Dobrý deň.
MSE mi našiel v 1 súbore variantu Conficker.C, ESET to označuje ako variant Conficker.AA. Počítač je pomalší, najväčšie problémy mám s prehrávaním videa na internete (napr. YouTube). Problémy s navštevovaním AV stránok nemám, takisto všetky bezpečnostné programy fungujú.
Logfile of random's system information tool 1.08 (written by random/random)
Run by miro at 2011-02-04 13:39:39
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 19 GB (38%) free of 50 GB
Total RAM: 2559 MB (74% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:39:57, on 4.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\miro\Desktop\RSIT.exe
C:\Program Files\trend micro\miro.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se6886.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3814792562
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 3863366156
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CA76E0E-8769-472E-AEF2-2623480B51BB}: NameServer = 172.22.13.254,217.119.117.170
O17 - HKLM\System\CS1\Services\Tcpip\..\{0CA76E0E-8769-472E-AEF2-2623480B51BB}: NameServer = 172.22.13.254,217.119.117.170
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)
--
End of file - 7131 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1010.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1017.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1018.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1019.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1004.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1010.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1017.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1018.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1019.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-12-26 382720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-08-02 13570048]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2008-05-14 29831168]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-08-02 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^miro^Start Menu^Programs^Startup^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=36
"NoDriveAutoRun"=0xFFFFFFFF
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.4\ICQ.exe"="C:\Program Files\ICQ7.4\ICQ.exe:*:Enabled:ICQ7.4"
======List of files/folders created in the last 1 months======
2011-02-01 15:44:41 ----D---- C:\Program Files\ICQ7.4
2011-01-31 16:12:04 ----D---- C:\Program Files\Microsoft Security Client
2011-01-31 15:56:23 ----D---- C:\Program Files\Mozilla Thunderbird
2011-01-31 14:27:17 ----D---- C:\Documents and Settings\miro\Application Data\ESET
2011-01-31 14:14:25 ----D---- C:\Documents and Settings\miro\Application Data\Thunderbird
2011-01-25 18:24:26 ----D---- C:\Turbo Pascal 7.0
2011-01-19 20:15:11 ----D---- C:\Documents and Settings\miro\Application Data\GetRightToGo
2011-01-12 16:25:12 ----D---- C:\rsit
2011-01-12 00:36:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
======List of files/folders modified in the last 1 months======
2011-02-04 13:39:48 ----D---- C:\WINDOWS\Prefetch
2011-02-04 13:39:47 ----D---- C:\Program Files\trend micro
2011-02-04 13:32:24 ----D---- C:\WINDOWS\system32
2011-02-04 13:32:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-02-04 13:29:23 ----D---- C:\WINDOWS\Temp
2011-02-04 13:28:30 ----SD---- C:\WINDOWS\Tasks
2011-02-04 13:28:17 ----D---- C:\WINDOWS\system32\CatRoot2
2011-02-04 12:51:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-02-04 05:55:12 ----D---- C:\Program Files\Eset
2011-02-03 21:47:06 ----D---- C:\Documents and Settings\miro\Application Data\Skype
2011-02-03 19:12:20 ----D---- C:\Program Files\PowerArchiver
2011-02-03 18:59:40 ----D---- C:\Documents and Settings\miro\Application Data\ICQ
2011-02-03 18:59:21 ----D---- C:\Documents and Settings\miro\Application Data\skypePM
2011-02-01 15:45:09 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-01 15:44:41 ----RD---- C:\Program Files
2011-01-31 16:19:23 ----SHD---- C:\WINDOWS\Installer
2011-01-31 16:19:23 ----HD---- C:\Config.Msi
2011-01-31 16:12:15 ----D---- C:\WINDOWS\system32\drivers
2011-01-31 16:09:26 ----D---- C:\WINDOWS
2011-01-31 16:07:56 ----HD---- C:\WINDOWS\inf
2011-01-31 15:56:49 ----D---- C:\Documents and Settings\miro\Application Data\Mozilla
2011-01-31 15:56:46 ----D---- C:\Program Files\Mozilla Firefox
2011-01-31 15:38:52 ----D---- C:\Documents and Settings\miro\Application Data\Winamp
2011-01-31 14:20:17 ----SHD---- C:\System Volume Information
2011-01-31 14:20:17 ----D---- C:\WINDOWS\system32\Restore
2011-01-31 13:53:06 ----D---- C:\Program Files\CCleaner
2011-01-27 20:38:10 ----D---- C:\Program Files\Windows Live Safety Center
2011-01-27 20:37:27 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-01-27 18:54:30 ----D---- C:\WINDOWS\java
2011-01-26 18:39:47 ----D---- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2011-01-25 16:34:11 ----SHD---- C:\RECYCLER
2011-01-25 16:34:11 ----D---- C:\Documents and Settings
2011-01-24 20:14:29 ----D---- C:\WINDOWS\system32\drivers\etc
2011-01-21 19:59:36 ----D---- C:\Program Files\QuickTime
2011-01-21 17:12:21 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-01-21 17:12:20 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2011-01-20 19:34:08 ----D---- C:\Documents and Settings\miro\Application Data\vlc
2011-01-19 00:02:04 ----D---- C:\Documents and Settings\miro\Application Data\Apple Computer
2011-01-18 07:09:09 ----A---- C:\WINDOWS\wincmd.ini
2011-01-12 17:04:33 ----D---- C:\WINDOWS\pss
2011-01-12 00:50:37 ----D---- C:\WINDOWS\Debug
2011-01-12 00:36:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-12 00:35:19 ----A---- C:\WINDOWS\system32\MRT.exe
2011-01-12 00:35:13 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-01-12 00:34:09 ----HD---- C:\WINDOWS\$hf_mig$
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\System32\Drivers\vbtenum.sys [2007-03-05 20880]
R0 BTHidMgr;Bluetooth HID Manager Service; C:\WINDOWS\System32\Drivers\BTHidMgr.sys [2007-03-05 35600]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-05-20 691696]
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-02 36864]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsl3ee7d62e;MpKsl3ee7d62e; \??\C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{97414194-A1E5-4DFD-80AE-5EC0FD383391}\MpKsl3ee7d62e.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-07-17 16877]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-23 36496]
R3 CAM1690;ANTIK PC Camera; C:\WINDOWS\System32\Drivers\cam1690.sys [2007-10-31 180864]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 monfilt;monfilt; C:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-02 6121856]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-01-29 54016]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2008-01-11 31392]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-01-29 22016]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2007-10-12 13312]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2008-05-08 238080]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-05-23 16272]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-12 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-12 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-12 21568]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WimFltr;WimFltr; C:\WINDOWS\system32\DRIVERS\wimfltr.sys [2008-01-18 131000]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-29 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2008-01-29 598016]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2008-01-29 163840]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-08-02 163908]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2006-03-04 69632]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-30 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-30 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe []
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-15 136176]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-30 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Conficker
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
graupel
- Návštěvník
- Příspěvky: 133
- Registrován: 13 bře 2010 15:44
- Bydliště: Košické Oľšany, Slovensko
Conficker
- Přílohy
-
- conficker.JPG
- (178.41 KiB) Staženo 195 x
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Conficker
zdravim
sprav vsetko co som tu napisal v mojom .
