21 . 2008-12-07 09:58 477240 -c--a-w- c:\\windows\\system32\\drivers\\sptd.sys 2012-06-27 13:18 . 2012-08-16 19:58 19072 ----a-w- c:\\windows\\system32\\drivers\\pccsmcfd.sys 2007-05-11 12:25 . 2007-05-11 12:25 1404928 -c--a-w- c:\\program files\\TrueBlur.8BF 2007-05-11 12:25 . 2007-05-11 12:25 1449984 -c--a-w- c:\\program files\\FocusFixer Win.8BF 2007-05-11 12:24 . 2007-05-11 12:24 1196032 -c--a-w- c:\\program files\\ShadowFixer Win.8BF 2007-05-11 12:24 . 2007-05-11 12:24 1245184 -c--a-w- c:\\program files\\NoiseFixer Win.8BF 2012-09-07 13:51 . 2012-09-07 13:50 266720 ----a-w- c:\\program files\\mozilla firefox\\components\\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren\'t necessarily malware. . [-] 2008-05-02 . 6E8CA4FCB30282F216F5DB9DD58A5F81 . 502272 . . [5.1.2600.2180] . . c:\\windows\\system32\\winlogon.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\00avast] @=\"{472083B0-C522-11CF-8763-00608CC02F24}\" [HKEY_CLASSES_ROOT\\CLSID\\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-08-21 09:12 121528 ----a-w- c:\\program files\\AVAST Software\\Avast\\ashShell.dll . [HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\explorer\\shelliconoverlayidentifiers\\NBHShellExt] @=\"{8D2223A2-B3C6-4e32-B096-CDD11F628C60}\" [HKEY_CLASSES_ROOT\\CLSID\\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}] 2008-06-10 10:29 97064 ----a-w- c:\\program files\\Nero\\Nero8\\InCD\\NBHShx.dll . [HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] \"H/PC Connection Agent\"=\"c:\\program files\\Microsoft ActiveSync\\wcescomm.exe\" [2006-11-13 1289000] \"Sidebar\"=\"c:\\program files\\Windows Sidebar\\sidebar.exe\" [2007-07-28 1230848] \"DU Meter\"=\"c:\\program files\\DU Meter\\DUMeter.exe\" [2009-03-13 1216931] \"WinEjectAutoStart1\"=\"c:\\program files\\WinEject\\WinEject.exe\" [2001-05-10 95744] \"FileHippo.com\"=\"c:\\program files\\filehippo.com\\UpdateChecker.exe\" [2012-03-26 306688] \"IncrediMail\"=\"c:\\program files\\IncrediMail\\bin\\IncMail.exe\" [2009-03-31 251264] \"DAEMON Tools Pro Agent\"=\"c:\\program files\\DAEMON Tools Pro\\DTAgent.exe\" [2012-04-26 3111744] \"NokiaSuite.exe\"=\"c:\\program files\\Nokia\\Nokia Suite\\NokiaSuite.exe\" [2012-08-03 1086376] \"Skype\"=\"c:\\program files\\Skype\\Phone\\Skype.exe\" [2008-11-07 21633320] \"Magic Memory Optimizer\"=\"c:\\program files\\Magic Memory Optimizer\\MagicMemoryOptimizer.exe\" [2009-04-13 3705344] . [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run] \"NokiaMServer\"=\"c:\\program files\\Common Files\\Nokia\\MPlatform\\NokiaMServer\" [X] \"ehTray\"=\"c:\\windows\\ehome\\ehtray.exe\" [2005-08-05 64512] \"HControl\"=\"c:\\windows\\ATK0100\\HControl.exe\" [2006-02-23 106496] \"ATIPTA\"=\"c:\\program files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\" [2006-03-08 344064] \"RTHDCPL\"=\"RTHDCPL.EXE\" [2006-05-04 16206848] \"Power_Gear\"=\"c:\\program files\\ASUS\\Power4 Gear\\BatteryLife.exe\" [2006-03-14 90112] \"Wireless Console 2\"=\"c:\\program files\\Wireless Console 2\\wcourier.exe\" [2005-10-17 987136] \"OSSelectorReinstall\"=\"c:\\program files\\Common Files\\Acronis\\Acronis Disk Director\\oss_reinstall.exe\" [2007-03-15 