Dobrý deň,
Všimol som si, že už dlhšie mi nejde pripojit na microsoft.com. Ako som tak hľadal, našiel som meno vírusu, a zistil som, že ten vírus asi mám. Skúšal som sa pripojiť na avira.com eset.sk avast.cz atď. Žiadna stránka antivíru nejde. Mal som starý pc a starý router, tak som si poriadil nový pc, a asus router. Je ten vírus v sieti? Ako ho odstrániť?
Ešte mám jeden problem s routrom, neviem či to robí ten vírus, alebo nejak mi pomôcť. Po nepravidelných intervalov, "spadne" internet, na dlhšie, keby sa to stalo raz, nejak by mi to nevadilo, ale robí to za hodinu aj 3x... Výpadok celej siete nieje nič moc, kedže rodina niečo tiež na ostatných pc robia...
Ďakujem vopred.
(spomínal sa nejaký vírus conficker) Skúsil som sťiahnut tu jednorázovu čističku NODu, lenže keď dám zahájit clean, padne mi to.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nejde sa pripojit na microsoft.com / avast.cz
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Nostradamus
- Návštěvník
- Příspěvky: 25
- Registrován: 02 úno 2010 18:19
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Nejde sa pripojit na microsoft.com / avast.cz
Zdravim
Ja nie som nostradamus
takze vloz sem log z RSIT u.
Ja nie som nostradamus
takze vloz sem log z RSIT u. a temu presuvam do riesenia problemu s logy.Stiahnes>>RSIT >>logy vloz sem,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
Nostradamus
- Návštěvník
- Příspěvky: 25
- Registrován: 02 úno 2010 18:19
Re: Nejde sa pripojit na microsoft.com / avast.cz
1. - NOD mi detekoval ten vírus, ale ked dám zmazať padne.
2. - Ten tvoj test, sa nedá stiahnuť, kedže žiaden web s antivírmi mi nejde.
Ďakujem, za rýchlu odpoveď.
2. - Ten tvoj test, sa nedá stiahnuť, kedže žiaden web s antivírmi mi nejde.
Ďakujem, za rýchlu odpoveď.
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Nejde sa pripojit na microsoft.com / avast.cz
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
Nostradamus
- Návštěvník
- Příspěvky: 25
- Registrován: 02 úno 2010 18:19
Re: Nejde sa pripojit na microsoft.com / avast.cz
Logfile of random's system information tool 1.06 (written by random/random)
Run by Matej at 2010-02-02 17:55:53
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 382 GB (80%) free of 477 GB
Total RAM: 2046 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55:54, on 2.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Matej\My Documents\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Matej.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zaparit.cz/
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Matej\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Matej\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C28CE3DE-C973-4432-9412-4D776BC518C8}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AODService - Unknown owner - C:\Program Files\AMD\OverDrive\AODAssist.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
--
End of file - 6363 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-2052111302-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-2052111302-682003330-1004UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Matej\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-26 263280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-26 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-26 263280]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2007-12-21 1443072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Steam"=C:\Program Files\Steam\Steam.exe [2010-01-01 1217808]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Google Update"=C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-11 135664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GAINWARD]
C:\Program Files\EXPERTool\TBPanel.exe [2009-05-12 2181672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2009-06-10 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2009-01-13 18084864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe [2010-01-01 1217808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan.lnk]
C:\PROGRA~1\MCAFEE~1\10BCA1~1.150\SSSCHE~1.EXE []
C:\Documents and Settings\Matej\Start Menu\Programs\Startup
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Sierra\Empire Earth\Empire Earth.exe"="C:\Program Files\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\Matej\Desktop\twofingers\Left.4.Dead.2-THEPiRATEGAY\Left.4.Dead.2-THEPiRATEGAY\left4dead2.exe"="C:\Documents and Settings\Matej\Desktop\twofingers\Left.4.Dead.2-THEPiRATEGAY\Left.4.Dead.2-THEPiRATEGAY\left4dead2.exe:*:Enabled:left4dead2"
