co 2h se mi sekne komp

[chvostik]

Co 2h se mi sekne komp a musím restartovat pc, prosím o kontrolu jeslti to může bejt nějakým virem.
Muj log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lobo at 2010-03-05 12:05:06
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (1%) free of 477 GB
Total RAM: 1534 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:05:14, on 5.3.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\qttask.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\hry\Warcraft III\w3dr.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\EXPERTool\TBPanel.exe
C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
C:\Program Files\vghd\vghd.exe
C:\Program Files\Vg\VirtuaGirl2.exe
C:\Program Files\vghd\VirtuaGirl_downloader.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\QIP\qip.exe
C:\Documents and Settings\Lobo\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Lobo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - F:\Program Files\FlashGet\jccatch.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [w3dr.exe] C:\hry\Warcraft III\w3dr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /A
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] "c:\hry\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
O4 - Startup: VirtuaGirl2.lnk = C:\Program Files\Vg\VirtuaGirl2.exe
O4 - Global Startup: forteManager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - F:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Stáhnout FlashGetem - F:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8053680375
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 8717 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2008-03-09 824656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - F:\Program Files\FlashGet\jccatch.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfre1.dll [2010-02-27 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
ZoneAlarm Spy Blocker BHO - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-05-31 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2008-03-09 824656]
{ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfre1.dll [2010-02-27 2349080]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - ZoneAlarm Spy Blocker - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-05-31 262144]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-07-08 683464]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-11-23 1060864]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-04-17 16143872]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"QuickTime Task"=C:\WINDOWS\system32\qttask.exe [2008-05-31 98304]
""= []
"StatusClient"=C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2006-11-24 487424]
"w3dr.exe"=C:\hry\Warcraft III\w3dr.exe [2008-08-03 61440]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-04-23 1443072]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-08-05 1657376]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-08-06 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-08-06 13877248]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-02-22 217544]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-04 486856]
"GAINWARD"=C:\Program Files\EXPERTool\TBPanel.exe [2009-08-19 2181672]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"Steam"=c:\hry\steam\steam.exe [2010-02-21 1217872]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
forteManager.lnk - C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

C:\Documents and Settings\Lobo\Nabídka Start\Programy\Po spuštění
DesktopVideoPlayer.LNK - C:\Program Files\vghd\vghd.exe
VirtuaGirl2.lnk - C:\Program Files\Vg\VirtuaGirl2.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Steam\SteamApps\cryosight@seznam.cz\counter-strike\hl.exe"="C:\Program Files\Steam\SteamApps\cryosight@seznam.cz\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"F:\Downloads\sdc211\StrongDC.exe"="F:\Downloads\sdc211\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"C:\hry\wow\World of Warcraft\Launcher.exe"="C:\hry\wow\World of Warcraft\Launcher.exe:*:Enabled:Launcher.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\hry\steam\Steam.exe"="C:\hry\steam\Steam.exe:*:Enabled:Steam"
"C:\hry\steam\steamapps\cryosight@seznam.cz\counter-strike\hl.exe"="C:\hry\steam\steamapps\cryosight@seznam.cz\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\hry\cs\hl.exe"="C:\hry\cs\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-03-04 20:39:01 ----D---- C:\Program Files\trend micro
2010-03-04 20:38:59 ----D---- C:\rsit
2010-03-04 00:08:55 ----A---- C:\WINDOWS\data4711.bak
2010-03-03 19:10:31 ----D---- C:\Program Files\CCleaner
2010-02-19 10:49:31 ----D---- C:\Program Files\Microsoft Silverlight
2010-02-18 17:38:53 ----D---- C:\Program Files\LogMeIn Hamachi

======List of files/folders modified in the last 1 months======

2010-03-05 12:05:14 ----D---- C:\WINDOWS\Temp
2010-03-05 11:19:02 ----D---- C:\Program Files\Mozilla Firefox
2010-03-05 10:26:33 ----D---- C:\WINDOWS
2010-03-05 10:24:05 ----D---- C:\Program Files\Vg
2010-03-04 23:50:56 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-04 23:22:31 ----D---- C:\Documents and Settings\Lobo\Data aplikací\Skype
2010-03-04 21:05:25 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-04 20:39:01 ----RD---- C:\Program Files
2010-03-04 19:22:15 ----D---- C:\Documents and Settings\Lobo\Data aplikací\skypePM
2010-03-03 19:32:24 ----D---- C:\WINDOWS\Prefetch
2010-03-03 19:21:35 ----D---- C:\WINDOWS\Debug
2010-03-03 19:21:33 ----D---- C:\WINDOWS\Minidump
2010-03-03 19:09:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-03 19:09:44 ----D---- C:\WINDOWS\system32
2010-03-03 19:09:43 ----D---- C:\WINDOWS\system32\drivers
2010-03-03 19:09:34 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-19 10:49:33 ----SHD---- C:\WINDOWS\Installer
2010-02-18 17:38:43 ----D---- C:\Documents and Settings\Lobo\Data aplikací\Hamachi
2010-02-09 13:25:50 ----HD---- C:\Obrázky

