prosim o kontrolu logu.

Zpráva

eko · #1 Příspěvek od **eko** » 25 led 2011 08:47

zdravim nevim proc ale asi uz mesic mi notas kdyz ho zapnu najizdi tak 20 minut pred tim jsem byl ve windousu tak do 3 minut

Logfile of random's system information tool 1.08 (written by random/random)
Run by JURA at 2011-01-25 08:42:18
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 99 GB (65%) free of 153 GB
Total RAM: 3036 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:42:33, on 25.1.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program files\P4G\BatteryLife.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\TrustPort\Antivirus\bin\avcom.exe
C:\Program Files\Common Files\TrustPort\bin\tptray.exe
C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
C:\Users\JURA\Program Files\DNA\btdna.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\JURA\Downloads\RSIT.exe
C:\Program Files\trend micro\JURA.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=wbst&s={searchTerms}&f=4
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AntivirusCommunicatorAgent] "C:\Program Files\TrustPort\Antivirus\bin\avcom.exe"
O4 - HKLM\..\Run: [TrustPortTray] "C:\Program Files\Common Files\TrustPort\Bin\tptray.exe"
O4 - HKCU\..\Run: [SRS Premium Sound] "C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" /hideme
O4 - HKCU\..\Run: [Seznam Postak] "C:\Users\JURA\AppData\Local\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\JURA\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\SideBar.exe /autoRun
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Scan link by Dr.Web - http://www.drweb.com/online/drweb-online-en.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Users\JURA\AppData\Local\Seznam.cz\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Users\JURA\AppData\Local\Seznam.cz\listicka.dll (HKCU)
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Users\JURA\AppData\Local\Seznam.cz\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Users\JURA\AppData\Local\Seznam.cz\listicka.dll (HKCU)
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AB2B1E8-3755-4CF2-B1C3-CA23498F81B2}: NameServer = 195.146.100.100,195.146.100.5
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: McAfee Application Installer Cleanup (0316791295626281) (0316791295626281mcinstcleanup) - Unknown owner - C:\Users\JURA\AppData\Local\Temp\031679~1.EXE (file missing)
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AHZ - Unknown owner - C:\Users\JURA\AppData\Local\Temp\AHZ.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: TrustPort Antivirus On-Access Scanner Agent (avas_service) - TrustPort, a.s. - C:\Program Files\TrustPort\Antivirus\bin\avas.exe
O23 - Service: TrustPort Antivirus Service Scanner Provider (avss_service) - TrustPort, a.s. - C:\Program Files\TrustPort\Antivirus\bin\avss.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: TrustPort Personal GTW (gozer) - TrustPort, a.s. - C:\Program Files\TrustPort\Antivirus\bin\gozer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: @C:\Program Files\Microsoft Security Essentials\MpAsDesc.dll,-241 (MsMpSvc) - Unknown owner - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (file missing)
O23 - Service: Rising Vista Scanner (RsVScanner) - Unknown owner - C:\Program Files\Rising\Rav\scannerd.exe (file missing)
O23 - Service: Rx2Agent - Unknown owner - C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe (file missing)
O23 - Service: Rx2Engine - Unknown owner - C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe (file missing)
O23 - Service: TrustPort Core Service (tpmgma_service) - TrustPort, a.s. - C:\Program Files\Common Files\TrustPort\bin\tpmgma.exe

--
End of file - 10460 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{C4B3BD68-4DD4-44A6-AC7E-6762731A80AF}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-03-04 8392704]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2009-02-07 1593344]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-03-06 424352]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-10-15 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-10-15 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-10-15 170520]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"AntivirusCommunicatorAgent"=C:\Program Files\TrustPort\Antivirus\bin\avcom.exe [2011-01-14 772664]
"TrustPortTray"=C:\Program Files\Common Files\TrustPort\Bin\tptray.exe [2011-01-14 703032]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SRS Premium Sound"=C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe [2009-03-20 3261688]
"Seznam Postak"=C:\Users\JURA\AppData\Local\Seznam.cz\postak.exe [2010-10-07 488728]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"BitTorrent DNA"=C:\Users\JURA\Program Files\DNA\btdna.exe [2010-12-21 323392]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-01-03 15028104]
"Sidebar"=C:\Program Files\Windows Sidebar\SideBar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-10-15 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpmgma_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-01-25 08:42:18 ----D---- C:\rsit
2011-01-25 08:42:18 ----D---- C:\Program Files\trend micro
2011-01-25 08:03:37 ----A---- C:\Users\JURA\AppData\Roaming\pcouffin.sys
2011-01-25 08:03:37 ----A---- C:\Users\JURA\AppData\Roaming\inst.exe
2011-01-22 10:39:05 ----D---- C:\Program Files\Common Files\Skype
2011-01-22 10:39:04 ----RD---- C:\Program Files\Skype
2011-01-22 10:38:55 ----D---- C:\ProgramData\Skype
2011-01-22 07:35:53 ----A---- C:\Windows\system32\drivers\tdifw.sys
2011-01-22 07:35:20 ----A---- C:\Windows\system32\drivers\avasdmft.sys
2011-01-22 07:35:19 ----D---- C:\Program Files\TrustPort
2011-01-22 07:35:19 ----A---- C:\Windows\system32\drivers\tpsec.sys
2011-01-21 17:52:03 ----D---- C:\Program Files\Common Files\TrustPort
2011-01-21 12:11:59 ----D---- C:\ProgramData\Malwarebytes
2011-01-21 11:08:02 ----D---- C:\ProgramData\F-Secure
2011-01-21 10:56:23 ----D---- C:\Program Files\CCleaner
2011-01-17 12:03:31 ----A---- C:\Windows\system32\javaws.exe
2011-01-17 12:03:31 ----A---- C:\Windows\system32\javaw.exe
2011-01-17 12:03:31 ----A---- C:\Windows\system32\java.exe
2011-01-12 07:25:38 ----A---- C:\Windows\system32\odbc32.dll
2011-01-12 07:25:33 ----A---- C:\Windows\system32\sdclt.exe
2011-01-11 08:16:59 ----D---- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2011-01-07 18:39:22 ----D---- C:\Users\JURA\AppData\Roaming\runic games
2011-01-07 18:34:27 ----D---- C:\Program Files\Runic Games
2011-01-07 18:33:56 ----D---- C:\Users\JURA\AppData\Roaming\InstallShield
2011-01-03 16:22:39 ----D---- C:\Program Files\Samsung
2010-12-31 10:21:18 ----D---- C:\ProgramData\Norton
2010-12-31 10:21:14 ----D---- C:\ProgramData\NortonInstaller
2010-12-30 16:48:56 ----D---- C:\ProgramData\ICQ