"C:\Documents and Settings\Matej\My Documents\Stažené soubory\II\Left4Dead2.Full.Game.v2.0.0.1-PSY\left 4 dead 2\left4dead2.exe"="C:\Documents and Settings\Matej\My Documents\Stažené soubory\II\Left4Dead2.Full.Game.v2.0.0.1-PSY\left 4 dead 2\left4dead2.exe:*:Enabled:left4dead2"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat"="C:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat:*:Enabled:Zero Gear Demo"
"C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe"="C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe:*:Enabled:left4dead2"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Downloads\Left 4 Dead 2 v2.0.0.1 Cracked\left4dead2.exe"="C:\Downloads\Left 4 Dead 2 v2.0.0.1 Cracked\left4dead2.exe:*:Enabled:left4dead2"
"C:\Program Files\left 4 dead 2\left4dead2.exe"="C:\Program Files\left 4 dead 2\left4dead2.exe:*:Enabled:left4dead2"
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1e1dc00-0514-11df-b5dc-00241ddbc1e0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
======List of files/folders created in the last 1 months======
2010-02-02 17:55:05 ----D---- C:\rsit
2010-02-02 13:19:46 ----D---- C:\SERIA 1
2010-02-01 09:40:15 ----D---- C:\Program Files\Prime95
2010-02-01 07:49:36 ----AD---- C:\xampp
2010-01-31 19:12:56 ----D---- C:\WINDOWS\system32\Adobe
2010-01-30 23:37:21 ----D---- C:\Stranka
2010-01-30 13:19:13 ----D---- C:\Program Files\CCleaner
2010-01-30 13:00:56 ----D---- C:\Program Files\Trend Micro
2010-01-30 12:38:05 ----D---- C:\Program Files\ESET
2010-01-30 12:38:05 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-01-28 12:50:27 ----D---- C:\mato
2010-01-26 19:31:50 ----D---- C:\WINDOWS\.jagex_cache_32
2010-01-26 19:31:47 ----D---- C:\WINDOWS\Sun
2010-01-26 19:30:16 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-01-26 19:30:15 ----D---- C:\Program Files\Common Files\Java
2010-01-26 19:30:05 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-26 19:30:05 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-26 19:30:05 ----A---- C:\WINDOWS\system32\java.exe
2010-01-26 19:30:05 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-01-26 19:29:54 ----D---- C:\Program Files\Java
2010-01-26 19:29:35 ----D---- C:\Documents and Settings\Matej\Application Data\Sun
2010-01-18 21:30:50 ----D---- C:\Program Files\Electronic Arts
2010-01-18 21:28:01 ----D---- C:\WINDOWS\RegisteredPackages
2010-01-18 21:27:39 ----A---- C:\WINDOWS\system32\psisdecd.dll
2010-01-18 21:27:37 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2010-01-18 21:27:02 ----RA---- C:\WINDOWS\system32\vp6vfw.dll
2010-01-18 19:53:28 ----D---- C:\Fraps
2010-01-18 07:30:48 ----A---- C:\WINDOWS\system32\msvcr71.dll
2010-01-18 07:30:46 ----A---- C:\WINDOWS\system32\msvcp71.dll
2010-01-17 13:26:58 ----D---- C:\Program Files\BitComet
2010-01-16 21:40:08 ----D---- C:\Program Files\OpenAL
2010-01-16 21:40:08 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2010-01-16 21:40:08 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2010-01-16 21:40:07 ----A---- C:\WINDOWS\galaxy.ini
2010-01-16 12:32:50 ----D---- C:\Program Files\Halflife 2 Episode 2 DeLEGiON
2010-01-14 18:24:58 ----D---- C:\WINDOWS\Eurobattle.net
2010-01-14 18:06:44 ----D---- C:\Program Files\Warcraft III
2010-01-07 15:49:44 ----D---- C:\Documents and Settings\Matej\Application Data\Opera
2010-01-07 15:49:39 ----D---- C:\Program Files\Opera
2010-01-07 14:50:01 ----D---- C:\Documents and Settings\Matej\Application Data\gtk-2.0
2010-01-07 14:41:57 ----D---- C:\Program Files\GIMP-2.0
2010-01-06 19:00:57 ----D---- C:\Program Files\Lavalys
2010-01-05 21:51:10 ----D---- C:\Documents and Settings\Matej\Application Data\dvdcss
2010-01-05 19:46:54 ----D---- C:\Films
2010-01-03 21:10:42 ----D---- C:\Documents and Settings\Matej\Application Data\PSpad
2010-01-03 21:10:38 ----D---- C:\Program Files\PSPad editor
======List of files/folders modified in the last 1 months======
2010-02-02 17:55:53 ----D---- C:\Documents and Settings\Matej\Application Data\vlc
2010-02-02 17:55:11 ----D---- C:\WINDOWS\Prefetch
2010-02-02 17:54:30 ----D---- C:\WINDOWS\Temp
2010-02-02 17:39:14 ----D---- C:\WINDOWS\system32
2010-02-02 17:39:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-02 17:33:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-02 17:33:06 ----D---- C:\WINDOWS\system32\drivers
