Security analysis našel viry, antivirák nikoliv.

Zpráva

Lenka-pc antitalent

Dobrý den,
prosím o pomoc - Security analysis mi našel několik virů, projela jsem celý počítač F-Securem, a ten nic nenašel. Prosím, jestli byste mi mohli zkontrolovat log a poradit, co s tím udělat, předem děkuju

Logfile of random's system information tool 1.08 (written by random/random)
Run by Leni at 2010-09-15 19:02:48
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 347 GB (75%) free of 463 GB
Total RAM: 2974 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:04:19, on 15.9.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\conime.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Windows\system32\conime.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\O2 Mobilni internet\O2 Mobilni internet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Leni\Downloads\RSIT.exe
C:\Program Files\trend micro\Leni.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_4810t
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_4810t
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: eSnipBHO - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe"
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [MSS] "C:\ProgramData\106e5f\MS106_2075.exe" /s
O4 - HKCU\..\RunOnce: [MSS] C:\Users\Leni\AppData\Local\Temp\packupdate107_2075(2).exe /cs:1
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O15 - Trusted Zone: http://www.ceskatelevize.cz
O15 - Trusted Zone: http://www.cro.cz
O15 - Trusted Zone: http://www.rozhlas.cz
O15 - Trusted Zone: http://www.seznam.cz
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{857B4D99-D238-4EE6-BD1A-00DEF78E53DF}: NameServer = 160.218.43.200 160.218.10.200
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe

--
End of file - 12433 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Scheduled scanning task.job
C:\Windows\tasks\User_Feed_Synchronization-{5074E429-9854-4792-ACF4-BC0E22F9735E}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-12-09 958200]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-12 186904]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-06-01 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-06-01 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-06-01 150552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-04-11 7399968]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-04-11 1833504]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-04-09 1071624]
"BackupManagerTray"=C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-05-26 253696]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2009-03-30 62760]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2009-05-15 440864]
"ODDPwr"=C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [2009-04-29 176128]
"EgisTecLiveUpdate"=C:\Program Files\EgisTec Egis Software Update\EgisUpdate.exe [2009-05-13 199464]
"mwlDaemon"=C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-05-15 345384]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2009-08-05 199264]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2009-08-05 2349664]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-07-22 202256]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"SecurDisc"=C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe [2007-11-26 1629480]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2007-11-26 1057064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-09-10 328568]
"MSS"=C:\ProgramData\106e5f\MS106_2075.exe /s []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"MSS"=C:\Users\Leni\AppData\Local\Temp\packupdate107_2075(2).exe /cs:1 []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-06-01 210432]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-15 19:02:48 ----D---- C:\rsit
2010-09-15 19:02:48 ----D---- C:\Program Files\trend micro
2010-09-15 13:04:26 ----A---- C:\Windows\system32\MRT.INI
2010-09-15 12:52:30 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-15 12:52:19 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-15 12:51:58 ----A---- C:\Windows\system32\usp10.dll
2010-09-15 12:51:55 ----D---- C:\ProgramData\106e5f
2010-09-15 12:51:51 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-15 12:51:14 ----RASH---- C:\MSDOS.SYS
2010-09-15 12:51:14 ----RASH---- C:\IO.SYS
2010-09-11 09:47:59 ----D---- C:\ProgramData\Ahead
2010-09-11 09:42:38 ----D---- C:\ProgramData\Nero
2010-09-11 09:42:38 ----D---- C:\Program Files\Nero
2010-09-11 09:42:38 ----D---- C:\Program Files\Common Files\Ahead
2010-09-11 09:40:25 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-09-11 09:40:23 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-09-10 20:46:56 ----D---- C:\Program Files\Ask.com
2010-09-10 20:46:20 ----D---- C:\Program Files\uTorrent
2010-09-10 20:45:59 ----D---- C:\Users\Leni\AppData\Roaming\uTorrent
2010-09-10 20:40:41 ----D---- C:\Users\Leni\AppData\Roaming\GHISLER
2010-09-10 20:40:41 ----D---- C:\totalcmd
2010-09-10 20:40:41 ----A---- C:\Windows\UC.PIF
2010-09-10 20:40:41 ----A---- C:\Windows\RAR.PIF
2010-09-10 20:40:41 ----A---- C:\Windows\PKZIP.PIF
2010-09-10 20:40:41 ----A---- C:\Windows\PKUNZIP.PIF
2010-09-10 20:40:41 ----A---- C:\Windows\NOCLOSE.PIF
2010-09-10 20:40:41 ----A---- C:\Windows\LHA.PIF
2010-09-10 20:40:41 ----A---- C:\Windows\ARJ.PIF