======List of files/folders modified in the last 1 months======

2011-01-25 08:42:30 ----D---- C:\Windows\temp
2011-01-25 08:42:30 ----D---- C:\Users\JURA\AppData\Roaming\BitTorrent
2011-01-25 08:42:18 ----RD---- C:\Program Files
2011-01-25 08:38:01 ----D---- C:\Users\JURA\AppData\Roaming\Skype
2011-01-25 08:36:19 ----D---- C:\Users\JURA\AppData\Roaming\DNA
2011-01-25 08:11:07 ----SHD---- C:\Windows\Installer
2011-01-25 08:11:02 ----SHD---- C:\System Volume Information
2011-01-25 08:06:34 ----D---- C:\Users\JURA\AppData\Roaming\skypePM
2011-01-25 08:04:09 ----D---- C:\Windows\System32
2011-01-25 08:04:09 ----D---- C:\Program Files\VSO
2011-01-25 08:03:37 ----D---- C:\Users\JURA\AppData\Roaming\Vso
2011-01-25 07:17:51 ----A---- C:\Windows\system32\agremove.exe
2011-01-25 07:14:51 ----A---- C:\Windows\system32\acovcnt.exe
2011-01-24 15:01:30 ----D---- C:\Windows
2011-01-24 15:00:02 ----D---- C:\ProgramData
2011-01-24 12:23:39 ----D---- C:\Windows\Prefetch
2011-01-24 10:56:39 ----D---- C:\Program Files\VS Revo Group
2011-01-24 10:54:18 ----D---- C:\Windows\system32\drivers
2011-01-23 09:09:33 ----D---- C:\Windows\system32\Tasks
2011-01-22 10:58:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-22 10:58:01 ----D---- C:\Windows\inf
2011-01-22 10:39:05 ----D---- C:\Program Files\Common Files
2011-01-21 17:52:46 ----D---- C:\Windows\system32\config
2011-01-21 17:26:25 ----D---- C:\Program Files\Common Files\Mcafee
2011-01-21 17:25:23 ----DC---- C:\Windows\system32\DRVSTORE
2011-01-21 12:21:53 ----AD---- C:\Windows\VDLL.DLL
2011-01-21 12:07:29 ----SD---- C:\Windows\Downloaded Program Files
2011-01-21 10:58:50 ----D---- C:\Users\JURA\AppData\Roaming\Media Player Classic
2011-01-21 10:58:41 ----D---- C:\Windows\Debug
2011-01-21 10:58:41 ----D---- C:\Users\JURA\AppData\Roaming\Azureus
2011-01-21 10:50:53 ----D---- C:\Windows\BDOSCAN8
2011-01-21 10:39:55 ----D---- C:\Program Files\Deep Silver
2011-01-21 06:07:37 ----D---- C:\Windows\system32\catroot2
2011-01-17 12:03:29 ----D---- C:\Program Files\Java
2011-01-15 09:37:33 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-13 08:30:51 ----A---- C:\Windows\system32\mrt.exe
2011-01-13 08:30:44 ----D---- C:\Windows\winsxs
2011-01-13 08:30:08 ----D---- C:\ProgramData\Microsoft Help
2011-01-12 07:25:12 ----D---- C:\Windows\system32\catroot
2011-01-11 08:16:56 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-01-07 18:37:41 ----RSD---- C:\Windows\assembly
2011-01-06 13:32:19 ----D---- C:\temp
2010-12-31 10:30:10 ----D---- C:\Windows\Tasks
2010-12-31 10:26:36 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-12-31 10:07:39 ----D---- C:\Program Files\Stardock
2010-12-30 16:59:43 ----D---- C:\Program Files\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-07-27 30264]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-02-11 329752]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2008-05-29 15416]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-21 691696]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 tdimapper;TrustPort TDI port to process mapper; \??\C:\Program Files\TrustPort\PersonalFirewall\bin\tdimapper.sys [2011-01-14 16952]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-09-26 279712]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2009-08-21 73232]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-09-26 25888]
R2 RMCAST;Ovladač protokolu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-11 113664]
R2 tdifw;TrustPort PGTW driver; C:\Windows\system32\drivers\tdifw.sys [2011-01-14 38456]