2010-02-02 17:16:24 ----D---- C:\Documents and Settings\Matej\Application Data\Skype
2010-02-02 17:01:42 ----D---- C:\WoW 2.4.3 (funkcne)
2010-02-02 16:16:27 ----D---- C:\Documents and Settings\Matej\Application Data\skypePM
2010-02-02 13:20:02 ----D---- C:\Program Files\Steam
2010-02-02 13:17:59 ----D---- C:\Documents and Settings\Matej\Application Data\Hamachi
2010-02-01 17:30:37 ----D---- C:\Program Files\Mozilla Firefox
2010-02-01 09:40:15 ----RD---- C:\Program Files
2010-01-31 23:33:41 ----D---- C:\WINDOWS
2010-01-31 22:12:56 ----SHD---- C:\WINDOWS\Installer
2010-01-30 13:23:22 ----D---- C:\WINDOWS\Debug
2010-01-30 12:38:28 ----HD---- C:\WINDOWS\inf
2010-01-30 12:38:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-30 12:37:34 ----D---- C:\Mato hry
2010-01-26 19:30:15 ----D---- C:\Program Files\Common Files
2010-01-19 17:09:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-18 21:36:07 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-18 21:27:33 ----D---- C:\WINDOWS\system32\DirectX
2010-01-17 13:50:59 ----D---- C:\Program Files\Common Files\InstallShield
2010-01-17 13:27:32 ----D---- C:\Downloads
2010-01-16 11:15:20 ----D---- C:\Program Files\AMD
2010-01-16 08:52:53 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-01-11 14:45:43 ----SD---- C:\WINDOWS\Tasks
2010-01-08 16:15:11 ----D---- C:\Program Files\Zaparit
2010-01-07 21:06:09 ----D---- C:\Program Files\BitSpirit
2010-01-07 12:06:30 ----SD---- C:\Documents and Settings\Matej\Application Data\Microsoft
2010-01-03 21:11:31 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 33800]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-01-20 5027840]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-03 8087712]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 a8i7phn7;a8i7phn7; C:\WINDOWS\system32\drivers\a8i7phn7.sys []
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-01-02 25280]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-26 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-06-10 168004]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-01-02 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-01-16 215128]
S2 AODService;AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [2009-10-22 136544]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2007-12-21 19200]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-26 182768]
-----------------EOF-----------------
Run by Matej at 2010-02-02 17:55:53
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 382 GB (80%) free of 477 GB
Total RAM: 2046 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55:54, on 2.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Matej\My Documents\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Matej.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.zaparit.cz/
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Matej\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: DeviceVM Url Search Hook - {0063BF63-BFFF-4B8F-9D26-4267DF7F17DD} - C:\WINDOWS\system32\dvmurl.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Matej\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C28CE3DE-C973-4432-9412-4D776BC518C8}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AODService - Unknown owner - C:\Program Files\AMD\OverDrive\AODAssist.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
--
End of file - 6363 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-2052111302-682003330-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1708537768-2052111302-682003330-1004UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Matej\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-26 263280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-26 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-26 79648]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-26 263280]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2007-12-21 1443072]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Steam"=C:\Program Files\Steam\Steam.exe [2010-01-01 1217808]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Google Update"=C:\Documents and Settings\Matej\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-01-11 135664]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GAINWARD]