blogu.
Spust program
http://download.viry.cz/removers/FixDownadup.exe
PROSIM CITAJTE POZORNE NAVOD!!!,
Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.
sprav vsetko co som tu napisal v mojom .blogu.
Spust programhttp://download.viry.cz/removers/FixDownadup.exe
PROSIM CITAJTE POZORNE NAVOD!!!,Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
graupel
- Návštěvník
- Příspěvky: 133
- Registrován: 13 bře 2010 15:44
- Bydliště: Košické Oľšany, Slovensko
Re: Conficker
Pri použití Flash-Disinfector všetko prebehlo OK, až na flash disk I, ktorý patrí foťáku. Je chránený proti zápisu a neviem to vypnúť, nepomohol mi ani ujo Google. Keďže je chránený, podľa mňa by Conficker ho nemal napadnúť, či sa mýlim? Mám pokračovať ďalej?
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Conficker
pokracuj dalej
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
graupel
- Návštěvník
- Příspěvky: 133
- Registrován: 13 bře 2010 15:44
- Bydliště: Košické Oľšany, Slovensko
Re: Conficker
Keď do políčka zadám Gpedit.msc, vyskočí mi hláška, že systém Windows nevie súbor nájsť. Aby som zbytočne nestál, už beží mbam. 
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Conficker
ok, xp-Home nema Gpedit.msc.ak budes chciet tak to vypneme inak, pokracuj dalej
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
graupel
- Návštěvník
- Příspěvky: 133
- Registrován: 13 bře 2010 15:44
- Bydliště: Košické Oľšany, Slovensko
Re: Conficker
OK, tak napíš zatiaľ, že ako na to, aj tak teraz musím čakať na mbam, ešte stále beží.
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Conficker
Kód: Vybrat vše
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"Ulozis ako vsetky subory. a spustis
restart.
Nevyhodou je ze vsetky disky budes musiet otvarat manualne.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
graupel
- Návštěvník
- Příspěvky: 133
- Registrován: 13 bře 2010 15:44
- Bydliště: Košické Oľšany, Slovensko
Re: Conficker
Díky, takže mbam nič nenašiel, idem ďalej. Minulý týždeň našiel nejaké inštalátory na falošné programy, všetko som zmazal, log z min. týždňa už nemám. SuperAntiSpyware taktiež nič nenašiel.
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Conficker
ok, pokracuj, ak pouzijes script,a nebude ti to vyhovovat, budes chciet dat spat automaticke prehravanie, pouzi tento script.
Kód: Vybrat vše
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
graupel
- Návštěvník
- Příspěvky: 133
- Registrován: 13 bře 2010 15:44
- Bydliště: Košické Oľšany, Slovensko
Re: Conficker
Počítač pri použití CF sa nereštartoval, po skončení CF len vybehol log. Konzolu pre zotavenie som neinštaloval.
ComboFix 11-01-31.02 - miro 04.02.2011 19:54:15.1.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2559.2132 [GMT 1:00]
Running from: c:\documents and settings\miro\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2011-01-04 to 2011-02-04 )))))))))))))))))))))))))))))))
.
