Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosim o kontrolu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
p2key
Návštěvník
Návštěvník
Příspěvky: 75
Registrován: 15 úno 2009 07:37

Re: Prosim o kontrolu

#16 Příspěvek od p2key »

OTL (2)

========== Files - Modified Within 30 Days ==========

[2010.11.17 13:30:04 | 000,575,488 | ---- | M] (OldTimer Tools) -- I:\Users\Kmeťko\Desktop\OTL.exe
[2010.11.17 13:28:26 | 000,004,360 | ---- | M] () -- I:\Users\Kmeťko\AppData\Local\SRDownloader.nast
[2010.11.17 13:28:25 | 995,000,000 | ---- | M] () -- I:\Users\Kmeťko\Desktop\henhen.part05.rar
[2010.11.17 13:28:05 | 995,000,000 | ---- | M] () -- I:\Users\Kmeťko\Desktop\henhen.part04.rar
[2010.11.17 09:38:18 | 000,014,224 | -H-- | M] () -- I:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.17 09:38:18 | 000,014,224 | -H-- | M] () -- I:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.17 09:12:08 | 000,049,898 | ---- | M] () -- I:\Users\Kmeťko\AppData\Local\SRDownloader.err
[2010.11.17 07:07:41 | 000,000,000 | ---- | M] () -- I:\Windows\SysNative\drivers\lvuvc.hs
[2010.11.17 07:07:40 | 000,067,584 | --S- | M] () -- I:\Windows\bootstat.dat
[2010.11.17 07:07:34 | 3220,037,632 | -HS- | M] () -- I:\hiberfil.sys
[2010.11.16 20:12:40 | 000,545,081 | -H-- | M] () -- I:\Users\Kmeťko\Desktop\Experiment.2010.DVDRip.XviD.CZ_MY.part1
[2010.11.15 11:07:24 | 001,478,650 | ---- | M] () -- I:\Windows\SysNative\PerfStringBackup.INI
[2010.11.15 11:07:24 | 000,626,200 | ---- | M] () -- I:\Windows\SysNative\perfh005.dat
[2010.11.15 11:07:24 | 000,618,714 | ---- | M] () -- I:\Windows\SysNative\perfh009.dat
[2010.11.15 11:07:24 | 000,122,780 | ---- | M] () -- I:\Windows\SysNative\perfc005.dat
[2010.11.15 11:07:24 | 000,107,034 | ---- | M] () -- I:\Windows\SysNative\perfc009.dat
[2010.11.14 20:52:25 | 000,002,897 | ---- | M] () -- I:\Users\Kmeťko\Documents\ax_files.xml
[2010.11.14 20:48:54 | 000,000,749 | ---- | M] () -- I:\Users\Public\Desktop\TmUnitedForever.lnk
[2010.11.13 15:39:55 | 000,000,218 | ---- | M] () -- I:\Users\Kmeťko\.recently-used.xbel
[2010.11.13 14:52:50 | 000,000,675 | ---- | M] () -- I:\Users\Kmeťko\Desktop\MyPaint.lnk
[2010.11.12 20:28:29 | 120,187,278 | ---- | M] () -- I:\Windows\MEMORY.DMP
[2010.11.12 18:55:42 | 000,000,376 | ---- | M] () -- I:\Windows\tasks\Úklid 1 kliknutím.job
[2010.11.11 16:50:43 | 000,000,484 | ---- | M] () -- I:\Users\Kmeťko\Desktop\Lokálny disk (I) - odkaz.lnk
[2010.11.11 16:50:40 | 000,000,459 | ---- | M] () -- I:\Users\Kmeťko\Desktop\WINXP (C) - odkaz.lnk
[2010.11.11 05:18:32 | 000,466,944 | ---- | M] (Microsoft Corporation) -- I:\Windows\Setup1.exe
[2010.11.11 05:18:32 | 000,001,681 | ---- | M] () -- I:\Windows\ST6UNST.007
[2010.11.11 05:18:31 | 000,073,216 | ---- | M] (Microsoft Corporation) -- I:\Windows\ST6UNST.EXE
[2010.11.11 05:16:08 | 000,000,069 | ---- | M] () -- I:\Windows\NeroDigital.ini
[2010.11.10 08:31:17 | 000,000,673 | ---- | M] () -- I:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.10 05:42:48 | 004,974,008 | ---- | M] () -- I:\Windows\SysNative\FNTCACHE.DAT
[2010.11.09 21:20:38 | 000,001,681 | ---- | M] () -- I:\Windows\ST6UNST.006
[2010.11.09 21:20:14 | 000,001,681 | ---- | M] () -- I:\Windows\ST6UNST.005
[2010.11.09 20:59:04 | 000,001,681 | ---- | M] () -- I:\Windows\ST6UNST.004
[2010.11.09 20:55:45 | 000,001,681 | ---- | M] () -- I:\Windows\ST6UNST.003
[2010.11.09 18:12:29 | 000,001,681 | ---- | M] () -- I:\Windows\ST6UNST.002
[2010.11.09 18:08:01 | 000,001,681 | ---- | M] () -- I:\Windows\ST6UNST.001
[2010.11.09 17:58:06 | 000,001,887 | ---- | M] () -- I:\Windows\ST6UNST.000
[2010.11.09 17:47:02 | 000,000,790 | ---- | M] () -- I:\Users\Kmeťko\Desktop\Photoshop.lnk
[2010.11.09 00:23:32 | 000,021,504 | ---- | M] () -- I:\Windows\SysNative\umstartup.etl
[2010.11.09 00:20:31 | 000,007,632 | ---- | M] () -- I:\Users\Kmeťko\AppData\Local\Resmon.ResmonCfg
[2010.11.08 23:34:09 | 051,699,224 | ---- | M] () -- I:\Users\Kmeťko\Desktop\75k676ys.exe
[2010.11.08 23:28:16 | 000,000,250 | ---- | M] () -- I:\Windows\gmer.ini
[2010.11.08 22:31:01 | 000,884,736 | ---- | M] () -- I:\Windows\gmer.dll
[2010.11.08 22:31:01 | 000,085,969 | ---- | M] (GMER) -- I:\Windows\SysWow64\drivers\gmer.sys
[2010.11.08 22:31:01 | 000,000,080 | ---- | M] () -- I:\Windows\gmer_uninstall.cmd
[2010.11.07 20:16:43 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- I:\Windows\SysNative\OpenAL32.dll
[2010.11.07 20:16:43 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- I:\Windows\SysWow64\OpenAL32.dll
[2010.11.07 17:43:41 | 000,832,273 | ---- | M] () -- I:\Users\Kmeťko\Desktop\RSITx64.exe
[2010.11.07 17:34:51 | 000,000,779 | ---- | M] () -- I:\Users\Kmeťko\Desktop\GIMP 2.lnk
[2010.11.07 17:01:09 | 000,002,490 | ---- | M] () -- I:\Windows\TRNCOM.INI
[2010.11.05 00:21:39 | 000,000,632 | ---- | M] () -- I:\Users\Kmeťko\Desktop\Total Commander.lnk
[2010.11.03 17:10:29 | 000,000,000 | -H-- | M] () -- I:\Windows\SysNative\drivers\Msft_Kernel_vdbus_01009.Wdf
[2010.11.02 17:49:07 | 000,000,000 | -H-- | M] () -- I:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
[2010.10.29 16:51:55 | 000,001,045 | ---- | M] () -- I:\Users\Kmeťko\Desktop\Barbie(TM) Salon krásy CD-ROM.lnk
[2010.10.29 16:51:55 | 000,000,120 | ---- | M] () -- I:\Windows\KA.ini
[2010.10.26 07:24:21 | 000,931,328 | ---- | M] (Share-rapid.com) -- I:\Users\Kmeťko\Desktop\SRDownloader.exe
[2010.10.23 16:18:53 | 000,000,664 | RHS- | M] () -- I:\Users\Kmeťko\ntuser.pol
[2010.10.23 16:13:50 | 000,000,057 | ---- | M] () -- I:\Windows\SysWow64\mapisvc.inf