======List of files/folders modified in the last 1 months======

2010-09-15 19:02:48 ----RD---- C:\Program Files
2010-09-15 19:02:26 ----D---- C:\Windows\Temp
2010-09-15 17:28:21 ----D---- C:\Program Files\Mozilla Firefox
2010-09-15 13:12:19 ----HD---- C:\ProgramData
2010-09-15 13:08:13 ----D---- C:\Windows\System32
2010-09-15 13:06:22 ----D---- C:\Windows\winsxs
2010-09-15 13:06:04 ----SHD---- C:\Windows\Installer
2010-09-15 13:06:01 ----D---- C:\ProgramData\Microsoft Help
2010-09-15 13:04:39 ----D---- C:\Users\Leni\AppData\Roaming\ICQ
2010-09-15 12:56:28 ----A---- C:\Windows\system32\mrt.exe
2010-09-15 12:55:52 ----D---- C:\Windows\system32\catroot
2010-09-15 12:55:14 ----D---- C:\Program Files\Windows Mail
2010-09-15 12:53:32 ----SHD---- C:\System Volume Information
2010-09-15 12:51:39 ----D---- C:\Windows\system32\catroot2
2010-09-12 21:12:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-12 21:12:36 ----D---- C:\Windows\inf
2010-09-11 09:46:41 ----D---- C:\Windows\ehome
2010-09-11 09:46:32 ----D---- C:\Windows\system32\drivers
2010-09-11 09:46:32 ----D---- C:\Windows
2010-09-11 09:42:38 ----D---- C:\Program Files\Common Files
2010-09-11 08:01:09 ----D---- C:\Users\Leni\AppData\Roaming\vlc
2010-09-10 20:47:08 ----D---- C:\Windows\system32\Tasks
2010-09-10 20:36:44 ----D---- C:\Program Files\Google
2010-08-28 21:12:55 ----D---- C:\ProgramData\eSobi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2010-08-31 41624]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-02-12 329752]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys [2009-08-05 68064]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2010-05-31 35792]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2009-08-05 71040]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384]
R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2007-11-26 36776]
R1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2007-11-26 38440]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2008-12-04 19504]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2008-12-04 16432]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2008-12-04 59952]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-06-01 4386304]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-06-01 93184]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys [2010-08-03 124072]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-04-11 2358112]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd32.sys [2009-06-01 4568064]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2009-04-01 50176]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-09-25 3666432]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 15360]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2009-02-21 153952]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-02-06 205232]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 14336]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
R4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2007-11-26 118952]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2010-01-19 23040]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2010-01-19 149504]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-12-02 62976]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-06-01 733184]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-04-13 578848]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2009-04-11 117256]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-05-15 703008]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2009-08-05 215648]
R2 FSMA;FSMA; C:\Program Files\F-Secure\Common\FSMA32.EXE [2009-08-05 186976]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-02-12 354840]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-11-26 1554728]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 MWLService;MyWinLocker Service; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-05-15 305448]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-05-26 62208]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
R2 ODDPwrSvc;Acer ODD Power Service; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2009-04-29 118784]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2009-02-05 237568]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [2010-05-31 522848]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2010-08-25 58024]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-14 135664]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 15 zář 2010 18:26

Zdravim, pekny vecer preji a vitam Vas u nas na foru Obrázek

.

Vasemu nicku neverim, takze to zvladnem - navody mam psane docela podrobne-srozumitelne, ale pokud nebude neco jasneho tak se ptat - viz me varovani o likvidaci haveti v podpisu.

Vas log se studuje Obrázek

a pracuje se na nem Obrázek

.
Prosim o strpeni! Obrázek

#3 Příspěvek od **vyosek** » 15 zář 2010 18:39

Tak jdeme na to

Kde byla havet hlasena

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

Vyskoci na Vas okenko, do ktereho zkopirujte text nize
Kód: Vybrat vše
```
services.msc
```
Kliknete na OK
Najdete sluzby nize
Služba Google Update
NBService
U kazde provedte toto
- Klik na ni pravym mysidlem a zvolit Vlastnosti
- Nyní klik na Zastavit
- Typ spousteni nastavit na Zakazano
- Potvrdte kliknutim na OK