2011-02-04 18:48 . 2011-02-04 18:48 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{97414194-A1E5-4DFD-80AE-5EC0FD383391}\MpKsl68791488.sys
2011-02-04 13:25 . 2011-02-04 13:25 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-02-04 13:25 . 2011-02-04 13:25 -------- d-----w- c:\program files\Common Files\xing shared
2011-02-04 13:25 . 2011-02-04 13:25 150712 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-02-04 13:25 . 2011-02-04 13:25 100864 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-02-04 13:19 . 2011-02-04 13:19 -------- d-----w- c:\program files\Common Files\Skype
2011-02-04 12:29 . 2011-01-13 00:41 5890896 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{97414194-A1E5-4DFD-80AE-5EC0FD383391}\mpengine.dll
2011-02-01 14:44 . 2011-02-01 14:45 -------- d-----w- c:\program files\ICQ7.4
2011-02-01 04:56 . 2011-01-13 00:41 5890896 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-01-31 15:12 . 2011-01-31 15:12 -------- d-----w- c:\program files\Microsoft Security Client
2011-01-31 13:47 . 2011-01-31 13:47 -------- d-----w- c:\documents and settings\M. Janočko starší\Application Data\Thunderbird
2011-01-31 13:47 . 2011-01-31 13:47 -------- d-----w- c:\documents and settings\M. Janočko starší\Local Settings\Application Data\Thunderbird
2011-01-31 13:46 . 2011-01-31 13:46 -------- d-----w- c:\documents and settings\M. Janočko starší\Local Settings\Application Data\ESET
2011-01-31 13:46 . 2011-01-31 13:46 -------- d-----w- c:\documents and settings\M. Janočko starší\Application Data\ESET
2011-01-31 13:27 . 2011-01-31 13:27 -------- d-----w- c:\documents and settings\miro\Local Settings\Application Data\ESET
2011-01-31 13:27 . 2011-01-31 13:27 -------- d-----w- c:\documents and settings\miro\Application Data\ESET
2011-01-31 13:14 . 2011-01-31 13:14 -------- d-----w- c:\documents and settings\miro\Local Settings\Application Data\Thunderbird
2011-01-31 13:14 . 2011-01-31 13:14 -------- d-----w- c:\documents and settings\miro\Application Data\Thunderbird
2011-01-25 17:24 . 2011-01-25 17:24 -------- d-----w- C:\Turbo Pascal 7.0
2011-01-19 19:15 . 2011-01-19 19:18 -------- d-----w- c:\documents and settings\miro\Application Data\GetRightToGo
2011-01-12 15:25 . 2011-01-12 15:25 -------- d-----w- C:\rsit
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-04 13:24 . 2010-04-14 03:26 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-12-26 11:36 . 2010-04-14 03:26 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-12-21 22:01 . 2010-12-21 17:09 112640 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VCExpress\9.0\1033\ResourceCache.dll
2010-12-21 22:00 . 2010-12-21 17:09 416 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:12 . 2010-05-14 01:05 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 17:53 . 2010-05-14 19:39 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 15:34 . 2010-05-19 06:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2006-02-28 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-08 14:40 . 2010-11-08 14:40 40960 ----a-r- c:\documents and settings\miro\Application Data\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut3_8527C3D5BA1D46E988D2AF25544311A3.exe
2010-11-08 14:40 . 2010-11-08 14:40 40960 ----a-r- c:\documents and settings\miro\Application Data\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut2_8527C3D5BA1D46E988D2AF25544311A3.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-02 13570048]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^miro^Start Menu^Programs^Startup^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
path=c:\documents and settings\miro\Start Menu\Programs\Startup\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk
backup=c:\windows\pss\Orezávač obrazovky a spúšťač programu OneNote 2007.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 00:12 110592 ----a-w- c:\windows\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 18:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2008-05-14 03:16 29831168 ----a-r- c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-02-19 09:41 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-08-02 04:20 86016 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-08-02 04:20 1657376 ----a-w- c:\windows\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20.5.2010 9:05 691696]
R1 MpKsl68791488;MpKsl68791488;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{97414194-A1E5-4DFD-80AE-5EC0FD383391}\MpKsl68791488.sys [4.2.2011 19:48 28752]
R3 CAM1690;ANTIK PC Camera;c:\windows\system32\drivers\cam1690.sys [31.10.2007 13:34 180864]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [14.5.2010 6:00 31392]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [14.5.2010 5:57 238080]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe --> c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [?]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15.5.2010 2:38 136176]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - MPKSL68791488
.
Contents of the 'Scheduled Tasks' folder
2011-02-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1010.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1017.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1018.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1019.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1010.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1017.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1018.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-01-31 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1019.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.sk/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
LSP: %SYSTEMROOT%\system32\nvLsp.dll
TCP: {0CA76E0E-8769-472E-AEF2-2623480B51BB} = 172.22.13.254,217.119.117.170
FF - ProfilePath - c:\documents and settings\miro\Application Data\Mozilla\Firefox\Profiles\hr8ne8qk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.startup.homepage - chrome://google-toolbar/content/new-tab.html
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Forecastfox Weather: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - %profile%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-TkBellExe - c:\program files\real\realplayer\update\realsched.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-04 19:57
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(772)
c:\windows\system32\nvLsp.dll
- - - - - - - > 'explorer.exe'(4004)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-02-04 19:58:41
ComboFix-quarantined-files.txt 2011-02-04 18:58
Pre-Run: 22 023 946 240 bytes free
Post-Run: 21 978 980 352 bytes free
- - End Of File - - 2B5AA8FB5060B89FB83D3181A2F503B6
ComboFix 11-01-31.02 - miro 04.02.2011 19:54:15.1.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2559.2132 [GMT 1:00]
Running from: c:\documents and settings\miro\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2011-01-04 to 2011-02-04 )))))))))))))))))))))))))))))))
.
2011-02-04 18:48 . 2011-02-04 18:48 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{97414194-A1E5-4DFD-80AE-5EC0FD383391}\MpKsl68791488.sys
2011-02-04 13:25 . 2011-02-04 13:25 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll
2011-02-04 13:25 . 2011-02-04 13:25 -------- d-----w- c:\program files\Common Files\xing shared
2011-02-04 13:25 . 2011-02-04 13:25 150712 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll
2011-02-04 13:25 . 2011-02-04 13:25 100864 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll
2011-02-04 13:19 . 2011-02-04 13:19 -------- d-----w- c:\program files\Common Files\Skype
2011-02-04 12:29 . 2011-01-13 00:41 5890896 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{97414194-A1E5-4DFD-80AE-5EC0FD383391}\mpengine.dll
2011-02-01 14:44 . 2011-02-01 14:45 -------- d-----w- c:\program files\ICQ7.4
2011-02-01 04:56 . 2011-01-13 00:41 5890896 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-01-31 15:12 . 2011-01-31 15:12 -------- d-----w- c:\program files\Microsoft Security Client