R2 tpsec;TrustPort Security Filter; C:\Windows\system32\drivers\tpsec.sys [2011-01-14 33632]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 avasdmft;TrustPort Antivirus On-Access Scanner (W2K/XP) MF; C:\Windows\System32\DRIVERS\avasdmft.sys [2011-01-14 35896]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-03-13 140800]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-10-15 9030144]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2009-08-05 48640]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2008-12-24 14392]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\Windows\system32\drivers\srs_PremiumSound_i386.sys [2009-01-14 230952]
R3 TPPFHOOK;TPPFHOOK; \??\C:\Program Files\TrustPort\PersonalFirewall\bin\TPPFHOOK.sys [2011-01-14 27192]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-03-20 984064]
S3 41bF45E;41bF45E; \??\C:\Users\JURA\AppData\Local\Temp\41bF45E.sys []
S3 ax8b4i98;ax8b4i98; C:\Windows\system32\drivers\ax8b4i98.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-04-17 23040]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-17 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-17 30208]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-10-07 45736]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-10-07 86056]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-10-07 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-10-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-10-07 18472]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 dsio;TrustPort Raw IO Driver; \??\C:\Program Files\Common Files\TrustPort\bin\dsio.sys [2011-01-14 14904]
S3 esihdrv;esihdrv; \??\C:\Users\JURA\AppData\Local\Temp\esihdrv.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-04-17 149504]
S3 rkhdrv40;Rootkit Unhooker Driver; C:\Windows\system32\drivers\rkhdrv40.sys [2009-11-13 24448]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 131000]
S3 winusb;Služba WinUSB; C:\Windows\system32\DRIVERS\WinUSB.SYS [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2008-08-14 100920]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-15 628000]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 lxbk_device;lxbk_device; C:\Windows\system32\lxbkcoms.exe [2008-02-19 537256]
R2 tpmgma_service;TrustPort Core Service; C:\Program Files\Common Files\TrustPort\bin\tpmgma.exe [2011-01-14 402288]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 avas_service;TrustPort Antivirus On-Access Scanner Agent; C:\Program Files\TrustPort\Antivirus\bin\avas.exe [2011-01-14 494136]
R3 avss_service;TrustPort Antivirus Service Scanner Provider; C:\Program Files\TrustPort\Antivirus\bin\avss.exe [2011-01-14 289336]
R3 gozer;TrustPort Personal GTW; C:\Program Files\TrustPort\Antivirus\bin\gozer.exe [2011-01-14 485944]
S2 0316791295626281mcinstcleanup;McAfee Application Installer Cleanup (0316791295626281); C:\Users\JURA\AppData\Local\Temp\031679~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MsMpSvc;@C:\Program Files\Microsoft Security Essentials\MpAsDesc.dll,-241; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe []
S2 RsVScanner;Rising Vista Scanner; C:\Program Files\Rising\Rav\scannerd.exe []
S2 Rx2Agent;Rx2Agent; C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe []
S3 AHZ;AHZ; C:\Users\JURA\AppData\Local\Temp\AHZ.exe []
S3 AllShare;SAMSUNG AllShare Service; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-04-23 9241088]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-27 156656]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Rx2Engine;Rx2Engine; C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe []
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