2225208] \"InCD\"=\"c:\\program files\\Nero\\Nero8\\InCD\\InCD.exe\" [2008-06-10 1083176] \"NokiaMusic FastStart\"=\"c:\\program files\\Nokia\\Ovi Player\\NokiaOviPlayer.exe\" [2009-11-06 2090272] \"NeroFilterCheck\"=\"c:\\program files\\Common Files\\Nero\\Lib\\NeroCheck.exe\" [2008-06-19 570664] \"ISUSScheduler\"=\"c:\\program files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" [2005-06-10 81920] \"Adobe ARM\"=\"c:\\program files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\" [2012-07-11 919008] \"DivXUpdate\"=\"c:\\program files\\DivX\\DivX Update\\DivXUpdate.exe\" [2011-07-28 1259376] \"Adobe Acrobat Speed Launcher\"=\"c:\\program files\\Adobe\\Acrobat 9.0\\Acrobat\\Acrobat_sl.exe\" [2012-07-31 41944] \"APSDaemon\"=\"c:\\program files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\" [2012-08-27 59280] \"iTunesHelper\"=\"c:\\program files\\iTunes\\iTunesHelper.exe\" [2012-09-09 421776] \"ISUSPM Startup\"=\"c:\\program files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" [2005-06-10 249856] \"QuickTime Task\"=\"c:\\program files\\QuickTime\\QTTask.exe\" [2012-04-18 421888] \"TkBellExe\"=\"c:\\program files\\Real\\RealPlayer\\update\\realsched.exe\" [2012-08-06 296096] \"SynTPEnh\"=\"c:\\program files\\Synaptics\\SynTP\\SynTPEnh.exe\" [2012-08-07 2325776] \"SMSERIAL\"=\"c:\\program files\\Motorola\\SMSERIAL\\sm56hlpr.exe\" [2012-08-07 1458176] \"EEventManager\"=\"c:\\program files\\Epson Software\\Event Manager\\EEventManager.exe\" [2009-12-03 976320] \"avast\"=\"c:\\program files\\AVAST Software\\Avast\\avastUI.exe\" [2012-08-21 4282728] . [HKEY_USERS\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Run] \"CTFMON.EXE\"=\"c:\\windows\\system32\\CTFMON.EXE\" [2004-08-04 15360] \"DWQueuedReporting\"=\"c:\\progra~1\\COMMON~1\\MICROS~1\\DW\\dwtrig20.exe\" [2007-02-26 437160] . c:\\documents and settings\\petrix\\Start Menu\\Programs\\Startup\\ AntiCrash.lnk - c:\\program files\\Dachshund Software\\AntiCrash\\AntiCrash.exe [2002-12-17 2301798] . c:\\documents and settings\\All Users\\Start Menu\\Programs\\Startup\\ Bluetooth Manager.lnk - c:\\program files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtMng1.exe [2005-6-16 49152] Hodinky.lnk - c:\\program files\\Čas & Budík\\Čas & Budík.exe [2008-5-2 1785344] . [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\AVG Anti-Spyware Driver] @=\"\" . [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\AVG Anti-Spyware Guard] @=\"\" . [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\Wdf01000.sys] @=\"Driver\" . [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\WdfLoadGroup] @=\"\" . [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\WinDefend] @=\"Service\" . [HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\WudfSvc] @=\"Service\" . [HKEY_CURRENT_USER\\software\\microsoft\\windows\\currentversion\\run-] \"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}\"=\"c:\\program files\\Common Files\\Nero\\Lib\\NMIndexStoreSvr.exe\" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 . [HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\run-] \"SecurDisc\"=c:\\program files\\Nero\\Nero8\\InCD\\NBHGui.exe \"iTunesHelper\"=\"c:\\program files\\iTunes\\iTunesHelper.exe\" \"QuickTime Task\"=\"c:\\program files\\QuickTime\\QTTask.exe\" -atboottime \"AppleSyncNotifier\"=c:\\program files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleSyncNotifier.exe \"NBKeyScan\"=\"c:\\program files\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\" \"ATICustomerCare\"=\"c:\\program files\\ATI\\ATICustomerCare\\ATICustomerCare.exe\" \"ISUSPM Startup\"=\"c:\\program files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup \"NSU_agent\"=\"c:\\program files\\Nokia\\Nokia Software Updater\\nsu3ui_agent.exe\" \"SMSERIAL\"=sm56hlpr.exe \"TkBellExe\"=\"c:\\program files\\Real\\RealPlayer\\update\\realsched.exe\" -osboot \"Acrobat Assistant 8.0\"=\"c:\\program files\\Adobe\\Acrobat 9.0\\Acrobat\\Acrotray.exe\" \"APSDaemon\"=\"c:\\program files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\" \"Nitro PDF Printer Monitor\"=\"c:\\program files\\Nitro PDF\\Professional\\NitroPDFPrinterMonitor.exe\" . [HKEY_LOCAL_MACHINE\\software\\microsoft\\security center] \"AntiVirusOverride\"=dword:00000001 \"FirewallOverride\"=dword:00000001 . [HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile] \"EnableFirewall\"= 0 (0x0) . [HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\AuthorizedApplications\\List] \"%windir%\\\\system32\\\\sessmgr.exe\"= \"c:\\\\Program Files\\\\IncrediMail\\\\bin\\\\IncMail.exe\"= \"c:\\\\Program Files\\\\IncrediMail\\\\bin\\\\ImApp.exe\"= \"c:\\\\Program Files\\\\IncrediMail\\\\bin\\\\ImpCnt.exe\"= \"%windir%\\\\Network Diagnostic\\\\xpnetdiag.exe\"= \"c:\\\\Program Files\\\\IncrediMail\\\\bin\\\\ImLc.exe\"= \"c:\\\\Program Files\\\\Messenger\\\\msmsgs.exe\"= \"c:\\\\Program Files\\\\ICQ\\\\Icq.exe\"= \"c:\\\\Program Files\\\\Magentic\\\\bin\\\\MgImp.exe\"= \"c:\\\\Program Files\\\\Magentic\\\\bin\\\\Magentic.exe\"= \"c:\\\\Program Files\\\\Magentic\\\\bin\\\\MgApp.exe\"= \"c:\\\\WINDOWS\\\\system32\\\\ftp.exe\"= \"c:\\\\Program Files\\\\Windows Live\\\\Messenger\\\\msnmsgr.exe\"= \"c:\\\\Program Files\\\\Bonjour\\\\mDNSResponder.exe\"= \"c:\\\\Program Files\\\\Microsoft ActiveSync\\\\rapimgr.exe\"= \"c:\\\\Program Files\\\\Epson Software\\\\Event Manager\\\\EEventManager.exe\"= \"c:\\\\Program Files\\\\Common Files\\\\Apple\\\\Apple Application Support\\\\WebKit2WebProcess.exe\"= \"c:\\\\Program Files\\\\iTunes\\\\iTunes.exe\"= \"c:\\\\Program Files\\\\Skype\\\\Phone\\\\Skype.exe\"= . [HKLM\\~\\services\\sharedaccess\\parameters\\firewallpolicy\\standardprofile\\GloballyOpenPorts\\List] \"26675:TCP\"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service . R0 aswNdis;avast! Firewall NDIS Filter Service;c:\\windows\\system32\\drivers\\aswNdis.sys [16.9.2012 0:46 12112] R0 aswNdis2;avast! Firewall Core Firewall Service;c:\\windows\\system32\\drivers\\aswNdis2.sys [16.9.2012 0:50 202928] R0 sptd;sptd;\\SystemRoot\\\\SystemRoot\\System32\\Drivers\\sptd.sys --> \\SystemRoot\\\\SystemRoot\\System32\\Drivers\\sptd.sys [?] R1 aswFW;avast! TDI Firewall driver;c:\\windows\\system32\\drivers\\aswFW.sys [16.9.2012 0:50 113776] R1 aswKbd;aswKbd;c:\\windows\\system32\\drivers\\aswKbd.sys [16.9.2012 0:50 18544] R1 