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-04-23 29704]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-04-23 54280]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2003-10-10 52128]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-04-23 40456]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-04-23 71176]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-04-23 30728]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-17 4262912]
R3 LGDDCDevice;LGDDCDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-01 7753888]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2009-09-01 56992]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 at7lmgau;at7lmgau; C:\WINDOWS\system32\drivers\at7lmgau.sys []
S3 axocfau8;axocfau8; C:\WINDOWS\system32\drivers\axocfau8.sys []
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 LGII2CDevice;LGII2CDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SE2Bbus;Sony Ericsson Device 043 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Bbus.sys [2006-11-10 61600]
S3 SE2Bmdfl;Sony Ericsson Device 043 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Bmdfl.sys [2006-11-10 9360]
S3 SE2Bmdm;Sony Ericsson Device 043 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Bmdm.sys [2006-11-10 97184]
S3 SE2Bmgmt;Sony Ericsson Device 043 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Bmgmt.sys [2006-11-10 88688]
S3 se2Bnd5;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (NDIS); C:\WINDOWS\system32\DRIVERS\se2Bnd5.sys [2006-11-10 18704]
S3 SE2Bobex;Sony Ericsson Device 043 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Bobex.sys [2006-11-10 86560]
S3 se2Bunic;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (WDM); C:\WINDOWS\system32\DRIVERS\se2Bunic.sys [2006-11-10 90800]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2008-04-23 472320]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-08-06 168004]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-04-23 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Unlimited_Killer]

Dobré odpoledne, na logu se pracuje.

[Unlimited_Killer]

Jdeme na to. ↓

1) Přeplněný disk

• Máte přeplněný disk - zbývá pouze 1GB volného místa, a systém potřebuje k bezproblémovému chodu alespoň 2GB volného místa na odkládací prostor.
• Takže odinstalujte co nejvíce aplikací, které nepoužíváte + smažte zbytečné soubory.
• Dočasné soubory odstraním skriptem.

2) OTMoveit3

• Stáhněte OTM3 na Plochu.
• Spusťte ho dvojklikem na OTM.exe, pokud to nepůjde, zkuste to s adminskými právy.
• Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:

  Kód: Vybrat vše

  :processes
  explorer.exe
  
  :reg
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
  "{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
  "{ecdee021-0d17-467f-a1ff-c7a115230949}"=-
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
  "{ecdee021-0d17-467f-a1ff-c7a115230949}"=-
  "{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}"=-
  "{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run])
  "Alcmtr"=-
  "QuickTime Task"=-
  ""=-
  "SunJavaUpdateSched"=-
  "Adobe Reader Speed Launcher"=-
  "Adobe ARM"=-
  "KernelFaultCheck"=-
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E59EB121-F339-4851-A3BA-FE49C35617C2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}]
  
  :files
  C:\WINDOWS\system32\*.tmp.dll /s
  C:\WINDOWS\system32\SET*.tmp /s
  C:\WINDOWS\*.tmp /s
  C:\PROGRA~1\ICQTOO~1
  C:\Program Files\free-downloads.net
  C:\Program Files\DAEMON Tools Toolbar
  C:\Program Files\ZoneAlarmSB
  C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk
  
  :commands
  [emptytemp]
  [reboot]

• Poté klikněte na červené tlačítko 'MoveIt!'.
• V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra.
• Pokud se zobrazí hláška k restartování, klikněte na Yes.
• Po restartu se log otevře sám, nebo ho najdete v C:\_OTM\MovedFiles

3) VirusTotal

• Otestujte na VirusTotal soubory:

  Kód: Vybrat vše

  C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
  C:\Program Files\vghd\vghd.exe
  C:\Program Files\Vg\VirtuaGirl2.exe
  C:\WINDOWS\data4711.bak

• Jednoduše tam vkopírujete cesty, co jsem napsal do code.
• Jestliže Vám to napíše, že soubor byl již testován, nechte ho otestovat znovu.
• Poté sem vložíte linky (odkazy) na jednotlivé testy.

[chvostik]