#2 Příspěvek od **stell** » 25 led 2011 09:32

Zdravim

Stiahnes na plochu TFC
zatvor vsetko co mas otvorene a pravy klik spust ako admin -po skane restart.

PROSIM CITAJTE POZORNE NAVOD!!!,

Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.

eko · #3 Příspěvek od **eko** » 25 led 2011 10:34

ComboFix 11-01-24.02 - JURA 25.01.2011 10:01:07.3.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3036.1837 [GMT 1:00]
Spuštěný z: c:\users\JURA\Desktop\ComboFix.exe
AV: TrustPort Antivirus *Disabled/Updated* {C3AD9610-D79C-79A3-8C7B-CAB50B3AA5DC}
FW: TrustPort Personal Firewall *Enabled* {FB961735-9DF3-78FB-A724-6380F5E9E2A7}
SP: TrustPort Antivirus *Disabled/Updated* {78CC77F4-F1A6-762D-B6CB-F1C770BDEF61}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\JURA\AppData\Roaming\inst.exe
c:\windows\system32\system

Nakažená kopie c:\windows\System32\autochk.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-25 do 2011-01-25 )))))))))))))))))))))))))))))))
.

2011-01-25 09:08 . 2011-01-25 09:21 -------- d-----w- c:\users\JURA\AppData\Local\temp
2011-01-25 09:08 . 2011-01-25 09:08 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-01-25 09:08 . 2011-01-25 09:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-25 08:29 . 2011-01-20 09:39 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34CF78D6-D6F5-4F63-9D66-D0A977126FCA}\mpengine.dll
2011-01-25 07:42 . 2011-01-25 07:42 -------- d-----w- C:\rsit
2011-01-25 07:42 . 2011-01-25 07:42 -------- d-----w- c:\program files\trend micro
2011-01-25 07:03 . 2011-01-25 07:03 47360 ----a-w- c:\users\JURA\AppData\Roaming\pcouffin.sys
2011-01-22 09:39 . 2011-01-22 09:39 -------- d-----w- c:\program files\Common Files\Skype
2011-01-22 09:39 . 2011-01-22 09:39 -------- d-----r- c:\program files\Skype
2011-01-22 09:38 . 2011-01-22 09:39 -------- d-----w- c:\programdata\Skype
2011-01-22 06:35 . 2011-01-14 07:11 38456 ----a-w- c:\windows\system32\drivers\tdifw.sys
2011-01-22 06:35 . 2011-01-14 07:11 35896 ----a-w- c:\windows\system32\drivers\avasdmft.sys
2011-01-22 06:35 . 2011-01-23 08:08 -------- d-----w- c:\program files\TrustPort
2011-01-22 06:35 . 2011-01-14 07:13 33632 ----a-w- c:\windows\system32\drivers\tpsec.sys
2011-01-21 16:52 . 2011-01-22 06:35 -------- d-----w- c:\program files\Common Files\TrustPort
2011-01-21 11:11 . 2011-01-21 11:11 -------- d-----w- c:\programdata\Malwarebytes
2011-01-21 10:08 . 2011-01-21 10:08 -------- d-----w- c:\programdata\F-Secure
2011-01-21 09:56 . 2011-01-21 09:56 -------- d-----w- c:\program files\CCleaner
2011-01-12 06:25 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 06:25 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 06:25 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 06:25 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 06:25 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2011-01-12 06:25 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 06:25 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-01-07 17:39 . 2011-01-07 17:39 -------- d-----w- c:\users\JURA\AppData\Roaming\runic games
2011-01-07 17:34 . 2011-01-07 17:34 -------- d-----w- c:\program files\Runic Games
2011-01-07 17:33 . 2011-01-07 17:33 -------- d-----w- c:\users\JURA\AppData\Roaming\InstallShield
2011-01-03 15:22 . 2011-01-03 15:22 -------- d-----w- c:\program files\Samsung
2010-12-31 20:23 . 2010-12-31 20:23 1 ----a-w- c:\windows\system32\SI.bin
2010-12-31 09:21 . 2010-12-31 09:30 -------- d-----w- c:\programdata\Norton
2010-12-30 15:48 . 2010-12-30 15:49 -------- d-----w- c:\programdata\ICQ
2010-12-30 15:48 . 2010-12-30 15:48 -------- d-----w- c:\users\JURA\AppData\Local\AOL

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-25 09:20 . 2010-02-27 11:48 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-01-25 08:55 . 2010-08-10 14:40 44544 ----a-w- c:\windows\system32\agremove.exe
2010-11-12 17:53 . 2010-10-14 08:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-04 18:56 . 2010-12-16 06:29 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55 . 2010-12-16 06:29 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55 . 2010-12-16 06:29 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55 . 2010-12-16 06:29 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34 . 2010-12-16 06:29 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01 . 2010-12-16 06:29 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57 . 2010-12-16 06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57 . 2010-12-16 06:29 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57 . 2010-12-16 06:29 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57 . 2010-12-16 06:29 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01 . 2010-12-16 06:29 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26 . 2010-12-16 06:29 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24 . 2010-12-16 06:29 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:44 . 2010-12-16 06:29 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:27 . 2010-12-16 06:29 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 13:20 . 2010-12-16 06:29 2048 ----a-w- c:\windows\system32\tzres.dll
2008-12-23 20:36 . 2008-12-23 20:36 106496 ----a-w- c:\program files\Common Files\CPInstallAction.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 14:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-03-20 3261688]
"Seznam Postak"="c:\users\JURA\AppData\Local\Seznam.cz\postak.exe" [2010-10-07 488728]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"BitTorrent DNA"="c:\users\JURA\Program Files\DNA\btdna.exe" [2010-12-21 323392]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
"Sidebar"="c:\program files\Windows Sidebar\SideBar.exe" [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-03-04 8392704]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-03-06 424352]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-15 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-15 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-15 170520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"AntivirusCommunicatorAgent"="c:\program files\TrustPort\Antivirus\bin\avcom.exe" [2011-01-14 772664]
"TrustPortTray"="c:\program files\Common Files\TrustPort\Bin\tptray.exe" [2011-01-14 703032]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ehTray.exe"=c:\windows\ehome\ehTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"ASUS Camera ScreenSaver"=c:\windows\AsScrProlog.exe
"ATKMEDIA"=c:\program files\ASUS\ATK Media\DMedia.exe
"IgfxTray"=c:\windows\system32\igfxtray.exe
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe"
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\program files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