aswSnx;aswSnx;c:\\windows\\system32\\drivers\\aswSnx.sys [16.9.2012 0:50 729752] R1 aswSP;aswSP;c:\\windows\\system32\\drivers\\aswSP.sys [16.9.2012 0:51 355632] R1 SBRE;SBRE;c:\\windows\\system32\\drivers\\SBREDrv.sys [31.1.2010 22:41 95024] R1 SuperMounter;SuperMounter;c:\\windows\\system32\\drivers\\supermounter.sys [17.1.2010 22:50 11264] R1 VD_FileDisk;VD_FileDisk;c:\\windows\\system32\\drivers\\vd_filedisk.sys [26.1.2011 19:28 24680] R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\\program files\\Common Files\\ABBYY\\FineReaderSprint\\9.00\\Licensing\\NetworkLicenseServer.exe [14.5.2009 17:07 759048] R2 aswFsBlk;aswFsBlk;c:\\windows\\system32\\drivers\\aswFsBlk.sys [16.9.2012 0:51 21256] R2 avast! Firewall;avast! Firewall;c:\\program files\\AVAST Software\\Avast\\afwServ.exe [16.9.2012 0:46 133912] R2 DUMeterSvc;DU Meter Service;c:\\program files\\DU Meter\\DUMeterSvc.exe [21.9.2010 21:39 552052] R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\\program files\\Common Files\\EPSON\\EPW!3 SSRP\\E_S50ST7.EXE [30.8.2012 17:30 153600] R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\\program files\\Common Files\\EPSON\\EPW!3 SSRP\\E_S50RP7.EXE [30.8.2012 17:30 121856] R2 LBeepKE;LBeepKE;c:\\windows\\system32\\drivers\\LBeepKE.sys [9.4.2010 23:20 10384] R2 NeroRegInCDSrv;Nero Registry InCD Service;c:\\program files\\Nero\\Nero8\\InCD\\NBHRegInCDSrv.exe [10.6.2008 12:29 53032] R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\\program files\\Nitro PDF\\Reader 2\\NitroPDFReaderDriverService2.exe [21.6.2011 18:57 196912] R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\\windows\\system32\\StkCSrv.exe [8.2.2007 2:44 24576] R2 WinDefend;Windows Defender;c:\\program files\\Windows Defender\\MsMpEng.exe [3.11.2006 19:19 13592] R2 WiselinkPro;SAMSUNG WiseLinkPro Service;c:\\program files\\Samsung\\SAMSUNG PC Share Manager\\WiselinkPro.exe [17.2.2010 17:19 3007488] R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\\windows\\system32\\drivers\\StkCMini.sys [13.2.2007 20:41 1245056] S0 Lbd;Lbd;c:\\windows\\system32\\drivers\\Lbd.sys [17.8.2010 18:02 64288] S2 gupdate1c9d01a8c67c3ec;Google Update Service (gupdate1c9d01a8c67c3ec);c:\\program files\\Google\\Update\\GoogleUpdate.exe [8.5.2009 22:20 133104] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\\windows\\system32\\Macromed\\Flash\\FlashPlayerUpdateService.exe [30.3.2012 16:00 250568] S3 DUMeterDrv;Hagel Technologies DU Meter traffic accounting driver;c:\\program files\\DU Meter\\DUM_XP32.sys [21.9.2010 21:39 14992] S3 gupdatem;Služba Google Update (gupdatem);c:\\program files\\Google\\Update\\GoogleUpdate.exe [8.5.2009 22:20 133104] S3 ipswuio;ipswuio;c:\\windows\\system32\\drivers\\ipswuio.sys [2.5.2008 17:55 34944] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\\program files\\Mozilla Maintenance Service\\maintenanceservice.exe [24.4.2012 20:04 114144] S3 SynMini;USB2.0 1.3M WebCam;c:\\windows\\system32\\drivers\\SynMini.sys [2.5.2008 17:49 1056512] S3 SynScan;USB2.0 1.3M WebCam Still Image;c:\\windows\\system32\\drivers\\SynScan.sys [2.5.2008 17:49 8064] . [HKEY_LOCAL_MACHINE\\software\\microsoft\\active setup\\installed components\\{D58F39FF-953E-4F45-898F-59F243B9A523}] 2007-07-28 13:53 1230848 ----a-w- c:\\program files\\Windows Sidebar\\sidebar.exe . Contents of the \'Scheduled Tasks\' folder . 