Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

CLEANUP ANTIVIRUS....

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
tmoravek
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 11 bře 2010 15:10

Re: CLEANUP ANTIVIRUS....

#46 Příspěvek od tmoravek »

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 21:40 on 11/03/2010 by Tom (Administrator - Elevation successful)

========== filefind ==========

Searching for "CleanUp.*"
No files found.

========== regfind ==========

Searching for "CleanUp"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\CleanupWiz]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E96F5460-09CE-4f46-88B1-F4B6B4A8E252}]
@="Windows Media Player Transcode Files Cache Cleanup Handler"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F7A4F1DA-96C3-4BCF-BEB3-1D9FFDE89EE9}]
@="ComCacheCleanup 1.0 Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F7A4F1DA-96C3-4BCF-BEB3-1D9FFDE89EE9}\ProgID]
@="NODEMGR.ComCacheCleanup.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F7A4F1DA-96C3-4BCF-BEB3-1D9FFDE89EE9}\VersionIndependentProgID]
@="NODEMGR.ComCacheCleanup"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{01689689-7ACB-4E9B-AB7C-7EA46B12B522}]
@="ITfCleanupContextSink"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{45C35144-154E-4797-BED8-D33AE7BF8794}]
@="ITfCleanupContextDurationSink"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NODEMGR.ComCacheCleanup]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NODEMGR.ComCacheCleanup]
@="ComCacheCleanup 1.0 Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NODEMGR.ComCacheCleanup\CurVer]
@="NODEMGR.ComCacheCleanup.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NODEMGR.ComCacheCleanup.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NODEMGR.ComCacheCleanup.1]
@="ComCacheCleanup 1.0 Object"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\Providers\Trust\Cleanup]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\cleanuppath]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Cleanup.dll]
[HKEY_USERS\S-1-5-21-1409082233-1060284298-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\CleanupWiz]

========== folderfind ==========

Searching for "CleanUp"
No folders found.

-=End Of File=-
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: CLEANUP ANTIVIRUS....

#47 Příspěvek od Caroprd111 »

OK, ještě OTL.
Obrázek
Nahoru
tmoravek
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 11 bře 2010 15:10

Re: CLEANUP ANTIVIRUS....

#48 Příspěvek od tmoravek »

OTL logfile created on: 11.3.2010 21:42:32 - Run 1
OTL by OldTimer - Version 3.1.36.1 Folder = I:\Documents and Settings\Tom\Plocha\HRY TOMINO
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): I:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = I: | %SystemRoot% = I:\C | %ProgramFiles% = I:\Program Files
C: Drive not present or media not loaded
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 232,88 Gb Total Space | 18,14 Gb Free Space | 7,79% Space Free | Partition Type: NTFS

Computer Name: 22D149F14D3645C
Current User Name: Tom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.03.11 21:42:16 | 000,554,496 | ---- | M] (OldTimer Tools) -- I:\Documents and Settings\Tom\Plocha\HRY TOMINO\OTL.exe
PRC - [2010.02.23 13:34:27 | 000,908,248 | ---- | M] (Mozilla Corporation) -- I:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.12.23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2009.08.21 12:04:20 | 001,032,704 | ---- | M] (Microsoft Corporation) -- I:\C\explorer.exe
PRC - [2007.05.17 22:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) -- I:\Program Files\Microsoft LifeCam\MSCamS32.exe


========== Modules (SafeList) ==========

MOD - [2010.03.11 21:42:16 | 000,554,496 | ---- | M] (OldTimer Tools) -- I:\Documents and Settings\Tom\Plocha\HRY TOMINO\OTL.exe
MOD - [2004.08.17 14:48:02 | 001,050,624 | R--- | M] (Microsoft Corporation) -- I:\C\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009.12.23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- I:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.10.27 09:26:36 | 000,657,408 | ---- | M] (Nokia) [On_Demand | Stopped] -- I:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.05.17 22:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- I:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Running] -- -- (catchme)
DRV - [2010.02.25 15:22:00 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- I:\C\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.01.14 10:19:15 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- I:\C\gdrv.sys -- (gdrv)
DRV - [2009.11.25 04:50:16 | 004,463,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- I:\C\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.10.06 11:52:50 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- I:\C\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.10.06 11:52:34 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- I:\C\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.10.06 11:52:34 | 000,017,664 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- I:\C\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.10.06 11:52:34 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- I:\C\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- I:\C\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.03.29 10:20:55 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- I:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008.03.29 10:20:55 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- I:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008.02.14 10:04:06 | 004,676,096 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- I:\C\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008.01.03 15:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- I:\C\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.09.25 15:59:46 | 000,015,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- I:\Program Files\MediaCoder\SysInfo.sys -- (CrystalSysInfo)
DRV - [2007.04.10 22:46:48 | 001,966,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- I:\C\system32\drivers\VX3000.sys -- (VX3000)
DRV - [2005.01.07 17:07:18 | 000,138,752 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- I:\C\system32\drivers\Hdaudbus.sys -- (HDAudBus)
DRV - [2004.08.04 00:07:56 | 000,059,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- I:\C\system32\drivers\USBAUDIO.sys -- (usbaudio) Ovladač zvukové karty USB (WDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = I:\C\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://mail.radiobeat.cz/webmail/index. ... google.cz/"
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:3.5
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.723
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: I:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010.01.14 06:34:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: I:\Program Files\Mozilla Firefox\components [2010.03.08 15:23:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: I:\Program Files\Mozilla Firefox\plugins [2010.02.23 13:34:32 | 000,000,000 | ---D | M]

[2010.01.13 19:30:59 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Tom\Data aplikací\Mozilla\Extensions
[2010.03.11 08:47:34 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Tom\Data aplikací\Mozilla\Firefox\Profiles\ehwr9ox5.default\extensions
[2010.03.06 16:04:47 | 000,000,000 | ---D | M] -- I:\Documents and Settings\Tom\Data aplikací\Mozilla\Firefox\Profiles\ehwr9ox5.default\extensions\illimitux@illimitux.net
[2010.03.11 21:37:25 | 000,000,000 | ---D | M] -- I:\Program Files\Mozilla Firefox\extensions
[2008.11.11 08:38:54 | 000,663,552 | ---- | M] (BitComet) -- I:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll

Hosts file not found
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4 - HKLM..\Run: [LifeCam] I:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NeroFilterCheck] I:\C\system32\nerocheck.exe ()
O4 - HKLM..\Run: [QuickTime Task] i:\program files\quicktime\qttask .exe File not found
O4 - HKLM..\Run: [TO2SSM_McciTrayApp] I:\Program Files\TO2SSM\mccitrayapp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [VX3000] I:\C\vvx3000.exe ()
O4 - HKCU..\Run: [AlcoholAutomount] I:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [PC Suite Tray] I:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O12 - Plugin for: .spop - I:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - I:\C\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - I:\C\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.03.11 21:36:52 | 000,000,000 | RH-D | C] -- I:\Documents and Settings\Tom\Recent
[2010.03.11 21:36:52 | 000,000,000 | -HSD | C] -- I:\RECYCLER
[2010.03.11 21:23:25 | 000,000,000 | ---D | C] -- I:\C\temp
[2010.03.11 20:54:05 | 000,057,856 | ---- | C] (Microsoft Corporation) -- I:\spoolsv.exe
[2010.03.11 19:26:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- I:\C\System32\drivers\mbamswissarmy.sys
[2010.03.11 19:26:52 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- I:\C\System32\drivers\mbam.sys
[2010.03.11 19:26:52 | 000,000,000 | ---D | C] -- I:\Program Files\Malwarebytes' Anti-Malware
[2010.03.11 18:42:24 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Plocha\s
[2010.03.11 17:55:50 | 000,000,000 | RHSD | C] -- I:\cmdcons
[2010.03.11 17:55:00 | 000,212,480 | ---- | C] (SteelWerX) -- I:\C\SWXCACLS.exe
[2010.03.11 17:55:00 | 000,161,792 | ---- | C] (SteelWerX) -- I:\C\SWREG.exe
[2010.03.11 17:55:00 | 000,136,704 | ---- | C] (SteelWerX) -- I:\C\SWSC.exe
[2010.03.11 17:55:00 | 000,031,232 | ---- | C] (NirSoft) -- I:\C\NIRCMD.exe
[2010.03.11 17:54:47 | 000,000,000 | ---D | C] -- I:\C\ERDNT
[2010.03.11 17:52:18 | 000,000,000 | ---D | C] -- I:\Qoobox
[2010.03.11 16:48:34 | 000,000,000 | ---D | C] -- I:\_OTM
[2010.03.11 16:47:05 | 000,508,416 | ---- | C] (OldTimer Tools) -- I:\Documents and Settings\Tom\Plocha\OTM.exe
[2010.03.11 15:51:25 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Local Settings\Data aplikací\Threat Expert
[2010.03.11 15:26:03 | 000,000,000 | ---D | C] -- I:\Program Files\Spyware Doctor
[2010.03.11 15:18:20 | 000,000,000 | ---D | C] -- I:\Program Files\trend micro
[2010.03.11 15:18:20 | 000,000,000 | ---D | C] -- I:\rsit
[2010.03.11 13:41:55 | 000,000,000 | ---D | C] -- I:\C\pss
[2010.03.11 13:39:12 | 000,000,000 | ---D | C] -- I:\Program Files\Enigma Software Group
[2010.03.11 12:42:13 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Data aplikací\Malwarebytes
[2010.03.11 12:42:09 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users.C\Data aplikací\Malwarebytes
[2010.03.10 12:39:20 | 000,000,000 | ---D | C] -- I:\Program Files\Activision
[2010.03.10 12:29:48 | 000,000,000 | -HSD | C] -- I:\C\ftpcache
[2010.03.09 20:59:57 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Data aplikací\FreeScreenToVideo
[2010.03.09 20:59:57 | 000,000,000 | ---D | C] -- I:\Program Files\Free Screen To Video
[2010.03.04 21:38:31 | 000,014,640 | ---- | C] (Microsoft Corporation) -- I:\C\System32\spmsg.dll
[2010.03.04 21:37:22 | 000,000,000 | ---D | C] -- I:\10f2fcf118b3d0875d
[2010.03.02 21:42:24 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Data aplikací\FileZilla
[2010.03.01 23:37:13 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Data aplikací\Ahead
[2010.03.01 19:26:14 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Dokumenty\Alcohol 120%
[2010.02.28 14:02:40 | 000,000,000 | ---D | C] -- I:\Program Files\PopCap Games
[2010.02.25 15:31:13 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Dokumenty\WinterGames
[2010.02.25 15:30:50 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Local Settings\Data aplikací\WinterGames
[2010.02.25 15:24:45 | 000,000,000 | ---D | C] -- I:\Program Files\Alcohol Soft
[2010.02.25 15:12:54 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- I:\C\System32\drivers\sptd.sys
[2010.02.25 15:12:28 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Desktop
[2010.02.23 17:09:32 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Plocha\Headway (New) - Beginner
[2010.02.23 17:09:32 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Dokumenty\Downloads
[2010.02.23 17:08:05 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Data aplikací\uTorrent
[2010.02.23 15:22:05 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- I:\C\System32\javaws.exe
[2010.02.23 15:22:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- I:\C\System32\javaw.exe
[2010.02.23 15:22:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- I:\C\System32\java.exe
[2010.02.16 09:09:27 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Plocha\F O T K Y
[2010.02.16 09:01:53 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Plocha\HRY TOMINO
[2010.02.15 22:20:22 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Dokumenty\BlueVoda
[2010.02.15 22:19:30 | 000,737,280 | ---- | C] (Indigo Rose Corporation) -- I:\C\iun6002.exe
[2010.02.15 22:19:01 | 000,000,000 | ---D | C] -- I:\Program Files\BlueVoda Website Builder
[2010.02.14 21:45:45 | 001,802,240 | ---- | C] (Ahead Software AG) -- I:\C\UNNMP.exe
[2010.02.14 21:43:16 | 001,814,528 | ---- | C] (Ahead Software AG) -- I:\C\UNNeroVision.exe
[2010.02.14 21:43:16 | 000,024,064 | ---- | C] (Microsoft Corporation) -- I:\C\System32\msxml3a.dll
[2010.02.14 21:43:00 | 000,000,000 | ---D | C] -- I:\Documents and Settings\All Users.C\Data aplikací\Ahead
[2010.02.14 21:42:59 | 000,569,344 | ---- | C] (Pegasus Software,LLC) -- I:\C\System32\imagr5.dll
[2010.02.14 21:42:59 | 000,544,768 | ---- | C] (Pegasus Software, LLC) -- I:\C\System32\imagx5.dll
[2010.02.14 21:42:59 | 000,283,920 | ---- | C] (Pegasus Software, LLC) -- I:\C\System32\ImagXpr5.dll
[2010.02.14 21:42:59 | 000,106,496 | ---- | C] (Pegasus Software) -- I:\C\System32\TwnLib20.dll
[2010.02.14 21:42:59 | 000,038,912 | ---- | C] (Pegasus Imaging Corp.) -- I:\C\System32\picn20.dll
[2010.02.14 21:42:58 | 000,000,000 | ---D | C] -- I:\Program Files\Common Files\Ahead
[2010.02.14 18:16:50 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Plocha\Andriss
[2010.02.11 09:26:49 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Dokumenty\mySite
[2010.02.11 00:15:45 | 000,000,000 | ---D | C] -- I:\Documents and Settings\Tom\Plocha\HoupacíFest
[2009.07.18 18:43:40 | 000,000,000 | ---D | M] -- I:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.02.08 07:05:53 | 000,000,000 | ---D | M] -- I:\Documents and Settings\LocalService\Local Settings\Data aplikací\Google
[2009.02.06 17:33:33 | 000,000,000 | ---D | M] -- I:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Google
[2008.12.15 21:24:02 | 000,000,000 | ---D | M] -- I:\Documents and Settings\NetworkService\Local Settings\Data aplikací\free-downloads.net
[2008.11.17 21:24:00 | 000,000,000 | ---D | M] -- I:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2008.10.18 21:56:41 | 001,851,544 | ---- | C] (Adobe Systems Incorporated) -- I:\Program Files\install_flash_player.exe
[2008.10.18 18:36:51 | 000,000,000 | ---D | M] -- I:\Documents and Settings\NetworkService\Data aplikací\Bytemobile
[2008.10.13 15:38:41 | 000,000,000 | ---D | M] -- I:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[2008.10.10 23:06:51 | 000,000,000 | --SD | M] -- I:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2008.10.10 23:06:51 | 000,000,000 | --SD | M] -- I:\Documents and Settings\LocalService\Data aplikací\Microsoft