R2 0316791295626281mcinstcleanup;McAfee Application Installer Cleanup (0316791295626281);c:\users\JURA\AppData\Local\Temp\031679~1.EXE [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 41bF45E;41bF45E;c:\users\JURA\AppData\Local\Temp\41bF45E.sys [x]
R3 AHZ;AHZ;c:\users\JURA\AppData\Local\Temp\AHZ.exe [x]
R3 AllShare;SAMSUNG AllShare Service;c:\program files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-04-23 9241088]
R3 avas_service;TrustPort Antivirus On-Access Scanner Agent;c:\program files\TrustPort\Antivirus\bin\avas.exe [2011-01-14 494136]
R3 avasdmft;TrustPort Antivirus On-Access Scanner (W2K/XP) MF;c:\windows\system32\DRIVERS\avasdmft.sys [2011-01-14 35896]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-10-07 45736]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-10-07 29472]
R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
R3 dsio;TrustPort Raw IO Driver;c:\program files\Common Files\TrustPort\bin\dsio.sys [2011-01-14 14904]
R3 esihdrv;esihdrv;c:\users\JURA\AppData\Local\Temp\esihdrv.sys [x]
R3 gozer;TrustPort Personal GTW;c:\program files\TrustPort\Antivirus\bin\gozer.exe [2011-01-14 485944]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2008-05-29 15416]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
S3 avss_service;TrustPort Antivirus Service Scanner Provider;c:\program files\TrustPort\Antivirus\bin\avss.exe [2011-01-14 289336]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-03-13 140800]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
ipripsvc REG_MULTI_SZ iprip

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2011-01-25 c:\windows\Tasks\User_Feed_Synchronization-{C4B3BD68-4DD4-44A6-AC7E-6762731A80AF}.job
- c:\windows\system32\msfeedssync.exe [2010-12-16 04:25]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Scan link by Dr.Web - http://www.drweb.com/online/drweb-online-en.html
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: {2AB2B1E8-3755-4CF2-B1C3-CA23498F81B2} = 195.146.100.100,195.146.100.5
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
Toolbar-{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
WebBrowser-{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-25 10:21
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

C:\ADSM_PData_0150

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1737227816-726752648-1595867434-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:73,8d,91,49,d4,51,27,6f,51,07,ea,e0,ab,42,10,db,5c,df,76,7e,85,c2,bb,
64,1c,a3,f3,3c,60,f2,d8,85,27,7d,18,8c,98,87,69,8e,87,14,bf,c6,21,6c,67,f7,\
"??"=hex:5a,19,37,3d,bd,77,c7,c8,a2,70,27,10,d8,e7,b6,c1

[HKEY_USERS\S-1-5-21-1737227816-726752648-1595867434-1000\Software\SecuROM\License information*]
"datasecu"=hex:2a,5f,34,cb,ad,a2,32,50,aa,fb,a9,31,c0,bc,96,74,70,d9,17,cb,0c,
86,9a,97,cb,4f,02,7b,0b,42,0f,21,83,15,aa,66,4e,dd,31,78,f7,1f,60,53,72,71,\
"rkeysecu"=hex:1e,4a,ca,32,6e,cd,25,ae,90,e5,aa,00,3e,31,05,6e

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(2960)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\AUDIODG.EXE
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\windows\system32\WLANExt.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\TrustPort\bin\tpmgma.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\windows\system32\conime.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\TrustPort\bin\tpupdate.exe
.
**************************************************************************
.
Celkový čas: 2011-01-25 10:23:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-25 09:23

Před spuštěním: Volných bajtů: 103 517 839 360
Po spuštění: Volných bajtů: 103 474 696 192

- - End Of File - - 7D5999026AA944C3C40ACA7FA15627CB

tak jsem vse udelal podle navodu antivir nic nehlasil a stejne tam asi neco je

eko · #4 Příspěvek od **eko** » 25 led 2011 10:45

jo jeste mi pritom combofixu vyskakovalo dole v pravo naliste zluty trouhelnik s upozornenim na poskozeni PEV.cfxxe tak nevim

#5 Příspěvek od **stell** » 25 led 2011 11:08

No,PEV.cfxxe-patri combofixu,uvidime ci bude robit problem.
Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"=-
"SunJavaUpdateSched"=-
Rootkit::
c:\users\JURA\AppData\Local\Temp\031679~1.EXE
c:\users\JURA\AppData\Local\Temp\41bF45E.sys
c:\users\JURA\AppData\Local\Temp\AHZ.exe
c:\users\JURA\AppData\Local\Temp\esihdrv.sys
Driver::
0316791295626281mcinstcleanup
41bF45E
AHZ
esihdrv
Folder::
c:\program files\Ask.com
RegLock:: 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí

eko · #6 Příspěvek od **eko** » 25 led 2011 11:46

ComboFix 11-01-24.02 - JURA 25.01.2011 11:28:04.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3036.1962 [GMT 1:00]
Spuštěný z: c:\users\JURA\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\JURA\Desktop\CFScript.txt
AV: TrustPort Antivirus *Disabled/Updated* {C3AD9610-D79C-79A3-8C7B-CAB50B3AA5DC}
FW: TrustPort Personal Firewall *Enabled* {FB961735-9DF3-78FB-A724-6380F5E9E2A7}
SP: TrustPort Antivirus *Disabled/Updated* {78CC77F4-F1A6-762D-B6CB-F1C770BDEF61}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe

Nakažená kopie c:\windows\System32\autochk.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ESIHDRV
-------\Service_0316791295626281mcinstcleanup
-------\Service_AHZ
-------\Service_esihdrv
-------\Legacy_41bF45E
-------\Service_41bF45E

((((((((((((((((((((((((( Soubory vytvořené od 2010-12-25 do 2011-01-25 )))))))))))))))))))))))))))))))
.

