Zdravim,
po dlhsom case bez problemov sa na vas musim obratit s prosbou o pomoc. Tentoraz ide o kamosov ntb, kde mu vyhadzuje pri spusteni Eset tuto hlasku:
"27.1.2014 9:31:41 Kontrola při startu soubor Operační paměť » C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\mdi064.dll varianta infiltrace Win32/CoinMiner.KA trojský kůň chyba při mazání JURAJ\Juraj Banas"
Vdaka za rady. Prikladam Log z FRST: (u RSIT po stlaceni continue vyhodilo chybu)
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-01-2014
Ran by Juraj Banas (administrator) on JURAJ on 27-01-2014 09:39:34
Running from C:\Documents and Settings\Juraj Banas\Desktop
Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
ATTENTION: If processes are not listed WMI should be repaired.
==================== Processes (Whitelisted) ===================
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16248320 2006-06-28] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] - C:\WINDOWS\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] - C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-12-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [LogitechCommunicationsManager] - C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe [304664 2006-10-31] (Acer Inc.)
HKLM\...\Run: [AcerOrbicamRibbon] - C:\Program Files\Acer\OrbiCam10\OrbiCam.exe [754712 2006-11-28] ()
HKLM\...\Run: [LVCOMSX] - C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe [244512 2006-11-28] (Logitech Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761946 2006-03-03] (Synaptics, Inc.)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [13594624 2009-01-30] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [86016 2009-01-30] (NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSStp] - C:\WINDOWS\system32\msstp.vbe [1418 2014-01-13] ()
HKLM\...\Run: [mncvkfyfSrv] - C:\WINDOWS\inf\mncvkfyf.vbe [1338 2014-01-13] ()
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [2021400 2009-02-06] (ESET)
HKCU\...\Run: [tsiVideo] - C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll [3997696 2014-01-22] () <===== ATTENTION
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mail.ru/cnt/9134
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
SearchScopes: HKCU - DefaultScope {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 172.16.40.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Juraj Banas\Application Data\Mozilla\Firefox\Profiles\297eyo2j.default
FF Homepage: hxxp://www.zoznam.sk/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.1 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Спутник @Mail.Ru - C:\Documents and Settings\Juraj Banas\Application Data\Mozilla\Firefox\Profiles\297eyo2j.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2013-12-18]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: Eset Plugin - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-01-22]
========================== Services (Whitelisted) =================
S3 EhttpSrv; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [20680 2009-02-06] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [727720 2009-02-06] (ESET)
R2 JavaQuickStarterService; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [161664 2012-05-04] (Oracle Corporation)
S2 LVSrvLauncher; C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe [101152 2006-11-28] (Logitech Inc.)
S2 NOD32FiXTemDono; C:\WINDOWS\system32\regedt32.exe [3584 2006-02-28] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [328061 2006-01-17] (Broadcom Corporation.)
S3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30459 2006-01-17] (Broadcom Corporation.)
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [850474 2006-01-17] (Broadcom Corporation.)
R2 BTSERIAL; C:\WINDOWS\system32\drivers\btserial.sys [23271 2006-01-17] (Broadcom Corporation.)
S3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [148900 2006-01-17] (Broadcom Corporation.)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [65688 2006-01-17] (Broadcom Corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R2 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [113448 2009-02-06] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [106208 2009-02-06] (ESET)
R3 EMSCR; C:\WINDOWS\System32\DRIVERS\EMS7SK.sys [61056 2006-06-16] (ENE Technology Inc.)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [130952 2009-02-06] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [33096 2009-02-06] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [56280 2009-02-06] (ESET)
R3 ESDCR; C:\WINDOWS\System32\DRIVERS\ESD7SK.sys [40064 2006-06-16] (ENE Technology Inc.)
R3 ESMCR; C:\WINDOWS\System32\DRIVERS\ESM7SK.sys [74752 2006-06-16] (ENE Technology Inc.)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-22] (Conexant Systems, Inc.)
R3 lv321av; C:\WINDOWS\System32\DRIVERS\lv321av.sys [847392 2006-11-28] (Logitech Inc.)
R3 LVMVDrv; C:\WINDOWS\System32\DRIVERS\LVMVDrv.sys [1962784 2006-11-28] (Logitech Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [46080 2004-06-16] (SMSC)
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1429632 2006-04-04] (Intel® Corporation)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-27 09:39 - 2014-01-27 09:39 - 00009445 _____ C:\Documents and Settings\Juraj Banas\Desktop\FRST.txt
2014-01-27 09:39 - 2014-01-27 09:39 - 00000000 ____D C:\FRST
2014-01-27 09:38 - 2014-01-27 09:38 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Juraj Banas\Desktop\FRSTLauncher.exe
2014-01-27 09:38 - 2014-01-27 09:38 - 00029696 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\MSGBOX.EXE
2014-01-27 09:38 - 2014-01-27 09:38 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Desktop\LM.bat
2014-01-27 09:37 - 2014-01-27 09:37 - 01223168 _____ (Farbar) C:\Documents and Settings\Juraj Banas\Desktop\FRST.exe
2014-01-27 09:34 - 2014-01-27 09:34 - 00002341 _____ C:\WINDOWS\setupapi.log
2014-01-27 09:34 - 2014-01-27 09:34 - 00000000 ____D C:\rsit
2014-01-22 14:05 - 2014-01-22 14:05 - 00000000 ____D C:\Program Files\ESET
2014-01-22 14:05 - 2014-01-22 14:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\ESET
2014-01-22 13:55 - 2014-01-13 10:25 - 00001418 ____S C:\WINDOWS\system32\msstp.vbe
2014-01-22 09:02 - 2008-03-03 18:21 - 00000568 ____H C:\WINDOWS\nod32fixtemdono.reg
2014-01-22 08:29 - 2014-01-22 08:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallbasecsp$
2014-01-22 08:28 - 2011-08-16 11:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2014-01-22 08:28 - 2011-03-11 15:10 - 00225262 ____C C:\WINDOWS\system32\dllcache\msimain.sdb
2014-01-22 08:25 - 2014-01-22 08:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-01-20 18:43 - 2014-01-20 18:43 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-01-11 10:20 - 2014-01-11 10:20 - 00069232 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-07 18:47 - 2014-01-07 18:47 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache
2014-01-07 18:45 - 2014-01-11 10:47 - 00000000 ____D C:\Documents and Settings\Juraj Banas\Application Data\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ___RD C:\Program Files\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ____D C:\Program Files\Common Files\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-01-07 18:44 - 2014-01-07 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2014-01-07 18:12 - 2014-01-07 18:12 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2013-12-31 14:15 - 2013-12-31 14:15 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-01-27 09:39 - 2014-01-27 09:39 - 00009445 _____ C:\Documents and Settings\Juraj Banas\Desktop\FRST.txt