2011-01-31 13:47 . 2011-01-31 13:47 -------- d-----w- c:\documents and settings\M. Janočko starší\Application Data\Thunderbird
2011-01-31 13:47 . 2011-01-31 13:47 -------- d-----w- c:\documents and settings\M. Janočko starší\Local Settings\Application Data\Thunderbird
2011-01-31 13:46 . 2011-01-31 13:46 -------- d-----w- c:\documents and settings\M. Janočko starší\Local Settings\Application Data\ESET
2011-01-31 13:46 . 2011-01-31 13:46 -------- d-----w- c:\documents and settings\M. Janočko starší\Application Data\ESET
2011-01-31 13:27 . 2011-01-31 13:27 -------- d-----w- c:\documents and settings\miro\Local Settings\Application Data\ESET
2011-01-31 13:27 . 2011-01-31 13:27 -------- d-----w- c:\documents and settings\miro\Application Data\ESET
2011-01-31 13:14 . 2011-01-31 13:14 -------- d-----w- c:\documents and settings\miro\Local Settings\Application Data\Thunderbird
2011-01-31 13:14 . 2011-01-31 13:14 -------- d-----w- c:\documents and settings\miro\Application Data\Thunderbird
2011-01-25 17:24 . 2011-01-25 17:24 -------- d-----w- C:\Turbo Pascal 7.0
2011-01-19 19:15 . 2011-01-19 19:18 -------- d-----w- c:\documents and settings\miro\Application Data\GetRightToGo
2011-01-12 15:25 . 2011-01-12 15:25 -------- d-----w- C:\rsit
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-04 13:24 . 2010-04-14 03:26 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-12-26 11:36 . 2010-04-14 03:26 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-12-21 22:01 . 2010-12-21 17:09 112640 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\VCExpress\9.0\1033\ResourceCache.dll
2010-12-21 22:00 . 2010-12-21 17:09 416 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-18 18:12 . 2010-05-14 01:05 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-12 17:53 . 2010-05-14 19:39 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-12 15:34 . 2010-05-19 06:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 14:52 . 2006-02-28 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-08 14:40 . 2010-11-08 14:40 40960 ----a-r- c:\documents and settings\miro\Application Data\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut3_8527C3D5BA1D46E988D2AF25544311A3.exe
2010-11-08 14:40 . 2010-11-08 14:40 40960 ----a-r- c:\documents and settings\miro\Application Data\Microsoft\Installer\{8527C3D5-BA1D-46E9-88D2-AF25544311A3}\NewShortcut2_8527C3D5BA1D46E988D2AF25544311A3.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-02 13570048]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKLM\~\startupfolder\C:^Documents and Settings^miro^Start Menu^Programs^Startup^Orezávač obrazovky a spúšťač programu OneNote 2007.lnk]
path=c:\documents and settings\miro\Start Menu\Programs\Startup\Orezávač obrazovky a spúšťač programu OneNote 2007.lnk
backup=c:\windows\pss\Orezávač obrazovky a spúšťač programu OneNote 2007.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 00:12 110592 ----a-w- c:\windows\system32\bthprops.cpl
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 18:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2008-05-14 03:16 29831168 ----a-r- c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-02-19 09:41 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-08-02 04:20 86016 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-08-02 04:20 1657376 ----a-w- c:\windows\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.4\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [20.5.2010 9:05 691696]
R1 MpKsl68791488;MpKsl68791488;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{97414194-A1E5-4DFD-80AE-5EC0FD383391}\MpKsl68791488.sys [4.2.2011 19:48 28752]
R3 CAM1690;ANTIK PC Camera;c:\windows\system32\drivers\cam1690.sys [31.10.2007 13:34 180864]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [14.5.2010 6:00 31392]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [14.5.2010 5:57 238080]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe --> c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [?]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15.5.2010 2:38 136176]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - MPKSL68791488
.
Contents of the 'Scheduled Tasks' folder
2011-02-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1010.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1017.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1018.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-1078081533-725345543-1019.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1010.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1017.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-02-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1018.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
2011-01-31 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-1078081533-725345543-1019.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-01-24 13:25]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.sk/
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
LSP: %SYSTEMROOT%\system32\nvLsp.dll
TCP: {0CA76E0E-8769-472E-AEF2-2623480B51BB} = 172.22.13.254,217.119.117.170
FF - ProfilePath - c:\documents and settings\miro\Application Data\Mozilla\Firefox\Profiles\hr8ne8qk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.startup.homepage - chrome://google-toolbar/content/new-tab.html
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: Forecastfox Weather: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3} - %profile%\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
- - - - ORPHANS REMOVED - - - -
MSConfigStartUp-TkBellExe - c:\program files\real\realplayer\update\realsched.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-04 19:57
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'lsass.exe'(772)
c:\windows\system32\nvLsp.dll
- - - - - - - > 'explorer.exe'(4004)
c:\windows\system32\WININET.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-02-04 19:58:41
ComboFix-quarantined-files.txt 2011-02-04 18:58
Pre-Run: 22 023 946 240 bytes free
Post-Run: 21 978 980 352 bytes free
- - End Of File - - 2B5AA8FB5060B89FB83D3181A2F503B6
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Conficker
Ok, nevidim tam nic, mas tam dajake zbytky z ESET-u
Zmazeme??
Zmazeme??
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
graupel
- Návštěvník
- Příspěvky: 133
- Registrován: 13 bře 2010 15:44
- Bydliště: Košické Oľšany, Slovensko
Re: Conficker
Nezmažeme, pretože ja ESET Smart Security som odinštaloval len dočasne, plánujem sa k nemu vrátiť.
Ďakujem za pomoc, chcem ešte odinštalovať CF a PC ukľudniť.
Ďakujem za pomoc, chcem ešte odinštalovať CF a PC ukľudniť.
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Conficker
ok,
premenuj ikonu combofixu na uninstall
a spust combofix sa odinstaluje:
Stiahnes>>OTMoveIt3 by OldTimer >.podla navodu vloz text a klik-Moveit>>log po restarte vloz sem
premenuj ikonu combofixu na uninstalla spust combofix sa odinstaluje:
Stiahnes>>OTMoveIt3 by OldTimer >.podla navodu vloz text a klik-Moveit>>log po restarte vloz sem
Kód: Vybrat vše
:processes
explorer.exe
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
ipconfig /flushdns /c
:Commands
[resethosts]
[CreateRestorePoint]
[emptytemp]
[start explorer]
[Reboot
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
-
graupel
- Návštěvník
- Příspěvky: 133
- Registrován: 13 bře 2010 15:44
- Bydliště: Košické Oľšany, Slovensko
Re: Conficker
Videá sú stále pomalé. Mohli by sme ešte vyskúšať test na rootkity? 
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP268.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP450.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP528.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP71E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP741.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE4.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI10.tmp moved successfully.
C:\WINDOWS\Installer\MSI106.tmp moved successfully.
C:\WINDOWS\Installer\MSI107.tmp moved successfully.