C:\Program Files\EXPERTool\TBPanel.exe [2009-05-12 2181672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2009-06-10 13758464]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2009-06-10 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2009-01-13 18084864]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
c:\program files\steam\steam.exe [2010-01-01 1217808]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^McAfee Security Scan.lnk]
C:\PROGRA~1\MCAFEE~1\10BCA1~1.150\SSSCHE~1.EXE []
C:\Documents and Settings\Matej\Start Menu\Programs\Startup
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Sierra\Empire Earth\Empire Earth.exe"="C:\Program Files\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\Matej\Desktop\twofingers\Left.4.Dead.2-THEPiRATEGAY\Left.4.Dead.2-THEPiRATEGAY\left4dead2.exe"="C:\Documents and Settings\Matej\Desktop\twofingers\Left.4.Dead.2-THEPiRATEGAY\Left.4.Dead.2-THEPiRATEGAY\left4dead2.exe:*:Enabled:left4dead2"
"C:\Documents and Settings\Matej\My Documents\Stažené soubory\II\Left4Dead2.Full.Game.v2.0.0.1-PSY\left 4 dead 2\left4dead2.exe"="C:\Documents and Settings\Matej\My Documents\Stažené soubory\II\Left4Dead2.Full.Game.v2.0.0.1-PSY\left 4 dead 2\left4dead2.exe:*:Enabled:left4dead2"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat"="C:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat:*:Enabled:Zero Gear Demo"
"C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe"="C:\Program Files\Steam\steamapps\common\left 4 dead 2\left4dead2.exe:*:Enabled:left4dead2"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Downloads\Left 4 Dead 2 v2.0.0.1 Cracked\left4dead2.exe"="C:\Downloads\Left 4 Dead 2 v2.0.0.1 Cracked\left4dead2.exe:*:Enabled:left4dead2"
"C:\Program Files\left 4 dead 2\left4dead2.exe"="C:\Program Files\left 4 dead 2\left4dead2.exe:*:Enabled:left4dead2"
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1e1dc00-0514-11df-b5dc-00241ddbc1e0}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
======List of files/folders created in the last 1 months======
2010-02-02 17:55:05 ----D---- C:\rsit
2010-02-02 13:19:46 ----D---- C:\SERIA 1
2010-02-01 09:40:15 ----D---- C:\Program Files\Prime95
2010-02-01 07:49:36 ----AD---- C:\xampp
2010-01-31 19:12:56 ----D---- C:\WINDOWS\system32\Adobe
2010-01-30 23:37:21 ----D---- C:\Stranka
2010-01-30 13:19:13 ----D---- C:\Program Files\CCleaner
2010-01-30 13:00:56 ----D---- C:\Program Files\Trend Micro
2010-01-30 12:38:05 ----D---- C:\Program Files\ESET
2010-01-30 12:38:05 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2010-01-28 12:50:27 ----D---- C:\mato
2010-01-26 19:31:50 ----D---- C:\WINDOWS\.jagex_cache_32
2010-01-26 19:31:47 ----D---- C:\WINDOWS\Sun
2010-01-26 19:30:16 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-01-26 19:30:15 ----D---- C:\Program Files\Common Files\Java
2010-01-26 19:30:05 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-26 19:30:05 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-26 19:30:05 ----A---- C:\WINDOWS\system32\java.exe
2010-01-26 19:30:05 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-01-26 19:29:54 ----D---- C:\Program Files\Java
2010-01-26 19:29:35 ----D---- C:\Documents and Settings\Matej\Application Data\Sun
2010-01-18 21:30:50 ----D---- C:\Program Files\Electronic Arts
2010-01-18 21:28:01 ----D---- C:\WINDOWS\RegisteredPackages
2010-01-18 21:27:39 ----A---- C:\WINDOWS\system32\psisdecd.dll
2010-01-18 21:27:37 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2010-01-18 21:27:02 ----RA---- C:\WINDOWS\system32\vp6vfw.dll
2010-01-18 19:53:28 ----D---- C:\Fraps
2010-01-18 07:30:48 ----A---- C:\WINDOWS\system32\msvcr71.dll
2010-01-18 07:30:46 ----A---- C:\WINDOWS\system32\msvcp71.dll
2010-01-17 13:26:58 ----D---- C:\Program Files\BitComet
2010-01-16 21:40:08 ----D---- C:\Program Files\OpenAL
2010-01-16 21:40:08 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2010-01-16 21:40:08 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2010-01-16 21:40:07 ----A---- C:\WINDOWS\galaxy.ini
2010-01-16 12:32:50 ----D---- C:\Program Files\Halflife 2 Episode 2 DeLEGiON
2010-01-14 18:24:58 ----D---- C:\WINDOWS\Eurobattle.net
2010-01-14 18:06:44 ----D---- C:\Program Files\Warcraft III
2010-01-07 15:49:44 ----D---- C:\Documents and Settings\Matej\Application Data\Opera
2010-01-07 15:49:39 ----D---- C:\Program Files\Opera
2010-01-07 14:50:01 ----D---- C:\Documents and Settings\Matej\Application Data\gtk-2.0
2010-01-07 14:41:57 ----D---- C:\Program Files\GIMP-2.0