========== Files - Modified Within 30 Days ==========

[2010.03.11 21:40:03 | 000,100,908 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\SystemLook.exe
[2010.03.11 21:36:13 | 000,001,559 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\CCleaner.lnk
[2010.03.11 21:33:00 | 000,000,934 | ---- | M] () -- I:\C\tasks\GoogleUpdateTaskMachineUA.job
[2010.03.11 21:27:45 | 009,496,575 | ---- | M] () -- I:\Qoobox.zip
[2010.03.11 21:27:06 | 000,199,259 | ---- | M] () -- I:\_OTM.rar
[2010.03.11 21:26:18 | 000,233,759 | ---- | M] () -- I:\_OTM.zip
[2010.03.11 21:23:24 | 000,000,006 | -H-- | M] () -- I:\C\tasks\SA.DAT
[2010.03.11 21:22:40 | 000,000,227 | ---- | M] () -- I:\C\system.ini
[2010.03.11 20:57:17 | 000,002,262 | ---- | M] () -- I:\C\System32\wpa.dbl
[2010.03.11 20:57:06 | 000,000,930 | ---- | M] () -- I:\C\tasks\GoogleUpdateTaskMachineCore.job
[2010.03.11 20:57:04 | 000,002,048 | --S- | M] () -- I:\C\bootstat.dat
[2010.03.11 20:56:06 | 004,194,304 | ---- | M] () -- I:\Documents and Settings\Tom\ntuser.dat
[2010.03.11 20:56:01 | 000,000,178 | -HS- | M] () -- I:\Documents and Settings\Tom\ntuser.ini
[2010.03.11 20:55:56 | 004,320,576 | -H-- | M] () -- I:\Documents and Settings\Tom\Local Settings\Data aplikací\IconCache.db
[2010.03.11 20:55:53 | 000,000,004 | ---- | M] () -- I:\Program Files\366453.dat
[2010.03.11 20:53:21 | 000,724,217 | ---- | M] () -- I:\Soubory.zip
[2010.03.11 20:51:00 | 000,040,448 | ---- | M] () -- I:\C\System32\nerocheck.exe
[2010.03.11 20:50:56 | 000,040,448 | ---- | M] () -- I:\C\vvx3000.exe
[2010.03.11 20:39:31 | 000,040,448 | ---- | M] () -- I:\C\System32\nerocheck.exe.delme49
[2010.03.11 19:26:55 | 000,000,707 | ---- | M] () -- I:\Documents and Settings\All Users.C\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.03.11 18:43:44 | 000,000,590 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\Zástupce - ComboFix.lnk
[2010.03.11 18:28:00 | 000,039,864 | ---- | M] () -- I:\Documents and Settings\Tom\Local Settings\Data aplikací\GDIPFONTCACHEV1.DAT
[2010.03.11 18:15:42 | 000,000,027 | ---- | M] () -- I:\C\System32\drivers\etc\hosts.old
[2010.03.11 17:55:55 | 000,000,269 | RHS- | M] () -- I:\boot.ini
[2010.03.11 17:46:04 | 000,192,184 | ---- | M] () -- I:\C\System32\FNTCACHE.DAT
[2010.03.11 17:44:20 | 000,019,968 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\SPOT1.doc
[2010.03.11 17:26:19 | 000,002,549 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\Microsoft Office Word 2003.lnk
[2010.03.11 16:47:05 | 000,508,416 | ---- | M] (OldTimer Tools) -- I:\Documents and Settings\Tom\Plocha\OTM.exe
[2010.03.11 15:06:16 | 000,000,582 | ---- | M] () -- I:\C\win.ini
[2010.03.10 19:04:20 | 000,000,030 | ---- | M] () -- I:\C\popcinfot.dat
[2010.03.10 18:55:08 | 000,053,760 | ---- | M] () -- I:\Documents and Settings\Tom\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.10 18:55:08 | 000,000,049 | ---- | M] () -- I:\C\NeroDigital.ini
[2010.03.10 16:47:33 | 000,002,271 | ---- | M] () -- I:\Documents and Settings\All Users.C\Plocha\Skype.lnk
[2010.03.10 14:46:31 | 001,185,462 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\Bss2009 Ic sponzori spot 60.MP3
[2010.03.10 14:46:21 | 001,273,101 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\Bss2009 Ib sponzori spot 80.MP3
[2010.03.10 14:45:25 | 001,130,070 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\Bss2009 Ia sponzori spot 70.MP3
[2010.03.10 12:48:27 | 000,001,691 | ---- | M] () -- I:\Documents and Settings\All Users.C\Plocha\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
[2010.03.10 12:48:23 | 000,000,319 | ---- | M] () -- I:\C\game.ini
[2010.03.10 12:28:47 | 000,022,328 | ---- | M] () -- I:\Documents and Settings\Tom\Data aplikací\PnkBstrK.sys
[2010.03.10 12:28:47 | 000,022,328 | ---- | M] () -- I:\C\System32\drivers\PnkBstrK.sys
[2010.03.10 12:17:35 | 000,618,432 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\Muj sport 2_kola_sex_spot 30.mp3
[2010.03.10 12:11:27 | 000,620,184 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\Muj sport_kola_jaro_2009_ 3 spot 30.mp3
[2010.03.09 20:59:59 | 000,000,812 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\Free Screen To Video.lnk
[2010.03.09 17:54:40 | 000,017,121 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\grandfunk-wereanamerican.jpg
[2010.03.09 13:48:17 | 000,059,836 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\inv110092720.pdf
[2010.03.08 19:58:35 | 000,102,018 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\Plakat.pdf
[2010.03.08 07:36:25 | 004,505,458 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\CVCW.pdf
[2010.03.04 23:25:06 | 000,023,392 | ---- | M] () -- I:\C\System32\nscompat.tlb
[2010.03.04 23:25:06 | 000,016,832 | ---- | M] () -- I:\C\System32\amcompat.tlb
[2010.03.03 08:09:23 | 000,000,600 | ---- | M] () -- I:\Documents and Settings\Tom\Local Settings\Data aplikací\PUTTY.RND
[2010.03.02 12:35:27 | 000,000,162 | -H-- | M] () -- I:\Documents and Settings\Tom\Dokumenty\~$aneb.doc
[2010.03.02 12:00:15 | 000,000,754 | ---- | M] () -- I:\C\System32\drivers\etc\hosts.bak
[2010.03.01 19:27:03 | 000,000,279 | ---- | M] () -- I:\Documents and Settings\Tom\Dokumenty\ax_files.xml
[2010.02.28 14:02:41 | 000,000,881 | ---- | M] () -- I:\Documents and Settings\All Users.C\Plocha\Peggle Deluxe.lnk
[2010.02.28 14:02:40 | 000,000,000 | ---- | M] () -- I:\C\popcreg.dat
[2010.02.27 11:29:00 | 000,000,284 | ---- | M] () -- I:\C\tasks\AppleSoftwareUpdate.job
[2010.02.25 15:24:49 | 000,000,844 | ---- | M] () -- I:\Documents and Settings\All Users.C\Plocha\Alcohol 120%.lnk
[2010.02.25 15:22:00 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- I:\C\System32\drivers\sptd.sys
[2010.02.23 17:08:06 | 000,000,816 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\µTorrent.lnk
[2010.02.16 16:55:00 | 000,000,680 | ---- | M] () -- I:\Documents and Settings\Tom\Plocha\Zástupce - PsiOps.lnk
[2010.02.15 22:57:34 | 000,737,280 | ---- | M] (Indigo Rose Corporation) -- I:\C\iun6002.exe
[2010.02.14 21:45:26 | 000,001,328 | ---- | M] () -- I:\Documents and Settings\All Users.C\Plocha\Nero StartSmart.lnk