[2010.10.23 11:33:04 | 001,486,868 | ---- | M] () -- I:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.22 17:09:24 | 000,466,520 | ---- | M] (Creative Labs) -- I:\Windows\SysNative\wrap_oal.dll
[2010.10.22 17:09:24 | 000,445,016 | ---- | M] (Creative Labs) -- I:\Windows\SysWow64\wrap_oal.dll
[2 I:\Windows\*.tmp files -> I:\Windows\*.tmp -> ]
[12 I:\Windows\SysWow64\*.tmp files -> I:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.11.17 12:11:10 | 995,000,000 | ---- | C] () -- I:\Users\Kmeťko\Desktop\henhen.part05.rar
[2010.11.17 09:21:53 | 995,000,000 | ---- | C] () -- I:\Users\Kmeťko\Desktop\henhen.part04.rar
[2010.11.16 20:09:44 | 000,545,081 | -H-- | C] () -- I:\Users\Kmeťko\Desktop\Experiment.2010.DVDRip.XviD.CZ_MY.part1
[2010.11.14 20:48:54 | 000,000,749 | ---- | C] () -- I:\Users\Public\Desktop\TmUnitedForever.lnk
[2010.11.13 15:39:55 | 000,000,218 | ---- | C] () -- I:\Users\Kmeťko\.recently-used.xbel
[2010.11.13 14:52:50 | 000,000,675 | ---- | C] () -- I:\Users\Kmeťko\Desktop\MyPaint.lnk
[2010.11.12 20:28:29 | 120,187,278 | ---- | C] () -- I:\Windows\MEMORY.DMP
[2010.11.12 18:48:26 | 000,000,376 | ---- | C] () -- I:\Windows\tasks\Úklid 1 kliknutím.job
[2010.11.11 16:50:43 | 000,000,484 | ---- | C] () -- I:\Users\Kmeťko\Desktop\Lokálny disk (I) - odkaz.lnk
[2010.11.11 16:50:40 | 000,000,459 | ---- | C] () -- I:\Users\Kmeťko\Desktop\WINXP (C) - odkaz.lnk
[2010.11.11 05:18:31 | 000,001,681 | ---- | C] () -- I:\Windows\ST6UNST.007
[2010.11.10 08:31:17 | 000,000,673 | ---- | C] () -- I:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.09 21:20:38 | 000,001,681 | ---- | C] () -- I:\Windows\ST6UNST.006
[2010.11.09 21:20:14 | 000,001,681 | ---- | C] () -- I:\Windows\ST6UNST.005
[2010.11.09 20:59:03 | 000,001,681 | ---- | C] () -- I:\Windows\ST6UNST.004
[2010.11.09 20:55:43 | 000,001,681 | ---- | C] () -- I:\Windows\ST6UNST.003
[2010.11.09 18:12:23 | 000,001,681 | ---- | C] () -- I:\Windows\ST6UNST.002
[2010.11.09 18:07:59 | 000,001,681 | ---- | C] () -- I:\Windows\ST6UNST.001
[2010.11.09 17:58:05 | 000,001,887 | ---- | C] () -- I:\Windows\ST6UNST.000
[2010.11.09 17:47:02 | 000,000,790 | ---- | C] () -- I:\Users\Kmeťko\Desktop\Photoshop.lnk
[2010.11.08 23:29:44 | 000,075,776 | ---- | C] () -- I:\Windows\SysWow64\WS2Fix.exe
[2010.11.08 23:29:44 | 000,051,200 | ---- | C] () -- I:\Windows\SysWow64\dumphive.exe
[2010.11.08 23:29:44 | 000,040,960 | ---- | C] () -- I:\Windows\SysWow64\swsc.exe
[2010.11.08 23:29:23 | 051,699,224 | ---- | C] () -- I:\Users\Kmeťko\Desktop\75k676ys.exe
[2010.11.08 22:31:01 | 000,884,736 | ---- | C] () -- I:\Windows\gmer.dll
[2010.11.08 22:31:01 | 000,811,008 | ---- | C] () -- I:\Windows\gmer.exe
[2010.11.08 22:31:01 | 000,000,250 | ---- | C] () -- I:\Windows\gmer.ini
[2010.11.08 22:31:01 | 000,000,080 | ---- | C] () -- I:\Windows\gmer_uninstall.cmd
[2010.11.07 17:43:41 | 000,832,273 | ---- | C] () -- I:\Users\Kmeťko\Desktop\RSITx64.exe
[2010.11.07 17:34:51 | 000,000,779 | ---- | C] () -- I:\Users\Kmeťko\Desktop\GIMP 2.lnk
[2010.11.05 00:21:39 | 000,000,632 | ---- | C] () -- I:\Users\Kmeťko\Desktop\Total Commander.lnk
[2010.11.05 00:20:09 | 000,000,545 | ---- | C] () -- I:\Windows\UC.PIF
[2010.11.05 00:20:09 | 000,000,545 | ---- | C] () -- I:\Windows\RAR.PIF
[2010.11.05 00:20:09 | 000,000,545 | ---- | C] () -- I:\Windows\PKZIP.PIF
[2010.11.05 00:20:09 | 000,000,545 | ---- | C] () -- I:\Windows\PKUNZIP.PIF
[2010.11.05 00:20:09 | 000,000,545 | ---- | C] () -- I:\Windows\NOCLOSE.PIF
[2010.11.05 00:20:09 | 000,000,545 | ---- | C] () -- I:\Windows\LHA.PIF
[2010.11.05 00:20:09 | 000,000,545 | ---- | C] () -- I:\Windows\ARJ.PIF
[2010.11.03 17:10:29 | 000,000,000 | -H-- | C] () -- I:\Windows\SysNative\drivers\Msft_Kernel_vdbus_01009.Wdf
[2010.11.02 17:49:07 | 000,000,000 | -H-- | C] () -- I:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_05_00.Wdf
[2010.10.29 16:51:55 | 000,001,045 | ---- | C] () -- I:\Users\Kmeťko\Desktop\Barbie(TM) Salon krásy CD-ROM.lnk
[2010.10.27 19:09:48 | 000,000,120 | ---- | C] () -- I:\Windows\KA.ini
[2010.10.23 16:18:38 | 000,000,664 | RHS- | C] () -- I:\Users\Kmeťko\ntuser.pol
[2010.10.23 11:33:04 | 001,486,868 | ---- | C] () -- I:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.20 21:05:32 | 000,000,060 | ---- | C] () -- I:\Users\Kmeťko\AppData\Local\SRDownloader.log
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- I:\Windows\SysWow64\xlive.dll.cat
[2010.10.05 19:08:15 | 000,007,632 | ---- | C] () -- I:\Users\Kmeťko\AppData\Local\Resmon.ResmonCfg
[2010.10.05 17:00:04 | 000,034,308 | ---- | C] () -- I:\Windows\SysWow64\BASSMOD.dll
[2010.10.05 09:57:03 | 000,000,069 | ---- | C] () -- I:\Windows\NeroDigital.ini
[2010.10.04 20:16:48 | 000,049,898 | ---- | C] () -- I:\Users\Kmeťko\AppData\Local\SRDownloader.err
[2010.10.04 09:31:16 | 000,000,097 | ---- | C] () -- I:\Windows\SysWow64\PICSDK.ini
[2010.10.04 09:29:26 | 000,000,025 | ---- | C] () -- I:\Windows\CDE SX400EXPORT.ini
[2010.10.04 08:34:39 | 000,002,490 | ---- | C] () -- I:\Windows\TRNCOM.INI
[2010.10.04 08:10:11 | 000,004,360 | ---- | C] () -- I:\Users\Kmeťko\AppData\Local\SRDownloader.nast
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- I:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- I:\Windows\SysWow64\msjetoledb40.dll
[2005.12.07 12:31:00 | 000,202,752 | R--- | C] () -- I:\Windows\SysWow64\CddbCdda.dll
[2005.07.12 13:44:42 | 000,015,872 | ---- | C] () -- I:\Windows\SysWow64\InsDrvZD64.DLL
[2005.03.02 17:44:59 | 000,036,864 | ---- | C] () -- I:\Windows\SysWow64\frapsvid.dll
[2004.03.23 15:38:00 | 000,028,672 | ---- | C] () -- I:\Windows\SysWow64\InsDrvZD.dll