Spustte HJT a provedeme fixnuti polozek

HJT najdete zde C:\Program Files\trend micro\Leni.exe
Otevre se Vam okno, kliknete na Do a system scan only ci jen Scan
V dalsim okne najdete radky které jsem Vam vypsal nize, vedle nich je ctverecek, do ktereho udelate zatrzitko
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_4810t
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=15161&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_4810t
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
Kliknete na Fix checked (vlevo dole)
HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo

Stahnete OTM (viz muj podpis)

Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

Kód: Vybrat vše

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
"{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-
"LanguageShortcut"=-
"EgisTecLiveUpdate"=-
"QuickTime Task"=-
"TkBellExe"=-
"NeroFilterCheck"=-
"SecurDisc"=-
"InCD"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=-
"ICQ"=-
"WMPNSCFG"=-
"uTorrent"=-
"MSS"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"MSS"=-

:files
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
C:\ProgramData\106e5f\MS106_2075.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files\Ask.com
C:\Program Files\ICQ6Toolbar
C:\Users\Leni\AppData\Local\Temp
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Kliknete na cervene tlacitko MoveIt!
Sem pote dejte obsah okna Results (pod zelenou carou)
Pokud budete vyzvani na restart, dejte Yes, log pote najdete tady C:\_OTM\MovedFiles, obsah sem vlozte

Lenka-pc antitalent

havěť byla hlášená ve složce Shared Documents, My Documents a na pevném disku (jakási složka C:\..\Default User\Application Data\Prop\dssec.dat, nic bližšího mki to neukázalo..tak a teď jsu na váš postup

#5 Příspěvek od **vyosek** » 15 zář 2010 19:12

Dobre, pockam na log z OTM a pak dam dalsi postup na proskenovani PC...

