Dobrý deň. Poprosím o kontrolu. Pokúšam sa defragmentovať disk ale nedarí sa mi to. Skúšal som to tým nástrojom ktorý je vo Win. ale nejde to, stale spraví na disku C okolo 8 % a potom to ukončí ako hotové. Keď som to skušal cez O&O Defrag Professional tak to bolo to isté, ďalšie dve oddiely spravilo OK ale na C napísal málo miesta. Pritom C má 40 GB a z toho je tam voľných 15 MB. Pripájam log z HJT.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:07:14, on 26. 11. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://192.168.25.21/webcamera.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} (WebClient Control) - http://192.168.25.21/WebClient.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 8148 bytes
Prosím o kntrolu-nejde defragmentácia Vyřešeno
-
Brumteles68
- Level 2.5
- Příspěvky: 385
- Registrován: únor 08
- Bydliště: Vranov nad Topľou SR
- Pohlaví:
- Stav:
Offline
Prosím o kntrolu-nejde defragmentácia Vyřešeno
K8N Neo4 Platinum, AMD Athlon64 3000+,RAM 2x256MB+2x1024MB, WDC WD1600JS 160GB, GeForce 6200 TurboCache, Tv WinFast PVR, WiFi Asus 802.11b/g+ruter WL-520GC,Win. XP pro. CZ
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kntrolu-nejde defragmentácia
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O20 - AppInit_DLLs:
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Pokud budou problémy , spusť v nouz. režimu.
Návod
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: (no name) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
O20 - AppInit_DLLs:
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Brumteles68
- Level 2.5
- Příspěvky: 385
- Registrován: únor 08
- Bydliště: Vranov nad Topľou SR
- Pohlaví:
- Stav:
Offline
Re: Prosím o kntrolu-nejde defragmentácia
Posielam ten log.
Malwarebytes' Anti-Malware
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
26. 11. 2011 14:06:58
mbam-log-2011-11-26 (14-06-47).txt
Typ: Rychlá kontrola
Kontrolované objekty: 198974
Uplynulý čas: 3 minut, 3 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 3
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Malwarebytes' Anti-Malware
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
26. 11. 2011 14:06:58
mbam-log-2011-11-26 (14-06-47).txt
Typ: Rychlá kontrola
Kontrolované objekty: 198974
Uplynulý čas: 3 minut, 3 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 3
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
K8N Neo4 Platinum, AMD Athlon64 3000+,RAM 2x256MB+2x1024MB, WDC WD1600JS 160GB, GeForce 6200 TurboCache, Tv WinFast PVR, WiFi Asus 802.11b/g+ruter WL-520GC,Win. XP pro. CZ
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kntrolu-nejde defragmentácia
Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
-
Brumteles68
- Level 2.5
- Příspěvky: 385
- Registrován: únor 08
- Bydliště: Vranov nad Topľou SR
- Pohlaví:
- Stav:
Offline
Re: Prosím o kntrolu-nejde defragmentácia
Posielam log z mbam.
Malwarebytes' Anti-Malware
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
26. 11. 2011 15:50:00
mbam-log-2011-11-26 (15-50-00).txt
Typ: Rychlá kontrola
Kontrolované objekty: 198983
Uplynulý čas: 1 minut, 22 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 3
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Malwarebytes' Anti-Malware
www.malwarebytes.org
Verze databáze:
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
26. 11. 2011 15:50:00
mbam-log-2011-11-26 (15-50-00).txt
Typ: Rychlá kontrola
Kontrolované objekty: 198983
Uplynulý čas: 1 minut, 22 sekund
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 3
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
K8N Neo4 Platinum, AMD Athlon64 3000+,RAM 2x256MB+2x1024MB, WDC WD1600JS 160GB, GeForce 6200 TurboCache, Tv WinFast PVR, WiFi Asus 802.11b/g+ruter WL-520GC,Win. XP pro. CZ
-
Brumteles68
- Level 2.5
- Příspěvky: 385
- Registrován: únor 08
- Bydliště: Vranov nad Topľou SR
- Pohlaví:
- Stav:
Offline
Re: Prosím o kntrolu-nejde defragmentácia
A tu je ten z Combofixu
ComboFix 11-11-26.01 - Brumteles . 11. 2011 16:07:14.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.2047.1539 [GMT 1:00]
Running from: c:\documents and settings\Brumteles\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Sunbelt Personal Firewall *Disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\CSC\d6
c:\windows\Dir
.
.
((((((((((((((((((((((((( Files Created from 2011-10-26 to 2011-11-26 )))))))))))))))))))))))))))))))
.
.