kdyz sem zmackl na moveIT poprve tak se mi opet sekl komp ale podruhy uz to slo:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ecdee021-0d17-467f-a1ff-c7a115230949} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ecdee021-0d17-467f-a1ff-c7a115230949} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E59EB121-F339-4851-A3BA-FE49C35617C2}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E59EB121-F339-4851-A3BA-FE49C35617C2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0C0F75C-683A-4390-A791-1ACFD5599AB8}\ deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\000001_.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPCF.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI6C.tmp moved successfully.
C:\WINDOWS\Installer\MSI76.tmp moved successfully.
C:\WINDOWS\system32\CONFIG.TMP moved successfully.
C:\WINDOWS\Temp\HTT26.tmp moved successfully.
C:\WINDOWS\Temp\HTT55A.tmp moved successfully.
C:\WINDOWS\Temp\HTTCC.tmp moved successfully.
C:\WINDOWS\Temp\NODFA1B.tmp moved successfully.
C:\WINDOWS\Temp\NODFA72.tmp moved successfully.
C:\WINDOWS\Temp\NSF1B4B.tmp moved successfully.
C:\WINDOWS\Temp\NSF1E1.tmp moved successfully.
C:\WINDOWS\Temp\NSF5D6.tmp moved successfully.
C:\WINDOWS\Temp\NSF735.tmp moved successfully.
C:\WINDOWS\Temp\NSF797.tmp moved successfully.
C:\WINDOWS\Temp\NSFBB.tmp moved successfully.
C:\WINDOWS\Temp\NUP1E0.tmp moved successfully.
C:\WINDOWS\Temp\NUP5D5.tmp moved successfully.
C:\WINDOWS\Temp\NUP5D7.tmp moved successfully.
C:\WINDOWS\Temp\NUP796.tmp moved successfully.
C:\WINDOWS\Temp\NUP798.tmp moved successfully.
C:\WINDOWS\Temp\NUPBA.tmp moved successfully.
C:\WINDOWS\Temp\NUPBC.tmp moved successfully.
C:\WINDOWS\Temp\uku5lcdz.TMP moved successfully.
C:\WINDOWS\Temp\ZLT00026.TMP moved successfully.
C:\WINDOWS\Temp\ZLT00058.TMP moved successfully.
C:\WINDOWS\Temp\ZLT00092.TMP moved successfully.
C:\WINDOWS\Temp\ZLT001a2.TMP moved successfully.
C:\WINDOWS\Temp\ZLT00241.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0035e.TMP moved successfully.
C:\WINDOWS\Temp\ZLT00424.TMP moved successfully.
C:\WINDOWS\Temp\ZLT00571.TMP moved successfully.
C:\WINDOWS\Temp\ZLT005cb.TMP moved successfully.
C:\WINDOWS\Temp\ZLT005df.TMP moved successfully.
C:\WINDOWS\Temp\ZLT006a1.TMP moved successfully.
C:\WINDOWS\Temp\ZLT006ab.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0078f.TMP moved successfully.
C:\WINDOWS\Temp\ZLT008c6.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0091c.TMP moved successfully.
C:\WINDOWS\Temp\ZLT00a16.TMP moved successfully.
C:\WINDOWS\Temp\ZLT00a52.TMP moved successfully.
C:\WINDOWS\Temp\ZLT00ab1.TMP moved successfully.
C:\WINDOWS\Temp\ZLT00b7e.TMP moved successfully.
C:\WINDOWS\Temp\ZLT00bdd.TMP moved successfully.
C:\WINDOWS\Temp\ZLT00de2.TMP moved successfully.
C:\WINDOWS\Temp\ZLT01127.TMP moved successfully.
C:\WINDOWS\Temp\ZLT011fc.TMP moved successfully.
C:\WINDOWS\Temp\ZLT012aa.TMP moved successfully.
C:\WINDOWS\Temp\ZLT012c4.TMP moved successfully.
C:\WINDOWS\Temp\ZLT01321.TMP moved successfully.
C:\WINDOWS\Temp\ZLT013b9.TMP moved successfully.
C:\WINDOWS\Temp\ZLT013bc.TMP moved successfully.
C:\WINDOWS\Temp\ZLT01488.TMP moved successfully.
C:\WINDOWS\Temp\ZLT01678.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0169a.TMP moved successfully.
C:\WINDOWS\Temp\ZLT01a3d.TMP moved successfully.
C:\WINDOWS\Temp\ZLT01e37.TMP moved successfully.
C:\WINDOWS\Temp\ZLT01e95.TMP moved successfully.
C:\WINDOWS\Temp\ZLT01f61.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0215c.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0215f.TMP moved successfully.
C:\WINDOWS\Temp\ZLT021fa.TMP moved successfully.
C:\WINDOWS\Temp\ZLT02283.TMP moved successfully.
C:\WINDOWS\Temp\ZLT02392.TMP moved successfully.
C:\WINDOWS\Temp\ZLT02395.TMP moved successfully.
C:\WINDOWS\Temp\ZLT024be.TMP moved successfully.
C:\WINDOWS\Temp\ZLT02896.TMP moved successfully.
C:\WINDOWS\Temp\ZLT028ab.TMP moved successfully.
C:\WINDOWS\Temp\ZLT028ae.TMP moved successfully.
C:\WINDOWS\Temp\ZLT029f8.TMP moved successfully.
C:\WINDOWS\Temp\ZLT029fc.TMP moved successfully.
C:\WINDOWS\Temp\ZLT02ecd.TMP moved successfully.
C:\WINDOWS\Temp\ZLT02ed0.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03121.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0327f.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0336d.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03370.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03387.TMP moved successfully.
C:\WINDOWS\Temp\ZLT033ac.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03645.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03648.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0370f.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03712.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03800.TMP moved successfully.
C:\WINDOWS\Temp\ZLT038a9.TMP moved successfully.
C:\WINDOWS\Temp\ZLT038ba.TMP moved successfully.
C:\WINDOWS\Temp\ZLT038f7.TMP moved successfully.
C:\WINDOWS\Temp\ZLT038fa.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03a96.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03b3d.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03b56.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03b9a.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03b9d.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03c05.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03c37.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03c4c.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03e5c.TMP moved successfully.