2012-09-16 c:\\windows\\Tasks\\Adobe Flash Player Updater.job - c:\\windows\\system32\\Macromed\\Flash\\FlashPlayerUpdateService.exe [2012-03-30 17:08] . 2012-05-19 c:\\windows\\Tasks\\AppleSoftwareUpdate.job - c:\\program files\\Apple Software Update\\SoftwareUpdate.exe [2011-06-01 15:57] . 2012-09-16 c:\\windows\\Tasks\\avast! Emergency Update.job - c:\\program files\\AVAST Software\\Avast\\AvastEmUpdate.exe [2012-09-15 09:12] . 2012-09-16 c:\\windows\\Tasks\\Driver Fetch.job - c:\\program files\\Driver Fetch\\2.3.0.5\\DriverFetch.exe [2010-04-01 08:51] . 2012-09-16 c:\\windows\\Tasks\\DriverScanner.job - c:\\program files\\Uniblue\\DriverScanner\\dsmonitor.exe [2012-08-07 10:51] . 2012-09-16 c:\\windows\\Tasks\\GoogleUpdateTaskMachineCore.job - c:\\program files\\Google\\Update\\GoogleUpdate.exe [2009-05-08 20:20] . 2012-09-16 c:\\windows\\Tasks\\GoogleUpdateTaskMachineUA.job - c:\\program files\\Google\\Update\\GoogleUpdate.exe [2009-05-08 20:20] . 2012-09-15 c:\\windows\\Tasks\\GoogleUpdateTaskUserS-1-5-21-1715567821-2077806209-839522115-1003Core.job - c:\\documents and settings\\petrix\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe [2012-02-28 16:47] . 2012-09-16 c:\\windows\\Tasks\\GoogleUpdateTaskUserS-1-5-21-1715567821-2077806209-839522115-1003UA.job - c:\\documents and settings\\petrix\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe [2012-02-28 16:47] . 2012-09-16 c:\\windows\\Tasks\\MP Scheduled Scan.job - c:\\program files\\Windows Defender\\MpCmdRun.exe [2006-11-03 17:20] . 2012-09-16 c:\\windows\\Tasks\\RealUpgradeLogonTaskS-1-5-21-1715567821-2077806209-839522115-1003.job - c:\\program files\\Real\\RealUpgrade\\realupgrade.exe [2012-07-27 12:27] . 2012-09-16 c:\\windows\\Tasks\\RealUpgradeScheduledTaskS-1-5-21-1715567821-2077806209-839522115-1003.job - c:\\program files\\Real\\RealUpgrade\\realupgrade.exe [2012-07-27 12:27] . 2012-09-16 c:\\windows\\Tasks\\Scheduled Update for Ask Toolbar.job - c:\\program files\\Ask.com\\UpdateTask.exe [2010-05-26 13:23] . 2012-09-16 c:\\windows\\Tasks\\User_Feed_Synchronization-{60AE1255-C705-48A4-9FDE-EE3A059AC630}.job - c:\\windows\\system32\\msfeedssync.exe [2007-08-13 02:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.babylon.com/?affID=110823&tt=120912_nocpc_3712_6&babsrc=HP_ss&mntrId=c45e947a0000000000000018f3da4a3e uInternet Settings,ProxyServer = 127.0.0.1:8080 uInternet Settings,ProxyOverride = local;*.local IE: &Add animation to IncrediMail Style Box - c:\\program files\\IncrediMail\\bin\\resources\\WebMenuImg.htm IE: E&xportovať do programu Microsoft Excel - c:\\progra~1\\MICROS~2\\OFFICE11\\EXCEL.EXE/3000 IE: Previesť cieľ odkazu do formátu Adobe PDF - c:\\program files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Previesť do Adobe PDF - c:\\program files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEFavClient.dll/AcroIECapture.html IE: Pridať cieľ odkazu do existujúceho súboru PDF - c:\\program files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Pridať do