2011-01-25 10:37 . 2011-01-25 10:37 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2011-01-25 10:36 . 2011-01-25 10:36 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2011-01-25 10:34 . 2011-01-25 10:34 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-01-25 10:34 . 2011-01-25 10:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-25 09:23 . 2011-01-25 10:39 -------- d-----w- c:\users\JURA\AppData\Local\temp
2011-01-25 08:29 . 2011-01-20 09:39 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34CF78D6-D6F5-4F63-9D66-D0A977126FCA}\mpengine.dll
2011-01-25 07:42 . 2011-01-25 07:42 -------- d-----w- c:\program files\trend micro
2011-01-25 07:03 . 2011-01-25 07:03 47360 ----a-w- c:\users\JURA\AppData\Roaming\pcouffin.sys
2011-01-22 09:39 . 2011-01-22 09:39 -------- d-----w- c:\program files\Common Files\Skype
2011-01-22 09:39 . 2011-01-22 09:39 -------- d-----r- c:\program files\Skype
2011-01-22 09:38 . 2011-01-22 09:39 -------- d-----w- c:\programdata\Skype
2011-01-22 06:35 . 2011-01-14 07:11 38456 ----a-w- c:\windows\system32\drivers\tdifw.sys
2011-01-22 06:35 . 2011-01-14 07:11 35896 ----a-w- c:\windows\system32\drivers\avasdmft.sys
2011-01-22 06:35 . 2011-01-23 08:08 -------- d-----w- c:\program files\TrustPort
2011-01-22 06:35 . 2011-01-14 07:13 33632 ----a-w- c:\windows\system32\drivers\tpsec.sys
2011-01-21 16:52 . 2011-01-22 06:35 -------- d-----w- c:\program files\Common Files\TrustPort
2011-01-21 11:11 . 2011-01-21 11:11 -------- d-----w- c:\programdata\Malwarebytes
2011-01-21 10:08 . 2011-01-21 10:08 -------- d-----w- c:\programdata\F-Secure
2011-01-21 09:56 . 2011-01-21 09:56 -------- d-----w- c:\program files\CCleaner
2011-01-12 06:25 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 06:25 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 06:25 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 06:25 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 06:25 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2011-01-12 06:25 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 06:25 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-01-07 17:39 . 2011-01-07 17:39 -------- d-----w- c:\users\JURA\AppData\Roaming\runic games
2011-01-07 17:34 . 2011-01-07 17:34 -------- d-----w- c:\program files\Runic Games
2011-01-07 17:33 . 2011-01-07 17:33 -------- d-----w- c:\users\JURA\AppData\Roaming\InstallShield
2011-01-03 15:22 . 2011-01-03 15:22 -------- d-----w- c:\program files\Samsung
2010-12-31 20:23 . 2010-12-31 20:23 1 ----a-w- c:\windows\system32\SI.bin
2010-12-31 09:21 . 2010-12-31 09:30 -------- d-----w- c:\programdata\Norton
2010-12-30 15:48 . 2010-12-30 15:49 -------- d-----w- c:\programdata\ICQ
2010-12-30 15:48 . 2010-12-30 15:48 -------- d-----w- c:\users\JURA\AppData\Local\AOL

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-25 10:37 . 2010-02-27 11:48 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-01-25 10:17 . 2010-08-10 14:40 44544 ----a-w- c:\windows\system32\agremove.exe
2010-11-12 17:53 . 2010-10-14 08:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-04 18:56 . 2010-12-16 06:29 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55 . 2010-12-16 06:29 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55 . 2010-12-16 06:29 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55 . 2010-12-16 06:29 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34 . 2010-12-16 06:29 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01 . 2010-12-16 06:29 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57 . 2010-12-16 06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57 . 2010-12-16 06:29 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57 . 2010-12-16 06:29 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57 . 2010-12-16 06:29 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01 . 2010-12-16 06:29 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26 . 2010-12-16 06:29 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24 . 2010-12-16 06:29 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:44 . 2010-12-16 06:29 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:27 . 2010-12-16 06:29 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 13:20 . 2010-12-16 06:29 2048 ----a-w- c:\windows\system32\tzres.dll
2008-12-23 20:36 . 2008-12-23 20:36 106496 ----a-w- c:\program files\Common Files\CPInstallAction.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-03-20 3261688]
"Seznam Postak"="c:\users\JURA\AppData\Local\Seznam.cz\postak.exe" [2010-10-07 488728]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"BitTorrent DNA"="c:\users\JURA\Program Files\DNA\btdna.exe" [2010-12-21 323392]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-03-04 8392704]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-03-06 424352]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-15 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-15 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-15 170520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"AntivirusCommunicatorAgent"="c:\program files\TrustPort\Antivirus\bin\avcom.exe" [2011-01-14 772664]
"TrustPortTray"="c:\program files\Common Files\TrustPort\Bin\tptray.exe" [2011-01-14 703032]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ehTray.exe"=c:\windows\ehome\ehTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ASUS Camera ScreenSaver"=c:\windows\AsScrProlog.exe
"ATKMEDIA"=c:\program files\ASUS\ATK Media\DMedia.exe
"IgfxTray"=c:\windows\system32\igfxtray.exe
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe"
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\program files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AllShare;SAMSUNG AllShare Service;c:\program files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-04-23 9241088]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-10-07 45736]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-10-07 29472]
R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
R3 dsio;TrustPort Raw IO Driver;c:\program files\Common Files\TrustPort\bin\dsio.sys [2011-01-14 14904]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2008-05-29 15416]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
S3 avas_service;TrustPort Antivirus On-Access Scanner Agent;c:\program files\TrustPort\Antivirus\bin\avas.exe [2011-01-14 494136]
S3 avasdmft;TrustPort Antivirus On-Access Scanner (W2K/XP) MF;c:\windows\system32\DRIVERS\avasdmft.sys [2011-01-14 35896]
S3 avss_service;TrustPort Antivirus Service Scanner Provider;c:\program files\TrustPort\Antivirus\bin\avss.exe [2011-01-14 289336]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-03-13 140800]
S3 gozer;TrustPort Personal GTW;c:\program files\TrustPort\Antivirus\bin\gozer.exe [2011-01-14 485944]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
ipripsvc REG_MULTI_SZ iprip