C:\WINDOWS\Temp\ZLT03e68.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0415e.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04405.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0456a.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0456d.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04604.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0462e.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04785.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04788.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04795.TMP moved successfully.
C:\WINDOWS\Temp\ZLT047ac.TMP moved successfully.
C:\WINDOWS\Temp\ZLT047e3.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04a74.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04b16.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04c39.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04c3c.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04d1d.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04d21.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04f51.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04f6a.TMP moved successfully.
C:\WINDOWS\Temp\ZLT04faa.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05029.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05150.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05153.TMP moved successfully.
C:\WINDOWS\Temp\ZLT052da.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05504.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05644.TMP moved successfully.
C:\WINDOWS\Temp\ZLT056f3.TMP moved successfully.
C:\WINDOWS\Temp\ZLT056f6.TMP moved successfully.
C:\WINDOWS\Temp\ZLT056f7.TMP moved successfully.
C:\WINDOWS\Temp\ZLT056fa.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05803.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05818.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05b2f.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05b33.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05c66.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05c6d.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05d07.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05d0a.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05d21.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05d91.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05f08.TMP moved successfully.
C:\WINDOWS\Temp\ZLT05f0b.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06129.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06446.TMP moved successfully.
C:\WINDOWS\Temp\ZLT064c4.TMP moved successfully.
C:\WINDOWS\Temp\ZLT064f5.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06634.TMP moved successfully.
C:\WINDOWS\Temp\ZLT066a6.TMP moved successfully.
C:\WINDOWS\Temp\ZLT066ce.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06922.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06953.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06957.TMP moved successfully.
C:\WINDOWS\Temp\ZLT069ad.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06a66.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06ab6.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06ab9.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06b2f.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06c72.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06dd7.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06e16.TMP moved successfully.
C:\WINDOWS\Temp\ZLT06eea.TMP moved successfully.
C:\WINDOWS\Temp\ZLT07286.TMP moved successfully.
C:\WINDOWS\Temp\ZLT07289.TMP moved successfully.
C:\WINDOWS\Temp\ZLT072b3.TMP moved successfully.
C:\WINDOWS\Temp\ZLT074a4.TMP moved successfully.
C:\WINDOWS\Temp\ZLT074fc.TMP moved successfully.
C:\WINDOWS\Temp\ZLT07656.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0773b.TMP moved successfully.
C:\WINDOWS\Temp\ZLT07769.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0776c.TMP moved successfully.
C:\WINDOWS\Temp\ZLT07868.TMP moved successfully.
C:\WINDOWS\Temp\ZLT0786b.TMP moved successfully.
C:\WINDOWS\Temp\ZLT07989.TMP moved successfully.
C:\WINDOWS\Temp\ZLT07cf8.TMP moved successfully.
C:\WINDOWS\Temp\ZLT07d46.TMP moved successfully.
C:\WINDOWS\Temp\ZLT07d49.TMP moved successfully.
C:\WINDOWS\Temp\ZLT07d5f.TMP moved successfully.
C:\WINDOWS\Temp\ZLT07da8.TMP moved successfully.
C:\WINDOWS\Temp\ZLT07e93.TMP moved successfully.
C:\WINDOWS\Temp\ZLT07f8f.TMP moved successfully.
C:\PROGRA~1\ICQToolbar\Cache folder moved successfully.
C:\PROGRA~1\ICQToolbar folder moved successfully.
File/Folder C:\Program Files\free-downloads.net not found.
C:\Program Files\DAEMON Tools Toolbar\Resources folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT folder moved successfully.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
C:\Program Files\ZoneAlarmSB\bar\Settings folder moved successfully.
C:\Program Files\ZoneAlarmSB\bar\History folder moved successfully.
C:\Program Files\ZoneAlarmSB\bar\Cache folder moved successfully.
C:\Program Files\ZoneAlarmSB\bar\1.bin folder moved successfully.
C:\Program Files\ZoneAlarmSB\bar folder moved successfully.
C:\Program Files\ZoneAlarmSB folder moved successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Microsoft Office.lnk moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Lobo
->Temp folder emptied: 943298075 bytes
->Temporary Internet Files folder emptied: 4824331 bytes
->Java cache emptied: 2614658 bytes
->FireFox cache emptied: 45384302 bytes
->Flash cache emptied: 4447 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 402 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 987136 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 951,00 mb