2011-11-26 13:01 . 2011-11-26 13:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-26 13:01 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-26 08:58 . 2011-11-26 08:58 388096 ----a-r- c:\documents and settings\Brumteles\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-26 08:58 . 2011-11-26 08:58 -------- d-----w- c:\program files\Trend Micro
2011-11-26 08:47 . 2011-11-26 08:47 -------- d---a-w- c:\windows\VDLL.DLL
2011-11-26 08:47 . 2011-11-26 08:47 -------- d---a-w- c:\windows\system32\runouce.exe
2011-11-26 08:47 . 2011-11-26 08:47 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-11-26 08:47 . 2011-11-26 08:47 -------- d---a-w- c:\windows\logo_1.exe
2011-11-26 08:42 . 2011-11-26 08:42 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-11-26 08:42 . 2011-11-26 08:42 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-11-26 08:42 . 2011-11-26 08:42 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-11-26 08:42 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\TASKMGR.COM
2011-11-26 08:42 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-11-26 08:42 . 2008-04-14 06:52 147968 ----a-w- c:\windows\REGEDIT.COM
2011-11-26 08:42 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-11-26 08:42 . 2011-11-26 08:42 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-11-26 08:42 . 2011-11-26 08:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2011-11-25 21:13 . 2011-11-25 21:13 -------- d-----w- c:\windows\system32\oodag
2011-11-25 21:02 . 2011-11-25 21:02 -------- d-----w- c:\program files\OO Software
2011-11-25 12:44 . 2011-11-25 12:44 -------- d-----w- c:\documents and settings\Brumteles\Local Settings\Data aplikací\O&O
2011-11-25 12:43 . 2011-11-25 12:43 -------- d-----w- c:\documents and settings\Brumteles\Local Settings\Data aplikací\Downloaded Installations
2011-11-07 12:17 . 2011-11-07 12:17 -------- d-----w- c:\documents and settings\Čerti\Local Settings\Data aplikací\Nokia
2011-11-06 18:53 . 2011-11-06 18:53 -------- d-----w- c:\program files\PC Connectivity Solution
2011-11-06 18:53 . 2011-08-17 12:03 8576 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2011-11-06 18:53 . 2011-08-17 12:03 137472 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2011-11-06 18:53 . 2011-08-17 11:56 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-11-06 18:53 . 2011-08-17 11:56 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-11-06 18:53 . 2011-08-17 11:56 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-11-06 18:53 . 2011-08-17 11:56 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2011-11-06 18:33 . 2011-11-06 18:33 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ
2011-11-06 18:31 . 2011-11-06 18:31 -------- d-----w- c:\documents and settings\Brumteles\Local Settings\Data aplikací\NokiaAccount
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-15 15:39 . 2011-05-20 14:00 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-12 17:15 . 2010-01-29 16:13 270240 -c--a-w- c:\windows\system32\PnkBstrB.xtr
2011-11-12 11:01 . 2010-01-29 16:07 270240 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-11-07 19:52 . 2010-01-29 16:07 138056 -c--a-w- c:\documents and settings\Čerti\Data aplikací\PnkBstrK.sys
2011-11-08 17:42 . 2011-03-23 13:13 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-04-13 . 607C976B22AEB2FCF8A7486BCCA1E3BF . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2010-01-03 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1028096]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Čerti\Nabídka Start\Programy\Po spuštění\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-1-4 3450608]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Brumteles^Nabídka Start^Programy^Po spuštění^Rainmeter.lnk]
path=c:\documents and settings\Brumteles\Nabídka Start\Programy\Po spuštění\Rainmeter.lnk
backup=c:\windows\pss\Rainmeter.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Brumteles^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
path=c:\documents and settings\Brumteles\Nabídka Start\Programy\Po spuštění\Stardock ObjectDock.lnk
backup=c:\windows\pss\Stardock ObjectDock.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
2010-05-04 15:05 311296 ----a-r- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 06:52 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
2009-11-16 07:03 2054360 ----a-w- c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2011-06-29 16:22 2770248 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-04-15 06:57 181816 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2006-07-13 05:12 729088 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2007-01-05 14:36 872448 -c--a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"57501:TCP"= 57501:TCP:Pando Media Booster
"57501:UDP"= 57501:UDP:Pando Media Booster
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 8:03 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [16.11.2009 8:06 96408]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [23.12.2010 21:00 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [16.11.2009 8:04 735960]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [29.6.2011 17:22 2468168]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [18.1.2011 17:33 6609920]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [23.12.2010 21:00 65576]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4.1.2010 12:03 135664]
S2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
S3 cglptnt;cglptnt;c:\program files\totalcmd\CGLPTNT.SYS [19.11.2010 14:49 14424]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [12.10.2010 17:35 239160]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 10:58 11336]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4.1.2010 12:03 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.11.2011 19:53 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.11.2011 19:53 8576]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PAC7311;Phenix-Q8;c:\windows\system32\drivers\PA707UCM.SYS [18.10.2005 11:48 154752]
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 11:03]
.
2011-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 11:03]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://192.168.25.21/webcamera.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.1.1
DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} - hxxp://192.168.25.21/WebClient.cab
FF - ProfilePath - c:\documents and settings\Brumteles\Data aplikací\Mozilla\Firefox\Profiles\k3y88l9d.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.zoznam.sk/
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
MSConfigStartUp-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-26 16:16
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="D309ECEA886B45DCDE90E7A91E220E435305264B916B28EAED1FCC78FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B9808BA7FD869164D6794A9C6AECB7A5D14072216EB3E50417E413E8FB84C04E5B858E80994C346D6B9EAC25CBBA00413B1DFA9409F58A0C49DCFAFD8B2603AFB9586299C4920F7B7BDC7C280861E6FBD3375B07B5E051740987363D31FF8485A28E65AC214BE52D66046F2E330AC1A49B33160F1D06ED2F3D29F1C60089DB70604DCF3307F24E79C06D4A52CE2ED412289AF855FE07358F2B5BFBDECB88976D4423E172AD887AEC419D4D0968C39030B0FFD8D943EA710A22CAE5100402D54F47F54828B30D58262071F8E7160166399A4230F755D50C53DA63F83B3742B87E35CDD9EC1D92F2058417E2020D2C2C8362A1640F9F2E8AB5416B5A434ECDBAAF67E8C734FF1E92BDF3D32679A9F307FA189C1FC2EFA1FD5C7754A2B4205C8B9D58C86B04AD38CA886F56C6BEA4385B66A2A08463335D5BACFBEAAAF34DCB3957A35E527DD9F54842BE654D6B0811B81787DBB3F3D25A23877F0F86EF3D98E85B727B7CC483C318C05948478205FFED70574A5AF1490D18E1D91C8C77D2403B1AE98803BDA5249F21B028D4400A7F0959C0681049304E0E1F326A3C16126EAA6D8413331FBCE74CCCAB9714FABE86978A32EFECBAD4D033B013D0684C712555801DE3C10A7E13E974549275511F390A44DE8C13BE4809C06A0E2E15EE65A871AC7B0F7DD6982E7AF0EC31A36365FC223A4BA63A95275CA1402AD1C3E8D38F6A69FFB39446569E55700BCA9733006135C872A6E93A2C5DB97A6348C3B1D27D11AD08A4612D014E136C5CE27B4AA0647A2A7C2649994D050ABE611028B8A68F476F827D8B77742B55561975C4464C0D6A70A11377D7EBBE04AEA653D8E5F7F75220624204C36F8F325A7B80212B25D71820A28D028476A76553555F0C338B39A64BA543B890003E175C05747B0FAC578AF53200D276B0B31111586C8CFC713DEEB3112424CDA6DF57D299ED05539A77F8E69133AA7FB0B62A5B226E07D516BF34BD33940986108DD59323BB45D7C74D162A09E1E7F1C9D909F8863CAB7AFD23BF4E22A309142E77905025EFCC6E8636CD1A4E6F026843A77EEE6F18A904EA04D4472CA0704BDE8DDE40E3EAA34B46F81E87111DC36811D83E7ED0999BC31F0F5F6E98229DB2C25D3BDA6142EEC2BD4F417DAC883F173C3D8C396E4E5946B25342E85BE712CF6FED63BEA1EF05BAC17E22F043CF7BB4F71CE1E2BC5CD15A75F3BED53EEADA91D9B98EBCE9DCD8E2B7B1669E71FC39B1C2FEDF7C9ED295F2288F32139091F2FB063FBBF9C58133AAD0D91E15527E1BD774575366626C0B82DCD7815EE05FCB956851C"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1084)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(4036)
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-11-26 16:20:57
ComboFix-quarantined-files.txt 2011-11-26 15:20
.