========== Files Created - No Company Name ==========

[2010.03.11 21:40:03 | 000,100,908 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\SystemLook.exe
[2010.03.11 21:36:13 | 000,001,559 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\CCleaner.lnk
[2010.03.11 21:27:44 | 009,496,575 | ---- | C] () -- I:\Qoobox.zip
[2010.03.11 21:27:05 | 000,199,259 | ---- | C] () -- I:\_OTM.rar
[2010.03.11 21:26:17 | 000,233,759 | ---- | C] () -- I:\_OTM.zip
[2010.03.11 20:55:53 | 000,000,004 | ---- | C] () -- I:\Program Files\366453.dat
[2010.03.11 20:53:20 | 000,724,217 | ---- | C] () -- I:\Soubory.zip
[2010.03.11 19:26:55 | 000,000,707 | ---- | C] () -- I:\Documents and Settings\All Users.C\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.03.11 18:43:44 | 000,000,590 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\Zástupce - ComboFix.lnk
[2010.03.11 17:55:55 | 000,000,198 | ---- | C] () -- I:\Boot.bak
[2010.03.11 17:55:52 | 000,261,312 | ---- | C] () -- I:\cmldr
[2010.03.11 17:55:00 | 000,261,632 | ---- | C] () -- I:\C\PEV.exe
[2010.03.11 17:55:00 | 000,098,816 | ---- | C] () -- I:\C\sed.exe
[2010.03.11 17:55:00 | 000,080,412 | ---- | C] () -- I:\C\grep.exe
[2010.03.11 17:55:00 | 000,077,312 | ---- | C] () -- I:\C\MBR.exe
[2010.03.11 17:55:00 | 000,068,096 | ---- | C] () -- I:\C\zip.exe
[2010.03.11 17:44:20 | 000,019,968 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\SPOT1.doc
[2010.03.10 14:46:26 | 001,185,462 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\Bss2009 Ic sponzori spot 60.MP3
[2010.03.10 14:46:19 | 001,273,101 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\Bss2009 Ib sponzori spot 80.MP3
[2010.03.10 14:45:24 | 001,130,070 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\Bss2009 Ia sponzori spot 70.MP3
[2010.03.10 12:48:27 | 000,001,691 | ---- | C] () -- I:\Documents and Settings\All Users.C\Plocha\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
[2010.03.10 12:28:47 | 000,022,328 | ---- | C] () -- I:\Documents and Settings\Tom\Data aplikací\PnkBstrK.sys
[2010.03.10 12:28:47 | 000,022,328 | ---- | C] () -- I:\C\System32\drivers\PnkBstrK.sys
[2010.03.10 12:28:31 | 000,103,736 | ---- | C] () -- I:\C\System32\PnkBstrB.exe
[2010.03.10 12:28:30 | 000,066,872 | ---- | C] () -- I:\C\System32\PnkBstrA.exe
[2010.03.10 12:28:28 | 000,000,319 | ---- | C] () -- I:\C\game.ini
[2010.03.10 12:17:32 | 000,618,432 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\Muj sport 2_kola_sex_spot 30.mp3
[2010.03.10 12:11:22 | 000,620,184 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\Muj sport_kola_jaro_2009_ 3 spot 30.mp3
[2010.03.09 20:59:59 | 000,000,812 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\Free Screen To Video.lnk
[2010.03.09 17:54:39 | 000,017,121 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\grandfunk-wereanamerican.jpg
[2010.03.09 13:48:17 | 000,059,836 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\inv110092720.pdf
[2010.03.08 19:58:34 | 000,102,018 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\Plakat.pdf
[2010.03.08 07:36:00 | 004,505,458 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\CVCW.pdf
[2010.03.03 08:09:13 | 000,000,600 | ---- | C] () -- I:\Documents and Settings\Tom\Local Settings\Data aplikací\PUTTY.RND
[2010.03.02 12:35:27 | 000,000,162 | -H-- | C] () -- I:\Documents and Settings\Tom\Dokumenty\~$aneb.doc
[2010.02.28 14:02:41 | 000,000,881 | ---- | C] () -- I:\Documents and Settings\All Users.C\Plocha\Peggle Deluxe.lnk
[2010.02.28 14:02:40 | 000,000,030 | ---- | C] () -- I:\C\popcinfot.dat
[2010.02.28 14:02:40 | 000,000,000 | ---- | C] () -- I:\C\popcreg.dat
[2010.02.25 19:41:19 | 000,000,279 | ---- | C] () -- I:\Documents and Settings\Tom\Dokumenty\ax_files.xml
[2010.02.25 15:24:49 | 000,000,844 | ---- | C] () -- I:\Documents and Settings\All Users.C\Plocha\Alcohol 120%.lnk
[2010.02.23 17:08:06 | 000,000,816 | ---- | C] () -- I:\Documents and Settings\Tom\Plocha\µTorrent.lnk
[2010.02.15 10:23:48 | 000,000,049 | ---- | C] () -- I:\C\NeroDigital.ini
[2010.02.14 21:45:46 | 000,052,418 | ---- | C] () -- I:\C\UNNMP.cfg
[2010.02.14 21:45:26 | 000,001,328 | ---- | C] () -- I:\Documents and Settings\All Users.C\Plocha\Nero StartSmart.lnk
[2010.02.14 21:44:19 | 000,040,448 | ---- | C] () -- I:\C\System32\nerocheck.exe.delme49
[2010.02.14 21:44:19 | 000,040,448 | ---- | C] () -- I:\C\System32\nerocheck.exe
[2010.02.14 21:43:16 | 000,096,891 | ---- | C] () -- I:\C\UNNeroVision.cfg
[2010.01.14 20:41:56 | 000,043,520 | ---- | C] () -- I:\C\System32\CmdLineExt03.dll
[2010.01.14 10:41:46 | 000,053,760 | ---- | C] () -- I:\Documents and Settings\Tom\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.14 07:06:22 | 000,000,372 | ---- | C] () -- I:\C\ODBC.INI
[2010.01.13 20:24:15 | 000,000,124 | ---- | C] () -- I:\Documents and Settings\Tom\Data aplikací\Options.ini
[2010.01.13 19:12:20 | 000,015,498 | ---- | C] () -- I:\C\VX3000.ini
[2009.08.06 13:42:30 | 001,112,250 | ---- | C] () -- I:\Program Files\autosave.sav
[2004.08.17 14:49:10 | 000,081,920 | ---- | C] () -- I:\C\System32\ieencode.dll
[2004.07.17 10:36:38 | 000,027,440 | ---- | C] () -- I:\C\System32\drivers\secdrv.sys
[2003.04.09 15:38:04 | 000,005,664 | ---- | C] () -- I:\C\System32\OUTLPERF.INI
[2002.10.06 19:42:57 | 000,237,568 | ---- | C] () -- I:\C\System32\OggDS.dll
[2002.10.05 00:04:25 | 000,921,600 | ---- | C] () -- I:\C\System32\vorbisenc.dll
[2002.10.05 00:04:24 | 000,188,416 | ---- | C] () -- I:\C\System32\vorbis.dll
[2002.10.05 00:04:17 | 000,045,056 | ---- | C] () -- I:\C\System32\ogg.dll
[2000.10.01 19:31:24 | 000,018,768 | ---- | C] () -- I:\Program Files\SECDRV.SYS
[2000.09.28 13:02:26 | 000,073,728 | ---- | C] () -- I:\Program Files\MPH.EXE
[2000.09.26 15:12:46 | 000,001,715 | ---- | C] () -- I:\Program Files\RA2.INI
[2000.07.27 15:22:08 | 000,286,208 | ---- | C] () -- I:\Program Files\BINKW32.DLL
[2000.07.17 09:45:38 | 000,171,520 | ---- | C] () -- I:\Program Files\PATCHW32.DLL
[2000.06.27 18:00:28 | 000,000,766 | ---- | C] () -- I:\Program Files\NOTES.ICO
[2000.03.10 13:20:44 | 000,002,348 | ---- | C] () -- I:\Program Files\Blowfish.tlb
< End of report >
Nahoru
tmoravek
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 11 bře 2010 15:10

Re: CLEANUP ANTIVIRUS....

#49 Příspěvek od tmoravek »

OTL Extras logfile created on: 11.3.2010 21:42:32 - Run 1
OTL by OldTimer - Version 3.1.36.1 Folder = I:\Documents and Settings\Tom\Plocha\HRY TOMINO
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free
4,00 Gb Paging File | 4,00 Gb Available in Paging File | 93,00% Paging File free
Paging file location(s): I:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = I: | %SystemRoot% = I:\C | %ProgramFiles% = I:\Program Files
C: Drive not present or media not loaded
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 232,88 Gb Total Space | 18,14 Gb Free Space | 7,79% Space Free | Partition Type: NTFS