OTM by OldTimer - Version 3.1.10.0 log created on 03052010_170759

Files moved on Reboot...

Registry entries deleted on Reboot...

[chvostik]

VirusTotal :
http://www.virustotal.com/cs/analisis/0 ... 1267806058
http://www.virustotal.com/cs/analisis/6 ... 1267805859
C:\Program Files\Vg\VirtuaGirl2.exe - uz sem odinstaloval
http://www.virustotal.com/cs/analisis/9 ... 1267806180

[Unlimited_Killer]

Omlouvám se, v části skriptu jsem měl chybu, vlezla mi tam závorka navíc.

1) OTMoveit3

• Stáhněte OTM3 na Plochu.
• Spusťte ho dvojklikem na OTM.exe, pokud to nepůjde, zkuste to s adminskými právy.
• Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:

  Kód: Vybrat vše

  :reg
  [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  "Alcmtr"=-
  "QuickTime Task"=-
  ""=-
  "SunJavaUpdateSched"=-
  "Adobe Reader Speed Launcher"=-
  "Adobe ARM"=-
  "KernelFaultCheck"=-
  
  :commands
  [emptytemp]
  [reboot]

• Poté klikněte na červené tlačítko 'MoveIt!'.
• V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra.
• Pokud se zobrazí hláška k restartování, klikněte na Yes.
• Po restartu se log otevře sám, nebo ho najdete v C:\_OTM\MovedFiles

[chvostik]

opět se mi sekl počítač když sem klikl na moveIT, ale po restartu kdyz sem na to klikl tak uz to jelo vpohode.

All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Alcmtr deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Lobo
->Temp folder emptied: 7020004 bytes
->Temporary Internet Files folder emptied: 1137040 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 35588183 bytes
->Flash cache emptied: 1298 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 42,00 mb


OTM by OldTimer - Version 3.1.10.0 log created on 03052010_220622

Files moved on Reboot...
C:\WINDOWS\temp\Perflib_Perfdata_c04.dat moved successfully.

Registry entries deleted on Reboot...

[Unlimited_Killer]

Prosím nový RSIT log.

[chvostik]

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lobo at 2010-03-06 00:10:11
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 12 GB (3%) free of 477 GB
Total RAM: 1534 MB (12% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:10:40, on 6.3.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\hry\Warcraft III\w3dr.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\EXPERTool\TBPanel.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\hry\steam\steam.exe
C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
C:\Program Files\vghd\vghd.exe
C:\Program Files\vghd\VirtuaGirl_downloader.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\QIP\qip.exe
C:\Documents and Settings\Lobo\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Lobo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [w3dr.exe] C:\hry\Warcraft III\w3dr.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /A
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] "c:\hry\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
O4 - Global Startup: forteManager.lnk = ?
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - F:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Stáhnout FlashGetem - F:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8053680375
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 6459 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-11-23 1060864]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-04-17 16143872]
"StatusClient"=C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2006-11-24 487424]
"w3dr.exe"=C:\hry\Warcraft III\w3dr.exe [2008-08-03 61440]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-04-23 1443072]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-08-05 1657376]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-08-06 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-08-06 13877248]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-02-22 217544]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-04 486856]
"GAINWARD"=C:\Program Files\EXPERTool\TBPanel.exe [2009-08-19 2181672]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"Steam"=c:\hry\steam\steam.exe [2010-02-21 1217872]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
forteManager.lnk - C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe

C:\Documents and Settings\Lobo\Nabídka Start\Programy\Po spuštění
DesktopVideoPlayer.LNK - C:\Program Files\vghd\vghd.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Steam\SteamApps\cryosight@seznam.cz\counter-strike\hl.exe"="C:\Program Files\Steam\SteamApps\cryosight@seznam.cz\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"F:\Downloads\sdc211\StrongDC.exe"="F:\Downloads\sdc211\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"C:\hry\wow\World of Warcraft\Launcher.exe"="C:\hry\wow\World of Warcraft\Launcher.exe:*:Enabled:Launcher.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\hry\steam\Steam.exe"="C:\hry\steam\Steam.exe:*:Enabled:Steam"
"C:\hry\steam\steamapps\cryosight@seznam.cz\counter-strike\hl.exe"="C:\hry\steam\steamapps\cryosight@seznam.cz\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\hry\cs\hl.exe"="C:\hry\cs\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-03-05 17:07:59 ----D---- C:\_OTM
2010-03-05 15:32:29 ----D---- C:\Program Files\LogMeIn Hamachi
2010-03-04 20:39:01 ----D---- C:\Program Files\trend micro
2010-03-04 20:38:59 ----D---- C:\rsit
2010-03-03 19:10:31 ----D---- C:\Program Files\CCleaner
2010-02-19 10:49:31 ----D---- C:\Program Files\Microsoft Silverlight

======List of files/folders modified in the last 1 months======

2010-03-06 00:09:29 ----D---- C:\WINDOWS\Temp
2010-03-06 00:08:10 ----D---- C:\Documents and Settings\Lobo\Data aplikací\Skype
2010-03-05 22:09:26 ----D---- C:\WINDOWS
2010-03-05 22:09:19 ----D---- C:\Program Files\Mozilla Firefox
2010-03-05 22:07:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-05 22:05:27 ----D---- C:\Documents and Settings\Lobo\Data aplikací\skypePM
2010-03-05 19:56:01 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-05 18:58:31 ----D---- C:\WINDOWS\Minidump
2010-03-05 17:08:45 ----RD---- C:\Program Files
2010-03-05 17:08:38 ----D---- C:\WINDOWS\system32
2010-03-05 17:08:32 ----SHD---- C:\WINDOWS\Installer
2010-03-05 17:00:10 ----D---- C:\hry
2010-03-05 16:58:56 ----D---- C:\Filmy
2010-03-05 16:30:28 ----D---- C:\Program Files\ATI Technologies
2010-03-05 15:32:35 ----D---- C:\WINDOWS\system32\drivers
2010-03-03 19:32:24 ----D---- C:\WINDOWS\Prefetch
2010-03-03 19:21:35 ----D---- C:\WINDOWS\Debug
2010-03-03 19:09:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-03 19:09:34 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-18 17:38:43 ----D---- C:\Documents and Settings\Lobo\Data aplikací\Hamachi
2010-02-09 13:25:50 ----HD---- C:\Obrázky