2014-01-27 09:39 - 2014-01-27 09:39 - 00000000 ____D C:\FRST
2014-01-27 09:39 - 2013-12-05 08:50 - 01799959 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-27 09:38 - 2014-01-27 09:38 - 00112640 _____ (forum.viry.cz) C:\Documents and Settings\Juraj Banas\Desktop\FRSTLauncher.exe
2014-01-27 09:38 - 2014-01-27 09:38 - 00029696 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\MSGBOX.EXE
2014-01-27 09:38 - 2014-01-27 09:38 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Desktop\LM.bat
2014-01-27 09:38 - 2013-12-05 11:12 - 00000000 ____D C:\Documents and Settings\Juraj Banas\My Documents\Preberanie
2014-01-27 09:37 - 2014-01-27 09:37 - 01223168 _____ (Farbar) C:\Documents and Settings\Juraj Banas\Desktop\FRST.exe
2014-01-27 09:34 - 2014-01-27 09:34 - 00002341 _____ C:\WINDOWS\setupapi.log
2014-01-27 09:34 - 2014-01-27 09:34 - 00000000 ____D C:\rsit
2014-01-27 09:28 - 2013-12-05 09:37 - 00000051 _____ C:\WINDOWS\wiaservc.log
2014-01-27 09:27 - 2013-12-05 13:19 - 00201679 _____ C:\WINDOWS\system32\nvapps.xml
2014-01-27 09:27 - 2013-12-05 09:37 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-27 09:27 - 2013-12-05 08:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-27 09:26 - 2013-12-09 08:43 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2014-01-27 09:26 - 2013-12-09 07:20 - 00065536 _____ C:\WINDOWS\system32\config\ODiag.evt
2014-01-27 09:26 - 2013-12-05 08:57 - 00000178 ___SH C:\Documents and Settings\Juraj Banas\ntuser.ini
2014-01-27 09:26 - 2013-12-05 08:55 - 00032578 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-27 09:22 - 2013-12-05 08:57 - 00000000 ____D C:\Documents and Settings\Juraj Banas
2014-01-27 08:58 - 2013-12-09 10:44 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-27 08:38 - 2013-12-05 08:56 - 00000000 __SHD C:\WINDOWS\CSC
2014-01-27 08:38 - 2006-02-28 13:00 - 00002422 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-22 14:05 - 2014-01-22 14:05 - 00000000 ____D C:\Program Files\ESET
2014-01-22 14:05 - 2014-01-22 14:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\ESET
2014-01-22 08:32 - 2013-12-09 20:33 - 00000000 ____D C:\WINDOWS\pss
2014-01-22 08:30 - 2013-12-05 08:51 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2014-01-22 08:29 - 2014-01-22 08:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallbasecsp$
2014-01-22 08:29 - 2013-12-05 11:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ESET
2014-01-22 08:29 - 2013-12-05 09:23 - 00000000 ____D C:\WINDOWS\security
2014-01-22 08:25 - 2014-01-22 08:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-01-20 18:45 - 2013-12-09 12:43 - 00000000 ____D C:\Documents and Settings\Juraj Banas\Application Data\vlc
2014-01-20 18:43 - 2014-01-20 18:43 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-01-20 18:39 - 2013-12-19 19:14 - 00006144 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-18 11:57 - 2013-12-05 09:23 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2014-01-16 15:40 - 2013-12-18 18:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-16 15:38 - 2013-12-18 18:15 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-15 13:59 - 2013-12-09 12:27 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-01-13 10:25 - 2014-01-22 13:55 - 00001418 ____S C:\WINDOWS\system32\msstp.vbe
2014-01-11 10:47 - 2014-01-07 18:45 - 00000000 ____D C:\Documents and Settings\Juraj Banas\Application Data\Skype
2014-01-11 10:20 - 2014-01-11 10:20 - 00069232 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-11 09:52 - 2013-12-05 10:59 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2014-01-07 18:47 - 2014-01-07 18:47 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache
2014-01-07 18:47 - 2013-12-05 10:11 - 00003419 _____ C:\WINDOWS\system32\lvcoinst.log
2014-01-07 18:47 - 2013-12-05 08:55 - 00000000 __SHD C:\Documents and Settings\LocalService
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ___RD C:\Program Files\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ____D C:\Program Files\Common Files\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-01-07 18:45 - 2014-01-07 18:44 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2014-01-07 18:12 - 2014-01-07 18:12 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2014-01-07 18:12 - 2013-12-09 12:44 - 00000000 ____D C:\Program Files\CCleaner
2013-12-31 14:15 - 2013-12-31 14:15 - 00000000 ____D C:\Program Files\Mozilla Firefox
Files to move or delete:
====================
C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll
Some content of TEMP:
====================
C:\Documents and Settings\deti\Local Settings\Temp\RtkBtMnt.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\fp_pl_pfs_installer.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\GuardMailRu.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\mdi064.dll
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\RtkBtMnt.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\vlc-2.1.2-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola a chyba (mdi064.dll)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
justrideit
- Návštěvník
- Příspěvky: 73
- Registrován: 15 pro 2009 10:12
Re: Kontrola a chyba (mdi064.dll)
Zdravim 
Pokud chcete pomoci, tak vas musim pozadat o odstraneni NELEGALNI Aviry. Tento muj "pozadavek" vychazi z platnych pravidel fora http://forum.viry.cz/viewtopic.php?f=12&t=115512, ktere jste vy i ja povinnen dodrzovat
Takze pokud chcete pomoci, tak jej odinstalujte, nainstalujte free reseni (napr. Avast Free), napiste a budeme pokracovat
Pokud chcete pomoci, tak vas musim pozadat o odstraneni NELEGALNI Aviry. Tento muj "pozadavek" vychazi z platnych pravidel fora http://forum.viry.cz/viewtopic.php?f=12&t=115512, ktere jste vy i ja povinnen dodrzovat
Pomáhat NELZE:
2) Pokud stroj uživatele obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.
Takze pokud chcete pomoci, tak jej odinstalujte, nainstalujte free reseni (napr. Avast Free), napiste a budeme pokracovat"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.-
justrideit
- Návštěvník
- Příspěvky: 73
- Registrován: 15 pro 2009 10:12
Re: Kontrola a chyba (mdi064.dll)
Ako odstranit Aviru, ak medzi nainstalovanymi programami nie je uvedena?
Re: Kontrola a chyba (mdi064.dll)
Olouvam se, ma chybka, je tam nelegalni ESET 
ten musi jit do pryc
ten musi jit do pryc"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
justrideit
- Návštěvník
- Příspěvky: 73
- Registrován: 15 pro 2009 10:12
Re: Kontrola a chyba (mdi064.dll)
Eset odstraneny, aky je dalsi postup? idem restartnut ntb, aby dokoncil odinstalaciu
Re: Kontrola a chyba (mdi064.dll)
Nainstalujte nejake freaa zabezpeceni, napr. Avast Free nebo Bitdefender Free a pak dejte novy log z FRSTL
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
justrideit
- Návštěvník
- Příspěvky: 73
- Registrován: 15 pro 2009 10:12
Re: Kontrola a chyba (mdi064.dll)
Log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-01-2014
Ran by Juraj Banas (administrator) on JURAJ on 27-01-2014 14:48:49
Running from C:\Documents and Settings\Juraj Banas\Desktop
Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
ATTENTION: If processes are not listed WMI should be repaired.