Computer Name: 22D149F14D3645C
Current User Name: Tom
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- I:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "I:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
jsfile [edit] -- "I:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "I:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "I:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"I:\Program Files\Microsoft LifeCam\LifeExp.exe" = I:\Program Files\Microsoft LifeCam\LifeExp.exe:*:Enabled:LifeExp.exe -- (Microsoft Corporation)
"I:\C\system32\dpvsetup.exe" = I:\C\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"I:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat" = I:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\game.dat:*:Enabled:The Battle for Middle-earth (tm) -- ()
"I:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\patchget.dat" = I:\Program Files\EA GAMES\The Battle for Middle-earth (tm)\patchget.dat:*:Enabled:patchgrabber -- (Electronic Arts)
"I:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = I:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"I:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = I:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"I:\Program Files\Nokia\Nokia PC Suite 7\VideoManager.exe" = I:\Program Files\Nokia\Nokia PC Suite 7\VideoManager.exe:*:Enabled:Nokia Video Manager -- (Nokia)
"I:\Program Files\Microsoft LifeCam\LifeCam.exe" = I:\Program Files\Microsoft LifeCam\LifeCam.exe:*:Enabled:LifeCam.exe -- (Microsoft Corporation)
"I:\Documents and Settings\Tom\Data aplikací\uTorrent\utorrent.exe" = I:\Documents and Settings\Tom\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"I:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe" = I:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01840D1A-3B62-1E2A-9997-C9B9007F1E5F}" = Catalyst Control Center Core Implementation
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{33BA828D-CF19-0B52-8483-61FCFD83F75D}" = Catalyst Control Center HydraVision Full
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{362CCC45-63D1-9688-C74D-F32F1B0CD919}" = CCC Help English
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = The Battle for Middle-earth (tm)
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{4183E4E3-F943-416C-D4E1-0673F1CBA6E1}" = ccc-utility
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{63AFACBC-4795-4A1B-8037-5085DC03FC54}" = Microsoft LifeCam
"{6869591A-7DD8-46D2-837F-57CBF7358955}" = Nokia Connectivity Cable Driver
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FAC221-570C-A7A2-10FF-30F3BDDED603}" = Catalyst Control Center Graphics Light
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{77C4F53F-8618-B4AC-A54D-694CA504BC2E}" = Catalyst Control Center Graphics Full Existing
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{90110405-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{A52C4BAB-E8E7-906E-EF34-91EA765505BE}" = ccc-core-preinstall
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{EB2E2ED5-DE74-F09D-3B23-0C4BA51D8C60}" = Catalyst Control Center Graphics Previews Common
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD3D9B16-44E4-4231-E1E2-85C40A115F87}" = ATI Catalyst Install Manager
"{FDE0EEEA-B1CD-BFED-22BB-AD87B886CC47}" = Catalyst Control Center Graphics Full New
"µTorrent CZ_is1" = µTorrent CZ 1.8.5 (build 17414)
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATI Display Driver" = ATI Display Driver
"CCleaner" = CCleaner
"Free Screen To Video_is1" = Free Screen To Video V 1.2
"HijackThis" = HijackThis 2.0.2
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"JPEG Imager_is1" = JPEG Imager 2.4.1.37
"Ladicka" = Ladicka
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaCoder" = MediaCoder 0.7.2.4560
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.5.8)" = Mozilla Firefox (3.5.8)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroVision!UninstallKey" = NeroVision Express 2
"NMPUninstallKey" = Nero Media Player
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"O2 Internet Konfigurator" = O2 Internet Konfigurator
"Peggle Deluxe 1.01" = Peggle Deluxe 1.01
"VLC media player" = VLC media player 1.0.3
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 16.2.2010 11:53:57 | Computer Name = 22D149F14D3645C | Source = Application Error | ID = 1000
Description = Chybující aplikace wmplayer.exe, verze 9.0.0.3250, chybující modul
gdi32.dll, verze 5.1.2600.2180, adresa chyby 0x00011b26.

Error - 17.2.2010 4:30:47 | Computer Name = 22D149F14D3645C | Source = JavaQuickStarterService | ID = 1
Description =

Error - 17.2.2010 7:13:50 | Computer Name = 22D149F14D3645C | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace wmplayer.exe, verze 9.0.0.3250, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 17.2.2010 9:08:30 | Computer Name = 22D149F14D3645C | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace firefox.exe, verze 1.9.1.3642, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.

Error - 17.2.2010 10:28:25 | Computer Name = 22D149F14D3645C | Source = Google Update | ID = 20
Description =

Error - 17.2.2010 11:28:25 | Computer Name = 22D149F14D3645C | Source = Google Update | ID = 20
Description =

Error - 17.2.2010 11:43:38 | Computer Name = 22D149F14D3645C | Source = JavaQuickStarterService | ID = 1
Description =

Error - 23.2.2010 6:49:10 | Computer Name = 22D149F14D3645C | Source = JavaQuickStarterService | ID = 1
Description =

Error - 23.2.2010 8:34:09 | Computer Name = 22D149F14D3645C | Source = Application Error | ID = 1000
Description = Chybující aplikace firefox.exe, verze 1.9.1.3642, chybující modul
xul.dll, verze 1.9.1.3642, adresa chyby 0x0029e219.

Error - 23.2.2010 10:14:24 | Computer Name = 22D149F14D3645C | Source = Application Error | ID = 1000
Description = Chybující aplikace explorer.exe, verze 6.0.2900.2180, chybující modul
emzdecmp4_h263.dll, verze 2.9.0.0, adresa chyby 0x00002847.

[ System Events ]
Error - 11.3.2010 13:16:30 | Computer Name = 22D149F14D3645C | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126

Error - 11.3.2010 13:27:49 | Computer Name = 22D149F14D3645C | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126

Error - 11.3.2010 13:47:15 | Computer Name = 22D149F14D3645C | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126

Error - 11.3.2010 13:48:10 | Computer Name = 22D149F14D3645C | Source = Service Control Manager | ID = 7034
Description = Služba McciCMService byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 11.3.2010 14:23:07 | Computer Name = 22D149F14D3645C | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126

Error - 11.3.2010 15:26:10 | Computer Name = 22D149F14D3645C | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126

Error - 11.3.2010 15:39:09 | Computer Name = 22D149F14D3645C | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126

Error - 11.3.2010 15:50:38 | Computer Name = 22D149F14D3645C | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126

Error - 11.3.2010 15:57:17 | Computer Name = 22D149F14D3645C | Source = Service Control Manager | ID = 7023
Description = Služba Automatické aktualizace byla ukončena s následující chybou:
%%126

Error - 11.3.2010 15:58:26 | Computer Name = 22D149F14D3645C | Source = Service Control Manager | ID = 7034
Description = Služba McciCMService byla neočekávaně ukončena. Tento stav nastal
již 1krát.


< End of report >
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: CLEANUP ANTIVIRUS....

#50 Příspěvek od Caroprd111 »

Obrázek Stáhněte a uložte na plochu SystemLook http://jpshortstuff.247fixes.com/SystemLook.exe
  • Spusťte, do okénka zkopírujte text z bílého okna.

Kód: Vybrat vše

:filefind
explorer.exe
  • klikněte na Look, po dokončení skenu na Vás vyskočí log, zkopírujte ho sem.


Obrázek Jak to vypadá s PC :???:
Obrázek
Nahoru
tmoravek
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 11 bře 2010 15:10

Re: CLEANUP ANTIVIRUS....

#51 Příspěvek od tmoravek »

ystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 21:56 on 11/03/2010 by Tom (Administrator - Elevation successful)

========== filefind ==========

Searching for "explorer.exe"
I:\C\ERDNT\cache\explorer.exe --a--c 1032704 bytes [20:04 11/03/2010] [11:04 21/08/2009] 53114D57AB73A406AC7F602227781A99
I:\C\explorer.exe -----c 1032704 bytes [13:49 17/08/2004] [11:04 21/08/2009] 53114D57AB73A406AC7F602227781A99
I:\C\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\explorer.exe --a--c 1034240 bytes [03:22 14/04/2008] [03:22 14/04/2008] 27AFD587C462E280EE046B8CCA3C2CD1
I:\C\system32\dllcache\explorer.exe --a--c 1032704 bytes [13:49 17/08/2004] [11:04 21/08/2009] 53114D57AB73A406AC7F602227781A99
I:\Documents and Settings\Tom\Plocha\s\explorer.exe --a--c 1032704 bytes [17:42 11/03/2010] [11:04 21/08/2009] 53114D57AB73A406AC7F602227781A99
I:\WINDOWS\explorer.exe --a--- 1034240 bytes [13:49 17/08/2004] [03:22 14/04/2008] 27AFD587C462E280EE046B8CCA3C2CD1
I:\WINDOWS\ServicePackFiles\i386\explorer.exe ------ 1034240 bytes [20:36 03/11/2008] [03:22 14/04/2008] 27AFD587C462E280EE046B8CCA3C2CD1
I:\WINDOWS\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\explorer.exe --a--- 1034240 bytes [20:36 03/11/2008] [03:22 14/04/2008] 27AFD587C462E280EE046B8CCA3C2CD1

-=End Of File=-
Nahoru
tmoravek
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 11 bře 2010 15:10

Re: CLEANUP ANTIVIRUS....

#52 Příspěvek od tmoravek »

..nechci to zakřiknout..ale asi GOOOD :D
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: CLEANUP ANTIVIRUS....

#53 Příspěvek od Caroprd111 »

Obrázek Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:otl
O4 - HKLM..\Run: [VX3000] I:\C\vvx3000.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] I:\C\system32\nerocheck.exe ()

:files
I:\Program Files\366453.dat
I:\Documents and Settings\Tom\Plocha\s\explorer.exe

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

:COMMANDS
[Reboot]
Poté klikněte na Run fix, PC se restartuje, log vložte sem.