========== LOP Check ==========

[2010.10.20 22:18:53 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Ashampoo
[2010.10.06 17:44:11 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\BlackBean
[2010.11.10 08:24:49 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2010.10.04 09:20:39 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\ESET
[2010.11.05 08:29:39 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\GHISLER
[2010.11.13 15:01:33 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\gtk-2.0
[2010.10.08 15:05:52 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\LangSoft
[2010.10.04 10:10:42 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Leadertech
[2010.11.02 17:59:27 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Nokia
[2010.11.02 18:10:51 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Nokia Multimedia Player
[2010.11.02 18:10:57 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\PC Suite
[2010.11.09 17:49:31 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.10.04 12:44:42 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\TuneUp Software
[2010.11.02 18:59:52 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Ubisoft
[2010.11.13 12:35:17 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\URSE Games
[2010.10.05 17:37:10 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\VS Revo Group
[2010.10.04 08:07:12 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\XMedia Recode
[2010.11.12 20:40:19 | 000,032,608 | ---- | M] () -- I:\Windows\Tasks\SCHEDLGU.TXT
[2010.11.12 18:55:42 | 000,000,376 | ---- | M] () -- I:\Windows\Tasks\Úklid 1 kliknutím.job

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = I:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 02:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.11.09 22:02:49 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Adobe
[2010.11.09 17:49:31 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Adobe Mini Bridge CS5
[2010.10.04 08:17:04 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Ahead
[2010.10.04 15:10:43 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Apple Computer
[2010.10.20 22:18:53 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Ashampoo
[2010.10.06 17:44:11 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\BlackBean
[2010.11.10 08:24:49 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2010.11.03 16:51:20 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\ComodoGroup
[2010.10.04 09:20:39 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\ESET
[2010.11.05 08:29:39 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\GHISLER
[2010.11.13 15:01:33 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\gtk-2.0
[2010.10.04 06:21:02 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Identities
[2010.10.04 09:31:15 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\InstallShield
[2010.10.07 18:16:00 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\InstallShield Installation Information
[2010.10.08 15:05:52 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\LangSoft
[2010.10.04 10:10:42 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Leadertech
[2010.10.04 08:34:03 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Macromedia
[2010.11.10 08:31:20 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Malwarebytes
[2009.07.14 16:36:38 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Media Center Programs
[2010.10.21 16:35:04 | 000,000,000 | --SD | M] -- I:\Users\Kmeťko\AppData\Roaming\Microsoft
[2010.10.04 07:47:42 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Mozilla
[2010.10.13 19:23:09 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Nero
[2010.11.02 17:59:27 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Nokia
[2010.11.02 18:10:51 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Nokia Multimedia Player
[2010.10.05 18:43:26 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\NVIDIA
[2010.11.02 18:10:57 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\PC Suite
[2010.10.05 17:19:16 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Real
[2010.11.08 22:21:26 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Skype
[2010.11.08 22:19:57 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\skypePM
[2010.11.09 17:49:31 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.10.04 12:44:42 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\TuneUp Software
[2010.11.02 18:59:52 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\Ubisoft
[2010.11.13 12:35:17 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\URSE Games
[2010.11.11 05:13:27 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\vlc
[2010.10.05 17:37:10 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\VS Revo Group
[2010.10.04 07:49:50 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\WinRAR
[2010.10.04 08:07:12 | 000,000,000 | ---D | M] -- I:\Users\Kmeťko\AppData\Roaming\XMedia Recode

< %APPDATA%\*.exe /s >
[2010.10.07 18:14:02 | 000,331,776 | ---- | M] (Epic Games ) -- I:\Users\Kmeťko\AppData\Roaming\InstallShield Installation Information\{6530FDAA-5B1F-4830-95BB-650E9804D239}\setup.exe
[2010.10.05 11:57:13 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- I:\Users\Kmeťko\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.11.12 08:37:28 | 000,252,256 | R--- | M] (Caminova, Inc.) -- I:\Users\Kmeťko\AppData\Roaming\Microsoft\Installer\{17B2BD75-4172-4DEE-8B7B-9C282D1A521E}\Icon_DjVuViewer.exe
[2010.11.12 08:37:28 | 000,078,555 | R--- | M] () -- I:\Users\Kmeťko\AppData\Roaming\Microsoft\Installer\{17B2BD75-4172-4DEE-8B7B-9C282D1A521E}\Icon_hh.exe


< MD5 for: AGP440.SYS >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- I:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- I:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- I:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- I:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CDROM.SYS >
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- I:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 00:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- I:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- I:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- I:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- I:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- I:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- I:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- I:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- I:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- I:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- I:\Windows\SysWOW64\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- I:\Windows\SysWOW64\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- I:\Windows\explorer.exe
[2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- I:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- I:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- I:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- I:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- I:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- I:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 02:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- I:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- I:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- I:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 02:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- I:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- I:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- I:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- I:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- I:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- I:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- I:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- I:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- I:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- I:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- I:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- I:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- I:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- I:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- I:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- I:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- I:\Windows\SysWOW64\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- I:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 02:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- I:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.06.14 07:39:16 | 001,889,152 | ---- | M] (Microsoft Corporation) MD5=542C6767C68C9D6AAACA59436B0D15C2 -- I:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_0fd0b57e990e2079\tcpip.sys
[2010.06.14 07:37:36 | 001,896,832 | ---- | M] (Microsoft Corporation) MD5=90A2D722CF64D911879D6C4A4F802A4D -- I:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_0f59b7ad7fe2fcc8\tcpip.sys
[2009.07.14 02:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- I:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- I:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- I:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- I:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- I:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- I:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- I:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- I:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 02:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- I:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- I:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- I:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- I:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[12 I:\Windows\system32\*.tmp files -> I:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[12 I:\Windows\system32\*.tmp files -> I:\Windows\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
No captured output from command...

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
No captured output from command...

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[12 I:\Windows\system32\*.tmp files -> I:\Windows\system32\*.tmp -> ]

< End of report >
Nahoru
p2key
Návštěvník
Návštěvník
Příspěvky: 75
Registrován: 15 úno 2009 07:37

Re: Prosim o kontrolu

#17 Příspěvek od p2key »

EXTRAS


OTL Extras logfile created on: 17.11.2010 13:31:43 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = I:\Users\Kmeťko\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000405 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 70,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 85,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = I: | %SystemRoot% = I:\Windows | %ProgramFiles% = I:\Program Files (x86)
Drive C: | 611,62 Gb Total Space | 243,80 Gb Free Space | 39,86% Space Free | Partition Type: NTFS
Drive I: | 87,01 Gb Total Space | 36,31 Gb Free Space | 41,73% Space Free | Partition Type: NTFS

Computer Name: KMEŤKO-PC | User Name: Kmeťko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- I:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- I:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- I:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3042371501-224471673-1198027057-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "I:\Windows\system32\rundll32.exe" "I:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "I:\Windows\System32\rundll32.exe" "I:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "I:\Windows\System32\rundll32.exe" "I:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- C:\Program Files\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "I:\Windows\system32\rundll32.exe" "I:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "I:\Windows\System32\rundll32.exe" "I:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "I:\Windows\System32\rundll32.exe" "I:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{104FB32A-7CE3-4C4B-B2AA-70C613FF9DFA}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0465-000001000000}" = 7-Zip 4.65 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416021FF}" = Java(TM) 6 Update 21 (64-bit)
"{33EB1061-ABF1-4470-A540-32E97A610536}" = Apple Mobile Device Support
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{63264409-6933-48E9-B0AD-A70367E98BAF}" = ESET Smart Security
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.2.0
"{701D8EE6-6A5A-4509-9740-35F551193CE0}" = Windows Live Family Safety
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8068ACF9-B398-4C14-BEF6-817F12024707}" = Windows Live Family Safety
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovládač 3D Vision 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafický ovládač 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Softvér systému s podporou technológie PhysX 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovládač zvuku HD 1.1.9.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C19CD2D6-1CE1-44B5-8430-32D8E26373AB}" = PC Connectivity Solution 64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}" = Logitech Webcam Software
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"EPSON Stylus SX400 Series" = EPSON Stylus SX400 Series Printer Uninstall
"lvdrivers_12.0" = Logitech Webcam Software Driver Package
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02C0A02E-AB30-446C-B4C3-A03310D95F53}" = Windows Live UX Platform Language Pack
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{066D65EA-ED53-44E4-A96A-F81B6E409D2E}" = PC Connectivity Solution
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{17B2BD75-4172-4DEE-8B7B-9C282D1A521E}" = Document Express DjVu Plug-in
"{1E445925-273D-4186-88A0-B8D1B6B119E2}" = WRC FIA World Rally Championship
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C4F5AF-D757-4E6A-ABCA-65AB5A50A1A8}" = Windows Live Messenger
"{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Activision(R)
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{42EDF895-158C-484E-A7F2-42B90759F281}" = Camera RAW Plug-In for EPSON Creativity Suite
"{43430808-081A-4C0D-B7CC-601000018301}" = LOST PLANET 2
"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"{434D0831-A4CC-401A-9E74-621000018401}" = F1 2010
"{463F67F4-58D0-4C0D-BBC9-D0CC4E56D1B8}" = Windows Live UX Platform Language Pack
"{46CBBDF8-55B5-40DB-B459-7B848394309C}" = EPSON File Manager
"{46CDDE4F-31B2-47D1-8245-932679506882}_is1" = Lost Planet 2
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50300123-F8FC-4B50-B449-E847D04F1BA2}" = Windows Live Messenger
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}" = Nokia PC Suite
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist
"{664C3BDC-1BCF-4EA6-A127-E61430501051}" = Nero 8 Essentials
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}" = Doplnok programu Messenger
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}" = EPSON Easy Photo Print
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}" = Nokia Connectivity Cable Driver
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{AC76BA86-7AD7-1029-7B44-A94000000001}" = Adobe Reader 9.4.0 - Czech
"{AC76BA86-7AD7-2447-0000-900000000003}" = Chinese Simplified Fonts Support For Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{B44F3823-52DD-45CA-A916-8B320778715D}" = Messenger Companion
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B6E3F2A0-DDBB-4F0A-BA7C-09138605DDAC}" = WRC FIA World Rally Championship
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C5F0FD86-1E2B-4FE3-8996-B976FCA2E64F}" = Barbie(TM) Salon krásy CD-ROM
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FE3997D3-6B56-4AC4-A99C-9DDFC45359BF}" = TuneUp Utilities Language Pack (en-US)
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AI RoboForm" = AI RoboForm (All Users)
"Alien Breed 2: Assault_is1" = Alien Breed 2: Assault
"Ashampoo Burning Studio 2010_is1" = Ashampoo Burning Studio 2010
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX200_SX400_TX200_TX400 Používateľská príručka" = EPSON Stylus SX200_SX400_TX200_TX400 Manuál
"FormatFactory" = FormatFactory 2.50
"Fraps" = Fraps (remove only)
"Fun and Bullets_is1" = Fun and Bullets
"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{3FAD68D9-1FA1-4871-9ADF-9151D969E943}" = Singularity(TM)
"InstallShield_{C5F0FD86-1E2B-4FE3-8996-B976FCA2E64F}" = Barbie(TM) Salon krásy CD-ROM
"Just Cause 2_is1" = Just Cause 2
"Logitech Vid" = Logitech Vid HD
"Mafia II Update 1_is1" = Mafia II Update 1
"Mafia II_is1" = Mafia II
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"MyAshampoo Toolbar" = MyAshampoo Toolbar
"MyPaint" = MyPaint 0.8.2
"Nokia PC Suite" = Nokia PC Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"RealPlayer 6.0" = RealPlayer
"Shank_is1" = Shank
"TmUnitedForever_is1" = TmUnitedForever Update 2010-03-15
"Totalcmd" = Total Commander (Remove or Repair)
"TuneUp Utilities" = TuneUp Utilities
"VirusTotalUploader2.0" = VirusTotal Uploader 2.0
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"XMedia Recode" = XMedia Recode 2.2.7.2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3042371501-224471673-1198027057-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"75c0e0ceac8ef0d4" = CZShare Manager
"InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}" = UE3Redist