==================== Processes (Whitelisted) ===================
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16248320 2006-06-28] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] - C:\WINDOWS\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] - C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-12-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [LogitechCommunicationsManager] - C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe [304664 2006-10-31] (Acer Inc.)
HKLM\...\Run: [AcerOrbicamRibbon] - C:\Program Files\Acer\OrbiCam10\OrbiCam.exe [754712 2006-11-28] ()
HKLM\...\Run: [LVCOMSX] - C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe [244512 2006-11-28] (Logitech Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761946 2006-03-03] (Synaptics, Inc.)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [13594624 2009-01-30] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [86016 2009-01-30] (NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSStp] - C:\WINDOWS\system32\msstp.vbe [1418 2014-01-13] ()
HKLM\...\Run: [mncvkfyfSrv] - C:\WINDOWS\inf\mncvkfyf.vbe [1338 2014-01-13] ()
HKCU\...\Run: [tsiVideo] - C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll [3997696 2014-01-22] () <===== ATTENTION
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 172.16.40.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Juraj Banas\Application Data\Mozilla\Firefox\Profiles\297eyo2j.default
FF Homepage: hxxp://www.zoznam.sk/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.1 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Спутник @Mail.Ru - C:\Documents and Settings\Juraj Banas\Application Data\Mozilla\Firefox\Profiles\297eyo2j.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2013-12-18]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
========================== Services (Whitelisted) =================
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [57520 2013-10-23] (Bitdefender)
R2 JavaQuickStarterService; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [161664 2012-05-04] (Oracle Corporation)
S2 LVSrvLauncher; C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe [101152 2006-11-28] (Logitech Inc.)
S2 NOD32FiXTemDono; C:\WINDOWS\system32\regedt32.exe [3584 2006-02-28] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
R3 avchv; C:\WINDOWS\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
R1 bdftdif; C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys [148600 2013-04-17] (Bitdefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [328061 2006-01-17] (Broadcom Corporation.)
S3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30459 2006-01-17] (Broadcom Corporation.)
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [850474 2006-01-17] (Broadcom Corporation.)
R2 BTSERIAL; C:\WINDOWS\system32\drivers\btserial.sys [23271 2006-01-17] (Broadcom Corporation.)
S3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [148900 2006-01-17] (Broadcom Corporation.)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [65688 2006-01-17] (Broadcom Corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 EMSCR; C:\WINDOWS\System32\DRIVERS\EMS7SK.sys [61056 2006-06-16] (ENE Technology Inc.)
R3 ESDCR; C:\WINDOWS\System32\DRIVERS\ESD7SK.sys [40064 2006-06-16] (ENE Technology Inc.)
R3 ESMCR; C:\WINDOWS\System32\DRIVERS\ESM7SK.sys [74752 2006-06-16] (ENE Technology Inc.)
R1 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-22] (Conexant Systems, Inc.)
R3 lv321av; C:\WINDOWS\System32\DRIVERS\lv321av.sys [847392 2006-11-28] (Logitech Inc.)
R3 LVMVDrv; C:\WINDOWS\System32\DRIVERS\LVMVDrv.sys [1962784 2006-11-28] (Logitech Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [46080 2004-06-16] (SMSC)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1429632 2006-04-04] (Intel® Corporation)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-27 14:48 - 2014-01-27 14:49 - 00009059 _____ C:\Documents and Settings\Juraj Banas\Desktop\FRST.txt
2014-01-27 14:47 - 2014-01-27 14:47 - 00112640 _____ C:\Documents and Settings\Juraj Banas\Desktop\frstlauncher.exe.43349.gzquar
2014-01-27 14:44 - 2014-01-27 14:44 - 00272022 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-01-27 14:37 - 2014-01-27 14:37 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-01-27 14:35 - 2014-01-27 14:35 - 00231266 _____ C:\Documents and Settings\All Users\Application Data\1390828983.bdinstall.bin
2014-01-27 14:35 - 2014-01-27 14:35 - 00029696 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\MSGBOX.EXE
2014-01-27 14:35 - 2014-01-27 14:35 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\LM.bat
2014-01-27 14:31 - 2014-01-27 14:31 - 00006723 _____ C:\WINDOWS\iis6.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00006183 _____ C:\WINDOWS\FaxSetup.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00004085 _____ C:\WINDOWS\Wdf01009Inst.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00002956 _____ C:\WINDOWS\ocgen.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00002905 _____ C:\WINDOWS\tsoc.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00002042 _____ C:\WINDOWS\comsetup.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001900 _____ C:\WINDOWS\msmqinst.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001719 _____ C:\WINDOWS\setupact.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001374 _____ C:\WINDOWS\imsins.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001228 _____ C:\WINDOWS\ntdtcsetup.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001083 _____ C:\WINDOWS\netfxocm.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000425 _____ C:\WINDOWS\MedCtrOC.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000342 _____ C:\WINDOWS\ocmsn.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000311 _____ C:\WINDOWS\tabletoc.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000309 _____ C:\WINDOWS\msgsocm.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus Free Edition
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-27 14:31 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2014-01-27 14:31 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2014-01-27 14:27 - 2014-01-27 14:27 - 00000000 ____D C:\Program Files\Microsoft.NET
2014-01-27 14:25 - 2014-01-27 14:31 - 00000000 ____D C:\Program Files\Bitdefender
2014-01-27 14:25 - 2013-04-17 14:59 - 00633344 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2014-01-27 14:25 - 2013-04-17 14:59 - 00486536 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2014-01-27 14:25 - 2012-11-02 14:17 - 00242504 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2014-01-27 14:24 - 2013-05-28 12:11 - 00355744 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2014-01-27 14:24 - 2013-04-22 13:20 - 00164952 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2014-01-27 09:40 - 2014-01-27 09:40 - 00008951 _____ C:\Documents and Settings\Juraj Banas\My Documents\Addition.txt
2014-01-27 09:39 - 2014-01-27 14:37 - 00023214 _____ C:\Documents and Settings\Juraj Banas\My Documents\FRST.txt
2014-01-27 09:39 - 2014-01-27 09:39 - 00000000 ____D C:\FRST
2014-01-27 09:38 - 2014-01-27 09:38 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Desktop\LM.bat
2014-01-27 09:37 - 2014-01-27 09:37 - 01223168 _____ (Farbar) C:\Documents and Settings\Juraj Banas\Desktop\FRST.exe
2014-01-27 09:34 - 2014-01-27 14:31 - 00007214 _____ C:\WINDOWS\setupapi.log
2014-01-27 09:34 - 2014-01-27 09:34 - 00000000 ____D C:\rsit
2014-01-22 14:05 - 2014-01-22 14:05 - 00000000 ____D C:\Program Files\ESET
2014-01-22 13:55 - 2014-01-13 10:25 - 00001418 ____S C:\WINDOWS\system32\msstp.vbe
2014-01-22 09:02 - 2008-03-03 18:21 - 00000568 ____H C:\WINDOWS\nod32fixtemdono.reg
2014-01-22 08:29 - 2014-01-22 08:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallbasecsp$
2014-01-22 08:28 - 2011-08-16 11:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2014-01-22 08:28 - 2011-03-11 15:10 - 00225262 ____C C:\WINDOWS\system32\dllcache\msimain.sdb
2014-01-22 08:25 - 2014-01-22 08:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-01-20 18:43 - 2014-01-20 18:43 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-01-11 10:20 - 2014-01-11 10:20 - 00069232 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-07 18:47 - 2014-01-07 18:47 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache
2014-01-07 18:45 - 2014-01-11 10:47 - 00000000 ____D C:\Documents and Settings\Juraj Banas\Application Data\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ___RD C:\Program Files\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ____D C:\Program Files\Common Files\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-01-07 18:44 - 2014-01-07 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2014-01-07 18:12 - 2014-01-07 18:12 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2013-12-31 14:15 - 2013-12-31 14:15 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-01-27 14:49 - 2014-01-27 14:48 - 00009059 _____ C:\Documents and Settings\Juraj Banas\Desktop\FRST.txt
2014-01-27 14:48 - 2013-12-05 08:50 - 01811754 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-27 14:47 - 2014-01-27 14:47 - 00112640 _____ C:\Documents and Settings\Juraj Banas\Desktop\frstlauncher.exe.43349.gzquar
2014-01-27 14:46 - 2013-12-05 13:19 - 00201679 _____ C:\WINDOWS\system32\nvapps.xml
2014-01-27 14:46 - 2013-12-05 09:37 - 00000157 _____ C:\WINDOWS\wiadebug.log
2014-01-27 14:46 - 2013-12-05 09:37 - 00000051 _____ C:\WINDOWS\wiaservc.log
2014-01-27 14:45 - 2013-12-05 08:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-27 14:44 - 2014-01-27 14:44 - 00272022 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-01-27 14:44 - 2013-12-05 08:57 - 00000178 ___SH C:\Documents and Settings\Juraj Banas\ntuser.ini
2014-01-27 14:44 - 2013-12-05 08:57 - 00000000 ____D C:\Documents and Settings\Juraj Banas
2014-01-27 14:44 - 2013-12-05 08:55 - 00032578 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-27 14:42 - 2013-12-05 08:52 - 00000000 ____D C:\WINDOWS\microsoft.net
2014-01-27 14:37 - 2014-01-27 14:37 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-01-27 14:37 - 2014-01-27 09:39 - 00023214 _____ C:\Documents and Settings\Juraj Banas\My Documents\FRST.txt
2014-01-27 14:35 - 2014-01-27 14:35 - 00231266 _____ C:\Documents and Settings\All Users\Application Data\1390828983.bdinstall.bin
2014-01-27 14:35 - 2014-01-27 14:35 - 00029696 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\MSGBOX.EXE
2014-01-27 14:35 - 2014-01-27 14:35 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\LM.bat
2014-01-27 14:31 - 2014-01-27 14:31 - 00006723 _____ C:\WINDOWS\iis6.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00006183 _____ C:\WINDOWS\FaxSetup.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00004085 _____ C:\WINDOWS\Wdf01009Inst.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00002956 _____ C:\WINDOWS\ocgen.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00002905 _____ C:\WINDOWS\tsoc.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00002042 _____ C:\WINDOWS\comsetup.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001900 _____ C:\WINDOWS\msmqinst.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001719 _____ C:\WINDOWS\setupact.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001374 _____ C:\WINDOWS\imsins.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001228 _____ C:\WINDOWS\ntdtcsetup.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001083 _____ C:\WINDOWS\netfxocm.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000425 _____ C:\WINDOWS\MedCtrOC.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000342 _____ C:\WINDOWS\ocmsn.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000311 _____ C:\WINDOWS\tabletoc.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000309 _____ C:\WINDOWS\msgsocm.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus Free Edition
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-27 14:31 - 2014-01-27 14:25 - 00000000 ____D C:\Program Files\Bitdefender
2014-01-27 14:31 - 2014-01-27 09:34 - 00007214 _____ C:\WINDOWS\setupapi.log
2014-01-27 14:31 - 2013-12-05 09:34 - 00437936 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-27 14:27 - 2014-01-27 14:27 - 00000000 ____D C:\Program Files\Microsoft.NET
2014-01-27 14:27 - 2013-12-05 09:23 - 00000000 ____D C:\WINDOWS\system32\mui
2014-01-27 14:22 - 2013-12-05 11:12 - 00000000 ____D C:\Documents and Settings\Juraj Banas\My Documents\Preberanie
2014-01-27 13:58 - 2013-12-09 10:44 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-27 09:40 - 2014-01-27 09:40 - 00008951 _____ C:\Documents and Settings\Juraj Banas\My Documents\Addition.txt
2014-01-27 09:39 - 2014-01-27 09:39 - 00000000 ____D C:\FRST
2014-01-27 09:38 - 2014-01-27 09:38 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Desktop\LM.bat
2014-01-27 09:37 - 2014-01-27 09:37 - 01223168 _____ (Farbar) C:\Documents and Settings\Juraj Banas\Desktop\FRST.exe
2014-01-27 09:34 - 2014-01-27 09:34 - 00000000 ____D C:\rsit
2014-01-27 09:26 - 2013-12-09 08:43 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2014-01-27 09:26 - 2013-12-09 07:20 - 00065536 _____ C:\WINDOWS\system32\config\ODiag.evt
2014-01-27 08:38 - 2013-12-05 08:56 - 00000000 __SHD C:\WINDOWS\CSC
2014-01-27 08:38 - 2006-02-28 13:00 - 00002422 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-22 14:05 - 2014-01-22 14:05 - 00000000 ____D C:\Program Files\ESET
2014-01-22 08:32 - 2013-12-09 20:33 - 00000000 ____D C:\WINDOWS\pss
2014-01-22 08:30 - 2013-12-05 08:51 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2014-01-22 08:29 - 2014-01-22 08:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallbasecsp$
2014-01-22 08:29 - 2013-12-05 11:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ESET
2014-01-22 08:29 - 2013-12-05 09:23 - 00000000 ____D C:\WINDOWS\security
2014-01-22 08:25 - 2014-01-22 08:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-01-20 18:45 - 2013-12-09 12:43 - 00000000 ____D C:\Documents and Settings\Juraj Banas\Application Data\vlc
2014-01-20 18:43 - 2014-01-20 18:43 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-01-20 18:39 - 2013-12-19 19:14 - 00006144 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-18 11:57 - 2013-12-05 09:23 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2014-01-16 15:40 - 2013-12-18 18:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-16 15:38 - 2013-12-18 18:15 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-15 13:59 - 2013-12-09 12:27 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-01-13 10:25 - 2014-01-22 13:55 - 00001418 ____S C:\WINDOWS\system32\msstp.vbe
2014-01-11 10:47 - 2014-01-07 18:45 - 00000000 ____D C:\Documents and Settings\Juraj Banas\Application Data\Skype
2014-01-11 10:20 - 2014-01-11 10:20 - 00069232 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-11 09:52 - 2013-12-05 10:59 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2014-01-07 18:47 - 2014-01-07 18:47 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache
2014-01-07 18:47 - 2013-12-05 10:11 - 00003419 _____ C:\WINDOWS\system32\lvcoinst.log
2014-01-07 18:47 - 2013-12-05 08:55 - 00000000 __SHD C:\Documents and Settings\LocalService
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ___RD C:\Program Files\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ____D C:\Program Files\Common Files\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-01-07 18:45 - 2014-01-07 18:44 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2014-01-07 18:12 - 2014-01-07 18:12 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2014-01-07 18:12 - 2013-12-09 12:44 - 00000000 ____D C:\Program Files\CCleaner
2013-12-31 14:15 - 2013-12-31 14:15 - 00000000 ____D C:\Program Files\Mozilla Firefox
Files to move or delete:
====================
C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll
Some content of TEMP:
====================
C:\Documents and Settings\deti\Local Settings\Temp\RtkBtMnt.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\fp_pl_pfs_installer.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\GuardMailRu.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\mdi064.dll
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\RtkBtMnt.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\vlc-2.1.2-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-01-2014
Ran by Juraj Banas (administrator) on JURAJ on 27-01-2014 14:48:49
Running from C:\Documents and Settings\Juraj Banas\Desktop
Microsoft Windows XP Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
ATTENTION: If processes are not listed WMI should be repaired.