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-04-23 29704]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-04-23 54280]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2003-10-10 52128]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-04-23 40456]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-04-23 71176]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-04-23 30728]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-17 4262912]
R3 LGDDCDevice;LGDDCDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-01 7753888]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2009-09-01 56992]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 acc3661q;acc3661q; C:\WINDOWS\system32\drivers\acc3661q.sys []
S3 ada4vp16;ada4vp16; C:\WINDOWS\system32\drivers\ada4vp16.sys []
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 LGII2CDevice;LGII2CDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SE2Bbus;Sony Ericsson Device 043 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Bbus.sys [2006-11-10 61600]
S3 SE2Bmdfl;Sony Ericsson Device 043 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Bmdfl.sys [2006-11-10 9360]
S3 SE2Bmdm;Sony Ericsson Device 043 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Bmdm.sys [2006-11-10 97184]
S3 SE2Bmgmt;Sony Ericsson Device 043 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Bmgmt.sys [2006-11-10 88688]
S3 se2Bnd5;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (NDIS); C:\WINDOWS\system32\DRIVERS\se2Bnd5.sys [2006-11-10 18704]
S3 SE2Bobex;Sony Ericsson Device 043 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Bobex.sys [2006-11-10 86560]
S3 se2Bunic;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (WDM); C:\WINDOWS\system32\DRIVERS\se2Bunic.sys [2006-11-10 90800]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2008-04-23 472320]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-08-06 168004]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-04-23 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Unlimited_Killer]

Omlouvám se za zpoždění.

1) Fixnutí v HJT

• Spusťte přejmenované HijackThis - C:\Program Files\Trend Micro\HijackThis\jmeno_uzivatele.exe
• Klikněte na 'Do a system scan only'.
• U níže uvedených položek udělejte fajfku do čtverečku a poté klikněte na 'Fix Checked'.

  Kód: Vybrat vše

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.atlas.cz/?from=icqhp
  R3 - Default URLSearchHook is missing

• Pokud by tam nějaká položka nebyla, vynechte ji.

2) OTCleaner

• Stáhněte OTC a dvojklikem ho spusťte.
• Vyskočí okénko, kde kliknete na 'CleanUp!'.
• Potvrdíte kliknutím na 'Yes'.
• Poté se ještě zeptá, zda chcete restartovat PC - to proveďte opět kliknutím na 'Yes'.

3) Malwarebytes' Anti-Malware

• Stáhněte MbAM a postupujte podle popisu.
• Zatím nic nemažte, MbAM má občas falešné detekce.
• Poté mi sem vložte log ve formě textu.

[chvostik]

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3830
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

6.3.2010 23:12:00
mbam-log-2010-03-06 (23-12-00).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 122392
Uplynulý čas: 7 minute(s), 7 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

[Unlimited_Killer]

Prosím nový RSIT log.

[chvostik]

Logfile of random's system information tool 1.06 (written by random/random)
Run by Lobo at 2010-03-07 12:06:39
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 15 GB (3%) free of 477 GB
Total RAM: 1534 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:06:45, on 7.3.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\hry\Warcraft III\w3dr.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\EXPERTool\TBPanel.exe
C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe
C:\Program Files\vghd\vghd.exe
C:\Program Files\vghd\VirtuaGirl_downloader.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\QIP\qip.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Lobo\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Lobo.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [StatusClient] C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [w3dr.exe] C:\hry\Warcraft III\w3dr.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [GAINWARD] C:\Program Files\EXPERTool\TBPanel.exe /A
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] "c:\hry\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
O4 - Global Startup: forteManager.lnk = ?
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - F:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Stáhnout FlashGetem - F:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8053680375
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 6109 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-11-23 1060864]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-04-17 16143872]
"StatusClient"=C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe [2002-12-16 36864]
"TomcatStartup"=C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe [2003-03-31 155648]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2006-11-24 487424]
"w3dr.exe"=C:\hry\Warcraft III\w3dr.exe [2008-08-03 61440]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2008-04-23 1443072]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-04-17 196608]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13 69632]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2009-08-05 1657376]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-08-06 86016]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-08-06 13877248]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-02-22 217544]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-07-04 486856]
"GAINWARD"=C:\Program Files\EXPERTool\TBPanel.exe [2009-08-19 2181672]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"Steam"=c:\hry\steam\steam.exe [2010-02-21 1217872]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
forteManager.lnk - C:\Program Files\LG Soft India\forteManager\bin\Monitor.exe