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13.11.2010 4:09:28 | Computer Name = Kmeťko-PC | Source = Application Hang | ID = 1002
Description = The program NOTEPAD.EXE version 6.1.7600.16385 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: d24 Start
Time: 01cb830a02bfafab Termination Time: 0 Application Path: I:\Windows\system32\NOTEPAD.EXE

Report
Id: 54069be2-eefd-11df-ae00-001b1d10734a

Error - 13.11.2010 4:50:52 | Computer Name = Kmeťko-PC | Source = Application Hang | ID = 1002
Description = The program F1_2010_game.exe version 1.1.1.129 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: b14 Start
Time: 01cb830edd3ec28f Termination Time: 176 Application Path: C:\Program Files\Codemasters\F1
2010\F1_2010_game.exe Report Id:

Error - 13.11.2010 10:06:10 | Computer Name = Kmeťko-PC | Source = Application Hang | ID = 1002
Description = The program mypaint.exe version 0.8.2.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: f78 Start Time:
01cb833b515a426e Termination Time: 0 Application Path: C:\Program Files\MyPaint\mypaint.exe

Report
Id: 28ff6fa9-ef2f-11df-b2eb-001b1d10734a

Error - 14.11.2010 13:25:47 | Computer Name = Kmeťko-PC | Source = Application Error | ID = 1000
Description = Názov chybovej aplikácie: F1_2010_game.exe, verzia: 1.1.1.129, časová
značka: 0x4cbea443 Názov chybového modulu: F1_2010_game.exe, verzia: 1.1.1.129,
časová značka: 0x4cbea443 Kód výnimky: 0xc0000005 Odstup chyby: 0x0028b3c2 Identifikácia
chybného procesu: 0x80 Čas spustenia chybnej aplikácie: 0x01cb8420be70b300 Cesta
chybnej aplikácie: C:\Program Files\Codemasters\F1 2010\F1_2010_game.exe Cesta chybného
modulu: C:\Program Files\Codemasters\F1 2010\F1_2010_game.exe Identifikácia hlásenia:
37b47340-f014-11df-ae98-001b1d10734a

Error - 16.11.2010 7:11:04 | Computer Name = Kmeťko-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: I:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component
2: I:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error - 16.11.2010 7:11:52 | Computer Name = Kmeťko-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "I:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "I:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 16.11.2010 7:12:05 | Computer Name = Kmeťko-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Nokia\Nokia
PC Suite 6\VistaPIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 17.11.2010 3:29:10 | Computer Name = Kmeťko-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "C:\Program Files\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: I:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component
2: I:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error - 17.11.2010 3:30:01 | Computer Name = Kmeťko-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "I:\Program Files (x86)\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "I:\Program
Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value
"MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute
"version" in element "assemblyIdentity" is invalid.

Error - 17.11.2010 3:30:13 | Computer Name = Kmeťko-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Nokia\Nokia
PC Suite 6\VistaPIM.dll". Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 13.11.2010 12:50:53 | Computer Name = Kmeťko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby StarWind AE Service zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 14.11.2010 2:22:33 | Computer Name = Kmeťko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby StarWind AE Service zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 14.11.2010 12:58:48 | Computer Name = Kmeťko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby StarWind AE Service zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 14.11.2010 15:42:01 | Computer Name = Kmeťko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby StarWind AE Service zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 15.11.2010 3:11:36 | Computer Name = Kmeťko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby StarWind AE Service zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 15.11.2010 6:03:15 | Computer Name = Kmeťko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby StarWind AE Service zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 16.11.2010 5:11:22 | Computer Name = Kmeťko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby StarWind AE Service zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 16.11.2010 11:10:14 | Computer Name = Kmeťko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby StarWind AE Service zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 16.11.2010 13:09:33 | Computer Name = Kmeťko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby StarWind AE Service zlyhalo kvôli nasledujúcej chybe:
%%2

Error - 17.11.2010 2:07:49 | Computer Name = Kmeťko-PC | Source = Service Control Manager | ID = 7000
Description = Spustenie služby StarWind AE Service zlyhalo kvôli nasledujúcej chybe:
%%2


< End of report >
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Prosim o kontrolu

#18 Příspěvek od motji »

Otestujte na www.virustotal.com
I:\Users\Kmeťko\Desktop\75k676ys.exe

:arrow: Vy jste spouštěl webcureit a gmer? Máte z gmeru log?

Podívejte se do správce zařízení, zda tam nemáte nějaké otazníky.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
p2key
Návštěvník
Návštěvník
Příspěvky: 75
Registrován: 15 úno 2009 07:37

Re: Prosim o kontrolu

#19 Příspěvek od p2key »

75k676ys.exe je vlastne webcureit,ktory som pred par dnami stiahol,ale scan som nerobil a gmer scan som sa pokusal spravit,no nieco mi do toho prislo.Log mozem spravit a hodit sem.A Spravca je v poriadku.
Nahoru
p2key
Návštěvník
Návštěvník
Příspěvky: 75
Registrován: 15 úno 2009 07:37

Re: Prosim o kontrolu

#20 Příspěvek od p2key »

Podaril sa mi tento log.
Nedaju sa zafajknut vsetky polozky.

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2010-11-17 17:26:17
Windows 5.1.2600 Service Pack 2
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001b1d10734a
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001b1d10734a@002547e187cb 0xA6 0xC2 0x28 0x26 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x37 0x7E 0xEE 0x23 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 c:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x2C 0x1D 0x75 0x8D ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x2E 0x0A 0x25 0x90 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41@ujdew 0xB9 0x40 0x94 0x4B ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg42
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg42@ujdew 0xE1 0x40 0xA0 0x24 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg43
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg43@ujdew 0xE1 0x40 0xA0 0x24 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001b1d10734a (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001b1d10734a@002547e187cb 0xA6 0xC2 0x28 0x26 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x37 0x7E 0xEE 0x23 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 c:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x2C 0x1D 0x75 0x8D ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x2E 0x0A 0x25 0x90 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg41@ujdew 0xB9 0x40 0x94 0x4B ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg42 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg42@ujdew 0xE1 0x40 0xA0 0x24 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg43 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg43@ujdew 0xE1 0x40 0xA0 0x24 ...

---- EOF - GMER 1.0.15 ----
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Prosim o kontrolu

#21 Příspěvek od motji »

Tak ten webcureit spusťte.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
p2key
Návštěvník
Návštěvník
Příspěvky: 75
Registrován: 15 úno 2009 07:37

Re: Prosim o kontrolu

#22 Příspěvek od p2key »

Tak ten Drweb cureit pomohol.