==================== Processes (Whitelisted) ===================
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDCPL] - C:\WINDOWS\RTHDCPL.EXE [16248320 2006-06-28] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SkyTel] - C:\WINDOWS\SkyTel.EXE [2879488 2006-05-16] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] - C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] - C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-12-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [LogitechCommunicationsManager] - C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe [304664 2006-10-31] (Acer Inc.)
HKLM\...\Run: [AcerOrbicamRibbon] - C:\Program Files\Acer\OrbiCam10\OrbiCam.exe [754712 2006-11-28] ()
HKLM\...\Run: [LVCOMSX] - C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe [244512 2006-11-28] (Logitech Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761946 2006-03-03] (Synaptics, Inc.)
HKLM\...\Run: [NvCplDaemon] - C:\WINDOWS\system32\NvCpl.dll [13594624 2009-01-30] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] - nwiz.exe /install
HKLM\...\Run: [NvMediaCenter] - C:\WINDOWS\system32\NvMcTray.dll [86016 2009-01-30] (NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSStp] - C:\WINDOWS\system32\msstp.vbe [1418 2014-01-13] ()
HKLM\...\Run: [mncvkfyfSrv] - C:\WINDOWS\inf\mncvkfyf.vbe [1338 2014-01-13] ()
HKCU\...\Run: [tsiVideo] - C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll [3997696 2014-01-22] () <===== ATTENTION
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 172.16.40.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Juraj Banas\Application Data\Mozilla\Firefox\Profiles\297eyo2j.default
FF Homepage: hxxp://www.zoznam.sk/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.1 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\atlas-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\azet-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\dunaj-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slovnik-sk.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\zoznam-sk.xml
FF Extension: Спутник @Mail.Ru - C:\Documents and Settings\Juraj Banas\Application Data\Mozilla\Firefox\Profiles\297eyo2j.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2013-12-18]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
========================== Services (Whitelisted) =================
R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [57520 2013-10-23] (Bitdefender)
R2 JavaQuickStarterService; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [161664 2012-05-04] (Oracle Corporation)
S2 LVSrvLauncher; C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe [101152 2006-11-28] (Logitech Inc.)
S2 NOD32FiXTemDono; C:\WINDOWS\system32\regedt32.exe [3584 2006-02-28] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [633344 2013-04-17] (BitDefender)
R3 avchv; C:\WINDOWS\System32\DRIVERS\avchv.sys [242504 2012-11-02] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [486536 2013-04-17] (BitDefender)
R1 bdftdif; C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys [148600 2013-04-17] (Bitdefender SRL)
R1 bdselfpr; C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys [135472 2013-07-16] (BitDefender LLC)
R3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [328061 2006-01-17] (Broadcom Corporation.)
S3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [30459 2006-01-17] (Broadcom Corporation.)
R3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [850474 2006-01-17] (Broadcom Corporation.)
R2 BTSERIAL; C:\WINDOWS\system32\drivers\btserial.sys [23271 2006-01-17] (Broadcom Corporation.)
S3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [148900 2006-01-17] (Broadcom Corporation.)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [65688 2006-01-17] (Broadcom Corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 EMSCR; C:\WINDOWS\System32\DRIVERS\EMS7SK.sys [61056 2006-06-16] (ENE Technology Inc.)
R3 ESDCR; C:\WINDOWS\System32\DRIVERS\ESD7SK.sys [40064 2006-06-16] (ENE Technology Inc.)
R3 ESMCR; C:\WINDOWS\System32\DRIVERS\ESM7SK.sys [74752 2006-06-16] (ENE Technology Inc.)
R1 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [164952 2013-04-22] (BitDefender LLC)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-22] (Conexant Systems, Inc.)
R3 lv321av; C:\WINDOWS\System32\DRIVERS\lv321av.sys [847392 2006-11-28] (Logitech Inc.)
R3 LVMVDrv; C:\WINDOWS\System32\DRIVERS\LVMVDrv.sys [1962784 2006-11-28] (Logitech Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
R3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [46080 2004-06-16] (SMSC)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [355744 2013-05-28] (BitDefender S.R.L.)