Pre-Run: Volných bajtů: 17 455 747 072
Post-Run: Volných bajtů: 17 974 898 688
.
- - End Of File - - 53941BC6512A08063C46A5117BEE0F2D
ComboFix 11-11-26.01 - Brumteles . 11. 2011 16:07:14.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.2047.1539 [GMT 1:00]
Running from: c:\documents and settings\Brumteles\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Sunbelt Personal Firewall *Disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\CSC\d6
c:\windows\Dir
.
.
((((((((((((((((((((((((( Files Created from 2011-10-26 to 2011-11-26 )))))))))))))))))))))))))))))))
.
.
2011-11-26 13:01 . 2011-11-26 13:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-26 13:01 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-26 08:58 . 2011-11-26 08:58 388096 ----a-r- c:\documents and settings\Brumteles\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-26 08:58 . 2011-11-26 08:58 -------- d-----w- c:\program files\Trend Micro
2011-11-26 08:47 . 2011-11-26 08:47 -------- d---a-w- c:\windows\VDLL.DLL
2011-11-26 08:47 . 2011-11-26 08:47 -------- d---a-w- c:\windows\system32\runouce.exe
2011-11-26 08:47 . 2011-11-26 08:47 -------- d---a-w- c:\windows\RUNDL132.EXE
2011-11-26 08:47 . 2011-11-26 08:47 -------- d---a-w- c:\windows\logo_1.exe
2011-11-26 08:42 . 2011-11-26 08:42 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-11-26 08:42 . 2011-11-26 08:42 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-11-26 08:42 . 2011-11-26 08:42 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-11-26 08:42 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\TASKMGR.COM
2011-11-26 08:42 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-11-26 08:42 . 2008-04-14 06:52 147968 ----a-w- c:\windows\REGEDIT.COM
2011-11-26 08:42 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-11-26 08:42 . 2011-11-26 08:42 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-11-26 08:42 . 2011-11-26 08:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2011-11-25 21:13 . 2011-11-25 21:13 -------- d-----w- c:\windows\system32\oodag
2011-11-25 21:02 . 2011-11-25 21:02 -------- d-----w- c:\program files\OO Software
2011-11-25 12:44 . 2011-11-25 12:44 -------- d-----w- c:\documents and settings\Brumteles\Local Settings\Data aplikací\O&O
2011-11-25 12:43 . 2011-11-25 12:43 -------- d-----w- c:\documents and settings\Brumteles\Local Settings\Data aplikací\Downloaded Installations
2011-11-07 12:17 . 2011-11-07 12:17 -------- d-----w- c:\documents and settings\Čerti\Local Settings\Data aplikací\Nokia
2011-11-06 18:53 . 2011-11-06 18:53 -------- d-----w- c:\program files\PC Connectivity Solution
2011-11-06 18:53 . 2011-08-17 12:03 8576 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2011-11-06 18:53 . 2011-08-17 12:03 137472 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2011-11-06 18:53 . 2011-08-17 11:56 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-11-06 18:53 . 2011-08-17 11:56 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-11-06 18:53 . 2011-08-17 11:56 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-11-06 18:53 . 2011-08-17 11:56 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2011-11-06 18:33 . 2011-11-06 18:33 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ
2011-11-06 18:31 . 2011-11-06 18:31 -------- d-----w- c:\documents and settings\Brumteles\Local Settings\Data aplikací\NokiaAccount
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-15 15:39 . 2011-05-20 14:00 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-12 17:15 . 2010-01-29 16:13 270240 -c--a-w- c:\windows\system32\PnkBstrB.xtr
2011-11-12 11:01 . 2010-01-29 16:07 270240 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-11-07 19:52 . 2010-01-29 16:07 138056 -c--a-w- c:\documents and settings\Čerti\Data aplikací\PnkBstrK.sys
2011-11-08 17:42 . 2011-03-23 13:13 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-04-13 . 607C976B22AEB2FCF8A7486BCCA1E3BF . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2010-01-03 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1028096]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Čerti\Nabídka Start\Programy\Po spuštění\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-1-4 3450608]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Brumteles^Nabídka Start^Programy^Po spuštění^Rainmeter.lnk]
path=c:\documents and settings\Brumteles\Nabídka Start\Programy\Po spuštění\Rainmeter.lnk
backup=c:\windows\pss\Rainmeter.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Brumteles^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
path=c:\documents and settings\Brumteles\Nabídka Start\Programy\Po spuštění\Stardock ObjectDock.lnk
backup=c:\windows\pss\Stardock ObjectDock.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
2010-05-04 15:05 311296 ----a-r- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 06:52 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
2009-11-16 07:03 2054360 ----a-w- c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2011-06-29 16:22 2770248 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-04-15 06:57 181816 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2006-07-13 05:12 729088 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2007-01-05 14:36 872448 -c--a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"57501:TCP"= 57501:TCP:Pando Media Booster
"57501:UDP"= 57501:UDP:Pando Media Booster
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 8:03 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [16.11.2009 8:06 96408]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [23.12.2010 21:00 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [16.11.2009 8:04 735960]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [29.6.2011 17:22 2468168]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [18.1.2011 17:33 6609920]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [23.12.2010 21:00 65576]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4.1.2010 12:03 135664]
S2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
S3 cglptnt;cglptnt;c:\program files\totalcmd\CGLPTNT.SYS [19.11.2010 14:49 14424]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [12.10.2010 17:35 239160]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 10:58 11336]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4.1.2010 12:03 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.11.2011 19:53 137472]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [6.11.2011 19:53 8576]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PAC7311;Phenix-Q8;c:\windows\system32\drivers\PA707UCM.SYS [18.10.2005 11:48 154752]
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 11:03]
.