Lenka-pc antitalent

šlo to dobře,tady je log

All processes killed
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LanguageShortcut deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\EgisTecLiveUpdate deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SecurDisc deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\InCD deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ehTray.exe deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ICQ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MSS deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\\MSS deleted successfully.
========== FILES ==========
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk moved successfully.
C:\ProgramData\106e5f\MS106_2075.exe moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Program Files\Ask.com folder moved successfully.
C:\Program Files\ICQ6Toolbar folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\WMPLYR folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\WMCOMP folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\VSRCPLIN folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\VMPG folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\VIZ folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\VIDP folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\UPDATE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\UI folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\TK_PLAYER folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\TFILESYS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\TEMPLATES folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\TEMP folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\TDWNMGR folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\SYMBOLS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\SONRECORDENGINE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\SKINS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\SECURITY folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RVCODECS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RTPLINS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RSRMA folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RSCFS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RNADMIN folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RMXPLN folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RMJPLN folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RJMPZIP folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RJMPMED folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RJM4PLN folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RJDLG folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RJBVIZ folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RJBRES folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\REALTIME folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\RACODECS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PLUS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PLSHARED folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PLINS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PLAYERUNINST folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PLAYERPLUGOCX folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PLAYERPLUGINS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PLAYERFILES folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PLAYER folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PDMGR folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PDGENXFER folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PDGENWMDM folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PDGENINST folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PDGENDEVICESUI folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PDGENCTNOMAD folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PDBURNSUPPORT folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PDBURNRPPLUGINS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PDBURNPLUGINS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PDBURNENGINE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\PDBURNDEVICEINI folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\MULTICST folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\MSGUI folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\MSGROOT folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\MSGIMGLOC folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\MSGIMG folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\MPEG4Video folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\MPEG4 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\MP3PLN folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\MP3PL folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\MP3 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\MINHELP folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\JSCRIPT folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\HOWTOHANDLER folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\HOWTO folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\H263 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\GEMXMLBIN folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\GEMSETUP folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\FREE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\FLV folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\FLASHPLAYBACK folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\FLASH folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\FFTRANSCDIR folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\FAUST folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\EXTRASKINS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\EPRODUCERTOOLS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\EPRODUCERPLUGINS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\EPLUGINS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\ECODECS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DTDRPLINDIR folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DEVICES folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_WEBRESOURCES folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_WEB folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_UPDATE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_SENDLINK folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_SEARCH folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_ROLLINGSTONE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_RADIO folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_PREFS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_MSTORE_RNMS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_MSTORE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LOGIN_TEMPLATES folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LOGIN_LOC_EN folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LOGIN_JS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LOGIN_IMAGES_BTNS_94x28 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LOGIN_IMAGES_BTNS_94x24 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LOGIN_IMAGES_BTNS_184x28 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LOGIN_IMAGES_BTNS_184x24 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LOGIN_IMAGES_BTNS_139x28 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LOGIN_IMAGES_BTNS_139x24 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LOGIN_IMAGES_ALERTS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LOGIN_IMAGES folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LOGIN_DATA folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LOGIN folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_LIBRARY folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_KEYWORDS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_INTL folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_HOWTO folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_HELP folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GPFEAT folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_PAGE_COMMON folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_XPR folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_WRN folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_WEB folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_VISUALIZATIONS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_UPSELL folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_TUTORIALS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_TRIG folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_TOC folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_SKINS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_SEARCH folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_ROLLINGSTONE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_RADIO folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_MUSICSTORE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_MUSICGUIDE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_HOME folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_GUIDE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_ERROR folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_DVDBURNING folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_DEVICES folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_DEFAULT folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_CUSTSUPPORT_TECHSUPPORT folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_CUSTSUPPORT_SERSUPPORT folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_CUSTSUPPORT_PRODSURVEY folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_CUSTSUPPORT_PCCONTROLS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_CUSTSUPPORT folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_CTW folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_COMMON folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_CHANNELS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_CENTRAL folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_CDBURNING folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_ACCT folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_LOC_EN_404 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_IMAGES folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_CTW_IMAGES folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA_CTW folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_GETMEDIA folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_FORMATS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_DVDBURNING folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_DEVICES folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_CHANNELS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_CDBURNING folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_ATTRIBUTEDTO folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\DATACACHE_ADMODULES folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\COMMON folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\CDROMS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\CDINFO folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\CDEXTRACT folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\BROWSERRECORDPLUGIN\browserrecord\thinshims folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\BROWSERRECORDPLUGIN\browserrecord\firefox\ext\components folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\BROWSERRECORDPLUGIN\browserrecord\firefox\ext\chrome\skin folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\BROWSERRECORDPLUGIN\browserrecord\firefox\ext\chrome\content folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\BROWSERRECORDPLUGIN\browserrecord\firefox\ext\chrome folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\BROWSERRECORDPLUGIN\browserrecord\firefox\ext folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\BROWSERRECORDPLUGIN\browserrecord\firefox folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\BROWSERRECORDPLUGIN\browserrecord\chrome\hook folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\BROWSERRECORDPLUGIN\browserrecord\chrome folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\BROWSERRECORDPLUGIN\browserrecord folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\BROWSERRECORDPLUGIN folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\BGRECORDER folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\AUSTRM folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\AUDP folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\AACFF folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup\3GPP_AMR folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\~rnsetup folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{F231C275-A7F2-401D-A15A-B4322F849149}\{047F790A-7A2A-4B6A-AD02-38092BA63DAC} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{F231C275-A7F2-401D-A15A-B4322F849149} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{e59b706b-931a-41f7-837d-f657f4acb777} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{DD757FB5-8216-476A-84A7-0147B6954B1E}\Disk1 