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1429632 2006-04-04] (Intel® Corporation)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [x]
U1 WS2IFSL;
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-27 14:48 - 2014-01-27 14:49 - 00009059 _____ C:\Documents and Settings\Juraj Banas\Desktop\FRST.txt
2014-01-27 14:47 - 2014-01-27 14:47 - 00112640 _____ C:\Documents and Settings\Juraj Banas\Desktop\frstlauncher.exe.43349.gzquar
2014-01-27 14:44 - 2014-01-27 14:44 - 00272022 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-01-27 14:37 - 2014-01-27 14:37 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-01-27 14:35 - 2014-01-27 14:35 - 00231266 _____ C:\Documents and Settings\All Users\Application Data\1390828983.bdinstall.bin
2014-01-27 14:35 - 2014-01-27 14:35 - 00029696 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\MSGBOX.EXE
2014-01-27 14:35 - 2014-01-27 14:35 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\LM.bat
2014-01-27 14:31 - 2014-01-27 14:31 - 00006723 _____ C:\WINDOWS\iis6.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00006183 _____ C:\WINDOWS\FaxSetup.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00004085 _____ C:\WINDOWS\Wdf01009Inst.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00002956 _____ C:\WINDOWS\ocgen.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00002905 _____ C:\WINDOWS\tsoc.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00002042 _____ C:\WINDOWS\comsetup.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001900 _____ C:\WINDOWS\msmqinst.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001719 _____ C:\WINDOWS\setupact.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001374 _____ C:\WINDOWS\imsins.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001228 _____ C:\WINDOWS\ntdtcsetup.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001083 _____ C:\WINDOWS\netfxocm.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000425 _____ C:\WINDOWS\MedCtrOC.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000342 _____ C:\WINDOWS\ocmsn.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000311 _____ C:\WINDOWS\tabletoc.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000309 _____ C:\WINDOWS\msgsocm.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus Free Edition
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-27 14:31 - 2009-07-14 23:27 - 01461992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2014-01-27 14:31 - 2008-11-07 18:55 - 00016928 ____N (Microsoft Corporation) C:\WINDOWS\system32\spmsgXP_2k3.dll
2014-01-27 14:27 - 2014-01-27 14:27 - 00000000 ____D C:\Program Files\Microsoft.NET
2014-01-27 14:25 - 2014-01-27 14:31 - 00000000 ____D C:\Program Files\Bitdefender
2014-01-27 14:25 - 2013-04-17 14:59 - 00633344 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys
2014-01-27 14:25 - 2013-04-17 14:59 - 00486536 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys
2014-01-27 14:25 - 2012-11-02 14:17 - 00242504 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2014-01-27 14:24 - 2013-05-28 12:11 - 00355744 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2014-01-27 14:24 - 2013-04-22 13:20 - 00164952 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2014-01-27 09:40 - 2014-01-27 09:40 - 00008951 _____ C:\Documents and Settings\Juraj Banas\My Documents\Addition.txt
2014-01-27 09:39 - 2014-01-27 14:37 - 00023214 _____ C:\Documents and Settings\Juraj Banas\My Documents\FRST.txt
2014-01-27 09:39 - 2014-01-27 09:39 - 00000000 ____D C:\FRST
2014-01-27 09:38 - 2014-01-27 09:38 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Desktop\LM.bat
2014-01-27 09:37 - 2014-01-27 09:37 - 01223168 _____ (Farbar) C:\Documents and Settings\Juraj Banas\Desktop\FRST.exe
2014-01-27 09:34 - 2014-01-27 14:31 - 00007214 _____ C:\WINDOWS\setupapi.log
2014-01-27 09:34 - 2014-01-27 09:34 - 00000000 ____D C:\rsit
2014-01-22 14:05 - 2014-01-22 14:05 - 00000000 ____D C:\Program Files\ESET
2014-01-22 13:55 - 2014-01-13 10:25 - 00001418 ____S C:\WINDOWS\system32\msstp.vbe
2014-01-22 09:02 - 2008-03-03 18:21 - 00000568 ____H C:\WINDOWS\nod32fixtemdono.reg
2014-01-22 08:29 - 2014-01-22 08:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallbasecsp$
2014-01-22 08:28 - 2011-08-16 11:45 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iecompat.dll
2014-01-22 08:28 - 2011-03-11 15:10 - 00225262 ____C C:\WINDOWS\system32\dllcache\msimain.sdb
2014-01-22 08:25 - 2014-01-22 08:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-01-20 18:43 - 2014-01-20 18:43 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-01-11 10:20 - 2014-01-11 10:20 - 00069232 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-07 18:47 - 2014-01-07 18:47 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache
2014-01-07 18:45 - 2014-01-11 10:47 - 00000000 ____D C:\Documents and Settings\Juraj Banas\Application Data\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ___RD C:\Program Files\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ____D C:\Program Files\Common Files\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-01-07 18:44 - 2014-01-07 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2014-01-07 18:12 - 2014-01-07 18:12 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2013-12-31 14:15 - 2013-12-31 14:15 - 00000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified Files and Folders =======
2014-01-27 14:49 - 2014-01-27 14:48 - 00009059 _____ C:\Documents and Settings\Juraj Banas\Desktop\FRST.txt
2014-01-27 14:48 - 2013-12-05 08:50 - 01811754 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-27 14:47 - 2014-01-27 14:47 - 00112640 _____ C:\Documents and Settings\Juraj Banas\Desktop\frstlauncher.exe.43349.gzquar
2014-01-27 14:46 - 2013-12-05 13:19 - 00201679 _____ C:\WINDOWS\system32\nvapps.xml
2014-01-27 14:46 - 2013-12-05 09:37 - 00000157 _____ C:\WINDOWS\wiadebug.log
2014-01-27 14:46 - 2013-12-05 09:37 - 00000051 _____ C:\WINDOWS\wiaservc.log
2014-01-27 14:45 - 2013-12-05 08:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-27 14:44 - 2014-01-27 14:44 - 00272022 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-01-27 14:44 - 2013-12-05 08:57 - 00000178 ___SH C:\Documents and Settings\Juraj Banas\ntuser.ini
2014-01-27 14:44 - 2013-12-05 08:57 - 00000000 ____D C:\Documents and Settings\Juraj Banas
2014-01-27 14:44 - 2013-12-05 08:55 - 00032578 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-27 14:42 - 2013-12-05 08:52 - 00000000 ____D C:\WINDOWS\microsoft.net
2014-01-27 14:37 - 2014-01-27 14:37 - 00000000 ____D C:\Documents and Settings\LocalService\Application Data\QuickScan
2014-01-27 14:37 - 2014-01-27 09:39 - 00023214 _____ C:\Documents and Settings\Juraj Banas\My Documents\FRST.txt
2014-01-27 14:35 - 2014-01-27 14:35 - 00231266 _____ C:\Documents and Settings\All Users\Application Data\1390828983.bdinstall.bin
2014-01-27 14:35 - 2014-01-27 14:35 - 00029696 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\MSGBOX.EXE
2014-01-27 14:35 - 2014-01-27 14:35 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\LM.bat
2014-01-27 14:31 - 2014-01-27 14:31 - 00006723 _____ C:\WINDOWS\iis6.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00006183 _____ C:\WINDOWS\FaxSetup.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00004085 _____ C:\WINDOWS\Wdf01009Inst.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00002956 _____ C:\WINDOWS\ocgen.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00002905 _____ C:\WINDOWS\tsoc.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00002042 _____ C:\WINDOWS\comsetup.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001900 _____ C:\WINDOWS\msmqinst.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001719 _____ C:\WINDOWS\setupact.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001374 _____ C:\WINDOWS\imsins.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001228 _____ C:\WINDOWS\ntdtcsetup.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00001083 _____ C:\WINDOWS\netfxocm.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000425 _____ C:\WINDOWS\MedCtrOC.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000342 _____ C:\WINDOWS\ocmsn.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000311 _____ C:\WINDOWS\tabletoc.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000309 _____ C:\WINDOWS\msgsocm.log
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 __HDC C:\WINDOWS\$NtUninstallWdf01009$
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus Free Edition
2014-01-27 14:31 - 2014-01-27 14:31 - 00000000 _____ C:\WINDOWS\setuperr.log
2014-01-27 14:31 - 2014-01-27 14:25 - 00000000 ____D C:\Program Files\Bitdefender
2014-01-27 14:31 - 2014-01-27 09:34 - 00007214 _____ C:\WINDOWS\setupapi.log