Dakujem pekne za Vas cas.


ps:Omluvam sa.Bol som pracovne prec.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Prosim o kontrolu

#23 Příspěvek od motji »

Nějaký log z webcureitu by nebyl? :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
p2key
Návštěvník
Návštěvník
Příspěvky: 75
Registrován: 15 úno 2009 07:37

Re: Prosim o kontrolu

#24 Příspěvek od p2key »

Bohuzial.Bolo to davno.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Prosim o kontrolu

#25 Příspěvek od motji »

Tak aspon log ze Rsitu, Já Vám prostě nedám pokoj :D
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
p2key
Návštěvník
Návštěvník
Příspěvky: 75
Registrován: 15 úno 2009 07:37

Re: Prosim o kontrolu

#26 Příspěvek od p2key »

A je nejaky dovod?.Z pc som vela veci uninstal.A zatial vsetko slape ako ma.
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Prosim o kontrolu

#27 Příspěvek od motji »

Jak chcete :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
p2key
Návštěvník
Návštěvník
Příspěvky: 75
Registrován: 15 úno 2009 07:37

Re: Prosim o kontrolu

#28 Příspěvek od p2key »

Tu je log:


Logfile of random's system information tool 1.08 (written by random/random)
Run by IlegaliTy at 2011-01-23 21:49:35
Microsoft Windows 7 Ultimate
System drive C: has 60 GB (68%) free of 89 GB
Total RAM: 4094 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:49:38, on 23. 1. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files\trend micro\IlegaliTy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\TRANSLAT\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\TRANSLAT\WebIE.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Generátor hesiel - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O8 - Extra context menu item: Nástrojová lišta RoboFormu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Prispôsobiť menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: RoboForm ikona na lište úloh - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O8 - Extra context menu item: Uložiť formulár - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Vyplniť formulár - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Vyplniť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Vyplniť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Uložiť - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Uložiť formulár - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Generovať - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra 'Tools' menuitem: Generátor hesiel - {320AF880-6646-11D3-ABEE-C5DBF3571F50} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComPasswordGenerator.html
O9 - Extra button: Lišta úloh - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O9 - Extra 'Tools' menuitem: RoboForm ikona na lište úloh - {320AF880-6646-11D3-ABEE-C5DBF3571F51} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComTaskBarIcon.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: Nástrojová lišta RoboFormu - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\TRANSLAT\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\TRANSLAT\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\TRANSLAT\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\TRANSLAT\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WebIE.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\TRANSLAT\WebIE.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - I:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - I:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9860 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
"I:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"taskhost.exe"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE"
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe"
"C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe" -Embedding
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {9FC9D8D9-14A2-422C-81D2-B5A4486E23D1}
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe" silentrun
"I:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-964ccbb1-20bb-49ea-9188-6f3583777cb8 -SystemEventPortName:HostProcess-736be04f-756e-4461-af52-b0170b86c5bc -IoCancelEventPortName:HostProcess-6851e343-c9c8-4e2e-9abe-65f45afd82f8 -NonStateChangingEventPortName:HostProcess-e69fcd45-2f51-49b0-9342-3f35fbc80ba1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:265cb9f5-bf73-4927-9663-1ee63ea82f98
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\IlegaliTy\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WebIE.dll [2011-01-23 503808]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-01-22 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2011-01-22 14430712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-01-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2011-01-22 14430712]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLAT\WebIE.dll [2011-01-23 503808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"XboxStat"=C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [2009-10-01 825184]
"egui"=I:\Program Files\ESET\ESET Smart Security\egui.exe [2010-11-08 2919168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nektra OEAPI"= []
"OEXPRESS"= []
"WEBTRAN"= []
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
I:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus SX400 Series]
C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE [2007-12-17 221696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [2010-10-29 5915480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-05-08 2780432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-01-03 15028104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-01-22 274608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
C:\PROGRA~2\WinZip\WZQKPICK.EXE [2008-09-08 525664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^IlegaliTy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrácia výrobku.lnk]
C:\PROGRA~1\Logitech\LOGITE~1\eReg.exe [2008-11-07 517384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-01-23 18:42:29 ----A---- C:\Windows\gmer.ini
2011-01-23 18:42:27 ----A---- C:\Windows\SYSWOW64\drivers\gmer.sys
2011-01-23 18:42:27 ----A---- C:\Windows\gmer_uninstall.cmd
2011-01-23 18:42:27 ----A---- C:\Windows\gmer.exe
2011-01-23 18:42:27 ----A---- C:\Windows\gmer.dll
2011-01-23 18:35:27 ----D---- C:\rsit
2011-01-23 18:35:27 ----D---- C:\Program Files\trend micro
2011-01-23 12:20:46 ----D---- C:\Program Files (x86)\MSXML 4.0
2011-01-23 12:14:32 ----D---- C:\TRANSLAT
2011-01-23 11:46:13 ----D---- C:\Users\IlegaliTy\AppData\Roaming\skypePM
2011-01-23 11:44:59 ----RD---- C:\Program Files (x86)\Skype
2011-01-23 11:44:59 ----D---- C:\Users\IlegaliTy\AppData\Roaming\Skype
2011-01-23 11:44:51 ----D---- C:\ProgramData\Skype
2011-01-23 11:17:19 ----A---- C:\Windows\system32\drivers\revoflt.sys
2011-01-22 22:30:43 ----A---- C:\Windows\TRNCOM.INI
2011-01-22 22:28:35 ----D---- C:\Users\IlegaliTy\AppData\Roaming\LangSoft
2011-01-22 22:28:35 ----D---- C:\ProgramData\LangSoft
2011-01-22 21:34:48 ----D---- C:\Program Files (x86)\VirusTotalUploader2
2011-01-22 21:32:11 ----D---- C:\Users\IlegaliTy\AppData\Roaming\Malwarebytes
2011-01-22 21:32:06 ----D---- C:\ProgramData\Malwarebytes
2011-01-22 21:32:06 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2011-01-22 21:32:03 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-01-22 21:25:30 ----D---- C:\ProgramData\Sun
2011-01-22 21:25:16 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-01-22 21:25:16 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-01-22 21:25:16 ----A---- C:\Windows\SYSWOW64\java.exe
2011-01-22 21:25:16 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2011-01-22 21:25:05 ----D---- C:\Program Files (x86)\Java
2011-01-22 21:10:19 ----D---- C:\Windows\pss
2011-01-22 21:05:13 ----D---- C:\Users\IlegaliTy\AppData\Roaming\Ashampoo
2011-01-22 21:04:34 ----D---- C:\ProgramData\ashampoo
2011-01-22 21:04:07 ----D---- C:\Program Files\Ashampoo Burning Studio 10
2011-01-22 20:52:04 ----A---- C:\Windows\SYSWOW64\rmoc3260.dll
2011-01-22 20:52:01 ----A---- C:\Windows\SYSWOW64\pndx5032.dll
2011-01-22 20:52:01 ----A---- C:\Windows\SYSWOW64\pndx5016.dll
2011-01-22 20:52:01 ----A---- C:\Windows\SYSWOW64\pncrt.dll
2011-01-22 20:52:00 ----A---- C:\Windows\SYSWOW64\msvcr71.dll
2011-01-22 20:52:00 ----A---- C:\Windows\SYSWOW64\msvcp71.dll
2011-01-22 20:51:48 ----D---- C:\Program Files (x86)\Real
2011-01-22 20:51:47 ----D---- C:\ProgramData\Real
2011-01-22 20:51:46 ----D---- C:\Users\IlegaliTy\AppData\Roaming\Real
2011-01-22 20:13:45 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2011-01-22 20:12:16 ----D---- C:\Windows\SYSWOW64\drivers\sk-SK
2011-01-22 20:12:14 ----D---- C:\Windows\sk-SK
2011-01-22 20:12:11 ----D---- C:\Windows\system32\drivers\sk-SK
2011-01-22 17:57:06 ----D---- C:\Program Files\CCleaner