C:\WINDOWS\Installer\MSI108.tmp moved successfully.
C:\WINDOWS\Installer\MSI109.tmp moved successfully.
C:\WINDOWS\Installer\MSI10A.tmp moved successfully.
C:\WINDOWS\Installer\MSI11.tmp moved successfully.
C:\WINDOWS\Installer\MSI113.tmp moved successfully.
C:\WINDOWS\Installer\MSI114.tmp moved successfully.
C:\WINDOWS\Installer\MSI115.tmp moved successfully.
C:\WINDOWS\Installer\MSI116.tmp moved successfully.
C:\WINDOWS\Installer\MSI117.tmp moved successfully.
C:\WINDOWS\Installer\MSI12.tmp moved successfully.
C:\WINDOWS\Installer\MSI13.tmp moved successfully.
C:\WINDOWS\Installer\MSI14.tmp moved successfully.
C:\WINDOWS\Installer\MSI140.tmp moved successfully.
C:\WINDOWS\Installer\MSI144.tmp moved successfully.
C:\WINDOWS\Installer\MSI15.tmp moved successfully.
C:\WINDOWS\Installer\MSI16.tmp moved successfully.
C:\WINDOWS\Installer\MSI17.tmp moved successfully.
C:\WINDOWS\Installer\MSI18.tmp moved successfully.
C:\WINDOWS\Installer\MSI19.tmp moved successfully.
C:\WINDOWS\Installer\MSI1A.tmp moved successfully.
C:\WINDOWS\Installer\MSI1B.tmp moved successfully.
C:\WINDOWS\Installer\MSI1C.tmp moved successfully.
C:\WINDOWS\Installer\MSI1D.tmp moved successfully.
C:\WINDOWS\Installer\MSI1E.tmp moved successfully.
C:\WINDOWS\Installer\MSI1F.tmp moved successfully.
C:\WINDOWS\Installer\MSI20.tmp moved successfully.
C:\WINDOWS\Installer\MSI21.tmp moved successfully.
C:\WINDOWS\Installer\MSI22.tmp moved successfully.
C:\WINDOWS\Installer\MSI23.tmp moved successfully.
C:\WINDOWS\Installer\MSI24.tmp moved successfully.
C:\WINDOWS\Installer\MSI25.tmp moved successfully.
C:\WINDOWS\Installer\MSI26.tmp moved successfully.
C:\WINDOWS\Installer\MSI27.tmp moved successfully.
C:\WINDOWS\Installer\MSI28.tmp moved successfully.
C:\WINDOWS\Installer\MSI29.tmp moved successfully.
C:\WINDOWS\Installer\MSI2A.tmp moved successfully.
C:\WINDOWS\Installer\MSI2B.tmp moved successfully.
C:\WINDOWS\Installer\MSI2C.tmp moved successfully.
C:\WINDOWS\Installer\MSI2D.tmp moved successfully.
C:\WINDOWS\Installer\MSI2E.tmp moved successfully.
C:\WINDOWS\Installer\MSI2F.tmp moved successfully.
C:\WINDOWS\Installer\MSI30.tmp moved successfully.
C:\WINDOWS\Installer\MSI31.tmp moved successfully.
C:\WINDOWS\Installer\MSI32.tmp moved successfully.
C:\WINDOWS\Installer\MSI33.tmp moved successfully.
C:\WINDOWS\Installer\MSI34.tmp moved successfully.
C:\WINDOWS\Installer\MSI35.tmp moved successfully.
C:\WINDOWS\Installer\MSI36.tmp moved successfully.
C:\WINDOWS\Installer\MSI37.tmp moved successfully.
C:\WINDOWS\Installer\MSI38.tmp moved successfully.
C:\WINDOWS\Installer\MSI39.tmp moved successfully.
C:\WINDOWS\Installer\MSI3A.tmp moved successfully.
C:\WINDOWS\Installer\MSI3B.tmp moved successfully.
C:\WINDOWS\Installer\MSI3C.tmp moved successfully.
C:\WINDOWS\Installer\MSI3D.tmp moved successfully.
C:\WINDOWS\Installer\MSI3E.tmp moved successfully.
C:\WINDOWS\Installer\MSI3F.tmp moved successfully.
C:\WINDOWS\Installer\MSI40.tmp moved successfully.
C:\WINDOWS\Installer\MSI41.tmp moved successfully.
C:\WINDOWS\Installer\MSI42.tmp moved successfully.
C:\WINDOWS\Installer\MSI43.tmp moved successfully.
C:\WINDOWS\Installer\MSI44.tmp moved successfully.
C:\WINDOWS\Installer\MSI45.tmp moved successfully.
C:\WINDOWS\Installer\MSI46.tmp moved successfully.
C:\WINDOWS\Installer\MSI47.tmp moved successfully.
C:\WINDOWS\Installer\MSI48.tmp moved successfully.
C:\WINDOWS\Installer\MSI49.tmp moved successfully.
C:\WINDOWS\Installer\MSI4A.tmp moved successfully.
C:\WINDOWS\Installer\MSI4B.tmp moved successfully.
C:\WINDOWS\Installer\MSI4C.tmp moved successfully.
C:\WINDOWS\Installer\MSI4D.tmp moved successfully.
C:\WINDOWS\Installer\MSI4E.tmp moved successfully.
C:\WINDOWS\Installer\MSI4F.tmp moved successfully.
C:\WINDOWS\Installer\MSI50.tmp moved successfully.
C:\WINDOWS\Installer\MSI51.tmp moved successfully.
C:\WINDOWS\Installer\MSI52.tmp moved successfully.
C:\WINDOWS\Installer\MSI53.tmp moved successfully.
C:\WINDOWS\Installer\MSI54.tmp moved successfully.
C:\WINDOWS\Installer\MSI55.tmp moved successfully.
C:\WINDOWS\Installer\MSI56.tmp moved successfully.
C:\WINDOWS\Installer\MSI57.tmp moved successfully.
C:\WINDOWS\Installer\MSI58.tmp moved successfully.