Obrázek Dejte nový log z ComboFix (bez skriptu).
Obrázek
Nahoru
tmoravek
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 11 bře 2010 15:10

Re: CLEANUP ANTIVIRUS....

#54 Příspěvek od tmoravek »

ComboFix 10-03-10.08 - Tom 11.03.2010 22:15:35.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2046.1612 [GMT 1:00]
Spuštěný z: i:\documents and settings\Tom\Plocha\HRY TOMINO\ComboFix.exe
AV: CleanUp Antivirus *On-access scanning enabled* (Updated) {141E8D82-6895-4421-BD20-C78025AC44F5}
FW: CleanUp Antivirus *enabled* {16056CEC-F7B1-4786-8C20-DE57E9A1BD80}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-02-11 do 2010-03-11 )))))))))))))))))))))))))))))))
.

2010-03-11 21:09 . 2010-03-11 21:09 -------- dc----w- I:\_OTL
2010-03-11 20:27 . 2010-03-11 20:27 9496575 -c--a-w- I:\Qoobox.zip
2010-03-11 20:26 . 2010-03-11 20:26 233759 -c--a-w- I:\_OTM.zip
2010-03-11 19:53 . 2010-03-11 19:53 724217 -c--a-w- I:\Soubory.zip
2010-03-11 18:26 . 2010-01-07 15:07 38224 -c--a-w- i:\c\system32\drivers\mbamswissarmy.sys
2010-03-11 18:26 . 2010-03-11 18:27 -------- d-----w- i:\program files\Malwarebytes' Anti-Malware
2010-03-11 18:26 . 2010-01-07 15:07 19160 -c--a-w- i:\c\system32\drivers\mbam.sys
2010-03-11 15:48 . 2010-03-11 15:48 -------- dc----w- I:\_OTM
2010-03-11 14:26 . 2010-03-11 17:48 -------- d-----w- i:\program files\Spyware Doctor
2010-03-11 14:18 . 2010-03-11 16:21 -------- d-----w- i:\program files\trend micro
2010-03-11 14:18 . 2010-03-11 14:18 -------- dc----w- I:\rsit
2010-03-11 12:39 . 2010-03-11 13:54 -------- d-----w- i:\program files\Enigma Software Group
2010-03-10 11:39 . 2010-03-10 11:39 -------- d-----w- i:\program files\Activision
2010-03-10 11:29 . 2010-03-10 11:29 -------- dcsh--w- i:\c\ftpcache
2010-03-10 11:28 . 2010-03-10 11:28 22328 -c--a-w- i:\c\system32\drivers\PnkBstrK.sys
2010-03-10 11:28 . 2010-03-10 11:28 103736 -c--a-w- i:\c\system32\PnkBstrB.exe
2010-03-10 11:28 . 2010-03-10 11:28 66872 -c--a-w- i:\c\system32\PnkBstrA.exe
2010-03-09 19:59 . 2010-03-09 19:59 -------- d-----w- i:\program files\Free Screen To Video
2010-03-04 20:38 . 2004-08-17 13:49 221184 -c--a-w- i:\c\system32\wmpns.dll
2010-03-04 20:37 . 2010-03-04 20:37 -------- dc----w- I:\10f2fcf118b3d0875d
2010-02-28 13:02 . 2010-03-10 18:04 30 -c--a-w- i:\c\popcinfot.dat
2010-02-28 13:02 . 2010-03-01 17:13 -------- d-----w- i:\program files\PopCap Games
2010-02-28 13:02 . 2010-02-28 13:02 0 -c--a-w- i:\c\popcreg.dat
2010-02-25 14:24 . 2010-02-25 14:24 -------- d-----w- i:\program files\Alcohol Soft
2010-02-25 14:12 . 2010-02-25 14:22 691696 -c--a-w- i:\c\system32\drivers\sptd.sys
2010-02-15 21:19 . 2010-02-15 21:57 737280 -c--a-w- i:\c\iun6002.exe
2010-02-15 21:19 . 2010-02-15 21:59 -------- d-----w- i:\program files\BlueVoda Website Builder
2010-02-14 20:45 . 2004-03-25 07:06 1802240 -c----w- i:\c\UNNMP.exe
2010-02-14 20:43 . 2004-04-19 03:37 1814528 -c----w- i:\c\UNNeroVision.exe
2010-02-14 20:43 . 2001-03-08 18:30 24064 -c--a-w- i:\c\system32\msxml3a.dll
2010-02-14 20:42 . 2001-07-06 17:24 283920 -c--a-w- i:\c\system32\ImagXpr5.dll
2010-02-14 20:42 . 2001-07-06 13:41 569344 -c--a-w- i:\c\system32\imagr5.dll
2010-02-14 20:42 . 2001-07-06 11:44 544768 -c--a-w- i:\c\system32\imagx5.dll
2010-02-14 20:42 . 2001-06-26 07:15 38912 -c--a-w- i:\c\system32\picn20.dll
2010-02-14 20:42 . 2000-06-26 10:45 106496 -c--a-w- i:\c\system32\TwnLib20.dll
2010-02-14 20:42 . 2010-02-14 20:43 -------- d-----w- i:\program files\Common Files\Ahead