2010-01-06 19:00:57 ----D---- C:\Program Files\Lavalys
2010-01-05 21:51:10 ----D---- C:\Documents and Settings\Matej\Application Data\dvdcss
2010-01-05 19:46:54 ----D---- C:\Films
2010-01-03 21:10:42 ----D---- C:\Documents and Settings\Matej\Application Data\PSpad
2010-01-03 21:10:38 ----D---- C:\Program Files\PSPad editor
======List of files/folders modified in the last 1 months======
2010-02-02 17:55:53 ----D---- C:\Documents and Settings\Matej\Application Data\vlc
2010-02-02 17:55:11 ----D---- C:\WINDOWS\Prefetch
2010-02-02 17:54:30 ----D---- C:\WINDOWS\Temp
2010-02-02 17:39:14 ----D---- C:\WINDOWS\system32
2010-02-02 17:39:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-02 17:33:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-02 17:33:06 ----D---- C:\WINDOWS\system32\drivers
2010-02-02 17:16:24 ----D---- C:\Documents and Settings\Matej\Application Data\Skype
2010-02-02 17:01:42 ----D---- C:\WoW 2.4.3 (funkcne)
2010-02-02 16:16:27 ----D---- C:\Documents and Settings\Matej\Application Data\skypePM
2010-02-02 13:20:02 ----D---- C:\Program Files\Steam
2010-02-02 13:17:59 ----D---- C:\Documents and Settings\Matej\Application Data\Hamachi
2010-02-01 17:30:37 ----D---- C:\Program Files\Mozilla Firefox
2010-02-01 09:40:15 ----RD---- C:\Program Files
2010-01-31 23:33:41 ----D---- C:\WINDOWS
2010-01-31 22:12:56 ----SHD---- C:\WINDOWS\Installer
2010-01-30 13:23:22 ----D---- C:\WINDOWS\Debug
2010-01-30 12:38:28 ----HD---- C:\WINDOWS\inf
2010-01-30 12:38:23 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-30 12:37:34 ----D---- C:\Mato hry
2010-01-26 19:30:15 ----D---- C:\Program Files\Common Files
2010-01-19 17:09:01 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-18 21:36:07 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-18 21:27:33 ----D---- C:\WINDOWS\system32\DirectX
2010-01-17 13:50:59 ----D---- C:\Program Files\Common Files\InstallShield
2010-01-17 13:27:32 ----D---- C:\Downloads
2010-01-16 11:15:20 ----D---- C:\Program Files\AMD
2010-01-16 08:52:53 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-01-11 14:45:43 ----SD---- C:\WINDOWS\Tasks
2010-01-08 16:15:11 ----D---- C:\Program Files\Zaparit
2010-01-07 21:06:09 ----D---- C:\Program Files\BitSpirit
2010-01-07 12:06:30 ----SD---- C:\Documents and Settings\Matej\Application Data\Microsoft
2010-01-03 21:11:31 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 33800]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-01-20 5027840]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-07-03 8087712]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 a8i7phn7;a8i7phn7; C:\WINDOWS\system32\drivers\a8i7phn7.sys []
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-01-02 25280]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2007-12-21 468224]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-02-05 68136]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-26 153376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-06-10 168004]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-01-02 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-01-16 215128]
S2 AODService;AODService; C:\Program Files\AMD\OverDrive\AODAssist.exe [2009-10-22 136544]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2007-12-21 19200]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-26 182768]
-----------------EOF-----------------
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Nejde sa pripojit na microsoft.com / avast.cz
ok,to ze mas tam confickera v tom mas pravdu,,
1:pripoj USB-kluce;
1:pripoj USB-kluce;
2:
Stiahnes>>OTMoveIt3 by OldTimer >.podla navodu vloz text a klik-Moveit>>log po restarte vloz sem
Kód: Vybrat vše
:processes
explorer.exe
:files
C:\Documents and Settings\Matej\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll
C:\Program Files\DAEMON Tools Toolbar
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1e1dc00-0514-11df-b5dc-00241ddbc1e0}]
:commands
[emptytemp]
[ClearAllRestorePoints]
[resethosts]
[start explorer]
[Reboot]
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
Nostradamus
- Návštěvník
- Příspěvky: 25
- Registrován: 02 úno 2010 18:19
Re: Nejde sa pripojit na microsoft.com / avast.cz
Trošku mi v tom nieje jasno. Ak ten vírus deletnem tu, na ostatných pc v sieti nebude? USB na tomto pc som ešte ani nezapojil, ale na ostatných pc to používajú, mám to urobiť na tamtých pc? (USB máme strašnú kopu tak ..)