2011-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 11:03]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://192.168.25.21/webcamera.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.1.1
DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} - hxxp://192.168.25.21/WebClient.cab
FF - ProfilePath - c:\documents and settings\Brumteles\Data aplikací\Mozilla\Firefox\Profiles\k3y88l9d.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxp://www.zoznam.sk/
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
MSConfigStartUp-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-26 16:16
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="D309ECEA886B45DCDE90E7A91E220E435305264B916B28EAED1FCC78FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B9808BA7FD869164D6794A9C6AECB7A5D14072216EB3E50417E413E8FB84C04E5B858E80994C346D6B9EAC25CBBA00413B1DFA9409F58A0C49DCFAFD8B2603AFB9586299C4920F7B7BDC7C280861E6FBD3375B07B5E051740987363D31FF8485A28E65AC214BE52D66046F2E330AC1A49B33160F1D06ED2F3D29F1C60089DB70604DCF3307F24E79C06D4A52CE2ED412289AF855FE07358F2B5BFBDECB88976D4423E172AD887AEC419D4D0968C39030B0FFD8D943EA710A22CAE5100402D54F47F54828B30D58262071F8E7160166399A4230F755D50C53DA63F83B3742B87E35CDD9EC1D92F2058417E2020D2C2C8362A1640F9F2E8AB5416B5A434ECDBAAF67E8C734FF1E92BDF3D32679A9F307FA189C1FC2EFA1FD5C7754A2B4205C8B9D58C86B04AD38CA886F56C6BEA4385B66A2A08463335D5BACFBEAAAF34DCB3957A35E527DD9F54842BE654D6B0811B81787DBB3F3D25A23877F0F86EF3D98E85B727B7CC483C318C05948478205FFED70574A5AF1490D18E1D91C8C77D2403B1AE98803BDA5249F21B028D4400A7F0959C0681049304E0E1F326A3C16126EAA6D8413331FBCE74CCCAB9714FABE86978A32EFECBAD4D033B013D0684C712555801DE3C10A7E13E974549275511F390A44DE8C13BE4809C06A0E2E15EE65A871AC7B0F7DD6982E7AF0EC31A36365FC223A4BA63A95275CA1402AD1C3E8D38F6A69FFB39446569E55700BCA9733006135C872A6E93A2C5DB97A6348C3B1D27D11AD08A4612D014E136C5CE27B4AA0647A2A7C2649994D050ABE611028B8A68F476F827D8B77742B55561975C4464C0D6A70A11377D7EBBE04AEA653D8E5F7F75220624204C36F8F325A7B80212B25D71820A28D028476A76553555F0C338B39A64BA543B890003E175C05747B0FAC578AF53200D276B0B31111586C8CFC713DEEB3112424CDA6DF57D299ED05539A77F8E69133AA7FB0B62A5B226E07D516BF34BD33940986108DD59323BB45D7C74D162A09E1E7F1C9D909F8863CAB7AFD23BF4E22A309142E77905025EFCC6E8636CD1A4E6F026843A77EEE6F18A904EA04D4472CA0704BDE8DDE40E3EAA34B46F81E87111DC36811D83E7ED0999BC31F0F5F6E98229DB2C25D3BDA6142EEC2BD4F417DAC883F173C3D8C396E4E5946B25342E85BE712CF6FED63BEA1EF05BAC17E22F043CF7BB4F71CE1E2BC5CD15A75F3BED53EEADA91D9B98EBCE9DCD8E2B7B1669E71FC39B1C2FEDF7C9ED295F2288F32139091F2FB063FBBF9C58133AAD0D91E15527E1BD774575366626C0B82DCD7815EE05FCB956851C"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1084)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(4036)
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-11-26 16:20:57
ComboFix-quarantined-files.txt 2011-11-26 15:20
.
Pre-Run: Volných bajtů: 17 455 747 072
Post-Run: Volných bajtů: 17 974 898 688
.
- - End Of File - - 53941BC6512A08063C46A5117BEE0F2D
K8N Neo4 Platinum, AMD Athlon64 3000+,RAM 2x256MB+2x1024MB, WDC WD1600JS 160GB, GeForce 6200 TurboCache, Tv WinFast PVR, WiFi Asus 802.11b/g+ruter WL-520GC,Win. XP pro. CZ
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kntrolu-nejde defragmentácia
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
Folder::
c:\windows\VDLL.DLL
c:\windows\system32\runouce.exe
c:\windows\RUNDL132.EXE
c:\windows\logo_1.exe
File::
c:\windows\system32\TASKMGR.COM
c:\windows\system32\T.COM
c:\windows\REGEDIT.COM
c:\windows\R.COM
c:\program files\SystemRequirementsLab\cpudrv.sys
c:\windows\system32\drivers\EagleXNt.sys
c:\windows\system32\drivers\mbamswissarmy.sys
c:\windows\system32\GameMon.des
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Driver::
cpudrv
EagleXNt
MBAMSwissArmy
nmwcdnsuc
npggsvc
DDS::
DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} - hxxp://192.168.25.21/WebClient.cab
Firefox::
FF - ProfilePath - c:\documents and settings\Brumteles\Data aplikací\Mozilla\Firefox\Profiles\k3y88l9d.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: keyword.URL - hxxp://search.imesh.com/web?src=ffb&systemid=1&q=
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
-
Brumteles68
- Level 2.5
- Příspěvky: 385
- Registrován: únor 08
- Bydliště: Vranov nad Topľou SR
- Pohlaví:
- Stav:
Offline
Re: Prosím o kntrolu-nejde defragmentácia
Posielam ten log.
