Obsah fóra » Software » Antivíry, bezpečnosť a sieť » Bezpečnosť a firewally » Automatické aktualizácie





 Stránka: 1 z 1
 [ Príspevkov: 14 ] 
AutorSpráva
Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66 | 66
Bydlisko: Bratislava
NapísalOffline pukepulos: 26.02.2009 23:26 | Automatické aktualizácie

zdravim,

uz hodne dlhu dobu mam na nb problem...automaticke aktualizacie su z nejakeho dovodu vypnute a neviem za toho certa prist na to ako ich zapnut...lebo to nejde ani manualne

prosim o radu

dikes


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4 | 4
NapísalOffline Kosak: 26.02.2009 23:28 | Automatické aktualizácie

Pošli log z UPM.


Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66 | 66
Bydlisko: Bratislava
Napísal autor témyOffline pukepulos: 26.02.2009 23:36 | Automatické aktualizácie

no neviem cim to je ale ked chcem vytvorit log tak to v polovici sekne ze sa vyskytol problem a aplikaciu bude nutne ukoncit..


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4 | 4
NapísalOffline Kosak: 26.02.2009 23:37 | Automatické aktualizácie

Tak teda z ComboFixu.


Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66 | 66
Bydlisko: Bratislava
Napísal autor témyOffline pukepulos: 26.02.2009 23:51 | Automatické aktualizácie

okej nejak sa mi podarilo to UPM

Windows XP SP 2 (build 2600)
Boot Mode: Normal
Overení sůborů Microsoftu: Áno
Whitelist: Áno
Internet Explorer v7.00.6000.16674 (vista_gdr.080415-1732)
Log vygenerovaný:26. 2. 2009 23:47:20
================================================================

SmallARK
================================================================
[?]NtCreateKey -> spci.sys
[?]NtEnumerateKey -> spci.sys
[?]NtEnumerateValueKey -> spci.sys
[?]NtOpenKey -> spci.sys
[?]NtQueryKey -> spci.sys
[?]NtQueryValueKey -> spci.sys
[?]NtSetValueKey -> spci.sys


Bežiace procesy
================================================================

C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\ACER\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE
C:\PROGRAM FILES\COMMON FILES\LIGHTSCRIBE\LSSRVC.EXE
C:\PROGRAM FILES\ESET\NOD32KRN.EXE
C:\PROGRAM FILES\RAXCO\PERFECTDISK\PDSCHED.EXE
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRAM FILES\ESET\NOD32KUI.EXE
C:\ACER\EMPOWERING TECHNOLOGY\EPOWER\EPOWER_DMC.EXE
C:\WINDOWS\BRICOPACKS\VISTA INSPIRAT 2\ROCKETDOCK\ROCKETDOCK.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\PROGRAM FILES\QIP INFIUM\INFIUM.EXE
C:\PROGRAM FILES\VISTA RAINBAR\RAINMETER.EXE
C:\PROGRAM FILES\UPM\UPM.EXE

Scanner
================================================================
[?] ati2evxx.exe
Non Microsoft v System32:

[?] MemCheck.exe
EntryPoint v sekcii:
|_ Celkový počet sekcií: 3
Nemá okno
Súbor 7%

[?] LSSrvc.exe
Nemá okno
Súbor 7%

[?] nod32krn.exe
Súbor 7%

[?] PDSched.exe
Nemá okno
Súbor 7%

[?] ati2evxx.exe
Non Microsoft v System32:

[S, novf!] explorer.exe
Overený Microsoft: Nie
Spúšťa sa po štarte HKLM Winlogon [Shell]
Súbor 25%

[S] ehtray.exe
Spúšťa sa po štarte HKLM Run [ehTray]

[?] RTHDCPL.exe
Spúšťa sa po štarte HKLM Run [RTHDCPL]

[?] nod32kui.exe
Spúšťa sa po štarte HKLM Run [nod32kui]
Súbor 14%

[?] ePower_DMC.exe
Bez výrobcu
Spúšťa sa po štarte HKLM Run [ePower_DMC]
EntryPoint v sekcii:
|_ Celkový počet sekcií: 5
Súbor 12%

[S] ctfmon.exe
Spúšťa sa po štarte HKCU Run [ctfmon.exe]

[R] GoogleUpdate.exe
Spúšťa sa po štarte HKCU Run [Google Update]

[?] RocketDock.exe
Bez výrobcu
Spúšťa sa po štarte Po spustení [RocketDock.lnk]
Súbor 12%

[?] hpgs2wnf.exe
Nemá okno
Súbor 7%

[?] infium.exe
EntryPoint v sekcii: CODE
|_ Celkový počet sekcií: 9
Súbor 63%

[?] Rainmeter.exe
Bez výrobcu
Spúšťa sa po štarte HKCU Run [Vista Rainbar]
Súbor 25%

[R] everest.exe
EntryPoint v sekcii: UPX1
|_ Celkový počet sekcií: 3

[?] UPM.exe
Súbor 7%


Po spustení
================================================================

HKCU Run
|_ [R][Google Update] C:\Documents and Settings\Vlado\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c
|_ [?][Vista Rainbar] C:\Program Files\Vista Rainbar\Rainmeter.exe

HKLM Run
|_ [X][LaunchApp] (Súbor nebol nájdený)
|_ (Súbor nebol nájdený)
|_ [S][IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
|_ [?][MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
|_ [S][PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
|_ [S][PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
|_ [?][RTHDCPL] C:\WINDOWS\RTHDCPL.EXE
|_ [?][Alcmtr] C:\WINDOWS\ALCMTR.EXE
|_ [?][nod32kui] C:\Program Files\Eset\nod32kui.exe /WAITSERVICE
|_ [X][pdfSaver3] (Súbor nebol nájdený)
|_ [X][Microsoft Windows Sound] svghost.exe (Súbor nebol nájdený)
|_ [?][ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

HKLM RunServices
|_ [X][Microsoft Windows Sound] svghost.exe (Súbor nebol nájdený)

HKLM ShellServiceObjectDelayLoad
|_ [?][PostBootReminder] C:\WINDOWS\system32\SHELL32.dll
|_ [?][CDBurn] C:\WINDOWS\system32\SHELL32.dll
|_ [?][WebCheck] C:\WINDOWS\system32\webcheck.dll
|_ [?][SysTray] C:\WINDOWS\system32\stobject.dll

HKU Run
|_ [?][PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

HKLM IC
|_ [?][<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] C:\WINDOWS\system32\ieudinit.exe
|_ [X][>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP (Súbor nebol nájdený)
|_ [X][>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP (Súbor nebol nájdený)
|_ [?][KB910393] C:\WINDOWS\INF\EasyCDBlock.inf ,PerUserInstall
|_ [?][{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] C:\WINDOWS\INF\msnetmtg.inf ,NetMtg.Install.PerUser.NT
|_ [?][{5945c046-1e7d-11d1-bc44-00c04fd912be}] C:\WINDOWS\INF\msmsgs.inf ,BLC.QuietInstall.PerUser
|_ [?][{6BF52A52-394A-11d3-B153-00C04F79FAA6}] C:\WINDOWS\INF\wmp11.inf ,PerUserStub
|_ [?][{89820200-ECBD-11cf-8B85-00AA005B4340}] regsvr32.exe /s /n /i:U shell32.dll
|_ [?][{8b15971b-5355-4c82-8c07-7e181ea07608}] C:\WINDOWS\INF\fxsocm.inf ,Fax.Install.PerUser

HKLM Winlogon
|_ [?][Shell] C:\WINDOWS\Explorer.exe

HKLM Winlogon Notify
|_ [?][AtiExtEvent] C:\WINDOWS\system32\Ati2evxx.dll

Po spustení
|_ [?][RocketDock.lnk] C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
|_ [!][TransBar.lnk] C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe


HKLM BHO
|_ [X][{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] (Súbor nebol nájdený)

HKCU IE WebBrowser Toolbar
|_ [?][{01E04581-4EEE-11D0-BFE9-00AA005B4383}] C:\WINDOWS\system32\browseui.dll
|_ [?][{0E5CBF21-D15F-11D0-8301-00AA005B4383}] C:\WINDOWS\system32\SHELL32.dll
|_ [X][{EF99BD32-C1FB-11D2-892F-0090271D4F88}] (Súbor nebol nájdený)

Služby (Zobraz bežiace: True, Zobraz zastavené: False, Zobraz i bezpečné: False)
================================================================
[?] Memory Check Service
|_ Cesta: C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
| |_ Výrobca: Acer Inc.
| |_ Popis:
| |_ MD5: 3CAABC2D0F87413EB1E0C7E0B3245E67
|
|_ Meno: AcerMemUsageCheckService
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ:
|_ Dependency:

[?] Ati HotKey Poller
|_ Cesta: C:\WINDOWS\system32\Ati2evxx.exe
| |_ Výrobca: ATI Technologies Inc.
| |_ Popis: ATI External Event Utility EXE Module
| |_ MD5: B8DBF155EAE86B1468FEEA472E94AEFB
|
|_ Meno: Ati HotKey Poller
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ:
|_ Dependency:

[?] ATI Smart
|_ Cesta: C:\WINDOWS\system32\ati2sgag.exe
| |_ Výrobca:
| |_ Popis: ATI Smart
| |_ MD5: AD1865C5E1842C8BA06BE3B1799315AA
|
|_ Meno: ATI Smart
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Zastavené
|_ Typ:
|_ Dependency:

[?] LightScribeService Direct Disc Labeling Service
|_ Cesta: C:\Program Files\Common Files\LightScribe\LSSrvc.exe
| |_ Výrobca: Hewlett-Packard Company
| |_ Popis:
| |_ MD5: AB8134127F786C9603817B5318DCEEAA
|
|_ Meno: LightScribeService
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Win32 Own Process
|_ Dependency:

[?] NOD32 Kernel Service
|_ Cesta: C:\Program Files\Eset\nod32krn.exe
| |_ Výrobca: Eset
| |_ Popis: NOD32 Kernel Service
| |_ MD5: 5300E3715347A5DA5B94AEC3177F5F31
|
|_ Meno: NOD32krn
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ:
|_ Dependency:

[?] PDScheduler
|_ Cesta: C:\Program Files\Raxco\PerfectDisk\PDSched.exe
| |_ Výrobca: Raxco Software, Inc.
| |_ Popis: PDSched Module
| |_ MD5: 3261CB59AAF88A395F3B71273A1FF001
|
|_ Meno: PDSched
|_ StartName: LocalSystem
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ:
|_ Dependency: PDEngine


Ovládače (Zobraz bežiace: True, Zobraz zastavené: False, Zobraz i bezpečné: False)
================================================================
[?] abp480n5
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
| |_ Výrobca: Microsoft Corporation
| |_ Popis: AdvanSys SCSI Controller Driver
| |_ MD5: 6ABB91494FE6C59089B9336452AB2EA3
|
|_ Meno: abp480n5
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] adpu160m
|_ Cesta: C:\WINDOWS\system32\DRIVERS\adpu160m.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Adaptec Ultra160 SCSI miniport
| |_ MD5: 9A11864873DA202C996558B2106B0BBC
|
|_ Meno: adpu160m
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] AFS2k
|_ Cesta: C:\WINDOWS\system32\drivers\AFS2K.sys
| |_ Výrobca: Oak Technology Inc.
| |_ Popis: Audio File System
| |_ MD5: 0EBB674888CBDEFD5773341C16DD6A07
|
|_ Meno: AFS2K
|_ StartName:
|_ Typ spúšťania: System Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Aha154x
|_ Cesta: C:\WINDOWS\system32\DRIVERS\aha154x.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Adaptec AHA-154x series SCSI miniport
| |_ MD5: C23EA9B5F46C7F7910DB3EAB648FF013
|
|_ Meno: Aha154x
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] aic78u2
|_ Cesta: C:\WINDOWS\system32\DRIVERS\aic78u2.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Adaptec Ultra2 SCSI miniport
| |_ MD5: 19DD0FB48B0C18892F70E2E7D61A1529
|
|_ Meno: aic78u2
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] aic78xx
|_ Cesta: C:\WINDOWS\system32\DRIVERS\aic78xx.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Adaptec Ultra SCSI miniport
| |_ MD5: B7FE594A7468AA0132DEB03FB8E34326
|
|_ Meno: aic78xx
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] AMD AGP Bus Filter Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\amdagp.sys
| |_ Výrobca: Advanced Micro Devices, Inc.
| |_ Popis: AMD Win2000 AGP Filter
| |_ MD5: 675C16A3C1F8482F85EE4A97FC0DDE3D
|
|_ Meno: amdagp
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Ovladač procesoru AMD
|_ Cesta: C:\WINDOWS\system32\DRIVERS\AmdK8.sys
| |_ Výrobca: Advanced Micro Devices
| |_ Popis: AMD Processor Driver
| |_ MD5: D2B80A58ED4082DA1D2F382F64621DC9
|
|_ Meno: AmdK8
|_ StartName:
|_ Typ spúšťania: System Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Atheros Wireless Network Adapter Service
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ar5211.sys
| |_ Výrobca: Atheros Communications, Inc.
| |_ Popis: Driver for Atheros AR5001 Wireless Network Adapter
| |_ MD5: BAA6B3CC74A4377D063C5A92DD9C4098
|
|_ Meno: AR5211
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] asc
|_ Cesta: C:\WINDOWS\system32\DRIVERS\asc.sys
| |_ Výrobca: Advanced System Products, Inc.
| |_ Popis: AdvanSys SCSI Controller Driver
| |_ MD5: 62D318E9A0C8FC9B780008E724283707
|
|_ Meno: asc
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] asc3350p
|_ Cesta: C:\WINDOWS\system32\DRIVERS\asc3350p.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: AdvanSys SCSI Card Driver
| |_ MD5: 69EB0CC7714B32896CCBFD5EDCBEA447
|
|_ Meno: asc3350p
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] asc3550
|_ Cesta: C:\WINDOWS\system32\DRIVERS\asc3550.sys
| |_ Výrobca: Advanced System Products, Inc.
| |_ Popis: AdvanSys Ultra-Wide PCI SCSI Driver
| |_ MD5: 5D8DE112AA0254B907861E9E9C31D597
|
|_ Meno: asc3550
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ati2mtag
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
| |_ Výrobca: ATI Technologies Inc.
| |_ Popis: ATI Radeon WindowsNT Miniport Driver
| |_ MD5: 1DB0E5F78A67307F9C68D777873C1164
|
|_ Meno: ati2mtag
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] atksgt
|_ Cesta: C:\WINDOWS\system32\DRIVERS\atksgt.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5: 6E996CF8459A2594E0E9609D0E34D41F
|
|_ Meno: atksgt
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Acer OrbiCam
|_ Cesta: C:\WINDOWS\System32\Drivers\BisonCam.sys
| |_ Výrobca: Bison Electronics. Inc.
| |_ Popis: Universal Serial Bus Camera Driver
| |_ MD5: C75927F7BD22F298ADA922A946DA4586
|
|_ Meno: Cam5603D
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] cd20xrnt
|_ Cesta: C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: IBM Portable CD-ROM Drive Miniport
| |_ MD5: F3EC03299634490E97BBCE94CD2954C7
|
|_ Meno: cd20xrnt
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] CmdIde
|_ Cesta: C:\WINDOWS\system32\DRIVERS\cmdide.sys
| |_ Výrobca: CMD Technology, Inc.
| |_ Popis: CMD PCI IDE Bus Driver
| |_ MD5: E5DCB56C533014ECBC556A8357C929D5
|
|_ Meno: CmdIde
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] dac2w2k
|_ Cesta: C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
| |_ Výrobca: Mylex Corporation
| |_ Popis: Mylex Disk Array Controller Driver
| |_ MD5: E550E7418984B65A78299D248F0A7F36
|
|_ Meno: dac2w2k
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Team MFP Comm Driver
|_ Cesta: C:\WINDOWS\System32\Drivers\DgiVecp.sys
| |_ Výrobca: DeviceGuys, Inc.
| |_ Popis: Windows NT 4.0 IEEE-1284 parallel class driver for ECP, Byte, and Nibble modes
| |_ MD5: 1EC27A51A2F9DF052BC2B4C8376C8FEA
|
|_ Meno: DgiVecp
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Zastavené
|_ Typ: Kernel Driver
|_ Dependency: +Parallel Arbitrator

[?] Dritek Keyboard Filter Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\DKbFltr.sys
| |_ Výrobca: Dritek System Inc.
| |_ Popis: Dritek PS2 Keyboard Filter Driver
| |_ MD5: 08D30AF92C270F2E76787C81589DBAD6
|
|_ Meno: DKbFltr
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] dpti2o
|_ Cesta: C:\WINDOWS\system32\DRIVERS\dpti2o.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: DPT SmartRAID miniport
| |_ MD5: 40F3B93B4E5B0126F2F5C0A7A5E22660
|
|_ Meno: dpti2o
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Dritek General Port I/O
|_ Cesta: C:\PROGRA~1\LAUNCH~1\DPortIO.sys
| |_ Výrobca: Dritek System Inc.
| |_ Popis: General Port I/O
| |_ MD5: 5BEB3BDAECC6C9348FC0D169CE65ECC6
|
|_ Meno: DritekPortIO
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[X] eLock2BurnerLockDriver
|_ Cesta: C:\WINDOWS\system32\eLock2BurnerLockDriver.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5:
|
|_ Meno: eLock2BurnerLockDriver
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Zastavené
|_ Typ: File System Driver
|_ Dependency:

[X] eLock2FSCTLDriver
|_ Cesta: C:\WINDOWS\system32\eLock2FSCTLDriver.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5:
|
|_ Meno: eLock2FSCTLDriver
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Zastavené
|_ Typ: File System Driver
|_ Dependency:

[?] EMSCR
|_ Cesta: C:\WINDOWS\system32\DRIVERS\EMS7SK.sys
| |_ Výrobca: ENE Technology Inc.
| |_ Popis: ENE PCI Memory Stick Card Reader Driver
| |_ MD5: 5AEE9EEDCFBF2B0F9DEC53C27EE722A3
|
|_ Meno: EMSCR
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ESDCR
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ESD7SK.sys
| |_ Výrobca: ENE Technology Inc.
| |_ Popis: ENE PCI Secure Digital / MMC Card Reader Driver
| |_ MD5: 8E56AB21D10C368029CEA57DE47D79C2
|
|_ Meno: ESDCR
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ESMCR
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ESM7SK.sys
| |_ Výrobca: ENE Technology Inc.
| |_ Popis: ENE PCI SmartMedia / XD Card Reader Driver
| |_ MD5: 0A58FADE5E12D3A611427292073362CB
|
|_ Meno: ESMCR
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] HSFHWAZL
|_ Cesta: C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
| |_ Výrobca: Conexant Systems, Inc.
| |_ Popis: HSF_HWAZL WDM driver
| |_ MD5: 358AE1D350E05F5C45F65DCA0BE6BA40
|
|_ Meno: HSFHWAZL
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] HSF_DPV
|_ Cesta: C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
| |_ Výrobca: Conexant Systems, Inc.
| |_ Popis: HSF_DP driver
| |_ MD5: C17B97F331A08BED979961245331413D
|
|_ Meno: HSF_DPV
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ini910u
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ini910u.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: INITIO ini910u SCSI miniport
| |_ MD5: 4A40E045FAEE58631FD8D91AFC620719
|
|_ Meno: ini910u
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] int15
|_ Cesta: C:\WINDOWS\system32\drivers\int15.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5: 4D8D5B1C895EA0F2A721B98A7CE198F1
|
|_ Meno: int15
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Service for Realtek HD Audio (WDM)
|_ Cesta: C:\WINDOWS\system32\drivers\RtkHDAud.sys
| |_ Výrobca: Realtek Semiconductor Corp.
| |_ Popis: Realtek(r) High Definition Audio Function Driver
| |_ MD5: 909D03B3B7FB7C830B74F74F4D0EA7CE
|
|_ Meno: IntcAzAudAddService
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] lirsgt
|_ Cesta: C:\WINDOWS\system32\DRIVERS\lirsgt.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5: 975B6CF65F44E95883F3855BAE8CECAF
|
|_ Meno: lirsgt
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] mdmxsdk
|_ Cesta: C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
| |_ Výrobca: Conexant
| |_ Popis: Diagnostic Interface x86 Driver
| |_ MD5: 74F4372AF97A587ECEC527EC34955712
|
|_ Meno: mdmxsdk
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] mraid35x
|_ Cesta: C:\WINDOWS\system32\DRIVERS\mraid35x.sys
| |_ Výrobca: American Megatrends Inc.
| |_ Popis: MegaRAID RAID Controller Driver for Windows Whistler 32
| |_ MD5: 3F4BB95E5A44F3BE34824E8E7CAF0737
|
|_ Meno: mraid35x
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ql1080
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ql1080.sys
| |_ Výrobca: QLogic Corporation
| |_ Popis: Miniport Driver for QLogic ISP PCI Adapters
| |_ MD5: 0A63FB54039EB5662433CABA3B26DBA7
|
|_ Meno: ql1080
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Ql10wnt
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Miniport Driver for QLogic ISP PCI Adapters
| |_ MD5: 6503449E1D43A0FF0201AD5CB1B8C706
|
|_ Meno: Ql10wnt
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ql12160
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ql12160.sys
| |_ Výrobca: QLogic Corporation
| |_ Popis: Miniport Driver for QLogic ISP PCI Adapters
| |_ MD5: 156ED0EF20C15114CA097A34A30D8A01
|
|_ Meno: ql12160
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ql1280
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ql1280.sys
| |_ Výrobca: QLogic Corporation
| |_ Popis: Miniport Driver for QLogic ISP PCI Adapters
| |_ MD5: 907F0AEEA6BC451011611E732BD31FCF
|
|_ Meno: ql1280
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Realtek 10/100/1000 PCI NIC Family NDIS XP Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
| |_ Výrobca: Realtek Semiconductor Corporation
| |_ Popis: Realtek 10/100/1000 NDIS 5.1 Driver
| |_ MD5: 911E07056B865760C0762F6221145999
|
|_ Meno: RTL8023xp
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] SIS AGP Bus Filter
|_ Cesta: C:\WINDOWS\system32\DRIVERS\sisagp.sys
| |_ Výrobca: Silicon Integrated Systems Corporation
| |_ Popis: SiS NT AGP Filter
| |_ MD5: 732D859B286DA692119F286B21A2A114
|
|_ Meno: sisagp
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Sparrow
|_ Cesta: C:\WINDOWS\system32\DRIVERS\sparrow.sys
| |_ Výrobca: Adaptec, Inc.
| |_ Popis: Adaptec AIC-6x60 series SCSI miniport
| |_ MD5: 83C0F71F86D3BDAF915685F3D568B20E
|
|_ Meno: Sparrow
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] sptd
|_ Cesta: C:\WINDOWS\System32\Drivers\sptd.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5:
|
|_ Meno: sptd
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] SSHDRV65
|_ Cesta: C:\WINDOWS\system32\drivers\SSHDRV65.sys
| |_ Výrobca:
| |_ Popis:
| |_ MD5: A322501277D7733F5266581B79B8CC79
|
|_ Meno: SSHDRV65
|_ StartName:
|_ Typ spúšťania: System Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] SSHDRV85
|_ Cesta: C:\WINDOWS\system32\drivers\SSHDRV85.sys
| |_ Výrobca: ?
| |_ Popis: Direct Port Access - Helper Driver
| |_ MD5: F0BE373861A3F34CFAB55C1B7CE1FEB5
|
|_ Meno: SSHDRV85
|_ StartName:
|_ Typ spúšťania: System Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] symc810
|_ Cesta: C:\WINDOWS\system32\DRIVERS\symc810.sys
| |_ Výrobca: Symbios Logic Inc.
| |_ Popis: Symbios Logic Inc. SCSI Miniport Driver
| |_ MD5: 1FF3217614018630D0A6758630FC698C
|
|_ Meno: symc810
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] symc8xx
|_ Cesta: C:\WINDOWS\system32\DRIVERS\symc8xx.sys
| |_ Výrobca: LSI Logic
| |_ Popis: Symbios 8XX SCSI Miniport Driver
| |_ MD5: 070E001D95CF725186EF8B20335F933C
|
|_ Meno: symc8xx
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] sym_hi
|_ Cesta: C:\WINDOWS\system32\DRIVERS\sym_hi.sys
| |_ Výrobca: LSI Logic
| |_ Popis: Symbios Hi-Perf SCSI Miniport Driver
| |_ MD5: 80AC1C4ABBE2DF3B738BF15517A51F2C
|
|_ Meno: sym_hi
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] Synaptics TouchPad Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\SynTP.sys
| |_ Výrobca: Synaptics, Inc.
| |_ Popis: Synaptics Touchpad Driver
| |_ MD5: 66F680409FC3BDDF62741E3E920A8454
|
|_ Meno: SynTP
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] TCP/IP Protocol Driver
|_ Cesta: C:\WINDOWS\system32\DRIVERS\tcpip.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: TCP/IP Protocol Driver
| |_ MD5: 68F3459253226D8DACF1051C6F835C56
|
|_ Meno: Tcpip
|_ StartName:
|_ Typ spúšťania: System Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency: IPSec

[?] TosIde
|_ Cesta: C:\WINDOWS\system32\DRIVERS\toside.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Toshiba PCI IDE Controller
| |_ MD5: F2790F6AF01321B172AA62F8E1E187D9
|
|_ Meno: TosIde
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] tvicport
|_ Cesta: C:\WINDOWS\system32\drivers\tvicport.sys
| |_ Výrobca: EnTech Taiwan
| |_ Popis: TVicPort Driver for Windows NT/2000/XP
| |_ MD5: 97DD70FECA64FB4F63DE7BB7E66A80B1
|
|_ Meno: tvicport
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ultra
|_ Cesta: C:\WINDOWS\system32\DRIVERS\ultra.sys
| |_ Výrobca: Promise Technology, Inc.
| |_ Popis: Promise Ultra66 Miniport Driver
| |_ MD5: 1B698A51CD528D8DA4FFAED66DFC51B9
|
|_ Meno: ultra
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] uscbs109
|_ Cesta: C:\WINDOWS\system32\DRIVERS\uscbs109.sys
| |_ Výrobca:
| |_ Popis: Extended PnP BIOS Enumerator
| |_ MD5: 88DCF14CCBDD645E6B8B20EB0810831B
|
|_ Meno: uscbs109
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] uscsc109
|_ Cesta: C:\WINDOWS\system32\DRIVERS\uscsc109.sys
| |_ Výrobca:
| |_ Popis: SCSI miniport
| |_ MD5: 80018637740C8F80E3AB237AC9FCA704
|
|_ Meno: uscsc109
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] ViaIde
|_ Cesta: C:\WINDOWS\system32\DRIVERS\viaide.sys
| |_ Výrobca: Microsoft Corporation
| |_ Popis: Generic PCI IDE Bus Driver
| |_ MD5: 59CB1338AD3654417BEA49636457F65D
|
|_ Meno: ViaIde
|_ StartName:
|_ Typ spúšťania: Boot Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] winachsf
|_ Cesta: C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
| |_ Výrobca: Conexant Systems, Inc.
| |_ Popis: HSF_CNXT driver
| |_ MD5: 6F25B08EBBAC9E02E6A0829F2C28999B
|
|_ Meno: winachsf
|_ StartName:
|_ Typ spúšťania: Ručné spustenie
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:

[?] zntport
|_ Cesta: C:\WINDOWS\system32\drivers\zntport.sys
| |_ Výrobca: Zeal SoftStudio
| |_ Popis: zntport
| |_ MD5: 40AC8590CC9006DBB99FFCB37879D4C6
|
|_ Meno: zntport
|_ StartName:
|_ Typ spúšťania: Auto Start
|_ Status: Spustené
|_ Typ: Kernel Driver
|_ Dependency:


lNetStat
================================================================
Typ: PID Proces Local <-> Remote Status
----------------------------------------------------------------------------------------
TCP (1072) svchost.exe 0.0.0.0:135 LISTENING
TCP (4) Systém 0.0.0.0:445 LISTENING
TCP (512) MemCheck.exe 0.0.0.0:9999 LISTENING
TCP (4) Systém 5.250.191.163:139 LISTENING
TCP (3752) alg.exe 127.0.0.1:1030 LISTENING
TCP (2024) firefox.exe 127.0.0.1:3820 <-> 127.0.0.1:3821 ESTABLISHED
TCP (2024) firefox.exe 127.0.0.1:3821 <-> 127.0.0.1:3820 ESTABLISHED
TCP (2024) firefox.exe 127.0.0.1:3822 <-> 127.0.0.1:3823 ESTABLISHED
TCP (2024) firefox.exe 127.0.0.1:3823 <-> 127.0.0.1:3822 ESTABLISHED
TCP (868) mDNSResponder.exe 127.0.0.1:5354 LISTENING
TCP (4) Systém 192.168.1.3:139 LISTENING
TCP (548) infium.exe 192.168.1.3:3241 <-> 195.68.160.23:5222 ESTABLISHED
TCP (548) infium.exe 192.168.1.3:3242 <-> 205.188.7.145:5190 ESTABLISHED
UDP (4) Systém 0.0.0.0:445 <-> 65.212.118.29:80 ESTABLISHED
UDP (820) lsass.exe 0.0.0.0:500
UDP (868) mDNSResponder.exe 0.0.0.0:1025
UDP (1440) svchost.exe 0.0.0.0:1037
UDP (1440) svchost.exe 0.0.0.0:1115
UDP (1440) svchost.exe 0.0.0.0:1208
UDP (1440) svchost.exe 0.0.0.0:1311
UDP (1440) svchost.exe 0.0.0.0:1312
UDP (1440) svchost.exe 0.0.0.0:3098
UDP (548) infium.exe 0.0.0.0:3238
UDP (1440) svchost.exe 0.0.0.0:3627
UDP (1440) svchost.exe 0.0.0.0:3628
UDP (2144) mcrdsvc.exe 0.0.0.0:3776
UDP (820) lsass.exe 0.0.0.0:4500
UDP (1220) svchost.exe 5.250.191.163:123
UDP (4) Systém 5.250.191.163:137
UDP (4) Systém 5.250.191.163:138
UDP (920) svchost.exe 5.250.191.163:1900
UDP (868) mDNSResponder.exe 5.250.191.163:5353
UDP (1220) svchost.exe 127.0.0.1:123
UDP (920) svchost.exe 127.0.0.1:1900
UDP (4048) wmplayer.exe 127.0.0.1:3451
UDP (1220) svchost.exe 192.168.1.3:123
UDP (4) Systém 192.168.1.3:137
UDP (4) Systém 192.168.1.3:138
UDP (920) svchost.exe 192.168.1.3:1900
UDP (868) mDNSResponder.exe 192.168.1.3:5353

Moduly (Zobraz i bezpečné: False, Len bez výrobcu: True, Zobraz registrované: False)
================================================================
[?] imon.dll
|_ Cesta: C:\WINDOWS\system32\imon.dll
|_ MD5: 3EA8F8EDC6F364B576FA26BF28AAE6B4
|_ Výrobca: Eset
|_ Procesy
|_ lsass.exe (820)
|_ svchost.exe (1072)
|_ svchost.exe (1220)
|_ svchost.exe (1440)
|_ MemCheck.exe (512)
|_ mDNSResponder.exe (868)
|_ ehSched.exe (1736)
|_ nod32krn.exe (1460)
|_ svchost.exe (920)
|_ mcrdsvc.exe (2144)
|_ alg.exe (3752)
|_ infium.exe (548)
|_ Rainmeter.exe (1324)
|_ wmplayer.exe (4048)
|_ firefox.exe (2024)
|_ UPM.exe (3116)

[?] pr_imon.dll
|_ Cesta: C:\Program Files\Eset\pr_imon.dll
|_ MD5: 9DFCE2A0538CF31C74CE3E6188BF99C2
|_ Výrobca:
|_ Procesy
|_ lsass.exe (820)
|_ svchost.exe (1072)
|_ svchost.exe (1220)
|_ svchost.exe (1440)
|_ MemCheck.exe (512)
|_ mDNSResponder.exe (868)
|_ ehSched.exe (1736)
|_ nod32krn.exe (1460)
|_ svchost.exe (920)
|_ mcrdsvc.exe (2144)
|_ alg.exe (3752)
|_ nod32kui.exe (1660)
|_ infium.exe (548)
|_ Rainmeter.exe (1324)
|_ wmplayer.exe (4048)
|_ firefox.exe (2024)
|_ UPM.exe (3116)

[?] mdnsnsp.dll
|_ Cesta: C:\Program Files\Bonjour\mdnsNSP.dll
|_ MD5: 1F5A570AD942DFCFE4500326ABDD72B2
|_ Výrobca: Apple Computer, Inc.
|_ Procesy
|_ svchost.exe (1072)
|_ svchost.exe (1220)
|_ spoolsv.exe (1836)
|_ MemCheck.exe (512)
|_ nod32krn.exe (1460)
|_ infium.exe (548)
|_ Rainmeter.exe (1324)
|_ wmplayer.exe (4048)
|_ firefox.exe (2024)
|_ UPM.exe (3116)

[?] pxc25pm.dll
|_ Cesta: C:\WINDOWS\system32\pxc25pm.dll
|_ MD5: BB424A2D6E6B14BEC688B64E02DBE159
|_ Výrobca: Tracker Software
|_ Procesy
|_ spoolsv.exe (1836)

[?] fusion.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll
|_ MD5: 7C87A5FB95777E4132B11FC3D92CAAF5
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)

[?] acermemusagecheckservinterface.dll
|_ Cesta: C:\Acer\Empowering Technology\ePerformance\acermemusagecheckservinterface.dll
|_ MD5: 74F02BC1911EE611A6D44DD74A89FD1D
|_ Výrobca:
|_ Procesy
|_ MemCheck.exe (512)

[?] system.resources.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.resources\1.0.5000.0_cs_b77a5c561934e089\System.resources.dll
|_ MD5: AF8BB295854B19605349E5B7EF2F0457
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)

[?] system.serviceprocess.resources.dll
|_ Cesta: c:\windows\assembly\gac\system.serviceprocess.resources\1.0.5000.0_cs_b03f5f7f11d50a3a\system.serviceprocess.resources.dll
|_ MD5: 9B04A757F3346F8B5547CD22EEB6433F
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)

[?] perfcounter.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
|_ MD5: FFFB49BA718EB2D100E58129265D002C
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)

[?] acer.empowering.shared.dll
|_ Cesta: C:\Acer\Empowering Technology\ePerformance\acer.empowering.shared.dll
|_ MD5: B551BA7E3EB363FC312E6D00DEFE3030
|_ Výrobca: Acer Inc.
|_ Procesy
|_ MemCheck.exe (512)

[?] diasymreader.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll
|_ MD5: 69A406B6BDA95A18A1B4E6A88B0AF2D8
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)

[?] mscorwks.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
|_ MD5: BA79B29E74194882F3530FB2C4CF0903
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)

[?] mscorjit.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
|_ MD5: 17E4D4ED3C4CF86C144195BDCB39141A
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)

[?] mscorsn.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
|_ MD5: AB782AEB258225399B6DA1F1F33D4944
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)

[?] system.runtime.remoting.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.Runtime.Remoting\1.0.5000.0__b77a5c561934e089\System.Runtime.Remoting.dll
|_ MD5: 1E1B73FC9C17EFFE04F5676A40C82026
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)

[?] mscorlib.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
|_ MD5: 7C2E09AD420E050FDBDF83445C708287
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)
|_ ePower_DMC.exe (536)

[?] aspnet_isapi.dll
|_ Cesta: C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
|_ MD5: A54235D77F14C5DBA7931BE1EBFD1763
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)

[?] system.serviceprocess.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.ServiceProcess\1.0.5000.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
|_ MD5: 0716C52D0A75F8A3CDB120875F523A43
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)

[?] system.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
|_ MD5: 0E207D5060F29D7860F88DE86DD0F7E1
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ MemCheck.exe (512)
|_ MemCheck.exe (512)
|_ ePower_DMC.exe (536)
|_ ePower_DMC.exe (536)

[?] nod32krr.dll
|_ Cesta: C:\Program Files\Eset\nod32krr.dll
|_ MD5: 7E2B718203C97D6E3341A30AB6F31C11
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)

[?] ps_upd.dll
|_ Cesta: C:\Program Files\Eset\ps_upd.dll
|_ MD5: 8F9F4C65FA9C2797B57676CE12C60FD2
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)

[?] pr_upd.dll
|_ Cesta: C:\Program Files\Eset\pr_upd.dll
|_ MD5: EF3835FC6EE6DFCAC15FF5E6A349BDEA
|_ Výrobca:
|_ Procesy
|_ nod32krn.exe (1460)
|_ nod32kui.exe (1660)

[?] ps_amon.dll
|_ Cesta: C:\Program Files\Eset\ps_amon.dll
|_ MD5: 0B143B49FC5CD226757AF2742640559A
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)

[?] pr_amon.dll
|_ Cesta: C:\Program Files\Eset\pr_amon.dll
|_ MD5: CC3FD042CDC2196849B5A7A0A4CA7A30
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)
|_ nod32kui.exe (1660)

[?] ps_nod32.dll
|_ Cesta: C:\Program Files\Eset\ps_nod32.dll
|_ MD5: 47E0678E7527B3537E6535E187B1C52E
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)

[?] pr_nod32.dll
|_ Cesta: C:\Program Files\Eset\pr_nod32.dll
|_ MD5: 2D6ED7796EFADE03D383F53526BBF12A
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)
|_ nod32kui.exe (1660)

[?] ps_dmon.dll
|_ Cesta: C:\Program Files\Eset\ps_dmon.dll
|_ MD5: B489AFC44511026AC302F5B6C1F72107
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)