LOG :
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Documents and Settings\Matej\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1e1dc00-0514-11df-b5dc-00241ddbc1e0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f1e1dc00-0514-11df-b5dc-00241ddbc1e0}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Matej
->Temp folder emptied: 896290111 bytes
->Temporary Internet Files folder emptied: 13466981 bytes
->Java cache emptied: 38451 bytes
->FireFox cache emptied: 39941697 bytes
->Google Chrome cache emptied: 397846181 bytes
User: Mato
->Temp folder emptied: 641721 bytes
->Temporary Internet Files folder emptied: 1013161 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2176856 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3751863 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 738540202 bytes
Total Files Cleaned = 1 997,00 mb
Restore points cleared and new OTM Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTM by OldTimer - Version 3.1.7.1 log created on 02022010_181532
Files moved on Reboot...
Registry entries deleted on Reboot...
LOG :
All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Documents and Settings\Matej\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll moved successfully.
C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr\ deleted successfully.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1e1dc00-0514-11df-b5dc-00241ddbc1e0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f1e1dc00-0514-11df-b5dc-00241ddbc1e0}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Matej
->Temp folder emptied: 896290111 bytes
->Temporary Internet Files folder emptied: 13466981 bytes
->Java cache emptied: 38451 bytes
->FireFox cache emptied: 39941697 bytes
->Google Chrome cache emptied: 397846181 bytes
User: Mato
->Temp folder emptied: 641721 bytes
->Temporary Internet Files folder emptied: 1013161 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2176856 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3751863 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 738540202 bytes
Total Files Cleaned = 1 997,00 mb
Restore points cleared and new OTM Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTM by OldTimer - Version 3.1.7.1 log created on 02022010_181532
Files moved on Reboot...
Registry entries deleted on Reboot...
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Nejde sa pripojit na microsoft.com / avast.cz
1:Conficker sa siri cez USB s pomocou autorunu,
takze ak pisem ze pripoj tak to treba pripojit,nakolko takto nic nespravime,,momente ked pripojis USB-kluce pc sa infikuje znova.
2:Napisal som ti navod mal si najprv pouzit program>USBFIX<preco si to nespravil??
Takze pripoj USB kluce a pouzit USBFIX,log vloz sem,potom budeme pokracovat,,ak ich mas vela postupne vsetky popripajaj a stale spust USBFIX,,uz potom logy sem nedavaj,staci prvy log..az to budes mat napis,,potom budeme pokracovat
takze ak pisem ze pripoj tak to treba pripojit,nakolko takto nic nespravime,,momente ked pripojis USB-kluce pc sa infikuje znova.
2:Napisal som ti navod mal si najprv pouzit program>USBFIX<preco si to nespravil??
Takze pripoj USB kluce a pouzit USBFIX,log vloz sem,potom budeme pokracovat,,ak ich mas vela postupne vsetky popripajaj a stale spust USBFIX,,uz potom logy sem nedavaj,staci prvy log..az to budes mat napis,,potom budeme pokracovat
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
Nostradamus
- Návštěvník
- Příspěvky: 25
- Registrován: 02 úno 2010 18:19
Re: Nejde sa pripojit na microsoft.com / avast.cz
Samozrejme moja vina, prepáčte.