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-11 20:36 . 2009-12-25 21:55 -------- d-----w- i:\program files\CCleaner
2010-03-11 20:21 . 2010-01-08 09:49 -------- d-----w- i:\program files\Microsoft LifeCam
2010-03-11 20:21 . 2009-12-25 21:49 -------- d-----w- i:\program files\QuickTime
2010-03-11 20:21 . 2008-11-12 19:36 -------- d-----w- i:\program files\TO2SSM
2010-03-10 17:53 . 2009-12-25 21:56 -------- d-----w- i:\program files\AGEIA Technologies
2010-03-10 11:48 . 2008-10-10 22:13 -------- d--h--w- i:\program files\InstallShield Installation Information
2010-03-04 20:38 . 2009-12-25 21:48 -------- d-----w- i:\program files\Windows Media Connect 2
2010-03-02 20:33 . 2009-12-25 21:52 -------- d-----w- i:\program files\Google
2010-02-25 14:29 . 2009-05-29 13:39 -------- d-----w- i:\program files\Kalypso
2010-02-14 20:45 . 2009-12-25 21:56 -------- d-----w- i:\program files\Ahead
2010-02-10 15:23 . 2009-12-25 21:49 -------- d-----w- i:\program files\sixteen tons entertainment
2010-02-08 05:44 . 2010-02-08 05:43 -------- d-----w- i:\program files\Macromedia
2010-02-08 05:43 . 2010-02-08 05:43 -------- d-----w- i:\program files\Common Files\Macromedia
2010-02-04 06:43 . 2010-02-04 06:43 -------- d-----w- i:\program files\JPEG Imager
2010-02-01 13:05 . 2009-05-02 09:23 -------- d-----w- i:\program files\Common Files\Adobe
2010-02-01 12:50 . 2010-02-01 12:50 135168 -c--a-w- i:\c\system32\CAPI2_JNI.DLL
2010-02-01 12:32 . 2009-12-25 21:54 -------- d-----w- i:\program files\Common Files\Java
2010-02-01 12:31 . 2010-02-01 12:31 411368 -c--a-w- i:\c\system32\deploytk.dll
2010-01-27 16:35 . 2010-01-27 16:35 -------- d-----w- i:\program files\YouTube Downloader
2010-01-27 12:40 . 2009-12-25 21:52 -------- d-----w- i:\program files\FDRLab
2010-01-27 12:33 . 2010-01-27 12:29 -------- d-----w- i:\program files\Krtecek
2010-01-19 20:24 . 2009-03-21 07:26 -------- d-----w- i:\program files\NETGATE
2010-01-17 17:36 . 2010-01-17 17:36 -------- d-----w- i:\program files\Ladicka
2010-01-15 18:39 . 2010-01-15 12:37 40448 -c--a-w- i:\c\system32\ati2mdxx.exe
2010-01-15 12:43 . 2010-01-15 12:43 -------- d-----w- i:\program files\Driver-Soft
2010-01-15 12:38 . 2010-01-15 12:37 -------- d-----w- i:\program files\ATI
2010-01-15 12:38 . 2008-10-13 15:41 -------- d-----w- i:\program files\ATI Technologies
2010-01-15 12:37 . 2010-01-15 12:37 0 -c--a-w- i:\c\ativpsrm.bin
2010-01-15 12:10 . 2010-01-13 18:10 664 -c--a-w- i:\c\system32\d3d9caps.dat
2010-01-14 19:43 . 2010-01-14 19:41 43520 -c--a-w- i:\c\system32\CmdLineExt03.dll
2010-01-14 19:28 . 2010-01-14 19:28 552 -c--a-w- i:\c\system32\d3d8caps.dat
2010-01-14 18:53 . 2001-10-25 14:00 68916 ----a-w- i:\c\system32\perfc005.dat
2010-01-14 18:53 . 2001-10-25 14:00 389938 ----a-w- i:\c\system32\perfh005.dat
2010-01-14 17:37 . 2010-01-14 17:37 -------- d-----w- i:\program files\MSXML 4.0
2010-01-14 13:50 . 2009-12-25 21:51 -------- d-----w- i:\program files\MediaCoder
2010-01-14 09:20 . 2010-01-14 09:20 -------- d-----w- i:\program files\Kaspersky Lab
2010-01-14 09:19 . 2010-01-13 17:41 16608 -c--a-w- i:\c\gdrv.sys
2010-01-14 06:38 . 2008-11-05 18:07 -------- d-----w- i:\program files\Common Files\Apple
2010-01-14 06:04 . 2009-08-19 16:19 -------- d-----w- i:\program files\Windows Messaging
2010-01-14 05:34 . 2010-01-14 05:34 -------- d-----w- i:\program files\Common Files\PCSuite
2010-01-14 05:34 . 2009-02-21 06:36 -------- d-----w- i:\program files\Nokia
2010-01-14 05:34 . 2010-01-13 20:10 -------- d-----w- i:\program files\Common Files\Nokia
2010-01-14 05:34 . 2009-07-14 10:26 -------- d-----w- i:\program files\PC Connectivity Solution
2010-01-13 20:26 . 2010-01-13 20:26 -------- d-----w- i:\program files\MSXML 6.0
2010-01-13 20:11 . 2010-01-13 20:11 0 -c-ha-w- i:\c\system32\drivers\Msft_User_PCCSWpdDriver_01_07_00.Wdf
2010-01-13 20:11 . 2010-01-13 20:11 0 -c-ha-w- i:\c\system32\drivers\MsftWdf_user_01_07_00.Wdf
2010-01-13 20:10 . 2010-01-13 20:10 0 -c-ha-w- i:\c\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2010-01-13 20:10 . 2010-01-13 20:10 0 -c-ha-w- i:\c\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2010-01-13 19:36 . 2010-01-13 19:36 -------- d-----w- i:\program files\EA GAMES
2010-01-13 19:23 . 2008-10-13 14:39 -------- d-----w- i:\program files\AVG
2010-01-13 19:22 . 2009-12-25 21:55 -------- d-----w- i:\program files\Audacity
2010-01-13 18:45 . 2010-01-13 18:45 56 -c-ha-w- i:\c\system32\ezsidmv.dat
2010-01-13 18:30 . 2010-01-13 18:30 0 -c--a-w- i:\c\nsreg.dat
2010-01-13 17:44 . 2010-01-13 17:44 315392 -c--a-w- i:\c\HideWin.exe
2010-01-13 17:09 . 2010-01-13 16:21 86291 -c--a-w- i:\c\pchealth\helpctr\OfflineCache\index.dat
2010-01-13 17:09 . 2010-01-13 16:21 2354 -c--a-w- i:\c\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-13 17:09 . 2010-01-13 16:21 8972 -c--a-w- i:\c\pchealth\helpctr\Config\Cntstore.bin
2010-01-13 16:18 . 2010-01-13 16:18 21812 -c--a-w- i:\c\system32\emptyregdb.dat
2010-01-12 17:26 . 2010-01-12 17:26 -------- d-----w- i:\program files\IObit
2010-01-12 17:23 . 2009-12-25 21:53 -------- d-----w- i:\program files\Common Files\Wise Installation Wizard
2009-08-12 10:38 . 2000-09-26 14:12 1715 -c--a-w- i:\program files\RA2.INI
2009-08-06 12:53 . 2009-08-06 12:42 1112250 -c--a-w- i:\program files\autosave.sav
2008-10-18 20:53 . 2008-10-18 20:56 1851544 ----a-w- i:\program files\install_flash_player.exe
2000-10-01 18:31 . 2000-10-01 18:31 18768 -c--a-w- i:\program files\SECDRV.SYS
2000-09-28 12:02 . 2000-09-28 12:02 73728 -c--a-w- i:\program files\MPH.EXE
2000-07-27 14:22 . 2000-07-27 14:22 286208 ----a-w- i:\program files\BINKW32.DLL
2000-07-17 08:45 . 2000-07-17 08:45 171520 -c--a-w- i:\program files\PATCHW32.DLL
2000-06-27 17:00 . 2000-06-27 17:00 766 -c--a-w- i:\program files\NOTES.ICO
2000-03-10 12:20 . 2000-03-10 12:20 2348 -c--a-w- i:\program files\Blowfish.tlb
.

((((((((((((((((((((((((((((( SnapShot@2010-03-11_17.15.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-08-17 13:49 . 2009-08-21 11:05 14336 i:\c\system32\svchost.exe
+ 2004-08-17 13:49 . 2009-08-21 11:05 57856 i:\c\system32\spoolsv.exe
+ 2004-08-17 13:49 . 2009-08-21 11:04 13312 i:\c\system32\lsass.exe
+ 2004-08-17 13:49 . 2009-08-21 11:05 14336 i:\c\system32\dllcache\svchost.exe
+ 2004-08-17 13:49 . 2009-08-21 11:05 57856 i:\c\system32\dllcache\spoolsv.exe
+ 2004-08-17 13:49 . 2009-08-21 11:04 13312 i:\c\system32\dllcache\lsass.exe
+ 2004-08-17 13:49 . 2009-08-21 11:05 502272 i:\c\system32\winlogon.exe
+ 2004-08-17 13:49 . 2009-08-21 11:05 502272 i:\c\system32\dllcache\winlogon.exe
+ 2004-08-17 13:49 . 2009-08-21 11:04 1032704 i:\c\system32\dllcache\explorer.exe
+ 2004-08-17 13:49 . 2009-08-21 11:04 1032704 i:\c\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"="i:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"AlcoholAutomount"="i:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="i:\program files\quicktime\qttask .exe -atboottime" [X]
"RTHDCPL"="RTHDCPL.EXE" [2008-02-13 16857600]
"LifeCam"="i:\program files\Microsoft LifeCam\LifeExp.exe" [2007-05-17 279912]
"TO2SSM_McciTrayApp"="i:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"SunJavaUpdateSched"="i:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="i:\c\system32\CTFMON.EXE" [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"i:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"i:\\C\\system32\\dpvsetup.exe"=
"i:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"i:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)\\game.dat"=
"i:\\Program Files\\EA GAMES\\The Battle for Middle-earth (tm)\\patchget.dat"=
"i:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"i:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"i:\\Program Files\\Nokia\\Nokia PC Suite 7\\VideoManager.exe"=
"i:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"i:\\Documents and Settings\\Tom\\Data aplikací\\uTorrent\\utorrent.exe"=
"i:\\C\\system32\\PnkBstrA.exe"=
"i:\\C\\system32\\PnkBstrB.exe"=
"i:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"i:\\Program Files\\Skype\\Phone\\Skype.exe"=

S0 sptd;sptd;i:\c\system32\drivers\sptd.sys [25.2.2010 15:12 691696]
S2 gupdate;Google Update Service (gupdate);i:\program files\Google\Update\GoogleUpdate.exe [4.2.2009 23:03 133104]
.
Obsah adresáře 'Naplánované úlohy'

2010-02-27 i:\c\Tasks\AppleSoftwareUpdate.job
- i:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2010-03-11 i:\c\Tasks\GoogleUpdateTaskMachineCore.job
- i:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 22:03]

2010-03-11 i:\c\Tasks\GoogleUpdateTaskMachineUA.job
- i:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 22:03]
.
.
------- Doplňkový sken -------
.
uStart Page =
IE: E&xportovat do aplikace Microsoft Office Excel - i:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - i:\documents and settings\Tom\Data aplikací\Mozilla\Firefox\Profiles\ehwr9ox5.default\
FF - prefs.js: browser.startup.homepage - hxxp://mail.radiobeat.cz/webmail/index.php|http://www.google.cz/
FF - component: i:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: i:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - plugin: i:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: i:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: i:\program files\Mozilla Firefox\plugins\np-mswmp.dll

---- NASTAVENÍ FIREFOXU ----
i:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-11 22:20
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(692)
i:\c\system32\Ati2evxx.dll
.
Celkový čas: 2010-03-11 22:21:31
ComboFix-quarantined-files.txt 2010-03-11 21:21
ComboFix2.txt 2010-03-11 20:23
ComboFix3.txt 2010-03-11 20:04
ComboFix4.txt 2010-03-11 17:54
ComboFix5.txt 2010-03-11 21:15

Před spuštěním: Volných bajtů: 19 489 648 640
Po spuštění: Volných bajtů: 19 443 118 080

- - End Of File - - 2C51A5C21DEA1A21ECE55220B1284E61
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: CLEANUP ANTIVIRUS....