[?] pr_dmon.dll
|_ Cesta: C:\Program Files\Eset\pr_dmon.dll
|_ MD5: A7AE529BA043A1E5C6F7AF641E3AB189
|_ Výrobca:
|_ Procesy
|_ nod32krn.exe (1460)
|_ nod32kui.exe (1660)

[?] ps_emon.dll
|_ Cesta: C:\Program Files\Eset\ps_emon.dll
|_ MD5: 6DA1417BC230B7306A240EBEA1FD001B
|_ Výrobca: Eset
|_ Procesy
|_ nod32krn.exe (1460)

[?] pr_emon.dll
|_ Cesta: C:\Program Files\Eset\pr_emon.dll
|_ MD5: BA8B1C552BB89F7E5B19B382F90DBEF9
|_ Výrobca:
|_ Procesy
|_ nod32krn.exe (1460)
|_ nod32kui.exe (1660)

[?] pdlangen.dll
|_ Cesta: C:\Program Files\Raxco\PerfectDisk\PDLangEN.dll
|_ MD5: 9DCF09D9E88157C01E9A846A209D424E
|_ Výrobca: Raxco Software, Inc.
|_ Procesy
|_ PDSched.exe (2364)

[?] pdschedps.dll
|_ Cesta: C:\Program Files\Raxco\PerfectDisk\PDSchedPS.dll
|_ MD5: 48FEC4198D09D90268D551D2EB88BF12
|_ Výrobca: Raxco Software, Inc.
|_ Procesy
|_ PDSched.exe (2364)

[?] pdengineps.dll
|_ Cesta: C:\Program Files\Raxco\PerfectDisk\PDEnginePS.dll
|_ MD5: BC202E8F2B74AC94A783CD59EB05C9D5
|_ Výrobca: Raxco Software, Inc.
|_ Procesy
|_ PDSched.exe (2364)

[?] pdcommon.dll
|_ Cesta: C:\Program Files\Raxco\PerfectDisk\PDCommon.dll
|_ MD5: AEAA69955DF3604B6ABAD16B09602156
|_ Výrobca: Raxco Software, Inc.
|_ Procesy
|_ PDSched.exe (2364)

[?] dscrt30.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\dscrt30.dll
|_ MD5: 94A980A8AC13F2CC33A3ACEFE12BB857
|_ Výrobca: Tracker Software Products Ltd.
|_ Procesy
|_ wmiprvse.exe (3168)

[?] fm30xmf.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\fm30xmf.dll
|_ MD5: AEE42CDD860EE064542241C623ECF39F
|_ Výrobca:
|_ Procesy
|_ wmiprvse.exe (3168)

[?] fm30base.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\fm30base.dll
|_ MD5: 05F2A0F7F4928C208D674F582B5AC1E5
|_ Výrobca: Tracker Software Products Ltd.
|_ Procesy
|_ wmiprvse.exe (3168)

[?] mdiui.dll
|_ Cesta: C:\WINDOWS\system32\spool\drivers\w32x86\3\mdiui.dll
|_ MD5: 4CA195A73CF64142D50B387B07289A64
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ wmiprvse.exe (3168)

[?] xccdx30.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\xccdx30.dll
|_ MD5: 5A014477C74BAD389F3A6B480FEB1BF2
|_ Výrobca: Tracker Software Products
|_ Procesy
|_ wmiprvse.exe (3168)

[?] ixclib30.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\ixclib30.dll
|_ MD5: FCF1120F1E82338ED7661562D663B571
|_ Výrobca: Tracker Software Products
|_ Procesy
|_ wmiprvse.exe (3168)

[?] fm30tiff.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\Fm30Tiff.dll
|_ MD5: 25FF553233D63AB83FC91947C5DA05D0
|_ Výrobca: Tracker Software
|_ Procesy
|_ wmiprvse.exe (3168)

[?] drvui30.dll
|_ Cesta: C:\Program Files\PDF\pdfSaver\drvui30.dll
|_ MD5: 5D1A419EECD2ECD6EF13440750B0B12F
|_ Výrobca: Tracker Software Products Ltd.
|_ Procesy
|_ wmiprvse.exe (3168)

[?] syshook.dll
|_ Cesta: C:\Acer\Empowering Technology\ePower\SysHook.dll
|_ MD5: 20744A88413C4CFE5F18A00786718ADE
|_ Výrobca: Copyright (C) 2003
|_ Procesy
|_ explorer.exe (2192)
|_ nod32kui.exe (1660)
|_ ePower_DMC.exe (536)
|_ RocketDock.exe (1976)
|_ infium.exe (548)
|_ Rainmeter.exe (1324)
|_ wmplayer.exe (4048)
|_ everest.exe (2740)
|_ firefox.exe (2024)
|_ UPM.exe (3116)

[?] hpgs2wns.dll
|_ Cesta: C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wns.dll
|_ MD5: 6B11C675FF97A9740A46BDD6C7BDBA78
|_ Výrobca: Hewlett-Packard
|_ Procesy
|_ explorer.exe (2192)

[?] hpgs2wnfps.dll
|_ Cesta: C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnfps.dll
|_ MD5: 17093F35832F0DEA598FDD1059668153
|_ Výrobca:
|_ Procesy
|_ explorer.exe (2192)
|_ hpgs2wnf.exe (2272)

[?] pdfshell.dll
|_ Cesta: C:\Program Files\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll
|_ MD5: 4B0991CD076B617A2231B19A6663C1C9
|_ Výrobca: Adobe Systems, Inc.
|_ Procesy
|_ explorer.exe (2192)

[?] connapi.dll
|_ Cesta: C:\Program Files\PC Connectivity Solution\ConnAPI.dll
|_ MD5: 3A42E0CE06B4AD78C07C80A419AD039C
|_ Výrobca: Nokia.
|_ Procesy
|_ explorer.exe (2192)

[?] pcscm.dll
|_ Cesta: C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll
|_ MD5: CA33B4B0AAFE8C667B330738C8623A61
|_ Výrobca: Nokia
|_ Procesy
|_ explorer.exe (2192)

[?] rocketdock.dll
|_ Cesta: C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.dll
|_ MD5: B84E20C5487E3F6FD5F9E8943AC4674A
|_ Výrobca:
|_ Procesy
|_ explorer.exe (2192)
|_ RTHDCPL.exe (2712)
|_ nod32kui.exe (1660)
|_ ePower_DMC.exe (536)
|_ ctfmon.exe (1996)
|_ RocketDock.exe (1976)
|_ hpgs2wnf.exe (2272)
|_ infium.exe (548)
|_ Rainmeter.exe (1324)
|_ wmplayer.exe (4048)
|_ everest.exe (2740)
|_ firefox.exe (2024)
|_ UPM.exe (3116)

[?] atiacmxx.dll
|_ Cesta: C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
|_ MD5: 600DA90CE91D371810ABBFCA31954972
|_ Výrobca: Advanced Micro Devices, Inc.
|_ Procesy
|_ explorer.exe (2192)

[?] nodshex.dll
|_ Cesta: C:\Program Files\Eset\nodshex.dll
|_ MD5: BFBC64A5FEF3E2D553338B10B3D1A2F0
|_ Výrobca:
|_ Procesy
|_ explorer.exe (2192)

[?] rarext.dll
|_ Cesta: C:\Program Files\WinRAR\RarExt.dll
|_ MD5: CE1FF0C418276F34728CC0CA525FD959
|_ Výrobca:
|_ Procesy
|_ explorer.exe (2192)

[X] rarlng.dll
|_ Cesta: C:\Program Files\WinRAR\rarlng.dll
|_ MD5: A00FB3D1DB98C1C055B2FCB906F893FB
|_ Výrobca: ?
|_ Procesy
|_ explorer.exe (2192)

[?] phonebrowser.dll
|_ Cesta: C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
|_ MD5: D1D12242118CCEF2E2279DF2182CA2D6
|_ Výrobca: Nokia
|_ Procesy
|_ explorer.exe (2192)

[?] nod32rui.dll
|_ Cesta: C:\Program Files\Eset\nod32rui.dll
|_ MD5: 61A2C037427DD26D3201F3D7AD46259D
|_ Výrobca:
|_ Procesy
|_ nod32kui.exe (1660)

[?] pu_upd.dll
|_ Cesta: C:\Program Files\Eset\pu_upd.dll
|_ MD5: BCF76CBDF3E12871D2C838740C9EF9DA
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (1660)

[?] pu_amon.dll
|_ Cesta: C:\Program Files\Eset\pu_amon.dll
|_ MD5: 9CB007F11CC9700AE77E79DF8CBFA617
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (1660)

[?] pu_nod32.dll
|_ Cesta: C:\Program Files\Eset\pu_nod32.dll
|_ MD5: F9B434EB5B827E16E9D3AF15175485AF
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (1660)

[?] pu_imon.dll
|_ Cesta: C:\Program Files\Eset\pu_imon.dll
|_ MD5: 2D567A829D4FF75E4C46A4E3F7D9B6F1
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (1660)

[?] pu_dmon.dll
|_ Cesta: C:\Program Files\Eset\pu_dmon.dll
|_ MD5: D40703FFF46E2DE778B600622AC4F81E
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (1660)

[?] pu_emon.dll
|_ Cesta: C:\Program Files\Eset\pu_emon.dll
|_ MD5: B4FAAD19570AAD30B6CDAF0203AA59EA
|_ Výrobca: Eset
|_ Procesy
|_ nod32kui.exe (1660)

[?] dialogdll.dll
|_ Cesta: C:\Acer\Empowering Technology\ePower\DialogDLL.dll
|_ MD5: 66A038F6E700A063380DF8D51BDCE7F8
|_ Výrobca: Copyright (C) 2005
|_ Procesy
|_ ePower_DMC.exe (536)