existujúceho súboru PDF - c:\\program files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEFavClient.dll/AcroIEAppend.html IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - d:\\translat\\WebIE.dll IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - d:\\translat\\WebIE.dll IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - d:\\translat\\WebIE.dll IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - d:\\translat\\WebIE.dll IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - d:\\translat\\WebIE.dll FF - ProfilePath - c:\\documents and settings\\petrix\\Application Data\\Mozilla\\Firefox\\Profiles\\tpr2m8ut.default\\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=110823&tt=120912_nocpc_3712_6&babsrc=HP_ss&mntrId=c45e947a0000000000000018f3da4a3e FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=110823&tt=120912_nocpc_3712_6&babsrc=KW_ss&mntrId=c45e947a0000000000000018f3da4a3e&q= FF - prefs.js: network.proxy.ftp - 127.0.0.1 FF - prefs.js: network.proxy.ftp_port - 8080 FF - prefs.js: network.proxy.gopher - 127.0.0.1 FF - prefs.js: network.proxy.gopher_port - 8080 FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 8080 FF - prefs.js: network.proxy.socks - 127.0.0.1 FF - prefs.js: network.proxy.socks_port - 8080 FF - prefs.js: network.proxy.ssl - 127.0.0.1 FF - prefs.js: network.proxy.ssl_port - 8080 FF - prefs.js: network.proxy.type - 4 FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: content.max.tokenizing.time - 1800000 FF - user.js: content.notify.interval - 600000 FF - user.js: content.switch.threshold - 600000 FF - user.js: nglayout.initialpaint.delay - 600 FF - user.js: extensions.BabylonToolbar.autoRvrt - false FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=c45e947a0000000000000018f3da4a3e&q= FF - user.js: extensions.BabylonToolbar.id - c45e947a0000000000000018f3da4a3e FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB} FF - user.js: extensions.BabylonToolbar.instlDay - 15598 FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12 FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1223:26 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110823&tt=120912_nocpc_3712_6 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss . . ------- File Associations ------- . .txt= . - - - - ORPHANS REMOVED - - - - . Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) HKCU-Run-SkinClock - c:\\program files\\Atomic Alarm Clock\\AtomicAlarmClock.exe HKLM-Run-HF_G_Jul - c:\\program files\\AVG Secure Search\\HF_G_Jul.exe SafeBoot-WudfPf SafeBoot-WudfRd HKLM_ActiveSetup-Nitro PDF Professional - //B . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-09-16 19:53 Windows 5.1.2600 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\\System\\ControlSet001\\Services\\DUMeterSvc] \"ImagePath\"=\"c:\\program files\\DU Meter\\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService\" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @=\"FlashBroker\" \"LocalizedString\"=\"@c:\\\\WINDOWS\\\\system32\\\\Macromed\\\\Flash\\\\FlashUtil32_11_4_402_265_ActiveX.exe,-101\" . [HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\\Elevation] \"Enabled\"=dword:00000001 . [HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\\LocalServer32] @=\"c:\\\\WINDOWS\\\\system32\\\\Macromed\\\\Flash\\\\FlashUtil32_11_4_402_265_ActiveX.exe\" . [HKEY_LOCAL_MACHINE\\software\\Classes\\CLSID\\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\\TypeLib] @=\"{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\" . [HKEY_LOCAL_MACHINE\\software\\Classes\\Interface\\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @=\"IFlashBroker5\" . [HKEY_LOCAL_MACHINE\\software\\Classes\\Interface\\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\\ProxyStubClsid32] @=\"{00020424-0000-0000-C000-000000000046}\" . [HKEY_LOCAL_MACHINE\\software\\Classes\\Interface\\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\\TypeLib] @=\"{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\" \"Version\"=\"1.0\" . [HKEY_LOCAL_MACHINE\\software\\Microsoft\\Windows NT\\CurrentVersion\\WPAEvents] @Denied: (Full) (LocalSystem) \"OOBETimer\"=hex:ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > \'winlogon.exe\'(1132) c:\\windows\\system32\\Ati2evxx.dll . - - - - - - - > \'explorer.exe\'(3452) c:\\windows\\system32\\WININET.dll c:\\windows\\system32\\msi.dll c:\\program files\\Nero\\Nero8\\InCD\\NBHShx.dll c:\\windows\\WinSxS\\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\\MSVCR80.dll c:\\program files\\Nero\\Nero8\\InCD\\NBHStr.dll c:\\program files\\Common Files\\Nero\\Shared\\NL3\\AdvrCntr3.dll c:\\windows\\system32\\ieframe.dll c:\\windows\\system32\\webcheck.dll c:\\windows\\system32\\WPDShServiceObj.dll c:\\program files\\Nokia\\Nokia PC Suite 7\\PhoneBrowser.dll c:\\program files\\Nokia\\Nokia PC Suite 7\\NGSCM.DLL c:\\program files\\Nokia\\Nokia PC Suite 7\\Lang\\PhoneBrowser_slk.nlr c:\\program files\\Nokia\\Nokia PC Suite 7\\Resource\\PhoneBrowser_Nokia.ngr c:\\windows\\system32\\PortableDeviceTypes.dll c:\\windows\\system32\\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\\windows\\system32\\Ati2evxx.exe c:\\windows\\system32\\Ati2evxx.exe c:\\program files\\AVAST Software\\Avast\\AvastSvc.exe c:\\program files\\Common Files\\Apple\\Mobile Device Support\\AppleMobileDeviceService.exe c:\\program files\\Bonjour\\mDNSResponder.exe c:\\windows\\eHome\\ehRecvr.exe c:\\windows\\eHome\\ehSched.exe c:\\program files\\Nero\\Nero8\\InCD\\InCDsrv.exe c:\\program files\\Java\\jre6\\bin\\jqs.exe c:\\program files\\Common Files\\Microsoft Shared\\VS7DEBUG\\MDM.EXE c:\\program files\\Nero\\Nero8\\Nero BackItUp\\NBService.exe c:\\windows\\system32\\IoctlSvc.exe c:\\program files\\CyberLink\\Shared files\\RichVideo.exe c:\\program files\\Samsung\\SAMSUNG PC Share Manager\\http_ss_win_pro.exe c:\\windows\\system32\\dllhost.exe c:\\windows\\eHome\\ehmsas.exe c:\\windows\\RTHDCPL.EXE c:\\windows\\ATK0100\\ATKOSD.exe c:\\program files\\Common Files\\Nokia\\MPlatform\\NokiaMServer.exe c:\\program files\\iPod\\bin\\iPodService.exe c:\\progra~1\\MI3AA1~1\\rapimgr.exe c:\\progra~1\\DUMETE~1\\DUMeter.exe c:\\program files\\c:\\program files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtMng.exe c:\\windows\\Integrator.exe c:\\program files\\Toshiba\\Bluetooth Toshiba Stack\\TosA2dp.exe c:\\program