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2011-01-25 c:\windows\Tasks\User_Feed_Synchronization-{C4B3BD68-4DD4-44A6-AC7E-6762731A80AF}.job
- c:\windows\system32\msfeedssync.exe [2010-12-16 04:25]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Scan link by Dr.Web - http://www.drweb.com/online/drweb-online-en.html
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: {2AB2B1E8-3755-4CF2-B1C3-CA23498F81B2} = 195.146.100.100,195.146.100.5
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-25 11:39
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1737227816-726752648-1595867434-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:73,8d,91,49,d4,51,27,6f,51,07,ea,e0,ab,42,10,db,5c,df,76,7e,85,c2,bb,
64,1c,a3,f3,3c,60,f2,d8,85,27,7d,18,8c,98,87,69,8e,87,14,bf,c6,21,6c,67,f7,\
"??"=hex:5a,19,37,3d,bd,77,c7,c8,a2,70,27,10,d8,e7,b6,c1

[HKEY_USERS\S-1-5-21-1737227816-726752648-1595867434-1000\Software\SecuROM\License information*]
"datasecu"=hex:2a,5f,34,cb,ad,a2,32,50,aa,fb,a9,31,c0,bc,96,74,70,d9,17,cb,0c,
86,9a,97,cb,4f,02,7b,0b,42,0f,21,83,15,aa,66,4e,dd,31,78,f7,1f,60,53,72,71,\
"rkeysecu"=hex:1e,4a,ca,32,6e,cd,25,ae,90,e5,aa,00,3e,31,05,6e
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(3504)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\AUDIODG.EXE
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\windows\system32\WLANExt.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\System32\rpcnetp.exe
c:\program files\Common Files\TrustPort\bin\tpmgma.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\windows\system32\conime.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2011-01-25 11:45:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-25 10:44

Před spuštěním: Volných bajtů: 103 498 158 080
Po spuštění: Volných bajtů: 103 322 308 608

- - End Of File - - 8BC0C375B2E4127B99A99E2B42223096

tu je ten log furt se to chova divne

#7 Příspěvek od **stell** » 25 led 2011 11:50

Otestuj na www.virustotal.com
c:\windows\System32\autochk.exe
Reanalyse a link vloz sem.

eko · #8 Příspěvek od **eko** » 25 led 2011 11:56

Antivirus results[/i]
AhnLab-V3 - 2011.01.18.00 - 2011.01.17 - -
AntiVir - 7.11.1.239 - 2011.01.25 - -
Antiy-AVL - 2.0.3.7 - 2011.01.25 - -
Avast - 4.8.1351.0 - 2011.01.25 - -
Avast5 - 5.0.677.0 - 2011.01.25 - -
AVG - 10.0.0.1190 - 2011.01.25 - -
BitDefender - 7.2 - 2011.01.25 - -
CAT-QuickHeal - 11.00 - 2011.01.25 - -
ClamAV - 0.96.4.0 - 2011.01.25 - -
Commtouch - 5.2.11.5 - 2011.01.25 - -
Comodo - 7493 - 2011.01.25 - -
DrWeb - 5.0.2.03300 - 2011.01.25 - -
Emsisoft - 5.1.0.1 - 2011.01.25 - -
eSafe - 7.0.17.0 - 2011.01.24 - -
eTrust-Vet - 36.1.8117 - 2011.01.24 - -
F-Prot - 4.6.2.117 - 2011.01.24 - -
F-Secure - 9.0.16160.0 - 2011.01.25 - -
Fortinet - 4.2.254.0 - 2011.01.24 - -
GData - 21 - 2011.01.25 - -
Ikarus - T3.1.1.97.0 - 2011.01.25 - -
Jiangmin - 13.0.900 - 2011.01.24 - -
K7AntiVirus - 9.78.3635 - 2011.01.24 - -
Kaspersky - 7.0.0.125 - 2011.01.25 - -
McAfee - 5.400.0.1158 - 2011.01.25 - -
McAfee-GW-Edition - 2010.1C - 2011.01.25 - -
Microsoft - 1.6502 - 2011.01.25 - -
NOD32 - 5815 - 2011.01.25 - -
Norman - 6.06.12 - 2011.01.25 - -
nProtect - 2011-01-18.01 - 2011.01.18 - -
Panda - 10.0.2.7 - 2011.01.24 - -
PCTools - 7.0.3.5 - 2011.01.25 - -
Prevx - 3.0 - 2011.01.25 - -
Rising - 23.42.00.06 - 2011.01.24 - -
Sophos - 4.61.0 - 2011.01.25 - -
SUPERAntiSpyware - 4.40.0.1006 - 2011.01.25 - -
Symantec - 20101.3.0.103 - 2011.01.25 - -
TheHacker - 6.7.0.1.119 - 2011.01.24 - -
TrendMicro - 9.120.0.1004 - 2011.01.25 - -
TrendMicro-HouseCall - 9.120.0.1004 - 2011.01.25 - -
VBA32 - 3.12.14.3 - 2011.01.24 - -
VIPRE - 8189 - 2011.01.25 - -
ViRobot - 2011.1.25.4274 - 2011.01.25 - -
VirusBuster - 13.6.162.0 - 2011.01.24 - -
File info:
MD5: 303af2ea4fd7a8b2ecfdbed0010557e6
SHA1: ff35b59cfd896c756d8d795635ad59b545b2056c
SHA256: 72a547d4bc60b1164b1837bdf404a60bb31dbfdde6b784c66e05b5b43dd53641
File size: 642560 bytes
Scan date: 2011-01-25 10:52:33 (UTC)