2014-01-27 14:31 - 2013-12-05 09:34 - 00437936 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-27 14:27 - 2014-01-27 14:27 - 00000000 ____D C:\Program Files\Microsoft.NET
2014-01-27 14:27 - 2013-12-05 09:23 - 00000000 ____D C:\WINDOWS\system32\mui
2014-01-27 14:22 - 2013-12-05 11:12 - 00000000 ____D C:\Documents and Settings\Juraj Banas\My Documents\Preberanie
2014-01-27 13:58 - 2013-12-09 10:44 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-27 09:40 - 2014-01-27 09:40 - 00008951 _____ C:\Documents and Settings\Juraj Banas\My Documents\Addition.txt
2014-01-27 09:39 - 2014-01-27 09:39 - 00000000 ____D C:\FRST
2014-01-27 09:38 - 2014-01-27 09:38 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Desktop\LM.bat
2014-01-27 09:37 - 2014-01-27 09:37 - 01223168 _____ (Farbar) C:\Documents and Settings\Juraj Banas\Desktop\FRST.exe
2014-01-27 09:34 - 2014-01-27 09:34 - 00000000 ____D C:\rsit
2014-01-27 09:26 - 2013-12-09 08:43 - 00065536 _____ C:\WINDOWS\system32\config\Internet.evt
2014-01-27 09:26 - 2013-12-09 07:20 - 00065536 _____ C:\WINDOWS\system32\config\ODiag.evt
2014-01-27 08:38 - 2013-12-05 08:56 - 00000000 __SHD C:\WINDOWS\CSC
2014-01-27 08:38 - 2006-02-28 13:00 - 00002422 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-22 14:05 - 2014-01-22 14:05 - 00000000 ____D C:\Program Files\ESET
2014-01-22 08:32 - 2013-12-09 20:33 - 00000000 ____D C:\WINDOWS\pss
2014-01-22 08:30 - 2013-12-05 08:51 - 00000000 ___HD C:\WINDOWS\$hf_mig$
2014-01-22 08:29 - 2014-01-22 08:29 - 00000000 __HDC C:\WINDOWS\$NtUninstallbasecsp$
2014-01-22 08:29 - 2013-12-05 11:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ESET
2014-01-22 08:29 - 2013-12-05 09:23 - 00000000 ____D C:\WINDOWS\security
2014-01-22 08:25 - 2014-01-22 08:25 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-01-20 18:45 - 2013-12-09 12:43 - 00000000 ____D C:\Documents and Settings\Juraj Banas\Application Data\vlc
2014-01-20 18:43 - 2014-01-20 18:43 - 00000719 _____ C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-01-20 18:39 - 2013-12-19 19:14 - 00006144 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-18 11:57 - 2013-12-05 09:23 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2014-01-16 15:40 - 2013-12-18 18:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-16 15:38 - 2013-12-18 18:15 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-15 13:59 - 2013-12-09 12:27 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk
2014-01-13 10:25 - 2014-01-22 13:55 - 00001418 ____S C:\WINDOWS\system32\msstp.vbe
2014-01-11 10:47 - 2014-01-07 18:45 - 00000000 ____D C:\Documents and Settings\Juraj Banas\Application Data\Skype
2014-01-11 10:20 - 2014-01-11 10:20 - 00069232 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-01-11 09:52 - 2013-12-05 10:59 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2014-01-07 18:47 - 2014-01-07 18:47 - 00000000 __SHD C:\Documents and Settings\LocalService\IETldCache
2014-01-07 18:47 - 2013-12-05 10:11 - 00003419 _____ C:\WINDOWS\system32\lvcoinst.log
2014-01-07 18:47 - 2013-12-05 08:55 - 00000000 __SHD C:\Documents and Settings\LocalService
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ___RD C:\Program Files\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ____D C:\Program Files\Common Files\Skype
2014-01-07 18:45 - 2014-01-07 18:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-01-07 18:45 - 2014-01-07 18:44 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2014-01-07 18:12 - 2014-01-07 18:12 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2014-01-07 18:12 - 2013-12-09 12:44 - 00000000 ____D C:\Program Files\CCleaner
2013-12-31 14:15 - 2013-12-31 14:15 - 00000000 ____D C:\Program Files\Mozilla Firefox
Files to move or delete:
====================
C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll
Some content of TEMP:
====================
C:\Documents and Settings\deti\Local Settings\Temp\RtkBtMnt.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\fp_pl_pfs_installer.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\GuardMailRu.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\mdi064.dll
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\RtkBtMnt.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\vlc-2.1.2-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
Re: Kontrola a chyba (mdi064.dll)
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.) HKLM\...\Run: [MSStp] - C:\WINDOWS\system32\msstp.vbe [1418 2014-01-13] () HKLM\...\Run: [mncvkfyfSrv] - C:\WINDOWS\inf\mncvkfyf.vbe [1338 2014-01-13] () HKCU\...\Run: [tsiVideo] - C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll [3997696 2014-01-22] () <===== ATTENTION HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKCU - DefaultScope {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb FF Extension: Спутник @Mail.Ru - C:\Documents and Settings\Juraj Banas\Application Data\Mozilla\Firefox\Profiles\297eyo2j.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2013-12-18] FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird S2 NOD32FiXTemDono; C:\WINDOWS\system32\regedt32.exe [3584 2006-02-28] (Microsoft Corporation) C:\WINDOWS\inf\mncvkfyf.vbe C:\WINDOWS\system32\msstp.vbe 2014-01-22 08:29 - 2013-12-05 11:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ESET 2014-01-22 14:05 - 2014-01-22 14:05 - 00000000 ____D C:\Program Files\ESET 2014-01-27 09:38 - 2014-01-27 09:38 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Desktop\LM.bat 2014-01-27 09:40 - 2014-01-27 09:40 - 00008951 _____ C:\Documents and Settings\Juraj Banas\My Documents\Addition.txt 2014-01-27 14:35 - 2014-01-27 14:35 - 00029696 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\MSGBOX.EXE 2014-01-27 14:35 - 2014-01-27 14:35 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\LM.bat C:\Documents and Settings\deti\Local Settings\Temp\RtkBtMnt.exe C:\Documents and Settings\Juraj Banas\Local Settings\Temp\fp_pl_pfs_installer.exe C:\Documents and Settings\Juraj Banas\Local Settings\Temp\GuardMailRu.exe C:\Documents and Settings\Juraj Banas\Local Settings\Temp\mdi064.dll C:\Documents and Settings\Juraj Banas\Local Settings\Temp\RtkBtMnt.exe C:\Documents and Settings\Juraj Banas\Local Settings\Temp\vlc-2.1.2-win32.exe C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
justrideit
- Návštěvník
- Příspěvky: 73
- Registrován: 15 pro 2009 10:12
Re: Kontrola a chyba (mdi064.dll)
Fixlog:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-01-2014
Ran by Juraj Banas at 2014-01-28 07:20:22 Run:1
Running from C:\Documents and Settings\Juraj Banas\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSStp] - C:\WINDOWS\system32\msstp.vbe [1418 2014-01-13] ()
HKLM\...\Run: [mncvkfyfSrv] - C:\WINDOWS\inf\mncvkfyf.vbe [1338 2014-01-13] ()
HKCU\...\Run: [tsiVideo] - C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll [3997696 2014-01-22] () <===== ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
FF Extension: Спутник @Mail.Ru - C:\Documents and Settings\Juraj Banas\Application Data\Mozilla\Firefox\Profiles\297eyo2j.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2013-12-18]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
S2 NOD32FiXTemDono; C:\WINDOWS\system32\regedt32.exe [3584 2006-02-28] (Microsoft Corporation)
C:\WINDOWS\inf\mncvkfyf.vbe
C:\WINDOWS\system32\msstp.vbe
2014-01-22 08:29 - 2013-12-05 11:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ESET
2014-01-22 14:05 - 2014-01-22 14:05 - 00000000 ____D C:\Program Files\ESET
2014-01-27 09:38 - 2014-01-27 09:38 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Desktop\LM.bat
2014-01-27 09:40 - 2014-01-27 09:40 - 00008951 _____ C:\Documents and Settings\Juraj Banas\My Documents\Addition.txt
2014-01-27 14:35 - 2014-01-27 14:35 - 00029696 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\MSGBOX.EXE
2014-01-27 14:35 - 2014-01-27 14:35 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\LM.bat
C:\Documents and Settings\deti\Local Settings\Temp\RtkBtMnt.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\fp_pl_pfs_installer.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\GuardMailRu.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\mdi064.dll
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\RtkBtMnt.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\vlc-2.1.2-win32.exe
C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MSStp => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mncvkfyfSrv => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\tsiVideo => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E88E0043-C9D4-4e33-8555-FEE4F5B63060} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E88E0043-C9D4-4e33-8555-FEE4F5B63060} => Key not found.