C:\WINDOWS\Installer\MSI59.tmp moved successfully.
C:\WINDOWS\Installer\MSI5A.tmp moved successfully.
C:\WINDOWS\Installer\MSI5B.tmp moved successfully.
C:\WINDOWS\Installer\MSI5C.tmp moved successfully.
C:\WINDOWS\Installer\MSI5D.tmp moved successfully.
C:\WINDOWS\Installer\MSI5E.tmp moved successfully.
C:\WINDOWS\Installer\MSI5F.tmp moved successfully.
C:\WINDOWS\Installer\MSI60.tmp moved successfully.
C:\WINDOWS\Installer\MSI61.tmp moved successfully.
C:\WINDOWS\Installer\MSI62.tmp moved successfully.
C:\WINDOWS\Installer\MSI63.tmp moved successfully.
C:\WINDOWS\Installer\MSI64.tmp moved successfully.
C:\WINDOWS\Installer\MSI65.tmp moved successfully.
C:\WINDOWS\Installer\MSI66.tmp moved successfully.
C:\WINDOWS\Installer\MSI67.tmp moved successfully.
C:\WINDOWS\Installer\MSI68.tmp moved successfully.
C:\WINDOWS\Installer\MSI69.tmp moved successfully.
C:\WINDOWS\Installer\MSI692.tmp moved successfully.
C:\WINDOWS\Installer\MSI693.tmp moved successfully.
C:\WINDOWS\Installer\MSI694.tmp moved successfully.
C:\WINDOWS\Installer\MSI695.tmp moved successfully.
C:\WINDOWS\Installer\MSI696.tmp moved successfully.
C:\WINDOWS\Installer\MSI6C.tmp moved successfully.
C:\WINDOWS\Installer\MSI6D.tmp moved successfully.
C:\WINDOWS\Installer\MSI6E.tmp moved successfully.
C:\WINDOWS\Installer\MSI6F.tmp moved successfully.
C:\WINDOWS\Installer\MSI70.tmp moved successfully.
C:\WINDOWS\Installer\MSI71.tmp moved successfully.
C:\WINDOWS\Installer\MSI72.tmp moved successfully.
C:\WINDOWS\Installer\MSI75.tmp moved successfully.
C:\WINDOWS\Installer\MSI76.tmp moved successfully.
C:\WINDOWS\Installer\MSI77.tmp moved successfully.
C:\WINDOWS\Installer\MSI78.tmp moved successfully.
C:\WINDOWS\Installer\MSI79.tmp moved successfully.
C:\WINDOWS\Installer\MSI7A.tmp moved successfully.
C:\WINDOWS\Installer\MSI7B.tmp moved successfully.
C:\WINDOWS\Installer\MSI7C.tmp moved successfully.
C:\WINDOWS\Installer\MSI7D.tmp moved successfully.
C:\WINDOWS\Installer\MSI7E.tmp moved successfully.
C:\WINDOWS\Installer\MSI7F.tmp moved successfully.
C:\WINDOWS\Installer\MSI80.tmp moved successfully.
C:\WINDOWS\Installer\MSI81.tmp moved successfully.
C:\WINDOWS\Installer\MSI82.tmp moved successfully.
C:\WINDOWS\Installer\MSI83.tmp moved successfully.
C:\WINDOWS\Installer\MSI84.tmp moved successfully.
C:\WINDOWS\Installer\MSI85.tmp moved successfully.
C:\WINDOWS\Installer\MSI86.tmp moved successfully.
C:\WINDOWS\Installer\MSI87.tmp moved successfully.
C:\WINDOWS\Installer\MSI88.tmp moved successfully.
C:\WINDOWS\Installer\MSI89.tmp moved successfully.
C:\WINDOWS\Installer\MSI8A.tmp moved successfully.
C:\WINDOWS\Installer\MSI8B.tmp moved successfully.
C:\WINDOWS\Installer\MSI8C.tmp moved successfully.
C:\WINDOWS\Installer\MSI8D.tmp moved successfully.
C:\WINDOWS\Installer\MSI8E.tmp moved successfully.
C:\WINDOWS\Installer\MSI8F.tmp moved successfully.
C:\WINDOWS\Installer\MSI90.tmp moved successfully.
C:\WINDOWS\Installer\MSI91.tmp moved successfully.
C:\WINDOWS\Installer\MSI92.tmp moved successfully.
C:\WINDOWS\Installer\MSI93.tmp moved successfully.
C:\WINDOWS\Installer\MSI94.tmp moved successfully.
C:\WINDOWS\Installer\MSI95.tmp moved successfully.
C:\WINDOWS\Installer\MSI96.tmp moved successfully.
C:\WINDOWS\Installer\MSI97.tmp moved successfully.
C:\WINDOWS\Installer\MSI98.tmp moved successfully.
C:\WINDOWS\Installer\MSI99.tmp moved successfully.
C:\WINDOWS\Installer\MSI9A.tmp moved successfully.
C:\WINDOWS\Installer\MSI9B.tmp moved successfully.
C:\WINDOWS\Installer\MSI9C.tmp moved successfully.
C:\WINDOWS\Installer\MSI9D.tmp moved successfully.
C:\WINDOWS\Installer\MSI9E.tmp moved successfully.
C:\WINDOWS\Installer\MSI9F.tmp moved successfully.
C:\WINDOWS\Installer\MSIA2.tmp moved successfully.
C:\WINDOWS\Installer\MSIA3.tmp moved successfully.
C:\WINDOWS\Installer\MSIA4.tmp moved successfully.
C:\WINDOWS\Installer\MSIA5.tmp moved successfully.
C:\WINDOWS\Installer\MSIA6.tmp moved successfully.
C:\WINDOWS\Installer\MSIAB.tmp moved successfully.
C:\WINDOWS\Installer\MSIAC.tmp moved successfully.
C:\WINDOWS\Installer\MSIAD.tmp moved successfully.
C:\WINDOWS\Installer\MSIAE.tmp moved successfully.
C:\WINDOWS\Installer\MSIAF.tmp moved successfully.
C:\WINDOWS\Installer\MSIB4.tmp moved successfully.