#55 Příspěvek od Caroprd111 »

Obrázek Stáhněte a uložte na plochu SystemLook http://jpshortstuff.247fixes.com/SystemLook.exe
  • Spusťte, do okénka zkopírujte text z bílého okna.

Kód: Vybrat vše

:regfind
explorer.exe
  • klikněte na Look, po dokončení skenu na Vás vyskočí log, zkopírujte ho sem.
Obrázek
Nahoru
tmoravek
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 11 bře 2010 15:10

Re: CLEANUP ANTIVIRUS....

#56 Příspěvek od tmoravek »

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\VX3000 not found.
File I:\C\vvx3000.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck not found.
File I:\C\system32\nerocheck.exe not found.
========== FILES ==========
File\Folder I:\Program Files\366453.dat not found.
File\Folder I:\Documents and Settings\Tom\Plocha\s\explorer.exe not found.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall\ deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.1.36.1 log created on 03112010_222432
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: CLEANUP ANTIVIRUS....

#57 Příspěvek od Caroprd111 »

OK, ještě SystemLook.
Obrázek
Nahoru
Uživatelský avatar
Caroprd111
VIP
VIP
Příspěvky: 13492
Registrován: 22 bře 2009 20:48
Bydliště: Třebíč
Kontaktovat uživatele:
Kontaktovat uživatele Caroprd111

Re: CLEANUP ANTIVIRUS....

#58 Příspěvek od Caroprd111 »

Obrázek Stáhněte SecurityCheck http://screen317.spywareinfoforum.org/SecurityCheck.exe
  • Spusťte program a postupujte podle instrukcí. Log vložte sem.
Obrázek
Nahoru
tmoravek
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 11 bře 2010 15:10

Re: CLEANUP ANTIVIRUS....

#59 Příspěvek od tmoravek »

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 22:36 on 11/03/2010 by Tom (Administrator - Elevation successful)

========== regfind ==========

Searching for "explorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\explorer.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Briefcase\shell\open\command]
@="explorer.exe %1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}\shell\explore\command]
@="%SystemRoot%\Explorer.exe /e,/idlist,%I,%L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}\shell\find\command]
@="%SystemRoot%\Explorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}\shell\open\command]
@="%SystemRoot%\Explorer.exe /idlist,%I,%L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{208D2C60-3AEA-1069-A2D7-08002B30309D}\shell\find\command]
@="%SystemRoot%\Explorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\DefaultIcon]
@="%SystemRoot%\Explorer.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\find\command]
@="%SystemRoot%\Explorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}\DefaultIcon]
@="%SystemRoot%\explorer.exe,-253"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}\DefaultIcon]
@="%SystemRoot%\explorer.exe,-254"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\shell\find\command]
@="%SystemRoot%\Explorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48e7caab-b918-4e58-a94d-505519c795dc}\shell\open\command]
@="%SystemRoot%\Explorer.exe /idlist,%I,%L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7be9d83c-a729-4d97-b5a7-1b7313c39e0a}\shell\open\command]
@="%SystemRoot%\Explorer.exe /idlist,%I,%L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}\DefaultIcon]
@="I:\C\explorer.exe,-103"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\AllDevices\shell\explore\command]
@="Explorer.exe /e,/idlist,%I,/L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\AllDevices\shell\open\command]
@="Explorer.Exe /idlist,%I,/L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\Camera\shell\explore\command]
@="Explorer.exe /e,/idlist,%I,/L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\Camera\shell\open\command]
@="Explorer.Exe /idlist,%I,/L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\CameraContainerItems\shell\explore\command]
@="Explorer.exe /e,/idlist,%I,/L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\CameraContainerItems\shell\open\command]
@="Explorer.Exe /idlist,%I,/L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\Scanner\shell\explore\command]
@="Explorer.exe /e,/idlist,%I,/L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E211B736-43FD-11D1-9EFB-0000F8757FCD}\Scanner\shell\open\command]
@="Explorer.Exe /idlist,%I,/L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E773F1AF-3A65-4866-857D-846FC9C4598A}\shell\explore\command]
@="%SystemRoot%\Explorer.exe /e,/idlist,%I,%L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E773F1AF-3A65-4866-857D-846FC9C4598A}\shell\open\command]
@="%SystemRoot%\Explorer.exe /idlist,%I,%L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CompressedFolder\Shell\find\command]
@="I:\C\Explorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\find\command]
@="%SystemRoot%\Explorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shell\find\command]
@="%SystemRoot%\Explorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\fndfile\shell\open\command]
@="%SystemRoot%\Explorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shell\explore\command]
@="%SystemRoot%\Explorer.exe /e,/idlist,%I,%L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shell\open\command]
@="%SystemRoot%\Explorer.exe /idlist,%I,%L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Publishing Folder\shell\explore\command]
@="explorer.exe /e,/idlist,%I,%L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Publishing Folder\shell\open\command]
@="explorer.exe /idlist,%I,%L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SHCmdFile\shell\open\command]
@="explorer.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Shell\shell\explore\command]
@="%SystemRoot%\Explorer.exe /e,/idlist,%I,%L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Shell\shell\open\command]
@="%SystemRoot%\Explorer.exe /idlist,%I,%L"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileAssociation]
"KillList"="%1;explorer.exe;dvdplay.exe;mplay32.exe;msohtmed.exe;quikview.exe;rundll.exe;rundll32.exe;taskman.exe;bck32api.dll;"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileAssociation]
"KillList"="%1;explorer.exe;dvdplay.exe;mplay32.exe;msohtmed.exe;quikview.exe;rundll.exe;rundll32.exe;taskman.exe;bck32api.dll;"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileAssociation]
"KillList"="%1;explorer.exe;dvdplay.exe;mplay32.exe;msohtmed.exe;quikview.exe;rundll.exe;rundll32.exe;taskman.exe;bck32api.dll;"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileAssociation]
"KillList"="%1;explorer.exe;dvdplay.exe;mplay32.exe;msohtmed.exe;quikview.exe;rundll.exe;rundll32.exe;taskman.exe;bck32api.dll;"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"I:\C\explorer.exe"="EnableNXShowUI"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\MUILanguages\RCV2\explorer.exe]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Nls\MUILanguages\RCV2\explorer.exe]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\MUILanguages\RCV2\explorer.exe]

-=End Of File=-
Nahoru
tmoravek
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 11 bře 2010 15:10

Re: CLEANUP ANTIVIRUS....

#60 Příspěvek od tmoravek »

Results of screen317's Security Check version 0.99.1
Windows XP Service Pack 2
Out of date service pack!!
``````````````````````````````
Antivirus/Firewall Check:
Antivirus up to date!
``````````````````````````````
Anti-malware/Other Utilities Check:
HijackThis 2.0.2
CCleaner
Java(TM) 6 Update 16
Java(TM) 6 Update 18
Java Auto Updater
Out of date Java installed!
Adobe Flash Player 10
``````````````````````````````
Process Check:
objlist.exe by Laurent
``````````````````````````````
DNS Vulnerability Check:
[color]nslookup.exe missing![/color]
GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“