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{DD757FB5-8216-476A-84A7-0147B6954B1E} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{b6f599d1-8771-4e69-922b-c7e22e579f73} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{AC76BA86-7AD7-1029-7B44-A92000000001} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{9e2b2ab6-52f0-40de-bab3-4d0ee9436ff3} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{6811caa0-bf12-11d4-9ea1-0050bae317e1} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{6702dffc-2bfa-4fec-b2b0-c274095edebb} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{46fad91e-873b-447f-863b-4d3dfee05246} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{3d772a92-eb3b-4ce3-8274-4228cd3658d8} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{3d37ef9c-edbe-4880-b51f-4d866675036e} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{1EB87031-0258-45E0-8293-22492F8ED3EA}\{60DE4033-9503-48D1-A483-7846BD217CA9} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{1EB87031-0258-45E0-8293-22492F8ED3EA} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\{14c3b28a-b7d6-4189-b118-30e66a04db8f} folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\_is39B5 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\WZSE2.TMP folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\WZSE1.TMP folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\WZSE0.TMP folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wzfe04\Infants-2010 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wzfe04 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wzfdce\ulohy2 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wzfdce folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wze3aa\ulohy2 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wze3aa folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wzde8b\The Cornflakes - Emotion from the socket [2009][320kbps][Cover+CD] folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wzde8b folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wzc577\Infants-2010 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wzc577 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz938e\ulohy2 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz938e folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz909b\kuželosečky folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz909b folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz6f27\ulohy2 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz6f27 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz57c0\ulohy2 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz57c0 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz22e2\Infants-2010 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz22e2 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz212c\ulohy2 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz212c folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz1ca6\The Bridgeheads - Foreigners folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\wz1ca6 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\WPDNSE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Word8.0 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\VBE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\UTPSDLL folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\UTPS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Temporary Internet Files\Content.IE5\YBSLNEBK folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Temporary Internet Files\Content.IE5\XM2HTOLM folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Temporary Internet Files\Content.IE5\NX2XTLAO folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Temporary Internet Files\Content.IE5\FRGU8YHE folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Temporary Internet Files\Content.IE5 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Temporary Internet Files folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Temp1_mplayerc_20081005[1].zip folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\skin folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages\superpass folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages\social folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages\progress folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages\options folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages\no_firstrun folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages\installed folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages\images folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages\gtb_intl folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages\gtb folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages\firstrun folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages\eula folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages\complete folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages\chrome folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\pages folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP\inst_config folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0\RUP folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rninst~0 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rb\780 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rb\3252 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\rb folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-9 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-8 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-7 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-6 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-5 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-43 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-42 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-41 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-40 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-4 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-39 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-38 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-37 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-36 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-35 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-34 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-33 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-32 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-31 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-30 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-3 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-29 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-28 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-27 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-26 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-25 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-24 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-23 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-22 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-21 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-20 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-2 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-19 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-18 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-17 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-16 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-15 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-14 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-13 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-12 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-11 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-10 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp-1 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\plugtmp folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\offer folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\ocd\default\g9o45037.slt folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\ocd\default folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\ocd folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\nro.log\log folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\nro.log folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\nps.tmp folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\nero.tmp\Nero\NPS folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\nero.tmp\Nero folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\nero.tmp\7.11.3.0_7.03.0918_14591 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\nero.tmp folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\MyWinLocker folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\msohtml1\01 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\msohtml1 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Low\Low folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Low\ICQToolbar folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Low\Google Toolbar folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Low folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\is-PI95K.tmp folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\is-E6TD6.tmp folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\is-2GQP0.tmp\_isetup folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\is-2GQP0.tmp folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Installer\00000002 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Installer folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\ih8.tmp\AUA\tmp folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\ih8.tmp\AUA folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\ih8.tmp folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\History\History.IE5 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\History folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Google Toolbar folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\F-Secure\Anti-Virus folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\F-Secure folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\CorelDRAW Graphics Suite X4 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\Cookies folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\BTN%Copy%1\BTN%Copy%2 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\BTN%Copy%1 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\AskSearch folder moved successfully.
C:\Users\Leni\AppData\Local\Temp\772ACC4C-348F-4B8F-8745-38BBB1C0DF00 folder moved successfully.
C:\Users\Leni\AppData\Local\Temp folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2DF2.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E6F.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5C42.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP72EE.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7A8C.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7F7B.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP81A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9735.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA8A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPAF95.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPD6ED.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE752.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEB96.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEE16.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPEEF0.tmp folder moved successfully.
C:\Windows\SoftwareDistribution\Download\2e1315b3235a381d15f4a4d266956da0\BIT3EA5.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\39587d8a1d7edb0e533dac1ad0b51969\BIT71B6.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\6140f8d713150a6591f5801b2f3ad77f\BITAA2F.tmp moved successfully.
C:\Windows\SoftwareDistribution\Download\82268b093bffa7ba1c5cfb0dada0d09f\BIT451F.tmp moved successfully.
C:\Windows\Temp\ASR4D2.tmp moved successfully.
C:\Windows\Temp\CR_4AC6.tmp folder moved successfully.
C:\Windows\Temp\DMI2D6D.tmp moved successfully.
C:\Windows\Temp\DMI55CD.tmp moved successfully.
C:\Windows\Temp\DMI63C1.tmp moved successfully.
File move failed. C:\Windows\Temp\FML1221.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\Temp\FML4006.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\Temp\FML4456.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\Temp\FMLAEDE.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\Temp\FMLBC05.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\Temp\FMLCE92.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\Temp\FMLF2F0.tmp scheduled to be moved on reboot.
C:\Windows\Temp\fsaua.tmp folder moved successfully.
C:\Windows\Temp\gd5FDE.tmp moved successfully.
C:\Windows\Temp\gdD90F.tmp moved successfully.
C:\Windows\Temp\ih8.tmp\AUA\tmp folder moved successfully.
C:\Windows\Temp\ih8.tmp\AUA folder moved successfully.
C:\Windows\Temp\ih8.tmp folder moved successfully.
C:\Windows\Temp\WFVC5ED.tmp moved successfully.
C:\Windows\Temp\Google Toolbar\BIT900.tmp moved successfully.
C:\Windows\Temp\Google Toolbar\gt9809.tmp moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 75 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Leni
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 173456960 bytes
->FireFox cache emptied: 79766752 bytes
->Google Chrome cache emptied: 6639404 bytes
->Flash cache emptied: 23568 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 36788539 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 1989853 bytes
RecycleBin emptied: 274787175 bytes