LOG USB FIX:
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Files # Infected Folders |
Deleted ! C:\WINDOWS\System32\mqmfnfl.dll.vir
Deleted ! C:\Recycler\S-1-5-21-1708537768-2052111302-682003330-1004
################## | Registry # Infected Keys |
################## | Registry # Mountpoints2 |
################## | Listing of the present files |
[26.12.2009 16:27|--a------|0] C:\AUTOEXEC.BAT
[01.01.2010 12:14|-r-hs----|223] C:\boot.ini
[26.12.2009 16:27|--a------|0] C:\CONFIG.SYS
[26.12.2009 16:36|--a------|86] C:\csb.log
[26.12.2009 16:27|-rahs----|0] C:\IO.SYS
[26.12.2009 16:27|-rahs----|0] C:\MSDOS.SYS
[28.02.2006 13:00|-rahs----|47564] C:\NTDETECT.COM
[01.01.2010 22:22|-rahs----|250048] C:\ntldr
[?|?|?] C:\pagefile.sys
[26.12.2009 16:34|--a------|2368] C:\RHDSetup.log
[02.02.2010 18:52|--a------|124] C:\service.log
[02.02.2010 18:54|--a------|2498] C:\UsbFix.txt
[01.02.2010 15:09|--a------|1347743] F:\rocne.pdf
[01.02.2010 11:11|--a------|10587] F:\PaeDr.docx
################## | Vaccination |
# C:\autorun.inf -> Folder created by UsbFix.
# F:\autorun.inf -> Folder created by UsbFix.
################## | Upload |
Please send the file : C:\UsbFix_Upload_Me_IT-3119B06F5BA4.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .
################## | ! End of report # UsbFix V6.084 ! |
LOG OTM:
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File/Folder C:\Documents and Settings\Matej\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll not found.
File/Folder C:\Program Files\DAEMON Tools Toolbar not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1e1dc00-0514-11df-b5dc-00241ddbc1e0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f1e1dc00-0514-11df-b5dc-00241ddbc1e0}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Matej
->Temp folder emptied: 403 bytes
->Temporary Internet Files folder emptied: 250690 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 12288430 bytes
User: Mato
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 12,00 mb
Restore points cleared and new OTM Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTM by OldTimer - Version 3.1.7.1 log created on 02022010_185634
Files moved on Reboot...
Registry entries deleted on Reboot...
LOG USB FIX:
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
################## | Files # Infected Folders |
Deleted ! C:\WINDOWS\System32\mqmfnfl.dll.vir
Deleted ! C:\Recycler\S-1-5-21-1708537768-2052111302-682003330-1004
################## | Registry # Infected Keys |
################## | Registry # Mountpoints2 |
################## | Listing of the present files |
[26.12.2009 16:27|--a------|0] C:\AUTOEXEC.BAT
[01.01.2010 12:14|-r-hs----|223] C:\boot.ini
[26.12.2009 16:27|--a------|0] C:\CONFIG.SYS
[26.12.2009 16:36|--a------|86] C:\csb.log
[26.12.2009 16:27|-rahs----|0] C:\IO.SYS
[26.12.2009 16:27|-rahs----|0] C:\MSDOS.SYS
[28.02.2006 13:00|-rahs----|47564] C:\NTDETECT.COM
[01.01.2010 22:22|-rahs----|250048] C:\ntldr
[?|?|?] C:\pagefile.sys
[26.12.2009 16:34|--a------|2368] C:\RHDSetup.log
[02.02.2010 18:52|--a------|124] C:\service.log
[02.02.2010 18:54|--a------|2498] C:\UsbFix.txt
[01.02.2010 15:09|--a------|1347743] F:\rocne.pdf
[01.02.2010 11:11|--a------|10587] F:\PaeDr.docx
################## | Vaccination |
# C:\autorun.inf -> Folder created by UsbFix.
# F:\autorun.inf -> Folder created by UsbFix.
################## | Upload |
Please send the file : C:\UsbFix_Upload_Me_IT-3119B06F5BA4.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .
################## | ! End of report # UsbFix V6.084 ! |
LOG OTM:
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File/Folder C:\Documents and Settings\Matej\Application Data\Microsoft\Internet Explorer\qipsearchbar.dll not found.
File/Folder C:\Program Files\DAEMON Tools Toolbar not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr\ not found.
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1e1dc00-0514-11df-b5dc-00241ddbc1e0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f1e1dc00-0514-11df-b5dc-00241ddbc1e0}\ not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
User: Matej
->Temp folder emptied: 403 bytes
->Temporary Internet Files folder emptied: 250690 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 12288430 bytes
User: Mato
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 12,00 mb
Restore points cleared and new OTM Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTM by OldTimer - Version 3.1.7.1 log created on 02022010_185634
Files moved on Reboot...
Registry entries deleted on Reboot...