C:\WINDOWS\Installer\MSIB5.tmp moved successfully.
C:\WINDOWS\Installer\MSIB6.tmp moved successfully.
C:\WINDOWS\Installer\MSIB7.tmp moved successfully.
C:\WINDOWS\Installer\MSIB8.tmp moved successfully.
C:\WINDOWS\Installer\MSIC7.tmp moved successfully.
C:\WINDOWS\Installer\MSIC8.tmp moved successfully.
C:\WINDOWS\Installer\MSIC9.tmp moved successfully.
C:\WINDOWS\Installer\MSICA.tmp moved successfully.
C:\WINDOWS\Installer\MSICB.tmp moved successfully.
C:\WINDOWS\Installer\MSICC.tmp moved successfully.
C:\WINDOWS\Installer\MSICD.tmp moved successfully.
C:\WINDOWS\Installer\MSICE.tmp moved successfully.
C:\WINDOWS\Installer\MSICF.tmp moved successfully.
C:\WINDOWS\Installer\MSID.tmp moved successfully.
C:\WINDOWS\Installer\MSID0.tmp moved successfully.
C:\WINDOWS\Installer\MSID0DB.tmp moved successfully.
C:\WINDOWS\Installer\MSID0DC.tmp moved successfully.
C:\WINDOWS\Installer\MSID0E1.tmp moved successfully.
C:\WINDOWS\Installer\MSID0E2.tmp moved successfully.
C:\WINDOWS\Installer\MSID0E3.tmp moved successfully.
C:\WINDOWS\Installer\MSID0E4.tmp moved successfully.
C:\WINDOWS\Installer\MSID0E5.tmp moved successfully.
C:\WINDOWS\Installer\MSID1.tmp moved successfully.
C:\WINDOWS\Installer\MSID2.tmp moved successfully.
C:\WINDOWS\Installer\MSID3.tmp moved successfully.
C:\WINDOWS\Installer\MSID4.tmp moved successfully.
C:\WINDOWS\Installer\MSID5.tmp moved successfully.
C:\WINDOWS\Installer\MSID6.tmp moved successfully.
C:\WINDOWS\Installer\MSID7.tmp moved successfully.
C:\WINDOWS\Installer\MSID8.tmp moved successfully.
C:\WINDOWS\Installer\MSID9.tmp moved successfully.
C:\WINDOWS\Installer\MSIDA.tmp moved successfully.
C:\WINDOWS\Installer\MSIDB.tmp moved successfully.
C:\WINDOWS\Installer\MSIDC.tmp moved successfully.
C:\WINDOWS\Installer\MSIDD.tmp moved successfully.
C:\WINDOWS\Installer\MSIDE.tmp moved successfully.
C:\WINDOWS\Installer\MSIDF.tmp moved successfully.
C:\WINDOWS\Installer\MSIE.tmp moved successfully.
C:\WINDOWS\Installer\MSIE0.tmp moved successfully.
C:\WINDOWS\Installer\MSIE1.tmp moved successfully.
C:\WINDOWS\Installer\MSIE2.tmp moved successfully.
C:\WINDOWS\Installer\MSIE3.tmp moved successfully.
C:\WINDOWS\Installer\MSIE4.tmp moved successfully.
C:\WINDOWS\Installer\MSIE5.tmp moved successfully.
C:\WINDOWS\Installer\MSIE9.tmp moved successfully.
C:\WINDOWS\Installer\MSIEA.tmp moved successfully.
C:\WINDOWS\Installer\MSIEB.tmp moved successfully.
C:\WINDOWS\Installer\MSIEC.tmp moved successfully.
C:\WINDOWS\Installer\MSIED.tmp moved successfully.
C:\WINDOWS\Installer\MSIEE.tmp moved successfully.
C:\WINDOWS\Installer\MSIEF.tmp moved successfully.
C:\WINDOWS\Installer\MSIF.tmp moved successfully.
C:\WINDOWS\Installer\MSIF0.tmp moved successfully.
C:\WINDOWS\Installer\MSIF1.tmp moved successfully.
C:\WINDOWS\Installer\MSIF2.tmp moved successfully.
C:\WINDOWS\Installer\MSIF3.tmp moved successfully.
C:\WINDOWS\Installer\MSIF4.tmp moved successfully.
C:\WINDOWS\Installer\MSIF5.tmp moved successfully.
C:\WINDOWS\Installer\MSIF6.tmp moved successfully.
C:\WINDOWS\Installer\MSIF7.tmp moved successfully.
C:\WINDOWS\Installer\MSIF8.tmp moved successfully.
C:\WINDOWS\Installer\MSIF9.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt30.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltA.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
< ipconfig /flushdns /c >
Konfigurácia protokolu IP systému Windows
Vyrovnávacia pamäť prekladania DNS sa úspešne vyprázdnila.
C:\Documents and Settings\miro\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\miro\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: M. Janočko starší
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: miro
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1301516 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 28481831 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 456 bytes
User: Miroslav Janočko
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 4690 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12054 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 28,00 mb
OTM by OldTimer - Version 3.1.17.2 log created on 02042011_201932
Files moved on Reboot...
Registry entries deleted on Reboot...
All processes killed
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP268.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP450.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP528.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP71E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP741.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAPE4.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI10.tmp moved successfully.
C:\WINDOWS\Installer\MSI106.tmp moved successfully.
C:\WINDOWS\Installer\MSI107.tmp moved successfully.
C:\WINDOWS\Installer\MSI108.tmp moved successfully.
C:\WINDOWS\Installer\MSI109.tmp moved successfully.
C:\WINDOWS\Installer\MSI10A.tmp moved successfully.
C:\WINDOWS\Installer\MSI11.tmp moved successfully.
C:\WINDOWS\Installer\MSI113.tmp moved successfully.
C:\WINDOWS\Installer\MSI114.tmp moved successfully.
C:\WINDOWS\Installer\MSI115.tmp moved successfully.
C:\WINDOWS\Installer\MSI116.tmp moved successfully.
C:\WINDOWS\Installer\MSI117.tmp moved successfully.