Total Files Cleaned = 547,00 mb

OTM by OldTimer - Version 3.1.16.1 log created on 09152010_200042

Files moved on Reboot...
File C:\Windows\Temp\FML1221.tmp not found!
File C:\Windows\Temp\FML4006.tmp not found!
File C:\Windows\Temp\FML4456.tmp not found!
File C:\Windows\Temp\FMLAEDE.tmp not found!
File C:\Windows\Temp\FMLBC05.tmp not found!
File C:\Windows\Temp\FMLCE92.tmp not found!
File C:\Windows\Temp\FMLF2F0.tmp not found!

Registry entries deleted on Reboot...

#7 Příspěvek od **vyosek** » 15 zář 2010 19:24

Sjupr, OTM provedlo vse co melo

Jdeme dale

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

Provedte aktualizaci - treti zalozka
Provedte uplny sken - nic nemazte
MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

Lenka-pc antitalent

heuréka

trvalo to dlouho, ale výsledek je suprový, děkuju moc za ochotu a pomoc!

na toto fórum jsem při hledání řešení problému najela náhodou, ale jsem za to moc ráda

Nevíte ještě prosím proč můj F-Secure nemohl na ty viry přijít? abych vás už příště nemusela otravovat, kdyby to hlásilo zase nějaké potvůrky...

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4621

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

15.9.2010 23:00:53
mbam-log-2010-09-15 (23-00-53).txt

Typ skenu: Úplný sken (C:\|E:\|)
Skenované objekty: 268959
Uplynulý čas: 2 hodina(y), 27 minuta(y), 52 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

#9 Příspěvek od **vyosek** » 15 zář 2010 22:21

To se musite obratit na vyrobce antiviru, proc havet nedetekoval

Jinak pokud nemate F-Secure zakoupeny, tak doporucuji spise Avast nebo Aviru jako free reseni a doplneny nejakym firewallem (napr ZoneAlarm), z placenych antiviru pak Norton nebo Kašperksy. Vice o zabezpeceni PC mate zde http://www.viry.cz/forum/viewtopic.php?f=29&t=6152).

Otravovat, jste vubec neotravovala

Klidne prijdte zas, trebas jen na preventivku

Jeste uklidime po utilitach a podivame se, ci je vse OK

MBAM muzete odinstalovat nebo nechat na obcasny sken - v pripade nalezu velmi doporucuji dat sem log na posouzeni, at si neodstrelite neco legitimniho

Havet se usadila v bodech obnoveni - smazte je dle navodu kolegy riffa http://www.viry.cz/forum/viewtopic.php?f=11&t=47040

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Vlozte novy log z RSITu

Lenka-pc antitalent

Zdravim

vymetla jsem počítač podle vašich instrukcí a výsledek je následující:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Leni at 2010-09-16 08:27:10
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 416 GB (90%) free of 463 GB
Total RAM: 2974 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:27:24, on 16.9.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\F-Secure\FSGUI\fscuif.exe
C:\Users\Leni\Downloads\RSIT.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\Leni.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe"
O4 - HKLM\..\Run: [mwlDaemon] C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O15 - Trusted Zone: http://www.ceskatelevize.cz
O15 - Trusted Zone: http://www.cro.cz
O15 - Trusted Zone: http://www.rozhlas.cz
O15 - Trusted Zone: http://www.seznam.cz
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe

--
End of file - 9095 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Scheduled scanning task.job
C:\Windows\tasks\User_Feed_Synchronization-{5074E429-9854-4792-ACF4-BC0E22F9735E}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-12 186904]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-06-01 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-06-01 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-06-01 150552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-04-11 7399968]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-04-11 1833504]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-04-09 1071624]
"BackupManagerTray"=C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-05-26 253696]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2009-05-15 440864]
"ODDPwr"=C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [2009-04-29 176128]
"mwlDaemon"=C:\Program Files\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-05-15 345384]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2009-08-05 199264]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2009-08-05 2349664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-09-10 328568]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-06-01 210432]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-16 08:27:10 ----D---- C:\rsit
2010-09-16 08:10:07 ----D---- C:\Program Files\CCleaner
2010-09-15 21:38:46 ----D---- C:\ProgramData\WindowsSearch
2010-09-15 20:30:17 ----D---- C:\Users\Leni\AppData\Roaming\Malwarebytes
2010-09-15 20:29:52 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-09-15 20:29:27 ----D---- C:\ProgramData\Malwarebytes
2010-09-15 20:29:27 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-09-15 20:29:26 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-09-15 19:02:48 ----D---- C:\Program Files\trend micro
2010-09-15 13:04:26 ----A---- C:\Windows\system32\MRT.INI
2010-09-15 12:52:30 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-15 12:52:19 ----A---- C:\Windows\system32\MP4SDECD.DLL
2010-09-15 12:51:58 ----A---- C:\Windows\system32\usp10.dll
2010-09-15 12:51:55 ----D---- C:\ProgramData\106e5f
2010-09-15 12:51:51 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-15 12:51:14 ----RASH---- C:\MSDOS.SYS
2010-09-15 12:51:14 ----RASH---- C:\IO.SYS
2010-09-11 09:47:59 ----D---- C:\ProgramData\Ahead
2010-09-11 09:42:38 ----D---- C:\ProgramData\Nero
2010-09-11 09:42:38 ----D---- C:\Program Files\Nero
2010-09-11 09:42:38 ----D---- C:\Program Files\Common Files\Ahead
2010-09-11 09:40:25 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-09-11 09:40:23 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-09-10 20:46:20 ----D---- C:\Program Files\uTorrent
2010-09-10 20:45:59 ----D---- C:\Users\Leni\AppData\Roaming\uTorrent
2010-09-10 20:40:41 ----D---- C:\Users\Leni\AppData\Roaming\GHISLER
2010-09-10 20:40:41 ----D---- C:\totalcmd
2010-09-10 20:40:41 ----A---- C:\Windows\UC.PIF
2010-09-10 20:40:41 ----A---- C:\Windows\RAR.PIF
2010-09-10 20:40:41 ----A---- C:\Windows\PKZIP.PIF
2010-09-10 20:40:41 ----A---- C:\Windows\PKUNZIP.PIF
2010-09-10 20:40:41 ----A---- C:\Windows\NOCLOSE.PIF
2010-09-10 20:40:41 ----A---- C:\Windows\LHA.PIF
2010-09-10 20:40:41 ----A---- C:\Windows\ARJ.PIF