files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtHid.exe c:\\program files\\Toshiba\\Bluetooth Toshiba Stack\\TosBtHsp.exe c:\\program files\\IncrediMail\\bin\\ImApp.exe c:\\program files\\Skype\\Plugin Manager\\skypePM.exe c:\\program files\\PC Connectivity Solution\\ServiceLayer.exe c:\\program files\\PC Connectivity Solution\\Transports\\NclUSBSrv.exe c:\\program files\\PC Connectivity Solution\\Transports\\NclToBTSrv.exe c:\\program files\\PC Connectivity Solution\\Transports\\NclMSBTSrv.exe c:\\windows\\system32\\msiexec.exe . ************************************************************************** . Completion time: 2012-09-16 20:08:28 - machine was rebooted ComboFix-quarantined-files.txt 2012-09-16 18:08 . Pre-Run: 3 511 660 544 bytes free Post-Run: 3 798 401 024 voľných bajtov . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\\WINDOWS [operating systems] c:\\cmdcons\\BOOTSECT.DAT=\"Microsoft Windows Recovery Console\" /cmdcons UnsupportedDebug=\"do not select this\" /debug multi(0)disk(0)rdisk(0)partition(1)\\WINDOWS=\"Windows XP Media Center Edition\" /noexecute=optin /fastdetect . - - End Of File - - 8FBA6E51595B30A0B21E4FEEA1C67DA8 Dufam,ze ma moderator alebo admin nezakiluje Citovat
Marcel00 Odesláno 16. září 2012 Odesláno 16. září 2012 zasrane si to mal pekne, kukni other deletions a orphans removed... kazdopadne je to uz jedno, hlavne ze frcis... Citovat
xpetrix Odesláno 16. září 2012 Autor Odesláno 16. září 2012 Tak mne to nic nehovori.Windows bezi asi 4 roky,takze nebolo by odveci format HDD a reinstal.Ale to by som uz skor kupil novy NTB,lebo tento uz bude mat 6 rokov a prestava stacit novej dobe.Som rad,ze sa mam na koho obratit v pripade problemov.Dakujem Citovat
Marcel00 Odesláno 16. září 2012 Odesláno 16. září 2012 ked nechces taketo problemy si daj Linux si vies urobit nahradu poskodenych suborov na linuxe...? lebo problemy moze mat hocijaky os... alebo linux sa nezaviri? Citovat
Y2K Odesláno 16. září 2012 Odesláno 16. září 2012 nie linux sa nezaviri a to hned z viacerych dovodov... pracuje na Unixe, je vyvijani vela ludmi nie jednym zdrojom, nie je zaujimavy pre tvorcov virov,... a nahrada poskodenych suborov je tam hracka, okrem toho k nim moc neprichadza kto vie pracovat z Unixom vie o com hovorim Citovat
Marcel00 Odesláno 16. září 2012 Odesláno 16. září 2012 ok, opytam sa inak... kolko z beznych ludi vie robit na inom OS ako win?lebo si mu to poradil, tak preto sa pytam ako bola cielena odpoved... ja som na unixe, solarise fical 14 rokov...ale linux som neporadil este nikomu... Citovat
Y2K Odesláno 16. září 2012 Odesláno 16. září 2012 to je uz druha vec...myslel som tym ze tam sa mu to moc nestane a uz vobec nie viry a podobne ze s tym nikto robit nevie je tiez dalsia vec aj ked, graficke rozhranie je velmi podobne ze ano Citovat
Marcel00 Odesláno 16. září 2012 Odesláno 16. září 2012 tak vidis... radsej ty len pekne dories turbo Citovat
Y2K Odesláno 16. září 2012 Odesláno 16. září 2012 keby to slo s live CD ako s Linuxom to by mi bolo sveta zit Citovat
Recommended Posts
Zúčastnit se diskuse
Můžete odpovědět a až poté se registrovat If you have an account, sign in now to post with your account.