C:\Documents and Settings\Juraj Banas\Application Data\Mozilla\Firefox\Profiles\297eyo2j.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} => not found.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => Value deleted successfully.
NOD32FiXTemDono => Service deleted successfully.
C:\WINDOWS\inf\mncvkfyf.vbe => Moved successfully.
C:\WINDOWS\system32\msstp.vbe => Moved successfully.
C:\Documents and Settings\All Users\Application Data\ESET => Moved successfully.
C:\Program Files\ESET => Moved successfully.
"C:\Documents and Settings\Juraj Banas\Desktop\LM.bat" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\My Documents\Addition.txt" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\MSGBOX.EXE" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\LM.bat" => File/Directory not found.
C:\Documents and Settings\deti\Local Settings\Temp\RtkBtMnt.exe => Moved successfully.
"C:\Documents and Settings\Juraj Banas\Local Settings\Temp\fp_pl_pfs_installer.exe" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\Local Settings\Temp\GuardMailRu.exe" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\Local Settings\Temp\mdi064.dll" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\Local Settings\Temp\RtkBtMnt.exe" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\Local Settings\Temp\vlc-2.1.2-win32.exe" => File/Directory not found.
C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-01-2014
Ran by Juraj Banas at 2014-01-28 07:20:22 Run:1
Running from C:\Documents and Settings\Juraj Banas\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252296 2012-01-17] (Sun Microsystems, Inc.)
HKLM\...\Run: [MSStp] - C:\WINDOWS\system32\msstp.vbe [1418 2014-01-13] ()
HKLM\...\Run: [mncvkfyfSrv] - C:\WINDOWS\inf\mncvkfyf.vbe [1338 2014-01-13] ()
HKCU\...\Run: [tsiVideo] - C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll [3997696 2014-01-22] () <===== ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = http://go.mail.ru/search?q={searchTerms ... =1&fr=ietb
FF Extension: Спутник @Mail.Ru - C:\Documents and Settings\Juraj Banas\Application Data\Mozilla\Firefox\Profiles\297eyo2j.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2013-12-18]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
S2 NOD32FiXTemDono; C:\WINDOWS\system32\regedt32.exe [3584 2006-02-28] (Microsoft Corporation)
C:\WINDOWS\inf\mncvkfyf.vbe
C:\WINDOWS\system32\msstp.vbe
2014-01-22 08:29 - 2013-12-05 11:09 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ESET
2014-01-22 14:05 - 2014-01-22 14:05 - 00000000 ____D C:\Program Files\ESET
2014-01-27 09:38 - 2014-01-27 09:38 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Desktop\LM.bat
2014-01-27 09:40 - 2014-01-27 09:40 - 00008951 _____ C:\Documents and Settings\Juraj Banas\My Documents\Addition.txt
2014-01-27 14:35 - 2014-01-27 14:35 - 00029696 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\MSGBOX.EXE
2014-01-27 14:35 - 2014-01-27 14:35 - 00015327 _____ C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\LM.bat
C:\Documents and Settings\deti\Local Settings\Temp\RtkBtMnt.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\fp_pl_pfs_installer.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\GuardMailRu.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\mdi064.dll
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\RtkBtMnt.exe
C:\Documents and Settings\Juraj Banas\Local Settings\Temp\vlc-2.1.2-win32.exe
C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\MSStp => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mncvkfyfSrv => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\tsiVideo => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => Value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E88E0043-C9D4-4e33-8555-FEE4F5B63060} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{E88E0043-C9D4-4e33-8555-FEE4F5B63060} => Key not found.
C:\Documents and Settings\Juraj Banas\Application Data\Mozilla\Firefox\Profiles\297eyo2j.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} => not found.
HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => Value deleted successfully.
NOD32FiXTemDono => Service deleted successfully.
C:\WINDOWS\inf\mncvkfyf.vbe => Moved successfully.
C:\WINDOWS\system32\msstp.vbe => Moved successfully.
C:\Documents and Settings\All Users\Application Data\ESET => Moved successfully.
C:\Program Files\ESET => Moved successfully.
"C:\Documents and Settings\Juraj Banas\Desktop\LM.bat" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\My Documents\Addition.txt" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\MSGBOX.EXE" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\Local Settings\Application Data\LM.bat" => File/Directory not found.
C:\Documents and Settings\deti\Local Settings\Temp\RtkBtMnt.exe => Moved successfully.
"C:\Documents and Settings\Juraj Banas\Local Settings\Temp\fp_pl_pfs_installer.exe" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\Local Settings\Temp\GuardMailRu.exe" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\Local Settings\Temp\mdi064.dll" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\Local Settings\Temp\RtkBtMnt.exe" => File/Directory not found.
"C:\Documents and Settings\Juraj Banas\Local Settings\Temp\vlc-2.1.2-win32.exe" => File/Directory not found.
C:\DOCUME~1\JURAJB~1\LOCALS~1\Temp\\mdi064.dll => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: Kontrola a chyba (mdi064.dll)
Tak jeste uklidime 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
A pokud nejsou problemy ci dotazy, je to z me strany vse 
T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud nejsou problemy ci dotazy, je to z me strany vse "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
justrideit
- Návštěvník
- Příspěvky: 73
- Registrován: 15 pro 2009 10:12
Re: Kontrola a chyba (mdi064.dll)
PC vyzera byt v poriadku. Dakujem velmi pekne za rady a postup a prajem prijemny den 
Re: Kontrola a chyba (mdi064.dll)
Zase nekdy 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?