[?] acer.empowering.windows.forms.dll
|_ Cesta: C:\Acer\Empowering Technology\ePower\Acer.Empowering.Windows.Forms.dll
|_ MD5: D4C9FE4558F087177C7C4F5B928FAE15
|_ Výrobca: acer inc.
|_ Procesy
|_ ePower_DMC.exe (536)

[?] system.drawing.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a\System.Drawing.dll
|_ MD5: BCF15390DE7368639C593735BF938D7A
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ ePower_DMC.exe (536)
|_ ePower_DMC.exe (536)

[?] system.windows.forms.dll
|_ Cesta: C:\WINDOWS\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
|_ MD5: 2814E9BDB75088C0B4CF6C1123F6EC8E
|_ Výrobca: Microsoft Corporation
|_ Procesy
|_ ePower_DMC.exe (536)
|_ ePower_DMC.exe (536)

[?] openlibeay32.dll
|_ Cesta: C:\Program Files\QIP Infium\Core\openlibeay32.dll
|_ MD5: 2FA1A7DB587A4AFDD9C2152606F80A01
|_ Výrobca: The OpenSSL Project, http://www.openssl.org/
|_ Procesy
|_ infium.exe (548)

[?] openssleay32.dll
|_ Cesta: C:\Program Files\QIP Infium\Core\openssleay32.dll
|_ MD5: E7A5153678A68DE58816AB6A32FFA826
|_ Výrobca: The OpenSSL Project, http://www.openssl.org/
|_ Procesy
|_ infium.exe (548)

[?] voip.dll
|_ Cesta: C:\Program Files\QIP Infium\Core\voip.dll
|_ MD5: 57F10965E9450DC6686BD301EEF0FCFF
|_ Výrobca:
|_ Procesy
|_ infium.exe (548)

[?] ylusbtel.dll
|_ Cesta: C:\Program Files\QIP Infium\Core\YLUSBTEL.dll
|_ MD5: CAE0EF3934CFB0F0B063B20ED0AAE3B2
|_ Výrobca: ?
|_ Procesy
|_ infium.exe (548)

[X] english.dll
|_ Cesta: C:\Program Files\QIP Infium\Langs\English.dll
|_ MD5: 245F5B5574860BCA5553428F9DC4D972
|_ Výrobca:
|_ Procesy
|_ infium.exe (548)

[X] inficq.dll
|_ Cesta: C:\Program Files\QIP Infium\Protos\InfICQ\inficq.dll
|_ MD5: 2AFF03FA24C23254842DC7B774F3AA14
|_ Výrobca:
|_ Procesy
|_ infium.exe (548)

[X] pics.dll
|_ Cesta: C:\Program Files\QIP Infium\Protos\InfICQ\pics.dll
|_ MD5: BC2D320E65A1A6B5268394DB6A683095
|_ Výrobca:
|_ Procesy
|_ infium.exe (548)
|_ infium.exe (548)

[?] jabber.dll
|_ Cesta: C:\Program Files\QIP Infium\Protos\Jabber\jabber.dll
|_ MD5: 8BDE53C1F1B507AB9DF86C676BFDE17D
|_ Výrobca: mmc
|_ Procesy
|_ infium.exe (548)

[X] mra.dll
|_ Cesta: C:\Program Files\QIP Infium\Protos\MRA\mra.dll
|_ MD5: E98DF11D863DAD9682AFEFE0E8510F10
|_ Výrobca:
|_ Procesy
|_ infium.exe (548)

[?] ximss.dll
|_ Cesta: C:\Program Files\QIP Infium\Protos\XIMSS\Ximss.dll
|_ MD5: E9AADE20CAFDF3E2ECFB88B2944C02E3
|_ Výrobca: mmc
|_ Procesy
|_ infium.exe (548)

[X] graph.dll
|_ Cesta: C:\Program Files\QIP Infium\Skins\QIP\graph.dll
|_ MD5: 8A15079F96C3EF0F421FA7E43988F60F
|_ Výrobca:
|_ Procesy
|_ infium.exe (548)

[?] webparser.dll
|_ Cesta: C:\Program Files\Vista Rainbar\Plugins\WebParser.dll
|_ MD5: 59565A61A30F34D9DD4CFC96C4890557
|_ Výrobca:
|_ Procesy
|_ Rainmeter.exe (1324)

[?] powerplugin.dll
|_ Cesta: C:\Program Files\Vista Rainbar\Plugins\PowerPlugin.dll
|_ MD5: F00DA59903E198CAE3808523DA028F20
|_ Výrobca:
|_ Procesy
|_ Rainmeter.exe (1324)

[?] rainmeter.dll
|_ Cesta: C:\Program Files\Vista Rainbar\Rainmeter.dll
|_ MD5: 75FA29FBC5CE4AB46DFD0BC09228EA3D
|_ Výrobca:
|_ Procesy
|_ Rainmeter.exe (1324)

[?] ffdshow.ax
|_ Cesta: C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
|_ MD5: 37AD159BFC18CFAAAFE16BF80BD99407
|_ Výrobca: ?
|_ Procesy
|_ wmplayer.exe (4048)

[?] vsfilter.dll
|_ Cesta: C:\Program Files\K-Lite Codec Pack\Filters\vsfilter.dll
|_ MD5: 1F4F89E35FC00A0DCDC004CB0E66CBB2
|_ Výrobca: Gabest
|_ Procesy
|_ wmplayer.exe (4048)

[?] softokn3.dll
|_ Cesta: C:\Program Files\Mozilla Firefox\softokn3.dll
|_ MD5: 4BEAC266AFF1D2F1ED20E8E9372A4078
|_ Výrobca: Mozilla Foundation
|_ Procesy
|_ firefox.exe (2024)

[?] freebl3.dll
|_ Cesta: C:\Program Files\Mozilla Firefox\freebl3.dll
|_ MD5: 0822B1E65F049909715E7BDC75A8C36A
|_ Výrobca: Mozilla Foundation
|_ Procesy
|_ firefox.exe (2024)



================================================================
Ultimate Process Manager v4.1.3 - [ Lodus Software ]
[/url]


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4 | 4
NapísalOffline Kosak: 27.02.2009 13:35 | Automatické aktualizácie

Otestuj na www.virustotal.com:

C:\WINDOWS\system32\ieudinit.exe
C:\WINDOWS\system32\pxc25pm.dll


Spusť upm.exe => Ďalšie nástroje => Po spustení => Odstrániť:

[Microsoft Windows Sound]
[{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
[{EF99BD32-C1FB-11D2-892F-0090271D4F88}]


Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66 | 66
Bydlisko: Bratislava
Napísal autor témyOffline pukepulos: 27.02.2009 14:27 | Automatické aktualizácie

oki tie subory som odstranil ...tu mas link na testovane subory

http://www.virustotal.com/analisis/b707 ... 16618073b2
http://www.virustotal.com/analisis/a0d5 ... 207f075940


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4 | 4
NapísalOffline Kosak: 27.02.2009 14:32 | Automatické aktualizácie

Ok, pošli ešte ten ďalší log.


Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66 | 66
Bydlisko: Bratislava
Napísal autor témyOffline pukepulos: 27.02.2009 14:51 | Automatické aktualizácie

ComboFix 09-02-26.02 - Vlado 2009-02-27 14:38:43.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1033.18.446.158 [GMT 1:00]
Spuštěný z: c:\documents and settings\Vlado\Desktop\ComboFix.exe
AV: Eset NOD32 Antivirus 2.70 *On-access scanning enabled* (Updated)
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\npf.sys
c:\windows\system32\packet.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF


((((((((((((((((((((((((( Soubory vytvořené od 2009-01-27 do 2009-02-27 )))))))))))))))))))))))))))))))
.

2009-02-26 23:36 . 2009-02-27 14:19 <DIR> d-------- c:\program files\UPM
2009-02-26 20:26 . 2009-02-26 20:26 <DIR> d-------- c:\program files\Vista Rainbar
2009-02-23 17:29 . 2009-02-23 17:29 64,342 --a------ c:\windows\BricoPackUninst.cmd
2009-02-23 17:26 . 2009-02-23 17:26 <DIR> d-------- c:\windows\BricoPacks
2009-02-23 17:26 . 2009-02-23 17:29 6,114 --a------ c:\windows\BricoPackFoldersDelete.cmd
2009-02-22 17:46 . 2009-02-22 18:02 <DIR> d-------- c:\documents and settings\Vlado\Application Data\THQ
2009-02-20 21:27 . 2009-02-20 21:27 <DIR> d-------- c:\program files\Microsoft Reader
2009-02-20 21:27 . 2003-06-05 17:15 57,436 --a------ c:\windows\DASShp.dll
2009-02-19 14:16 . 2009-02-19 14:16 <DIR> d-------- c:\program files\Lavalys
2009-02-13 18:44 . 2009-02-13 18:44 <DIR> d-------- c:\documents and settings\All Users\Application Data\2DBoy
2009-02-01 10:51 . 2009-02-01 10:51 <DIR> d-------- c:\documents and settings\All Users\Application Data\ATI
2009-02-01 10:49 . 2009-02-01 10:49 <DIR> d-------- c:\program files\ATI
2009-01-31 23:35 . 2009-02-04 21:07 <DIR> d-------- c:\program files\Fraps
2009-01-31 23:27 . 2009-01-31 23:27 <DIR> d-------- c:\program files\Common Files\DirectX
2009-01-29 18:59 . 2009-01-29 18:59 <DIR> d-------- c:\documents and settings\Vlado\Application Data\DivX
2009-01-29 18:09 . 2009-01-29 18:09 <DIR> d-------- c:\program files\MediaCell Video Converter
2009-01-29 18:09 . 2009-01-29 18:09 57 --a------ C:\ioAskNo.ini