======List of files/folders modified in the last 1 months======

2010-09-16 08:27:07 ----D---- C:\Windows\Temp
2010-09-16 08:23:04 ----D---- C:\Windows
2010-09-16 08:11:46 ----D---- C:\Windows\Minidump
2010-09-16 08:11:46 ----D---- C:\Windows\Debug
2010-09-16 08:10:07 ----RD---- C:\Program Files
2010-09-16 07:34:04 ----D---- C:\Windows\system32\WDI
2010-09-16 07:31:11 ----D---- C:\Users\Leni\AppData\Roaming\ICQ
2010-09-15 23:32:16 ----D---- C:\Windows\Logs
2010-09-15 21:38:46 ----HD---- C:\ProgramData
2010-09-15 20:29:52 ----D---- C:\Windows\system32\drivers
2010-09-15 20:05:45 ----D---- C:\Windows\system32\drivers\etc
2010-09-15 20:00:58 ----D---- C:\Windows\Tasks
2010-09-15 17:28:21 ----D---- C:\Program Files\Mozilla Firefox
2010-09-15 13:08:13 ----D---- C:\Windows\System32
2010-09-15 13:06:22 ----D---- C:\Windows\winsxs
2010-09-15 13:06:04 ----SHD---- C:\Windows\Installer
2010-09-15 13:06:01 ----D---- C:\ProgramData\Microsoft Help
2010-09-15 12:56:28 ----A---- C:\Windows\system32\mrt.exe
2010-09-15 12:55:52 ----D---- C:\Windows\system32\catroot
2010-09-15 12:55:14 ----D---- C:\Program Files\Windows Mail
2010-09-15 12:53:32 ----SHD---- C:\System Volume Information
2010-09-15 12:51:39 ----D---- C:\Windows\system32\catroot2
2010-09-12 21:12:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-12 21:12:36 ----D---- C:\Windows\inf
2010-09-11 09:46:41 ----D---- C:\Windows\ehome
2010-09-11 09:42:38 ----D---- C:\Program Files\Common Files
2010-09-11 08:01:09 ----D---- C:\Users\Leni\AppData\Roaming\vlc
2010-09-10 20:47:08 ----D---- C:\Windows\system32\Tasks
2010-09-10 20:36:44 ----D---- C:\Program Files\Google
2010-08-28 21:12:55 ----D---- C:\ProgramData\eSobi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2010-08-31 41624]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-02-12 329752]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys [2009-08-05 68064]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2010-05-31 35792]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2009-08-05 71040]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys [2009-08-05 12384]
R1 InCDPass;InCDPass; C:\Windows\system32\drivers\InCDPass.sys [2007-11-26 36776]
R1 incdrm;InCD Reader; C:\Windows\system32\drivers\InCDRm.sys [2007-11-26 38440]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2008-12-04 19504]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2008-12-04 16432]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2008-12-04 59952]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-06-01 4386304]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-06-01 93184]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys [2010-08-03 124072]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-04-11 2358112]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd32.sys [2009-06-01 4568064]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2009-04-01 50176]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-09-25 3666432]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 15360]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2009-02-21 153952]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-02-06 205232]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 14336]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
R4 InCDfs;InCD File System; C:\Windows\system32\drivers\InCDFs.sys [2007-11-26 118952]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2010-01-19 23040]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-21 30720]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2010-01-19 149504]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-12-02 62976]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-06-01 733184]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-04-13 578848]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2009-04-11 117256]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-05-15 703008]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2009-08-05 215648]
R2 FSMA;FSMA; C:\Program Files\F-Secure\Common\FSMA32.EXE [2009-08-05 186976]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-02-12 354840]
R2 InCDsrv;InCD Helper; C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe [2007-11-26 1554728]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 MWLService;MyWinLocker Service; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-05-15 305448]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-05-26 62208]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
R2 ODDPwrSvc;Acer ODD Power Service; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2009-04-29 118784]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2009-02-05 237568]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [2010-05-31 522848]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2010-08-25 58024]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-14 135664]
S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-09-17 800040]

-----------------EOF-----------------

#11 Příspěvek od **vyosek** » 16 zář 2010 08:33

Dobre rano

Doporucuji odinstalovat klienty P2P siti - jsou potencialnim rizikem pro bezpecnost PC a jsou velmi casto zdrojem viru a haveti.

Jinak log vypada cisty, jak se chova PC

Lenka-pc antitalent

Dobrý večer

počítač se ke mně chová mile, takže by to mělo být v pořádku

až zase bude trucovat, ozvu se

snad si ale dá říct, budu si dávat větší pozor. a ještě jendou dík

#13 Příspěvek od **vyosek** » 16 zář 2010 18:58

Zdravim

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

Pekny zbytek vecera

VIRY.CZ

Security analysis našel viry, antivirák nikoliv.

Security analysis našel viry, antivirák nikoliv.

Re: Security analysis našel viry, antivirák nikoliv.

Re: Security analysis našel viry, antivirák nikoliv.

Re: Security analysis našel viry, antivirák nikoliv.

Re: Security analysis našel viry, antivirák nikoliv.

Re: Security analysis našel viry, antivirák nikoliv.

Re: Security analysis našel viry, antivirák nikoliv.

Re: Security analysis našel viry, antivirák nikoliv.

Re: Security analysis našel viry, antivirák nikoliv.

Re: Security analysis našel viry, antivirák nikoliv.

Re: Security analysis našel viry, antivirák nikoliv.

Re: Security analysis našel viry, antivirák nikoliv.

Re: Security analysis našel viry, antivirák nikoliv.