2011-01-22 17:56:20 ----D---- C:\Users\IlegaliTy\AppData\Roaming\Macromedia
2011-01-22 17:56:20 ----D---- C:\Users\IlegaliTy\AppData\Roaming\Adobe
2011-01-22 17:55:32 ----D---- C:\Users\IlegaliTy\AppData\Roaming\Ahead
2011-01-22 17:55:10 ----D---- C:\Windows\SYSWOW64\Macromed
2011-01-22 17:54:49 ----D---- C:\ProgramData\Nero
2011-01-22 17:49:44 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-01-22 17:48:57 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2011-01-22 17:48:57 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2011-01-22 17:43:18 ----D---- C:\Program Files (x86)\Adobe
2011-01-22 17:42:39 ----D---- C:\ProgramData\Adobe
2011-01-22 17:15:22 ----D---- C:\Program Files (x86)\Logitech
2011-01-22 17:15:11 ----D---- C:\Users\IlegaliTy\AppData\Roaming\Leadertech
2011-01-22 17:14:49 ----A---- C:\Windows\SYSWOW64\LVUI2RC.dll
2011-01-22 17:14:49 ----A---- C:\Windows\SYSWOW64\LVUI2.dll
2011-01-22 17:14:49 ----A---- C:\Windows\SYSWOW64\lvcodec2.dll
2011-01-22 17:14:49 ----A---- C:\Windows\system32\LVUIRC64.dll
2011-01-22 17:14:49 ----A---- C:\Windows\system32\LVUI64.dll
2011-01-22 17:14:49 ----A---- C:\Windows\system32\lvcoin64.ini
2011-01-22 17:14:49 ----A---- C:\Windows\system32\lvcod64.dll
2011-01-22 17:14:49 ----A---- C:\Windows\system32\lvco1201278.dll
2011-01-22 17:14:49 ----A---- C:\Windows\system32\drivers\lvuvc64.sys
2011-01-22 17:13:50 ----D---- C:\ProgramData\RoboForm
2011-01-22 17:13:25 ----D---- C:\Program Files (x86)\Siber Systems
2011-01-22 17:13:07 ----D---- C:\ProgramData\LogiShrd
2011-01-22 17:13:07 ----D---- C:\Program Files\Common Files\LogiShrd
2011-01-22 17:12:53 ----D---- C:\Program Files\Logitech
2011-01-22 17:09:30 ----A---- C:\Windows\system32\drivers\sptd.sys
2011-01-22 17:08:51 ----D---- C:\Users\IlegaliTy\AppData\Roaming\DAEMON Tools Lite
2011-01-22 17:08:49 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-01-22 17:03:17 ----D---- C:\Users\IlegaliTy\AppData\Roaming\WinRAR
2011-01-22 16:58:21 ----D---- C:\Program Files (x86)\WinRAR
2011-01-22 16:53:35 ----D---- C:\ProgramData\WinZip
2011-01-22 16:53:33 ----D---- C:\Program Files (x86)\WinZip
2011-01-22 16:52:15 ----D---- C:\Program Files\7-Zip
2011-01-22 16:49:53 ----D---- C:\Users\IlegaliTy\AppData\Roaming\vlc
2011-01-22 16:45:50 ----D---- C:\Users\IlegaliTy\AppData\Roaming\ESET
2011-01-22 16:44:53 ----D---- C:\ProgramData\ESET
2011-01-22 16:35:48 ----A---- C:\Windows\SYSWOW64\PICSDK2.dll
2011-01-22 16:35:48 ----A---- C:\Windows\SYSWOW64\PICSDK.ini
2011-01-22 16:35:48 ----A---- C:\Windows\SYSWOW64\PICSDK.dll
2011-01-22 16:35:48 ----A---- C:\Windows\SYSWOW64\PICEntry.dll
2011-01-22 16:35:48 ----A---- C:\Windows\SYSWOW64\EpPicPrt.dll
2011-01-22 16:35:48 ----A---- C:\Windows\SYSWOW64\EPPicMgr.dll
2011-01-22 16:35:43 ----D---- C:\Users\IlegaliTy\AppData\Roaming\InstallShield
2011-01-22 16:33:48 ----A---- C:\Windows\system32\E_ILMEGE.DLL
2011-01-22 16:33:46 ----A---- C:\Windows\system32\E_IBCBEGE.DLL
2011-01-22 16:33:44 ----A---- C:\Windows\system32\E_GCINST.DLL
2011-01-22 16:33:38 ----D---- C:\ProgramData\EPSON
2011-01-22 16:33:28 ----D---- C:\Program Files (x86)\epson
2011-01-22 16:33:28 ----A---- C:\Windows\system32\esxcwiad.dll
2011-01-22 16:28:10 ----D---- C:\Program Files\Microsoft Xbox 360 Accessories
2011-01-22 16:28:03 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2011-01-22 16:28:03 ----A---- C:\Windows\system32\xinput1_3.dll
2011-01-22 16:14:45 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2011-01-22 16:14:45 ----A---- C:\Windows\system32\msv1_0.dll
2011-01-22 16:09:34 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2011-01-22 16:09:34 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2011-01-22 16:09:34 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2011-01-22 16:09:34 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2011-01-22 16:09:34 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2011-01-22 16:09:34 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-01-22 16:09:34 ----A---- C:\Windows\system32\PresentationHost.exe
2011-01-22 16:09:34 ----A---- C:\Windows\system32\netfxperf.dll
2011-01-22 16:09:34 ----A---- C:\Windows\system32\mscoree.dll
2011-01-22 16:09:34 ----A---- C:\Windows\system32\dfshim.dll
2011-01-22 16:09:16 ----A---- C:\Windows\system32\browserchoice.exe
2011-01-22 16:03:53 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2011-01-22 16:03:53 ----A---- C:\Windows\system32\drivers\ks.sys
2011-01-22 15:29:03 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2011-01-22 15:29:03 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2011-01-22 15:29:03 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2011-01-22 15:29:03 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2011-01-22 15:29:03 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-01-22 15:29:03 ----A---- C:\Windows\system32\taskschd.dll
2011-01-22 15:29:03 ----A---- C:\Windows\system32\taskeng.exe
2011-01-22 15:29:03 ----A---- C:\Windows\system32\taskcomp.dll
2011-01-22 15:29:03 ----A---- C:\Windows\system32\schtasks.exe
2011-01-22 15:29:03 ----A---- C:\Windows\system32\schedsvc.dll
2011-01-22 15:28:56 ----A---- C:\Windows\SYSWOW64\tzres.dll
2011-01-22 15:28:56 ----A---- C:\Windows\system32\tzres.dll
2011-01-22 15:28:51 ----A---- C:\Windows\system32\t2embed.dll
2011-01-22 15:28:50 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2011-01-22 15:28:49 ----A---- C:\Windows\system32\shell32.dll
2011-01-22 15:28:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-01-22 15:28:39 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2011-01-22 15:28:39 ----A---- C:\Windows\system32\asycfilt.dll
2011-01-22 15:28:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-01-22 15:28:33 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-01-22 15:28:33 ----A---- C:\Windows\system32\vbscript.dll
2011-01-22 15:28:33 ----A---- C:\Windows\system32\ntdll.dll
2011-01-22 15:28:30 ----A---- C:\Windows\SYSWOW64\ole32.dll
2011-01-22 15:28:30 ----A---- C:\Windows\system32\ole32.dll
2011-01-22 15:28:19 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2011-01-22 15:28:19 ----A---- C:\Windows\system32\StructuredQuery.dll
2011-01-22 15:28:17 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-01-22 15:28:17 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-01-22 15:28:17 ----A---- C:\Windows\system32\atmlib.dll
2011-01-22 15:28:17 ----A---- C:\Windows\system32\atmfd.dll
2011-01-22 15:28:14 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2011-01-22 15:28:14 ----A---- C:\Windows\system32\CertEnroll.dll
2011-01-22 15:28:12 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-01-22 15:28:12 ----A---- C:\Windows\system32\inetcomm.dll
2011-01-22 15:28:08 ----A---- C:\Windows\system32\CPFilters.dll
2011-01-22 15:28:07 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-01-22 15:28:07 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2011-01-22 15:28:07 ----A---- C:\Windows\system32\psisdecd.dll
2011-01-22 15:28:07 ----A---- C:\Windows\system32\msdri.dll
2011-01-22 15:28:05 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2011-01-22 15:28:05 ----A---- C:\Windows\system32\fontsub.dll
2011-01-22 15:28:04 ----A---- C:\Windows\system32\win32k.sys
2011-01-22 15:28:03 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-01-22 15:28:02 ----A---- C:\Windows\SYSWOW64\schannel.dll
2011-01-22 15:28:02 ----A---- C:\Windows\system32\schannel.dll
2011-01-22 15:28:01 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2011-01-22 15:28:01 ----A---- C:\Windows\system32\comctl32.dll
2011-01-22 15:27:59 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-01-22 15:27:59 ----A---- C:\Windows\system32\oleaut32.dll
2011-01-22 15:27:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-01-22 15:27:58 ----A---- C:\Windows\SYSWOW64\user.exe
2011-01-22 15:27:58 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-01-22 15:27:58 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-01-22 15:27:58 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-01-22 15:27:58 ----A---- C:\Windows\system32\wow64.dll
2011-01-22 15:27:57 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2011-01-22 15:27:57 ----A---- C:\Windows\system32\rtutils.dll
2011-01-22 15:27:56 ----A---- C:\Windows\SYSWOW64\webio.dll
2011-01-22 15:27:56 ----A---- C:\Windows\system32\webio.dll
2011-01-22 15:27:56 ----A---- C:\Windows\system32\spoolsv.exe
2011-01-22 15:27:55 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2011-01-22 15:27:54 ----A---- C:\Windows\system32\drivers\fvevol.sys
2011-01-22 15:27:54 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-01-22 15:27:54 ----A---- C:\Windows\system32\cdd.dll
2011-01-22 15:27:53 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2011-01-22 15:27:53 ----A---- C:\Windows\system32\wmpmde.dll