ComboFix 11-11-26.04 - Brumteles . 11. 2011 19:40:15.6.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.2047.1516 [GMT 1:00]
Running from: c:\documents and settings\Brumteles\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\Brumteles\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Sunbelt Personal Firewall *Disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
FILE ::
"c:\program files\SystemRequirementsLab\cpudrv.sys"
"c:\windows\R.COM"
"c:\windows\REGEDIT.COM"
"c:\windows\system32\drivers\EagleXNt.sys"
"c:\windows\system32\drivers\mbamswissarmy.sys"
"c:\windows\system32\GameMon.des"
"c:\windows\system32\T.COM"
"c:\windows\system32\TASKMGR.COM"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\logo_1.exe
c:\windows\RUNDL132.EXE
c:\windows\system32\runouce.exe
c:\windows\VDLL.DLL
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUDRV
-------\Legacy_EAGLEXNT
-------\Legacy_MBAMSWISSARMY
-------\Service_cpudrv
-------\Service_EagleXNt
-------\Service_MBAMSwissArmy
-------\Service_nmwcdnsuc
-------\Service_npggsvc
.
.
((((((((((((((((((((((((( Files Created from 2011-10-26 to 2011-11-26 )))))))))))))))))))))))))))))))
.
.
2011-11-26 13:01 . 2011-11-26 13:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-26 13:01 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-26 08:58 . 2011-11-26 08:58 388096 ----a-r- c:\documents and settings\Brumteles\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-26 08:58 . 2011-11-26 08:58 -------- d-----w- c:\program files\Trend Micro
2011-11-26 08:42 . 2011-11-26 08:42 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-11-26 08:42 . 2011-11-26 08:42 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-11-26 08:42 . 2011-11-26 08:42 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-11-26 08:42 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\TASKMGR.COM
2011-11-26 08:42 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-11-26 08:42 . 2008-04-14 06:52 147968 ----a-w- c:\windows\REGEDIT.COM
2011-11-26 08:42 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-11-26 08:42 . 2011-11-26 08:42 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-11-26 08:42 . 2011-11-26 08:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2011-11-25 21:13 . 2011-11-25 21:13 -------- d-----w- c:\windows\system32\oodag
2011-11-25 21:02 . 2011-11-25 21:02 -------- d-----w- c:\program files\OO Software
2011-11-25 12:44 . 2011-11-25 12:44 -------- d-----w- c:\documents and settings\Brumteles\Local Settings\Data aplikací\O&O
2011-11-25 12:43 . 2011-11-25 12:43 -------- d-----w- c:\documents and settings\Brumteles\Local Settings\Data aplikací\Downloaded Installations
2011-11-07 12:17 . 2011-11-07 12:17 -------- d-----w- c:\documents and settings\Čerti\Local Settings\Data aplikací\Nokia
2011-11-06 18:53 . 2011-11-06 18:53 -------- d-----w- c:\program files\PC Connectivity Solution
2011-11-06 18:53 . 2011-08-17 12:03 8576 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2011-11-06 18:53 . 2011-08-17 12:03 137472 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2011-11-06 18:53 . 2011-08-17 11:56 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-11-06 18:53 . 2011-08-17 11:56 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-11-06 18:53 . 2011-08-17 11:56 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-11-06 18:53 . 2011-08-17 11:56 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2011-11-06 18:33 . 2011-11-06 18:33 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ
2011-11-06 18:31 . 2011-11-06 18:31 -------- d-----w- c:\documents and settings\Brumteles\Local Settings\Data aplikací\NokiaAccount
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-15 15:39 . 2011-05-20 14:00 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-12 17:15 . 2010-01-29 16:13 270240 -c--a-w- c:\windows\system32\PnkBstrB.xtr
2011-11-12 11:01 . 2010-01-29 16:07 270240 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-11-07 19:52 . 2010-01-29 16:07 138056 -c--a-w- c:\documents and settings\Čerti\Data aplikací\PnkBstrK.sys
2011-11-08 17:42 . 2011-03-23 13:13 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-04-13 . 607C976B22AEB2FCF8A7486BCCA1E3BF . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2010-01-03 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-11-26_15.16.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-26 18:50 . 2011-11-26 18:50 16384 c:\windows\temp\Perflib_Perfdata_2b0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1028096]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-06-29 2770248]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Bosorka\Nabídka Start\Programy\Po spuštění\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-1-4 3450608]
.
c:\documents and settings\Čerti\Nabídka Start\Programy\Po spuštění\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-1-4 3450608]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Brumteles^Nabídka Start^Programy^Po spuštění^Rainmeter.lnk]
path=c:\documents and settings\Brumteles\Nabídka Start\Programy\Po spuštění\Rainmeter.lnk
backup=c:\windows\pss\Rainmeter.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Brumteles^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
path=c:\documents and settings\Brumteles\Nabídka Start\Programy\Po spuštění\Stardock ObjectDock.lnk
backup=c:\windows\pss\Stardock ObjectDock.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
2010-05-04 15:05 311296 ----a-r- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 06:52 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
2009-11-16 07:03 2054360 ----a-w- c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2011-06-29 16:22 2770248 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-04-15 06:57 181816 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2006-07-13 05:12 729088 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2007-01-05 14:36 872448 -c--a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"57501:TCP"= 57501:TCP:Pando Media Booster
"57501:UDP"= 57501:UDP:Pando Media Booster
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 8:03 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [16.11.2009 8:06 96408]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [23.12.2010 21:00 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [16.11.2009 8:04 735960]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [29.6.2011 17:22 2468168]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [18.1.2011 17:33 6609920]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [23.12.2010 21:00 65576]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4.1.2010 12:03 135664]
S2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
S3 cglptnt;cglptnt;c:\program files\totalcmd\CGLPTNT.SYS [19.11.2010 14:49 14424]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [12.10.2010 17:35 239160]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4.1.2010 12:03 135664]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.11.2011 19:53 137472]
S3 PAC7311;Phenix-Q8;c:\windows\system32\drivers\PA707UCM.SYS [18.10.2005 11:48 154752]
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 11:03]
.