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Nejde sa pripojit na microsoft.com / avast.cz
ok
1:takze vycistit vsetky USB kluce:
2:stiahnes tento program,pojdes do nudzoveho rezimu -odpojis sa od siete a spustis,,po skane restart do windows pripojis sa ak ti da log vloz sem.
http://download.viry.cz/removers/FixDownadup.exe
3:
1:takze vycistit vsetky USB kluce:
2:stiahnes tento program,pojdes do nudzoveho rezimu -odpojis sa od siete a spustis,,po skane restart do windows pripojis sa ak ti da log vloz sem.
http://download.viry.cz/removers/FixDownadup.exe
3:
PROSIM CITAJTE POZORNE NAVODY!!!,
Stáhněte na plochu, ukončete všechna aktivní okna a spusťte>>
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Suhlasit instalacio Konzoly pre zotavenie (Recovery console)
- ComboFix je třeba spustit pod účtem s právy administrátora.
- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano;
A este raz >ANO<
- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího modreho okna
- Po dokončení skenování, trvajícího maximálně 10-15 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah do svého threadu na forum
- Před použitím ComboFixu je treba vypnout všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary. NAVOD: http://www.bleepingcomputer.com/forums/topic114351.html
Mohou zasahovat do činnosti ComboFixu, což může způsobit, že nebude fungovat korektně.
V případě detekce antiviru u ComboFixu se jedná o falešný poplach.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
Nostradamus
- Návštěvník
- Příspěvky: 25
- Registrován: 02 úno 2010 18:19
Re: Nejde sa pripojit na microsoft.com / avast.cz
Hm, tak už mi microsoft aj avast.cz išiel, ale usbčka som nemal po ruke, (potrebovala ich mama) tak som to neočistil, prídem na pc, a zas mi nejde pripojit nikde, asi sa to šíri sieťov, alebo nie? K usbčkam sa dostanem až večer,tak hodím log potom.
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Nejde sa pripojit na microsoft.com / avast.cz
1:Vsetky pc v sieti mas zavirene Confickerom,
2:Vsetky USB kluce su zavirene a prenasate infekciu
3:vycistenie USB klucov je len prvy krok..
4:pokracovat si mal tak ako som napisal,,zbytocne budes pisat ze si to neurobil a zasa neide.to je to tak ako keby si bol chory a zoberies 1-tabletku a na zbytok sa vykasles.Takze ak chces sa zbavit problemov musis presne dodrzat liecebnu proceduru tak ako som napisal,
1:Vycistit vsetky USB-kluce USBFIXOM,a pokial mozne USBFIX spustit na kazdom pocitaci
2:Pouzit program downadup,v nudzovom rezime,tiez na kazdom pc.
3:Pouzijes Combofix a log vlozis sem,,
2:Vsetky USB kluce su zavirene a prenasate infekciu
3:vycistenie USB klucov je len prvy krok..
4:pokracovat si mal tak ako som napisal,,zbytocne budes pisat ze si to neurobil a zasa neide.to je to tak ako keby si bol chory a zoberies 1-tabletku a na zbytok sa vykasles.Takze ak chces sa zbavit problemov musis presne dodrzat liecebnu proceduru tak ako som napisal,
1:Vycistit vsetky USB-kluce USBFIXOM,a pokial mozne USBFIX spustit na kazdom pocitaci
2:Pouzit program downadup,v nudzovom rezime,tiez na kazdom pc.
3:Pouzijes Combofix a log vlozis sem,,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
Nostradamus
- Návštěvník
- Příspěvky: 25
- Registrován: 02 úno 2010 18:19
Re: Nejde sa pripojit na microsoft.com / avast.cz
Urobím ďakujem.
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Nejde sa pripojit na microsoft.com / avast.cz
ok,mamu odstav ,porob co treba ,a potom vloz sem log z combofixu z tvojho pc,,
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
Nostradamus
- Návštěvník
- Příspěvky: 25
- Registrován: 02 úno 2010 18:19
Re: Nejde sa pripojit na microsoft.com / avast.cz
Prepáč, mám to urobiť aj s Externým diskom? Nemám sa báť o stratu údajov? A ten vír môže spôsobovať aj výpadky internetu?
Naposledy upravil(a) Nostradamus dne 03 úno 2010 15:23, celkem upraveno 1 x.
Přispějete na provoz fóra?