2011-01-22 15:27:43 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-01-22 15:27:42 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-01-22 15:27:42 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-01-22 15:27:37 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-01-22 15:27:37 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-01-22 15:27:37 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-01-22 15:27:29 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2011-01-22 15:27:29 ----A---- C:\Windows\system32\secproc_isv.dll
2011-01-22 15:27:28 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2011-01-22 15:27:28 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2011-01-22 15:27:28 ----A---- C:\Windows\SYSWOW64\secproc.dll
2011-01-22 15:27:28 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2011-01-22 15:27:28 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2011-01-22 15:27:28 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2011-01-22 15:27:28 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2011-01-22 15:27:28 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2011-01-22 15:27:28 ----A---- C:\Windows\system32\secproc_ssp.dll
2011-01-22 15:27:28 ----A---- C:\Windows\system32\secproc.dll
2011-01-22 15:27:28 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2011-01-22 15:27:28 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2011-01-22 15:27:28 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-01-22 15:27:28 ----A---- C:\Windows\system32\RMActivate.exe
2011-01-22 15:26:53 ----A---- C:\Windows\SYSWOW64\quartz.dll
2011-01-22 15:26:53 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2011-01-22 15:26:53 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2011-01-22 15:26:53 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2011-01-22 15:26:53 ----A---- C:\Windows\system32\tsbyuv.dll
2011-01-22 15:26:53 ----A---- C:\Windows\system32\quartz.dll
2011-01-22 15:26:53 ----A---- C:\Windows\system32\msyuv.dll
2011-01-22 15:26:53 ----A---- C:\Windows\system32\msvidc32.dll
2011-01-22 15:26:53 ----A---- C:\Windows\system32\msrle32.dll
2011-01-22 15:26:53 ----A---- C:\Windows\system32\iyuv_32.dll
2011-01-22 15:26:52 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2011-01-22 15:26:52 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2011-01-22 15:26:52 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2011-01-22 15:26:52 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2011-01-22 15:26:51 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2011-01-22 15:26:51 ----A---- C:\Windows\system32\msxml3.dll
2011-01-22 15:26:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-01-22 15:26:38 ----A---- C:\Windows\system32\jscript.dll
2011-01-22 15:26:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2011-01-22 15:26:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2011-01-22 15:26:24 ----A---- C:\Windows\system32\lsasrv.dll
2011-01-22 15:26:24 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2011-01-22 15:25:40 ----A---- C:\Windows\system32\consent.exe
2011-01-22 14:46:04 ----D---- C:\Program Files\NVIDIA Corporation
2011-01-22 14:31:48 ----D---- C:\inetpub
2011-01-22 14:22:25 ----A---- C:\Windows\system32\MRT.exe
2011-01-22 14:18:38 ----A---- C:\Windows\SYSWOW64\explorer.exe
2011-01-22 14:18:38 ----A---- C:\Windows\system32\winlogon.exe
2011-01-22 14:18:38 ----A---- C:\Windows\explorer.exe
2011-01-22 14:18:36 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-01-22 14:18:28 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2011-01-22 14:18:28 ----A---- C:\Windows\system32\msasn1.dll
2011-01-22 14:18:26 ----A---- C:\Windows\system32\wmp.dll
2011-01-22 14:18:24 ----A---- C:\Windows\SYSWOW64\wmp.dll
2011-01-22 14:18:23 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2011-01-22 14:18:23 ----A---- C:\Windows\system32\wmploc.DLL
2011-01-22 14:18:21 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2011-01-22 14:18:21 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2011-01-22 14:18:16 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-01-22 14:18:16 ----A---- C:\Windows\system32\odbc32.dll
2011-01-22 14:18:10 ----A---- C:\Windows\system32\mshtml.dll
2011-01-22 14:18:09 ----A---- C:\Windows\system32\ieframe.dll
2011-01-22 14:18:08 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-01-22 14:18:08 ----A---- C:\Windows\system32\iertutil.dll
2011-01-22 14:18:07 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-01-22 14:18:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-01-22 14:18:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-01-22 14:18:06 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-01-22 14:18:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-01-22 14:18:06 ----A---- C:\Windows\system32\wininet.dll
2011-01-22 14:18:06 ----A---- C:\Windows\system32\urlmon.dll
2011-01-22 14:18:06 ----A---- C:\Windows\system32\mstime.dll
2011-01-22 14:18:06 ----A---- C:\Windows\system32\msfeeds.dll
2011-01-22 14:18:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-01-22 14:18:05 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-01-22 14:18:05 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-01-22 14:18:05 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-01-22 14:18:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-01-22 14:18:05 ----A---- C:\Windows\system32\mshtmled.dll
2011-01-22 14:18:05 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-01-22 14:18:05 ----A---- C:\Windows\system32\licmgr10.dll
2011-01-22 14:18:05 ----A---- C:\Windows\system32\ieui.dll
2011-01-22 14:18:05 ----A---- C:\Windows\system32\iepeers.dll
2011-01-22 14:18:05 ----A---- C:\Windows\system32\iedkcs32.dll
2011-01-22 14:18:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-01-22 14:18:04 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-01-22 14:18:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-01-22 14:18:04 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-01-22 14:18:04 ----A---- C:\Windows\system32\msfeedssync.exe
2011-01-22 14:18:04 ----A---- C:\Windows\system32\jsproxy.dll
2011-01-22 14:09:14 ----N---- C:\Windows\system32\MpSigStub.exe
2011-01-22 14:07:31 ----A---- C:\Windows\SYSWOW64\sscore.dll
2011-01-22 14:07:31 ----A---- C:\Windows\system32\srvsvc.dll
2011-01-22 14:07:31 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-01-22 14:07:31 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-01-22 14:07:31 ----A---- C:\Windows\system32\drivers\srv.sys
2011-01-22 14:06:41 ----A---- C:\Windows\system32\nvhdap64.dll
2011-01-22 14:06:41 ----A---- C:\Windows\system32\nvcohda6.dll
2011-01-22 14:06:41 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2011-01-22 14:06:39 ----D---- C:\NVIDIA
2011-01-22 14:02:38 ----AD---- C:\ProgramData\TEMP
2011-01-22 14:01:36 ----D---- C:\Users\IlegaliTy\AppData\Roaming\MotionDSP
2011-01-22 13:59:51 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2011-01-22 13:43:58 ----A---- C:\Windows\ntbtlog.txt
2011-01-22 13:40:53 ----D---- C:\ProgramData\NVIDIA
2011-01-22 13:38:33 ----SHD---- C:\Windows\Installer
2011-01-22 13:38:30 ----D---- C:\ProgramData\NVIDIA Corporation
2011-01-22 13:35:42 ----D---- C:\Users\IlegaliTy\AppData\Roaming\Mozilla
2011-01-22 13:35:41 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2011-01-22 13:35:41 ----A---- C:\Windows\system32\wintrust.dll
2011-01-22 13:35:40 ----A---- C:\Windows\SYSWOW64\cabview.dll
2011-01-22 13:35:40 ----A---- C:\Windows\system32\cabview.dll
2011-01-22 13:35:38 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-01-22 13:28:06 ----D---- C:\Users\IlegaliTy\AppData\Roaming\Identities
2011-01-22 13:27:51 ----SD---- C:\Users\IlegaliTy\AppData\Roaming\Microsoft
2011-01-22 13:27:51 ----D---- C:\Users\IlegaliTy\AppData\Roaming\Media Center Programs
2011-01-22 13:26:30 ----SHD---- C:\Recovery
2011-01-22 13:26:30 ----SHD---- C:\ProgramData\Šablony
2011-01-22 13:26:30 ----SHD---- C:\ProgramData\Plocha
2011-01-22 13:26:30 ----SHD---- C:\ProgramData\Oblíbené položky
2011-01-22 13:26:30 ----SHD---- C:\ProgramData\Nabídka Start
2011-01-22 13:26:30 ----SHD---- C:\ProgramData\Dokumenty
2011-01-22 13:26:30 ----SHD---- C:\ProgramData\Data aplikací
2011-01-22 13:17:16 ----D---- C:\Windows\SoftwareDistribution
2011-01-22 13:14:46 ----D---- C:\Windows\Prefetch
2011-01-22 13:14:26 ----ASH---- C:\hiberfil.sys
2011-01-22 13:13:31 ----D---- C:\Windows\Panther
2011-01-22 13:13:17 ----H---- C:\Boot.BAK
2011-01-22 13:08:42 ----SHD---- C:\System Volume Information
2011-01-22 13:07:46 ----D---- C:\Windows.old
2011-01-22 13:07:45 ----RASH---- C:\Boot.ini.saved
2011-01-22 13:03:38 ----ASH---- C:\pagefile.sys
2011-01-22 13:03:17 ----RASH---- C:\BOOTSECT.BAK
2011-01-22 13:03:11 ----SHD---- C:\Boot
2011-01-22 12:34:50 ----SHD---- C:\RECYCLER
2011-01-22 12:20:53 ----RASH---- C:\MSDOS.SYS
2011-01-22 12:20:53 ----RASH---- C:\IO.SYS
2011-01-22 12:20:53 ----A---- C:\CONFIG.SYS
2011-01-22 12:20:53 ----A---- C:\AUTOEXEC.BAT