C:\Documents and Settings\Lobo\Nabídka Start\Programy\Po spuštění
DesktopVideoPlayer.LNK - C:\Program Files\vghd\vghd.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Steam\SteamApps\cryosight@seznam.cz\counter-strike\hl.exe"="C:\Program Files\Steam\SteamApps\cryosight@seznam.cz\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"F:\Downloads\sdc211\StrongDC.exe"="F:\Downloads\sdc211\StrongDC.exe:*:Enabled:StrongDC++"
"C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe"="C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe:*:Enabled:javaw"
"C:\hry\wow\World of Warcraft\Launcher.exe"="C:\hry\wow\World of Warcraft\Launcher.exe:*:Enabled:Launcher.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\hry\steam\Steam.exe"="C:\hry\steam\Steam.exe:*:Enabled:Steam"
"C:\hry\steam\steamapps\cryosight@seznam.cz\counter-strike\hl.exe"="C:\hry\steam\steamapps\cryosight@seznam.cz\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\hry\cs\hl.exe"="C:\hry\cs\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-03-07 12:06:39 ----D---- C:\rsit
2010-03-06 23:03:33 ----D---- C:\Documents and Settings\Lobo\Data aplikací\Malwarebytes
2010-03-06 23:03:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-03-06 23:03:20 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-03-06 15:32:10 ----D---- C:\Program Files\Peggle Nights Deluxe
2010-03-05 15:32:29 ----D---- C:\Program Files\LogMeIn Hamachi
2010-03-04 20:39:01 ----D---- C:\Program Files\trend micro
2010-03-03 19:10:31 ----D---- C:\Program Files\CCleaner
2010-02-19 10:49:31 ----D---- C:\Program Files\Microsoft Silverlight

======List of files/folders modified in the last 1 months======

2010-03-07 12:06:10 ----D---- C:\WINDOWS\Temp
2010-03-07 12:01:36 ----D---- C:\Program Files\Mozilla Firefox
2010-03-07 11:58:56 ----D---- C:\WINDOWS
2010-03-07 01:14:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-07 01:07:24 ----D---- C:\Documents and Settings\Lobo\Data aplikací\Skype
2010-03-07 00:00:01 ----D---- C:\Documents and Settings\Lobo\Data aplikací\skypePM
2010-03-06 23:03:27 ----D---- C:\WINDOWS\system32\drivers
2010-03-06 23:03:20 ----RD---- C:\Program Files
2010-03-06 20:06:15 ----D---- C:\WINDOWS\Minidump
2010-03-06 19:03:59 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-05 17:08:38 ----D---- C:\WINDOWS\system32
2010-03-05 17:08:32 ----SHD---- C:\WINDOWS\Installer
2010-03-05 17:00:10 ----D---- C:\hry
2010-03-05 16:58:56 ----D---- C:\Filmy
2010-03-05 16:30:28 ----D---- C:\Program Files\ATI Technologies
2010-03-05 16:30:09 ----D---- C:\Documents and Settings\Lobo\Data aplikací\ATI
2010-03-03 19:32:24 ----D---- C:\WINDOWS\Prefetch
2010-03-03 19:21:35 ----D---- C:\WINDOWS\Debug
2010-03-03 19:09:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-03-03 19:09:34 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-18 17:38:43 ----D---- C:\Documents and Settings\Lobo\Data aplikací\Hamachi
2010-02-09 13:25:50 ----HD---- C:\Obrázky

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2008-04-23 29704]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2008-04-23 54280]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2003-10-10 52128]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2008-04-23 40456]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2008-04-23 71176]
R2 TBPanel;TBPanel; C:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2008-04-23 30728]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-17 4262912]
R3 LGDDCDevice;LGDDCDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-09-01 7753888]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2009-09-01 56992]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
S3 a7db4g8u;a7db4g8u; C:\WINDOWS\system32\drivers\a7db4g8u.sys []
S3 auqbtcbx;auqbtcbx; C:\WINDOWS\system32\drivers\auqbtcbx.sys []
S3 Cardex;Cardex; \??\C:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 LGII2CDevice;LGII2CDevice; \??\C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys []
S3 MSICPL;MSICPL; \??\D:\install4\MSICPL.sys []
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 SE2Bbus;Sony Ericsson Device 043 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Bbus.sys [2006-11-10 61600]
S3 SE2Bmdfl;Sony Ericsson Device 043 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Bmdfl.sys [2006-11-10 9360]
S3 SE2Bmdm;Sony Ericsson Device 043 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Bmdm.sys [2006-11-10 97184]
S3 SE2Bmgmt;Sony Ericsson Device 043 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Bmgmt.sys [2006-11-10 88688]
S3 se2Bnd5;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (NDIS); C:\WINDOWS\system32\DRIVERS\se2Bnd5.sys [2006-11-10 18704]
S3 SE2Bobex;Sony Ericsson Device 043 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Bobex.sys [2006-11-10 86560]
S3 se2Bunic;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (WDM); C:\WINDOWS\system32\DRIVERS\se2Bunic.sys [2006-11-10 90800]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\D:\NTGLM7X.sys []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2008-04-23 472320]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-08-06 168004]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2008-04-23 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2002-08-01 65536]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Unlimited_Killer]

0K. ↓

1) Odinstalujte VirtualGirl

2) OTMoveit3

• Stáhněte OTM3 na Plochu.
• Spusťte ho dvojklikem na OTM.exe, pokud to nepůjde, zkuste to s adminskými právy.
• Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:

  Kód: Vybrat vše

  :processes
  C:\Program Files\vghd\vghd.exe
  C:\Program Files\vghd\VirtuaGirl_downloader.exe
  
  :files
  C:\Program Files\vghd
  
  :commands
  [emptytemp]
  [reboot]

• Poté klikněte na červené tlačítko 'MoveIt!'.
• V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra.
• Pokud se zobrazí hláška k restartování, klikněte na Yes.
• Po restartu se log otevře sám, nebo ho najdete v C:\_OTM\MovedFiles

[chvostik]

Pokaždé když spustím OTM a dam cleanIT tak se mi to sekne čím to je? Po restartu už to šlo, ale jakmile hodil OTM restart a načetl se mi windows tak mi to hodilo bluescreen a musel sem dat znova restart. A to smazání Virtuagirl se mi zdá zbytěčné, protože už ho používam nějaký ten rok a nebyl s ním problem a kdykoliv ho mohu sám odinstalovat.

All processes killed
========== PROCESSES ==========
No active process named C:\Program Files\vghd\vghd.exe was found!
No active process named C:\Program Files\vghd\VirtuaGirl_downloader.exe was found!
========== FILES ==========
C:\Program Files\vghd\Models\a0118 folder moved successfully.
C:\Program Files\vghd\Models\a0111 folder moved successfully.
C:\Program Files\vghd\Models\a0110 folder moved successfully.
C:\Program Files\vghd\Models\a0067 folder moved successfully.
C:\Program Files\vghd\Models\a0057 folder moved successfully.
C:\Program Files\vghd\Models\a0049 folder moved successfully.
C:\Program Files\vghd\Models\a0024 folder moved successfully.
C:\Program Files\vghd\Models\a0020 folder moved successfully.
C:\Program Files\vghd\Models\a0019 folder moved successfully.
C:\Program Files\vghd\Models\a0018 folder moved successfully.
C:\Program Files\vghd\Models\a0008 folder moved successfully.
C:\Program Files\vghd\Models\a0007 folder moved successfully.
C:\Program Files\vghd\Models folder moved successfully.
C:\Program Files\vghd\Data\musics folder moved successfully.
C:\Program Files\vghd\Data\a0291 folder moved successfully.
C:\Program Files\vghd\Data\a0285 folder moved successfully.
C:\Program Files\vghd\Data\a0284 folder moved successfully.
C:\Program Files\vghd\Data\a0276 folder moved successfully.
C:\Program Files\vghd\Data\a0275 folder moved successfully.
C:\Program Files\vghd\Data\a0268 folder moved successfully.
C:\Program Files\vghd\Data\a0246 folder moved successfully.
C:\Program Files\vghd\Data\a0223 folder moved successfully.
C:\Program Files\vghd\Data\a0215 folder moved successfully.
C:\Program Files\vghd\Data\a0212 folder moved successfully.
C:\Program Files\vghd\Data\a0211 folder moved successfully.
C:\Program Files\vghd\Data\a0210 folder moved successfully.
C:\Program Files\vghd\Data\a0204 folder moved successfully.
C:\Program Files\vghd\Data\a0202 folder moved successfully.
C:\Program Files\vghd\Data\a0200 folder moved successfully.
C:\Program Files\vghd\Data\a0196 folder moved successfully.
C:\Program Files\vghd\Data\a0194 folder moved successfully.
C:\Program Files\vghd\Data\a0193 folder moved successfully.
C:\Program Files\vghd\Data\a0189 folder moved successfully.
C:\Program Files\vghd\Data\a0181 folder moved successfully.
C:\Program Files\vghd\Data\a0176 folder moved successfully.
C:\Program Files\vghd\Data\a0175 folder moved successfully.
C:\Program Files\vghd\Data\a0167 folder moved successfully.
C:\Program Files\vghd\Data\a0160 folder moved successfully.
C:\Program Files\vghd\Data\a0148 folder moved successfully.
C:\Program Files\vghd\Data\a0132 folder moved successfully.
C:\Program Files\vghd\Data\a0118 folder moved successfully.
C:\Program Files\vghd\Data\a0111 folder moved successfully.
C:\Program Files\vghd\Data\a0110 folder moved successfully.
C:\Program Files\vghd\Data\a0090 folder moved successfully.
C:\Program Files\vghd\Data\a0067 folder moved successfully.
C:\Program Files\vghd\Data\a0057 folder moved successfully.
C:\Program Files\vghd\Data\a0054 folder moved successfully.
C:\Program Files\vghd\Data\a0049 folder moved successfully.
C:\Program Files\vghd\Data\a0024 folder moved successfully.
C:\Program Files\vghd\Data\a0018 folder moved successfully.
C:\Program Files\vghd\Data folder moved successfully.
C:\Program Files\vghd\a0008 folder moved successfully.
C:\Program Files\vghd folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Lobo
->Temp folder emptied: 17831286 bytes
->Temporary Internet Files folder emptied: 8593210 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 38991720 bytes
->Flash cache emptied: 1424 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 580 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 62,00 mb


OTM by OldTimer - Version 3.1.10.0 log created on 03072010_155042

Files moved on Reboot...

Registry entries deleted on Reboot...