2011-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 11:03]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://192.168.25.21/webcamera.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Brumteles\Data aplikací\Mozilla\Firefox\Profiles\k3y88l9d.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.zoznam.sk/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-26 19:51
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="D309ECEA886B45DCDE90E7A91E220E435305264B916B28EAED1FCC78FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B9808BA7FD869164D6794A9C6AECB7A5D14072216EB3E50417E413E8FB84C04E5B858E80994C346D6B9EAC25CBBA00413B1DFA9409F58A0C49DCFAFD8B2603AFB9586299C4920F7B7BDC7C280861E6FBD3375B07B5E051740987363D31FF8485A28E65AC214BE52D66046F2E330AC1A49B33160F1D06ED2F3D29F1C60089DB70604DCF3307F24E79C06D4A52CE2ED412289AF855FE07358F2B5BFBDECB88976D4423E172AD887AEC419D4D0968C39030B0FFD8D943EA710A22CAE5100402D54F47F54828B30D58262071F8E7160166399A4230F755D50C53DA63F83B3742B87E35CDD9EC1D92F2058417E2020D2C2C8362A1640F9F2E8AB5416B5A434ECDBAAF67E8C734FF1E92BDF3D32679A9F307FA189C1FC2EFA1FD5C7754A2B4205C8B9D58C86B04AD38CA886F56C6BEA4385B66A2A08463335D5BACFBEAAAF34DCB3957A35E527DD9F54842BE654D6B0811B81787DBB3F3D25A23877F0F86EF3D98E85B727B7CC483C318C05948478205FFED70574A5AF1490D18E1D91C8C77D2403B1AE98803BDA5249F21B028D4400A7F0959C0681049304E0E1F326A3C16126EAA6D8413331FBCE74CCCAB9714FABE86978A32EFECBAD4D033B013D0684C712555801DE3C10A7E13E974549275511F390A44DE8C13BE4809C06A0E2E15EE65A871AC7B0F7DD6982E7AF0EC31A36365FC223A4BA63A95275CA1402AD1C3E8D38F6A69FFB39446569E55700BCA9733006135C872A6E93A2C5DB97A6348C3B1D27D11AD08A4612D014E136C5CE27B4AA0647A2A7C2649994D050ABE611028B8A68F476F827D8B77742B55561975C4464C0D6A70A11377D7EBBE04AEA653D8E5F7F75220624204C36F8F325A7B80212B25D71820A28D028476A76553555F0C338B39A64BA543B890003E175C05747B0FAC578AF53200D276B0B31111586C8CFC713DEEB3112424CDA6DF57D299ED05539A77F8E69133AA7FB0B62A5B226E07D516BF34BD33940986108DD59323BB45D7C74D162A09E1E7F1C9D909F8863CAB7AFD23BF4E22A309142E77905025EFCC6E8636CD1A4E6F026843A77EEE6F18A904EA04D4472CA0704BDE8DDE40E3EAA34B46F81E87111DC36811D83E7ED0999BC31F0F5F6E98229DB2C25D3BDA6142EEC2BD4F417DAC883F173C3D8C396E4E5946B25342E85BE712CF6FED63BEA1EF05BAC17E22F043CF7BB4F71CE1E2BC5CD15A75F3BED53EEADA91D9B98EBCE9DCD8E2B7B1669E71FC39B1C2FEDF7C9ED295F2288F32139091F2FB063FBBF9C58133AAD0D91E15527E1BD774575366626C0B82DCD7815EE05FCB956851C"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1088)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3044)
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\bgsvcgen.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\System32\PAStiSvc.exe
c:\windows\system32\wscntfy.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Hewlett-Packard\Shared\hpqToaster.exe
.
**************************************************************************
.
Completion time: 2011-11-26 19:56:31 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-26 18:56
ComboFix2.txt 2011-11-26 15:21
.
Pre-Run: Volných bajtů: 18 028 589 056
Post-Run: Volných bajtů: 17 913 335 808
.
- - End Of File - - 01AB4F260FC39C3DBD01C3EA1BF6C22C
ComboFix 11-11-26.04 - Brumteles . 11. 2011 19:40:15.6.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1029.18.2047.1516 [GMT 1:00]
Running from: c:\documents and settings\Brumteles\Plocha\ComboFix.exe
Command switches used :: c:\documents and settings\Brumteles\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Sunbelt Personal Firewall *Disabled* {82B1150E-9B37-49FC-83EB-D52197D900D0}
.
FILE ::
"c:\program files\SystemRequirementsLab\cpudrv.sys"
"c:\windows\R.COM"
"c:\windows\REGEDIT.COM"
"c:\windows\system32\drivers\EagleXNt.sys"
"c:\windows\system32\drivers\mbamswissarmy.sys"
"c:\windows\system32\GameMon.des"
"c:\windows\system32\T.COM"
"c:\windows\system32\TASKMGR.COM"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\logo_1.exe
c:\windows\RUNDL132.EXE
c:\windows\system32\runouce.exe
c:\windows\VDLL.DLL
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUDRV
-------\Legacy_EAGLEXNT
-------\Legacy_MBAMSWISSARMY
-------\Service_cpudrv
-------\Service_EagleXNt
-------\Service_MBAMSwissArmy
-------\Service_nmwcdnsuc
-------\Service_npggsvc
.
.
((((((((((((((((((((((((( Files Created from 2011-10-26 to 2011-11-26 )))))))))))))))))))))))))))))))
.
.