======List of files/folders modified in the last 1 months======

2011-01-23 21:49:35 ----D---- C:\Windows\Temp
2011-01-23 21:46:08 ----D---- C:\Windows\system32\catroot
2011-01-23 21:46:06 ----D---- C:\Windows\system32\config
2011-01-23 21:45:54 ----RD---- C:\Program Files (x86)
2011-01-23 21:45:49 ----D---- C:\Windows\system32\DriverStore
2011-01-23 21:45:49 ----D---- C:\Windows\system32\drivers
2011-01-23 21:45:48 ----D---- C:\Windows\inf
2011-01-23 21:41:56 ----D---- C:\Windows\System32
2011-01-23 21:41:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-23 21:40:38 ----D---- C:\Windows\system32\Tasks
2011-01-23 18:42:29 ----D---- C:\Windows
2011-01-23 18:42:27 ----D---- C:\Windows\SYSWOW64\drivers
2011-01-23 18:35:27 ----RD---- C:\Program Files
2011-01-23 18:29:13 ----D---- C:\Windows\Microsoft.NET
2011-01-23 17:00:22 ----D---- C:\Windows\system32\wdi
2011-01-23 12:21:17 ----D---- C:\Windows\winsxs
2011-01-23 12:21:14 ----D---- C:\Windows\SYSWOW64\sk-SK
2011-01-23 12:21:14 ----D---- C:\Windows\system32\sk-SK
2011-01-23 12:21:05 ----D---- C:\Windows\SysWOW64
2011-01-23 11:45:02 ----D---- C:\Program Files (x86)\Common Files
2011-01-23 11:44:51 ----HD---- C:\ProgramData
2011-01-23 09:14:07 ----RSD---- C:\Windows\assembly
2011-01-22 20:50:35 ----D---- C:\Windows\Downloaded Program Files
2011-01-22 20:14:37 ----D---- C:\Windows\rescache
2011-01-22 20:13:47 ----D---- C:\Windows\system32\catroot2
2011-01-22 20:12:20 ----D---- C:\Program Files\Windows Sidebar
2011-01-22 20:12:19 ----D---- C:\Windows\servicing
2011-01-22 20:12:19 ----D---- C:\Program Files\Windows Photo Viewer
2011-01-22 20:12:19 ----D---- C:\Program Files\Windows Media Player
2011-01-22 20:12:19 ----D---- C:\Program Files\Windows Mail
2011-01-22 20:12:19 ----D---- C:\Program Files\Windows Journal
2011-01-22 20:12:19 ----D---- C:\Program Files\Windows Defender
2011-01-22 20:12:19 ----D---- C:\Program Files\Internet Explorer
2011-01-22 20:12:19 ----D---- C:\Program Files\DVD Maker
2011-01-22 20:12:19 ----D---- C:\Program Files\Common Files\System
2011-01-22 20:12:19 ----D---- C:\Program Files (x86)\Windows Sidebar
2011-01-22 20:12:19 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2011-01-22 20:12:19 ----D---- C:\Program Files (x86)\Windows Media Player
2011-01-22 20:12:19 ----D---- C:\Program Files (x86)\Windows Mail
2011-01-22 20:12:19 ----D---- C:\Program Files (x86)\Windows Defender
2011-01-22 20:12:19 ----D---- C:\Program Files (x86)\Internet Explorer
2011-01-22 20:12:18 ----D---- C:\Windows\SYSWOW64\winrm
2011-01-22 20:12:18 ----D---- C:\Windows\SYSWOW64\slmgr
2011-01-22 20:12:18 ----D---- C:\Windows\SYSWOW64\migwiz
2011-01-22 20:12:18 ----D---- C:\Windows\SYSWOW64\en
2011-01-22 20:12:18 ----D---- C:\Windows\ehome
2011-01-22 20:12:16 ----D---- C:\Windows\SYSWOW64\en-US
2011-01-22 20:12:16 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2011-01-22 20:12:14 ----D---- C:\Windows\SYSWOW64\WCN
2011-01-22 20:12:14 ----D---- C:\Windows\SYSWOW64\wbem
2011-01-22 20:12:14 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2011-01-22 20:12:14 ----D---- C:\Windows\SYSWOW64\DriverStore
2011-01-22 20:12:14 ----D---- C:\Windows\SYSWOW64\Dism
2011-01-22 20:12:14 ----D---- C:\Windows\PolicyDefinitions
2011-01-22 20:12:14 ----D---- C:\Windows\en-US
2011-01-22 20:12:13 ----D---- C:\Windows\system32\winrm
2011-01-22 20:12:13 ----D---- C:\Windows\system32\sysprep
2011-01-22 20:12:13 ----D---- C:\Windows\system32\slmgr
2011-01-22 20:12:13 ----D---- C:\Windows\system32\oobe
2011-01-22 20:12:13 ----D---- C:\Windows\system32\migwiz
2011-01-22 20:12:13 ----D---- C:\Windows\system32\en
2011-01-22 20:12:13 ----D---- C:\Windows\system32\Boot
2011-01-22 20:12:11 ----D---- C:\Windows\system32\en-US
2011-01-22 20:12:11 ----D---- C:\Windows\system32\drivers\en-US
2011-01-22 20:12:06 ----D---- C:\Windows\system32\WCN
2011-01-22 20:12:06 ----D---- C:\Windows\system32\Dism
2011-01-22 20:12:05 ----D---- C:\Windows\system32\wbem
2011-01-22 20:12:05 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2011-01-22 17:51:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2011-01-22 17:51:57 ----D---- C:\Windows\system32\cs-CZ
2011-01-22 17:13:07 ----D---- C:\Program Files\Common Files
2011-01-22 16:33:28 ----D---- C:\Windows\twain_32
2011-01-22 16:20:40 ----D---- C:\Windows\AppPatch
2011-01-22 16:20:39 ----D---- C:\Windows\SYSWOW64\migration
2011-01-22 16:20:39 ----D---- C:\Windows\system32\migration
2011-01-22 15:34:16 ----D---- C:\Windows\Logs
2011-01-22 15:28:48 ----D---- C:\Windows\system32\LogFiles
2011-01-22 14:46:40 ----D---- C:\Windows\Help
2011-01-22 14:31:48 ----D---- C:\Windows\SYSWOW64\inetsrv
2011-01-22 14:31:48 ----D---- C:\Windows\system32\inetsrv
2011-01-22 14:22:25 ----D---- C:\Windows\debug
2011-01-22 14:07:07 ----D---- C:\Windows\system32\CodeIntegrity
2011-01-22 13:37:56 ----SD---- C:\ProgramData\Microsoft
2011-01-22 13:37:54 ----D---- C:\Windows\system32\restore
2011-01-22 13:28:04 ----SHD---- C:\$Recycle.Bin
2011-01-22 13:27:51 ----RD---- C:\Users
2011-01-22 13:26:30 ----D---- C:\Windows\system32\Recovery
2011-01-22 13:26:30 ----D---- C:\Program Files\Windows NT
2011-01-22 13:16:22 ----D---- C:\Windows\system32\drivers\UMDF
2011-01-22 13:15:06 ----D---- C:\Windows\CSC
2011-01-22 13:12:59 ----D---- C:\Windows\Setup

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-01-22 834544]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 141264]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-09-03 170104]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 171152]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 50624]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 33632]
R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-04-30 30232]
R3 LVUVC64;Logitech Webcam 120(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2009-05-01 6377496]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-06-21 131688]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-08-13 73984]
S3 gmer;gmer; C:\Windows\System32\DRIVERS\gmer.sys []
S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys [2009-04-30 30232]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; I:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-11-08 810144]
R2 EPSON_EB_RPCV4_01;EPSON V5 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [2007-12-17 163840]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-04-30 190488]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 159336]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EhttpSrv;ESET HTTP Server; I:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-11-08 42360]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Prosim o kontrolu

#29 Příspěvek od motji »

:arrow: spusťte přejmenované HJT C:\Program Files\trend micro\IlegaliTy.exe , má tuto ikonku Obrázek

- Klikněte na "Do a system scan only"
- U řádku
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

- Dejte fajfku do čtverečku a zmáčkněte Fix checked
- restartujte pc


:arrow: Otevřete si Poznámkový blok a zkopírujte do něj text

Kód: Vybrat vše

Windows Registry Editor Version 5.00

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Nektra OEAPI"=-
"OEXPRESS"=-
"WEBTRAN"=-
-uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek,
klikněte na uložit, pak na soubor standardně 2X klikněte a potvrďte dialogové okno.



:arrow: Najděte a spusťte tento soubor, gmer by se měl odinstalovat
C:\Windows\gmer_uninstall.cmd
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
p2key
Návštěvník
Návštěvník
Příspěvky: 75
Registrován: 15 úno 2009 07:37

Re: Prosim o kontrolu

#30 Příspěvek od p2key »

C:\Windows\gmer_uninstall.cmd
pc vypisuje < ZADANA SLUZBA NIEJE NAINSTALOVANA
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“