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-26 15:14 --------- d-----w c:\program files\Garena
2009-02-23 19:14 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-22 21:39 --------- d-----w c:\documents and settings\Vlado\Application Data\uTorrent
2009-02-15 08:35 --------- d-----w c:\program files\QIP Infium
2009-02-08 10:41 --------- d-----w c:\program files\uTorrent
2009-02-04 20:08 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-02-01 09:47 --------- d-----w c:\program files\ATI Technologies
2009-01-29 18:02 --------- d-----w c:\program files\DivX
2009-01-26 19:46 --------- d-----w c:\program files\Common Files\DVDVideoSoft
2009-01-25 18:14 --------- d-----w c:\program files\ElcomSoft
2009-01-14 07:14 3,455,488 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2009-01-14 03:43 53,248 ----a-w c:\windows\system32\drivers\ati2erec.dll
2009-01-04 20:54 --------- d-----w c:\program files\CCleaner
2009-01-04 20:52 --------- d-----w c:\program files\Yahoo!
2009-01-04 20:48 --------- d-----w c:\program files\Opera 9.5 beta
2009-01-04 20:48 --------- d-----w c:\program files\Opera
2009-01-04 20:47 --------- d-----w c:\program files\Miranda IM
2009-01-04 20:46 --------- d-----w c:\program files\Creative
2008-12-30 11:11 --------- d-----w c:\documents and settings\Vlado\Application Data\Hamachi
2008-12-28 18:01 --------- d-----w c:\program files\Hamachi
2008-12-28 18:00 25,280 ----a-w c:\windows\system32\drivers\hamachi.sys
2008-12-07 20:04 2,829 ----a-w c:\windows\War3Unin.pif
2008-12-07 20:04 139,264 ----a-w c:\windows\War3Unin.exe
2002-02-24 18:40 172,032 ----a-w c:\program files\opera\program\plugins\dsp_enh.dll
2004-04-09 08:09 208,896 ----a-w c:\program files\opera\program\plugins\enc_aac.dll
2005-08-26 01:30 541,184 ----a-w c:\program files\opera\program\plugins\enc_aacplus.dll
2004-04-09 03:58 10,752 ----a-w c:\program files\opera\program\plugins\enc_lame.dll
2005-08-04 02:33 50,176 ----a-w c:\program files\opera\program\plugins\enc_mp4.dll
2005-01-05 16:46 1,204,224 ----a-w c:\program files\opera\program\plugins\enc_vorbis.dll
2005-08-27 01:49 74,240 ----a-w c:\program files\opera\program\plugins\enc_wma.dll
2004-07-27 14:28 18,944 ----a-w c:\program files\opera\program\plugins\gen_hotkeys.dll
2005-08-31 03:28 521,728 ----a-w c:\program files\opera\program\plugins\gen_ml.dll
2005-08-31 01:09 646,656 ----a-w c:\program files\opera\program\plugins\IN_MP3.DLL
2005-08-31 03:31 73,728 ----a-w c:\program files\opera\program\plugins\in_mp4.dll
2005-04-29 03:49 179,200 ----a-w c:\program files\opera\program\plugins\in_nsv.dll
2005-08-04 02:26 231,424 ----a-w c:\program files\opera\program\plugins\in_vorbis.dll
2005-08-24 01:48 288,256 ----a-w c:\program files\opera\program\plugins\in_wm.dll
2001-08-03 07:11 270,336 ----a-w c:\program files\opera\program\plugins\lamedll.dll
2004-04-12 11:37 174,592 ----a-w c:\program files\opera\program\plugins\lame_enc.dll
2005-07-29 00:22 243,712 ----a-w c:\program files\opera\program\plugins\libmp4v2.dll
2003-11-26 17:55 66,560 ----a-w c:\program files\opera\program\plugins\nsvdec_vp5.dll
2004-03-21 06:39 69,120 ----a-w c:\program files\opera\program\plugins\nsvdec_vp6.dll
2005-08-24 01:59 41,984 ----a-w c:\program files\opera\program\plugins\wmahelp.dll
.

------- Sigcheck -------

2007-08-20 11:02 825344 357d54bf94fe9d6d8505a96b5c2a3bca c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll
2007-10-11 00:47 825344 0e5d918f87efa7d2424d66b499c7eb04 c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll
2007-12-07 03:01 825344 b5b411bb229ae6ead7652a32ed47bfb9 c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll
2008-03-01 14:03 827392 6316c2f0c61271c8abdff7429174879e c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll
2008-04-23 04:35 827392 41546b396a526918da7995a02ea04e51 c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll
2004-08-10 19:00 656384 c0823fc5469663ba63e7db88f9919d70 c:\windows\$NtUninstallKB912945$\wininet.dll
2006-01-09 19:02 662016 dde9597a3311748c1519444e2bc147bd c:\windows\$NtUninstallKB918899$\wininet.dll
2006-06-23 12:25 664576 64ce26db72810b30f7855ea51e1df836 c:\windows\$NtUninstallKB922760$\wininet.dll
2006-09-14 09:31 664576 d207370287cf769aebebf03837784963 c:\windows\$NtUninstallKB925454$\wininet.dll
2006-10-23 16:34 664576 231ef4179acabe486376b5ca893f1076 c:\windows\$NtUninstallKB928090$\wininet.dll
2007-01-04 15:05 665088 3ffa1573fc274e5aa7467d03941c45ee c:\windows\$NtUninstallKB931768$\wininet.dll
2007-02-20 10:52 665600 b258c922d22deec880b60720531d7627 c:\windows\$NtUninstallKB933566$\wininet.dll
2007-04-18 13:46 665600 4261ba03afd659de04f0a17dfbdd454d c:\windows\$NtUninstallKB939653$\wininet.dll
2007-08-22 13:55 665600 a1bc17eb3758d73c3938b2318820f5b4 c:\windows\ie7\wininet.dll
2007-08-13 18:54 818688 a4a0fc92358f39538a6494c42ef99fe9 c:\windows\ie7updates\KB939653-IE7\wininet.dll
2007-08-20 11:04 824832 774435e499d8e9643ec961a6103c361f c:\windows\ie7updates\KB942615-IE7\wininet.dll
2007-10-11 00:56 824832 30c1e0f34ad2972c72a01db5c74ab065 c:\windows\ie7updates\KB944533-IE7\wininet.dll
2007-12-07 03:21 824832 806d274c9a6c3aaea5eae8e4af841e04 c:\windows\ie7updates\KB947864-IE7\wininet.dll
2008-03-01 14:06 826368 ad21461aef8244edec2ef18e55e1dcf3 c:\windows\ie7updates\KB950759-IE7\wininet.dll
2008-04-23 05:16 817152 f82dc979e1f334df0c893b3bfdeb404e c:\windows\system32\wininet.dll
2008-04-23 05:16 817152 f82dc979e1f334df0c893b3bfdeb404e c:\windows\system32\dllcache\wininet.dll

2006-04-20 13:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
2007-10-30 17:53 360832 64798ecfa43d78c7178375fcdd16d8c8 c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys
2004-08-10 19:00 359040 9f4b36614a0fc234525ba224957de55c c:\windows\$NtUninstallKB917953$\tcpip.sys
2006-04-20 12:51 359808 1dbf125862891817f374f407626967f4 c:\windows\$NtUninstallKB941644$\tcpip.sys
2008-10-30 18:40 360064 68f3459253226d8dacf1051c6f835c56 c:\windows\system32\dllcache\tcpip.sys
2008-10-30 18:40 360064 68f3459253226d8dacf1051c6f835c56 c:\windows\system32\drivers\tcpip.sys

2007-06-13 11:23 975360 9784e0719124e4a23989aef9e7ca02d6 c:\windows\explorer.exe
2007-06-13 12:26 1033216 7712df0cdde3a5ac89843e61cd5b3658 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-10 19:00 1032192 a0732187050030ae399b241436565e64 c:\windows\$NtUninstallKB938828$\explorer.exe
2007-06-13 11:23 975360 9784e0719124e4a23989aef9e7ca02d6 c:\windows\system32\dllcache\explorer.exe