2011-11-26 13:01 . 2011-11-26 13:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-11-26 13:01 . 2011-08-31 16:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-26 08:58 . 2011-11-26 08:58 388096 ----a-r- c:\documents and settings\Brumteles\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-11-26 08:58 . 2011-11-26 08:58 -------- d-----w- c:\program files\Trend Micro
2011-11-26 08:42 . 2011-11-26 08:42 632064 ----a-w- c:\windows\system32\msvcr80.dll
2011-11-26 08:42 . 2011-11-26 08:42 554240 ----a-w- c:\windows\system32\msvcp80.dll
2011-11-26 08:42 . 2011-11-26 08:42 34048 ----a-w- c:\windows\system32\eEmpty.exe
2011-11-26 08:42 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\TASKMGR.COM
2011-11-26 08:42 . 2008-04-14 06:52 137216 ----a-w- c:\windows\system32\T.COM
2011-11-26 08:42 . 2008-04-14 06:52 147968 ----a-w- c:\windows\REGEDIT.COM
2011-11-26 08:42 . 2008-04-14 06:52 147968 ----a-w- c:\windows\R.COM
2011-11-26 08:42 . 2011-11-26 08:42 -------- d-----w- c:\program files\Common Files\MicroWorld
2011-11-26 08:42 . 2011-11-26 08:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MicroWorld
2011-11-25 21:13 . 2011-11-25 21:13 -------- d-----w- c:\windows\system32\oodag
2011-11-25 21:02 . 2011-11-25 21:02 -------- d-----w- c:\program files\OO Software
2011-11-25 12:44 . 2011-11-25 12:44 -------- d-----w- c:\documents and settings\Brumteles\Local Settings\Data aplikací\O&O
2011-11-25 12:43 . 2011-11-25 12:43 -------- d-----w- c:\documents and settings\Brumteles\Local Settings\Data aplikací\Downloaded Installations
2011-11-07 12:17 . 2011-11-07 12:17 -------- d-----w- c:\documents and settings\Čerti\Local Settings\Data aplikací\Nokia
2011-11-06 18:53 . 2011-11-06 18:53 -------- d-----w- c:\program files\PC Connectivity Solution
2011-11-06 18:53 . 2011-08-17 12:03 8576 ----a-w- c:\windows\system32\drivers\nmwcdnsuc.sys
2011-11-06 18:53 . 2011-08-17 12:03 137472 ----a-w- c:\windows\system32\drivers\nmwcdnsu.sys
2011-11-06 18:53 . 2011-08-17 11:56 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2011-11-06 18:53 . 2011-08-17 11:56 8192 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2011-11-06 18:53 . 2011-08-17 11:56 23168 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2011-11-06 18:53 . 2011-08-17 11:56 18176 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2011-11-06 18:33 . 2011-11-06 18:33 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ
2011-11-06 18:31 . 2011-11-06 18:31 -------- d-----w- c:\documents and settings\Brumteles\Local Settings\Data aplikací\NokiaAccount
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-15 15:39 . 2011-05-20 14:00 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-12 17:15 . 2010-01-29 16:13 270240 -c--a-w- c:\windows\system32\PnkBstrB.xtr
2011-11-12 11:01 . 2010-01-29 16:07 270240 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-11-07 19:52 . 2010-01-29 16:07 138056 -c--a-w- c:\documents and settings\Čerti\Data aplikací\PnkBstrK.sys
2011-11-08 17:42 . 2011-03-23 13:13 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-04-13 . 607C976B22AEB2FCF8A7486BCCA1E3BF . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys
.
[-] 2010-01-03 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-11-26_15.16.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-26 18:50 . 2011-11-26 18:50 16384 c:\windows\temp\Perflib_Perfdata_2b0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1028096]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-06-29 2770248]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Bosorka\Nabídka Start\Programy\Po spuštění\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-1-4 3450608]
.
c:\documents and settings\Čerti\Nabídka Start\Programy\Po spuštění\
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-1-4 3450608]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Bluetooth.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Brumteles^Nabídka Start^Programy^Po spuštění^Rainmeter.lnk]
path=c:\documents and settings\Brumteles\Nabídka Start\Programy\Po spuštění\Rainmeter.lnk
backup=c:\windows\pss\Rainmeter.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Brumteles^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
path=c:\documents and settings\Brumteles\Nabídka Start\Programy\Po spuštění\Stardock ObjectDock.lnk
backup=c:\windows\pss\Stardock ObjectDock.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
2010-05-04 15:05 311296 ----a-r- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 06:52 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]
2009-11-16 07:03 2054360 ----a-w- c:\program files\ESET\ESET NOD32 Antivirus\egui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2011-06-29 16:22 2770248 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-04-15 06:57 181816 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2006-07-13 05:12 729088 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2007-01-05 14:36 872448 -c--a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"57501:TCP"= 57501:TCP:Pando Media Booster
"57501:UDP"= 57501:UDP:Pando Media Booster
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 8:03 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [16.11.2009 8:06 96408]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [23.12.2010 21:00 270888]
R1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [21.6.2008 4:54 66600]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [16.11.2009 8:04 735960]
R2 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [29.6.2011 17:22 2468168]
R2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [31.10.2008 7:24 95528]
R3 NETwLx32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [18.1.2011 17:33 6609920]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [23.12.2010 21:00 65576]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4.1.2010 12:03 135664]
S2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [31.10.2008 7:24 1365288]
S3 cglptnt;cglptnt;c:\program files\totalcmd\CGLPTNT.SYS [19.11.2010 14:49 14424]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [12.10.2010 17:35 239160]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4.1.2010 12:03 135664]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [6.11.2011 19:53 137472]
S3 PAC7311;Phenix-Q8;c:\windows\system32\drivers\PA707UCM.SYS [18.10.2005 11:48 154752]
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 11:03]
.