#9 Příspěvek od **stell** » 25 led 2011 11:58

Ok,
0:vypnut,system volume information/restore (Obnova systému):po restarte ,zapnut.
http://www.viry.cz/forum/viewtopic.php?f=11&t=47040
1:premenuj ikonu combofixu na uninstall
spust>.combofix sa odinstaluje.
2:CCleaner stiahneme nainštalujeme.
a)Download from Piriform.com CCleaner
Download from FileHippo.com CCleaner
b)Všetky spustené programy,prehliadač zatvoríme.
c)Spustíme CCleaner,nastavenie necháme tak ako je.Stlačte gombík Analyzovať a po analýze stlačte Gombík Spustiť Cleaner.
d)Kliknite na záložku Aplikácie a stlačte gombík Analyzovať a po analýze stlačte Gombík Spustiť Cleaner.
e)Kliknite na Register,stlačte Hľadaj problémy, po dokončení skenování kliknite na Opraviť vybrané problémy, zvoľte ANO pre vytvorenie zálohy, uložte súbor a kliknite na Opraviť všetky problémy.

3:Odskusaj a napis ako sa chova pc.

eko · #10 Příspěvek od **eko** » 25 led 2011 12:29

tak jsem to udelal vse podle navodu notebook kdyz najede se chova celkem dobre ale furt se to dlouho najizdi uz si tu pripadam jak u486

#11 Příspěvek od **stell** » 25 led 2011 12:41

Stiahnes>>OTMoveIt3 by OldTimer >.podla navodu vloz text a klik-Moveit>>log po restarte vloz sem

Kód: Vybrat vše

:processes
explorer.exe

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
ipconfig /flushdns /c 
:Commands 
[purity] 
[resethosts] 
[CreateRestorePoint] 
[emptytemp] 
[start explorer]
[Reboot]

log vloz sem.

do prikazoveho riadku zadaj prikaz chkdsk /f/r [enter]
suhlasis>>restart a nechaj aby chkdsk skontroloval hd.

Sprav defrag-pouzi program defraggler:
http://www.piriform.com/defraggler

a potom uvidime,napis.

eko · #12 Příspěvek od **eko** » 25 led 2011 12:48

ok jdu na to dekuji ze se mi venujes

eko · #13 Příspěvek od **eko** » 25 led 2011 13:16

All processes killed
Error: Unable to interpret <[emptytemp] > in the current context!
Error: Unable to interpret <[start explorer]> in the current context!
Error: Unable to interpret <[Reboot]> in the current context!

OTM by OldTimer - Version 3.1.17.2 log created on 01252011_130941

#14 Příspěvek od **stell** » 25 led 2011 13:18

:Commands
Nespravne si skopiroval script,vsimni si pred Commands je dvoj bodka,skus to este raz.

eko · #15 Příspěvek od **eko** » 25 led 2011 14:02

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Temp\RAC389.tmp moved successfully.
C:\WINDOWS\temp\Cab8120.tmp moved successfully.
C:\WINDOWS\temp\Tar8131.tmp moved successfully.
< ipconfig /flushdns /c >
Konfigurace protokolu IP syst‚mu Windows
MezipamŘś pýekl d nˇ DNS byla ŁspŘçnŘ vypr zdnŘna.
C:\Users\JURA\Desktop\cmd.bat deleted successfully.
C:\Users\JURA\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTM Restore Point

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User

User: JURA
->Temp folder emptied: 578106 bytes
->Temporary Internet Files folder emptied: 7656491 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 289184 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 8,00 mb

OTM by OldTimer - Version 3.1.17.2 log created on 01252011_134953

Files moved on Reboot...

Registry entries deleted on Reboot...

VIRY.CZ

prosim o kontrolu logu.

prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.