2007-07-30 18:19 68440 84d9a61860272d6177d46c86b8431557 c:\windows\system32\wuauclt.exe
2007-07-30 18:19 68440 84d9a61860272d6177d46c86b8431557 c:\windows\system32\dllcache\wuauclt.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]
"Google Update"="c:\documents and settings\Vlado\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-11-26 133104]
"Vista Rainbar"="c:\program files\Vista Rainbar\Rainmeter.exe" [2006-01-21 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-10 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-02-18 949376]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-05-30 421888]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-27 c:\windows\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-10 15360]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 1634304]

c:\documents and settings\Vlado\Start Menu\Programs\Startup\
RocketDock.lnk - c:\windows\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe [2007-03-18 630784]
TransBar.lnk - c:\windows\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe [2005-06-01 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= msaud32_divx.acm
"vidc.ir32"= c:\windows\system32\ir32_32.dll
"vidc.ir31"= c:\windows\system32\ir32_32.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Security Check.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Security Check.lnk
backup=c:\windows\pss\Security Check.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer ePresentation HPD]
--a------ 2006-03-31 15:39 204800 c:\acer\Empowering Technology\ePresentation\ePresentation.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
--a------ 2007-10-04 18:38 307200 c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
--------- 2006-04-14 21:35 53248 c:\program files\Realtek\InstallShield\AzMixerSel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
--a------ 2006-03-15 21:12 579584 c:\acer\Empowering Technology\ePower\Boot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2008-07-08 17:22 486856 c:\program files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
--a------ 2006-05-30 11:11 421888 c:\acer\Empowering Technology\ePower\ePower_DMC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eRecoveryService]
--a------ 2006-06-01 13:40 413696 c:\acer\Empowering Technology\eRecovery\eRAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-11-26 17:24 133104 c:\documents and settings\Vlado\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
--a------ 2006-06-23 05:59 602112 c:\progra~1\LAUNCH~1\LManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2004-10-13 17:24 1694208 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
--a------ 2007-12-03 14:21 2213160 c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2007-03-01 14:57 153136 c:\program files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ntiMUI]
--a------ 2005-05-11 16:15 45056 c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
--a------ 2006-11-08 13:27 222208 c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfSaver3]
--a------ 2004-05-19 13:29 385024 c:\program files\PDF\pdfSaver\pdfSaver3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
--a------ 2002-04-11 03:19 69632 c:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
--a------ 2008-08-29 17:11 61440 c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2006-03-03 12:07 761946 c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
-ra------ 2006-03-30 15:45 313472 c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"d:\\Program Files\\Strong DC++\\StrongDC.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\3D Live Pool\\3D Live Pool.exe"=
"c:\\Program Files\\Garena\\Garena.exe"=
"c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\QIP Infium\\infium.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"2006:TCP"= 2006:TCP:poort
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"25551:TCP"= 25551:TCP:BitComet 25551 TCP
"25551:UDP"= 25551:UDP:BitComet 25551 UDP
"23267:TCP"= 23267:TCP:BitComet 23267 TCP
"23267:UDP"= 23267:UDP:BitComet 23267 UDP
"8080:TCP"= 8080:TCP:hamachi

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-02-18 15424]
R1 SSHDRV65;SSHDRV65;c:\windows\system32\drivers\SSHDRV65.sys [2006-10-20 120320]
R1 SSHDRV85;SSHDRV85;c:\windows\system32\drivers\SSHDRV85.sys [2006-10-20 78848]
R3 PSched;QoS Packet Scheduler;c:\windows\system32\drivers\psched.sys [2004-08-10 69120]
R3 uscbs109;uscbs109;c:\windows\system32\drivers\uscbs109.sys [2008-08-17 8672]
R3 uscsc109;uscsc109;c:\windows\system32\drivers\uscsc109.sys [2008-08-17 102336]
S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;\??\c:\windows\system32\eLock2BurnerLockDriver.sys --> c:\windows\system32\eLock2BurnerLockDriver.sys [?]
S2 eLock2FSCTLDriver;eLock2FSCTLDriver;\??\c:\windows\system32\eLock2FSCTLDriver.sys --> c:\windows\system32\eLock2FSCTLDriver.sys [?]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2009-02-19 23152]
.
Obsah adresáře 'Naplánované úlohy'

2008-06-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 12:42]

2009-02-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-353504745-702179683-907228502-1005.job
- c:\documents and settings\Vlado\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-26 17:24]
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-LaunchApp - (no file)
HKLM-Run-pdfSaver3 - (no file)
MSConfigStartUp-ATICCC - c:\program files\ATI Technologies\ATI.ACE\CLIStart.exe
MSConfigStartUp-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe
MSConfigStartUp-CTCheck - c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
MSConfigStartUp-CTSyncU - c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe
MSConfigStartUp-ICQ - c:\program files\ICQ6.5\ICQ.exe
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe


.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe"
uInternet Settings,ProxyServer = http=akcelerator.orange.sk:9990
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: imon.dll
TCP: {892A6099-2F69-4409-B7A9-D74947901A4E} = 195.146.128.60,195.146.132.59
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://www.creative.com/softwareupdate/ ... TSUEng.cab
FF - ProfilePath - c:\documents and settings\Vlado\Application Data\Mozilla\Firefox\Profiles\ewnfq2av.default\
FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox? ... k:official
FF - plugin: c:\documents and settings\Vlado\Local Settings\Application Data\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\Opera\program\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera\program\plugins\np32dsw.dll
FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll
FF - plugin: c:\program files\Opera\program\plugins\nppdf32.dll
FF - plugin: c:\program files\Opera\program\plugins\nppl3260.dll
FF - plugin: c:\program files\Opera\program\plugins\nprpjplug.dll

---- NASTAVENÍ FIREFOXU ----
FF - user.js: general.useragent.extra.zencast - Creative ZENcast v2.00.13);user_pref(general.useragent.extra.zencast, );user_pref(general.useragent.extra.zencast, c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-27 14:44:26
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(768)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(824)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ati2evxx.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\ehome\ehrecvr.exe
c:\windows\ehome\ehSched.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\Eset\nod32krn.exe
c:\program files\Raxco\PerfectDisk\PDSched.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2009-02-27 14:48:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-02-27 13:48:22

Před spuštěním: 4 522 245 120 bytes free
Po spuštění: 4,446,076,416

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=AlwaysOff /usepmtimer

317 --- E O F --- 2008-06-20 21:47:00


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4 | 4
NapísalOffline Kosak: 02.03.2009 21:25 | Automatické aktualizácie

Čo na to vraví počítač?


Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66 | 66
Bydlisko: Bratislava
Napísal autor témyOffline pukepulos: 02.03.2009 21:26 | Automatické aktualizácie

ja neviem :D funguje normalne...akurat tie aktualizacie no


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4 | 4
NapísalOffline Kosak: 02.03.2009 21:38 | Automatické aktualizácie

Skús tento nástroj.


Offline pukepulos

Skúsený užívateľ
Skúsený užívateľ
Automatické aktualizácie

Registrovaný: 24.04.08
Prihlásený: 30.03.14
Príspevky: 4774
Témy: 66 | 66
Bydlisko: Bratislava
Napísal autor témyOffline pukepulos: 02.03.2009 21:44 | Automatické aktualizácie

parada dik moc toto som potreboval :)


Offline Kosak

Skúsený užívateľ
Skúsený užívateľ
Obrázok užívateľa

Registrovaný: 12.06.08
Prihlásený: 16.09.10
Príspevky: 440
Témy: 4 | 4
NapísalOffline Kosak: 02.03.2009 21:45 | Automatické aktualizácie

;)


 Stránka: 1 z 1
 [ Príspevkov: 14 ] 


Automatické aktualizácie


Obsah fóra » Software » Antivíry, bezpečnosť a sieť » Bezpečnosť a firewally » Automatické aktualizácie


Podobné témy

 Témy  Odpovede  Zobrazenia  Posledný príspevok 
V tomto fóre nie sú ďalšie neprečítané témy.

Automatické aktualizácie

v Operačné systémy Microsoft

13

815

08.01.2008 16:51

Rammstein16

V tomto fóre nie sú ďalšie neprečítané témy.

automaticke aktualizacie

v Operačné systémy Microsoft

4

602

04.07.2010 17:57

namornik71

V tomto fóre nie sú ďalšie neprečítané témy.

Automatické aktualizácie

v Operačné systémy Microsoft

3

630

15.05.2011 9:16

tairikuokami

V tomto fóre nie sú ďalšie neprečítané témy.

Automatické aktualizácie

v Operačné systémy Microsoft

22

1528

17.08.2008 13:30

Gyrxiur

V tomto fóre nie sú ďalšie neprečítané témy.

Automatické aktualizácie

v Operačné systémy Microsoft

1

694

26.02.2009 23:06

Kosak

V tomto fóre nie sú ďalšie neprečítané témy.

automaticke aktualizacie

v Operačné systémy Microsoft

6

727

14.11.2006 18:40

Dolmayan

V tomto fóre nie sú ďalšie neprečítané témy.

Automatické aktualizácie XP

v Operačné systémy Microsoft

25

1296

18.11.2006 23:50

Dolmayan

V tomto fóre nie sú ďalšie neprečítané témy.

Win XP-Nefungujú Automatické Aktualizácie

v Operačné systémy Microsoft

17

1533

28.06.2009 13:33

Jeffo

V tomto fóre nie sú ďalšie neprečítané témy.

Windows XP SP3 nesťahujú sa automatické aktualizácie

v Operačné systémy Microsoft

9

586

09.01.2014 20:35

tairikuokami

V tomto fóre nie sú ďalšie neprečítané témy.

IE 8 sa začína inštalovať cez automatické aktualizácie

v Novinky

16

2193

13.04.2009 16:29

prandof

V tomto fóre nie sú ďalšie neprečítané témy.

aktualizácie

v Operačné systémy Microsoft

3

628

15.02.2009 17:35

tairikuokami

V tomto fóre nie sú ďalšie neprečítané témy.

AKTUALIZACIE

v Operačné systémy Microsoft

1

625

18.10.2009 21:50

shiro

V tomto fóre nie sú ďalšie neprečítané témy.

aktualizacie

v Operačné systémy Microsoft

3

578

03.12.2008 17:44

Jaro

V tomto fóre nie sú ďalšie neprečítané témy.

Zaseknute aktualizacie

v Operačné systémy Microsoft

2

628

22.05.2010 15:42

Nanosonda

V tomto fóre nie sú ďalšie neprečítané témy.

Debian aktualizácie

v Operačné systémy Unix a Linux

0

513

19.06.2011 9:53

tetele

V tomto fóre nie sú ďalšie neprečítané témy.

Zrušenie aktualizácie windows

v Operačné systémy Microsoft

4

762

07.05.2023 12:24

Rostan



© 2005 - 2025 PCforum, edited by JanoF