2011-11-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-04 11:03]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://192.168.25.21/webcamera.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\documents and settings\Brumteles\Data aplikací\Mozilla\Firefox\Profiles\k3y88l9d.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.zoznam.sk/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-11-26 19:51
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="D309ECEA886B45DCDE90E7A91E220E435305264B916B28EAED1FCC78FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98085D575E7D6A3B9808BA7FD869164D6794A9C6AECB7A5D14072216EB3E50417E413E8FB84C04E5B858E80994C346D6B9EAC25CBBA00413B1DFA9409F58A0C49DCFAFD8B2603AFB9586299C4920F7B7BDC7C280861E6FBD3375B07B5E051740987363D31FF8485A28E65AC214BE52D66046F2E330AC1A49B33160F1D06ED2F3D29F1C60089DB70604DCF3307F24E79C06D4A52CE2ED412289AF855FE07358F2B5BFBDECB88976D4423E172AD887AEC419D4D0968C39030B0FFD8D943EA710A22CAE5100402D54F47F54828B30D58262071F8E7160166399A4230F755D50C53DA63F83B3742B87E35CDD9EC1D92F2058417E2020D2C2C8362A1640F9F2E8AB5416B5A434ECDBAAF67E8C734FF1E92BDF3D32679A9F307FA189C1FC2EFA1FD5C7754A2B4205C8B9D58C86B04AD38CA886F56C6BEA4385B66A2A08463335D5BACFBEAAAF34DCB3957A35E527DD9F54842BE654D6B0811B81787DBB3F3D25A23877F0F86EF3D98E85B727B7CC483C318C05948478205FFED70574A5AF1490D18E1D91C8C77D2403B1AE98803BDA5249F21B028D4400A7F0959C0681049304E0E1F326A3C16126EAA6D8413331FBCE74CCCAB9714FABE86978A32EFECBAD4D033B013D0684C712555801DE3C10A7E13E974549275511F390A44DE8C13BE4809C06A0E2E15EE65A871AC7B0F7DD6982E7AF0EC31A36365FC223A4BA63A95275CA1402AD1C3E8D38F6A69FFB39446569E55700BCA9733006135C872A6E93A2C5DB97A6348C3B1D27D11AD08A4612D014E136C5CE27B4AA0647A2A7C2649994D050ABE611028B8A68F476F827D8B77742B55561975C4464C0D6A70A11377D7EBBE04AEA653D8E5F7F75220624204C36F8F325A7B80212B25D71820A28D028476A76553555F0C338B39A64BA543B890003E175C05747B0FAC578AF53200D276B0B31111586C8CFC713DEEB3112424CDA6DF57D299ED05539A77F8E69133AA7FB0B62A5B226E07D516BF34BD33940986108DD59323BB45D7C74D162A09E1E7F1C9D909F8863CAB7AFD23BF4E22A309142E77905025EFCC6E8636CD1A4E6F026843A77EEE6F18A904EA04D4472CA0704BDE8DDE40E3EAA34B46F81E87111DC36811D83E7ED0999BC31F0F5F6E98229DB2C25D3BDA6142EEC2BD4F417DAC883F173C3D8C396E4E5946B25342E85BE712CF6FED63BEA1EF05BAC17E22F043CF7BB4F71CE1E2BC5CD15A75F3BED53EEADA91D9B98EBCE9DCD8E2B7B1669E71FC39B1C2FEDF7C9ED295F2288F32139091F2FB063FBBF9C58133AAD0D91E15527E1BD774575366626C0B82DCD7815EE05FCB956851C"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1088)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3044)
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\bgsvcgen.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\System32\PAStiSvc.exe
c:\windows\system32\wscntfy.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Hewlett-Packard\Shared\hpqToaster.exe
.
**************************************************************************
.
Completion time: 2011-11-26 19:56:31 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-26 18:56
ComboFix2.txt 2011-11-26 15:21
.
Pre-Run: Volných bajtů: 18 028 589 056
Post-Run: Volných bajtů: 17 913 335 808
.
- - End Of File - - 01AB4F260FC39C3DBD01C3EA1BF6C22C
K8N Neo4 Platinum, AMD Athlon64 3000+,RAM 2x256MB+2x1024MB, WDC WD1600JS 160GB, GeForce 6200 TurboCache, Tv WinFast PVR, WiFi Asus 802.11b/g+ruter WL-520GC,Win. XP pro. CZ
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kntrolu-nejde defragmentácia
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
+ Nový log z HJT
Jak se chová PC?
Start-Spustit a zadej ComboFix /Uninstall
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš
pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials
+ Nový log z HJT
Jak se chová PC?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
-
Brumteles68
- Level 2.5
- Příspěvky: 385
- Registrován: únor 08
- Bydliště: Vranov nad Topľou SR
- Pohlaví:
- Stav:
Offline
Re: Prosím o kntrolu-nejde defragmentácia
Posielam log z HJT, na PC vidno nejaké zmeny k lepšiemu, CCleaner šiel rýchlejšie ako včera. Môžem skusiť tu defragmentaciu?
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:20:06, on 26. 11. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\WINDOWS\explorer.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://192.168.25.21/webcamera.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 7199 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:20:06, on 26. 11. 2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\WINDOWS\explorer.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://192.168.25.21/webcamera.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: O&O Defrag Agent (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: SbPF.Launcher - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFLnch.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software, Inc. - C:\Program Files\Sunbelt Software\Personal Firewall\SbPFSvc.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
--
End of file - 7199 bytes
K8N Neo4 Platinum, AMD Athlon64 3000+,RAM 2x256MB+2x1024MB, WDC WD1600JS 160GB, GeForce 6200 TurboCache, Tv WinFast PVR, WiFi Asus 802.11b/g+ruter WL-520GC,Win. XP pro. CZ
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Prosím o kntrolu-nejde defragmentácia
Zkus
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
-
Brumteles68
- Level 2.5
- Příspěvky: 385
- Registrován: únor 08
- Bydliště: Vranov nad Topľou SR
- Pohlaví:
- Stav:
Offline
Re: Prosím o kntrolu-nejde defragmentácia
Defragmentacia teraz prebehla OK, ale aj potom mi tam zostane dosť veľa fragmentovaných súborov. Má to tak byť preto že je to systemový disk?
K8N Neo4 Platinum, AMD Athlon64 3000+,RAM 2x256MB+2x1024MB, WDC WD1600JS 160GB, GeForce 6200 TurboCache, Tv WinFast PVR, WiFi Asus 802.11b/g+ruter WL-520GC,Win. XP pro. CZ
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 82 hostů