C:\WINDOWS\Installer\MSI12.tmp moved successfully.
C:\WINDOWS\Installer\MSI13.tmp moved successfully.
C:\WINDOWS\Installer\MSI14.tmp moved successfully.
C:\WINDOWS\Installer\MSI140.tmp moved successfully.
C:\WINDOWS\Installer\MSI144.tmp moved successfully.
C:\WINDOWS\Installer\MSI15.tmp moved successfully.
C:\WINDOWS\Installer\MSI16.tmp moved successfully.
C:\WINDOWS\Installer\MSI17.tmp moved successfully.
C:\WINDOWS\Installer\MSI18.tmp moved successfully.
C:\WINDOWS\Installer\MSI19.tmp moved successfully.
C:\WINDOWS\Installer\MSI1A.tmp moved successfully.
C:\WINDOWS\Installer\MSI1B.tmp moved successfully.
C:\WINDOWS\Installer\MSI1C.tmp moved successfully.
C:\WINDOWS\Installer\MSI1D.tmp moved successfully.
C:\WINDOWS\Installer\MSI1E.tmp moved successfully.
C:\WINDOWS\Installer\MSI1F.tmp moved successfully.
C:\WINDOWS\Installer\MSI20.tmp moved successfully.
C:\WINDOWS\Installer\MSI21.tmp moved successfully.
C:\WINDOWS\Installer\MSI22.tmp moved successfully.
C:\WINDOWS\Installer\MSI23.tmp moved successfully.
C:\WINDOWS\Installer\MSI24.tmp moved successfully.
C:\WINDOWS\Installer\MSI25.tmp moved successfully.
C:\WINDOWS\Installer\MSI26.tmp moved successfully.
C:\WINDOWS\Installer\MSI27.tmp moved successfully.
C:\WINDOWS\Installer\MSI28.tmp moved successfully.
C:\WINDOWS\Installer\MSI29.tmp moved successfully.
C:\WINDOWS\Installer\MSI2A.tmp moved successfully.
C:\WINDOWS\Installer\MSI2B.tmp moved successfully.
C:\WINDOWS\Installer\MSI2C.tmp moved successfully.
C:\WINDOWS\Installer\MSI2D.tmp moved successfully.
C:\WINDOWS\Installer\MSI2E.tmp moved successfully.
C:\WINDOWS\Installer\MSI2F.tmp moved successfully.
C:\WINDOWS\Installer\MSI30.tmp moved successfully.
C:\WINDOWS\Installer\MSI31.tmp moved successfully.
C:\WINDOWS\Installer\MSI32.tmp moved successfully.
C:\WINDOWS\Installer\MSI33.tmp moved successfully.
C:\WINDOWS\Installer\MSI34.tmp moved successfully.
C:\WINDOWS\Installer\MSI35.tmp moved successfully.
C:\WINDOWS\Installer\MSI36.tmp moved successfully.
C:\WINDOWS\Installer\MSI37.tmp moved successfully.
C:\WINDOWS\Installer\MSI38.tmp moved successfully.
C:\WINDOWS\Installer\MSI39.tmp moved successfully.
C:\WINDOWS\Installer\MSI3A.tmp moved successfully.
C:\WINDOWS\Installer\MSI3B.tmp moved successfully.
C:\WINDOWS\Installer\MSI3C.tmp moved successfully.
C:\WINDOWS\Installer\MSI3D.tmp moved successfully.
C:\WINDOWS\Installer\MSI3E.tmp moved successfully.
C:\WINDOWS\Installer\MSI3F.tmp moved successfully.
C:\WINDOWS\Installer\MSI40.tmp moved successfully.
C:\WINDOWS\Installer\MSI41.tmp moved successfully.
C:\WINDOWS\Installer\MSI42.tmp moved successfully.
C:\WINDOWS\Installer\MSI43.tmp moved successfully.
C:\WINDOWS\Installer\MSI44.tmp moved successfully.
C:\WINDOWS\Installer\MSI45.tmp moved successfully.
C:\WINDOWS\Installer\MSI46.tmp moved successfully.
C:\WINDOWS\Installer\MSI47.tmp moved successfully.
C:\WINDOWS\Installer\MSI48.tmp moved successfully.
C:\WINDOWS\Installer\MSI49.tmp moved successfully.
C:\WINDOWS\Installer\MSI4A.tmp moved successfully.
C:\WINDOWS\Installer\MSI4B.tmp moved successfully.
C:\WINDOWS\Installer\MSI4C.tmp moved successfully.
C:\WINDOWS\Installer\MSI4D.tmp moved successfully.
C:\WINDOWS\Installer\MSI4E.tmp moved successfully.
C:\WINDOWS\Installer\MSI4F.tmp moved successfully.
C:\WINDOWS\Installer\MSI50.tmp moved successfully.
C:\WINDOWS\Installer\MSI51.tmp moved successfully.
C:\WINDOWS\Installer\MSI52.tmp moved successfully.
C:\WINDOWS\Installer\MSI53.tmp moved successfully.
C:\WINDOWS\Installer\MSI54.tmp moved successfully.
C:\WINDOWS\Installer\MSI55.tmp moved successfully.
C:\WINDOWS\Installer\MSI56.tmp moved successfully.
C:\WINDOWS\Installer\MSI57.tmp moved successfully.
C:\WINDOWS\Installer\MSI58.tmp moved successfully.
C:\WINDOWS\Installer\MSI59.tmp moved successfully.
C:\WINDOWS\Installer\MSI5A.tmp moved successfully.
C:\WINDOWS\Installer\MSI5B.tmp moved successfully.
C:\WINDOWS\Installer\MSI5C.tmp moved successfully.
C:\WINDOWS\Installer\MSI5D.tmp moved successfully.
C:\WINDOWS\Installer\MSI5E.tmp moved successfully.
C:\WINDOWS\Installer\MSI5F.tmp moved successfully.
C:\WINDOWS\Installer\MSI60.tmp moved successfully.
C:\WINDOWS\Installer\MSI61.tmp moved successfully.
C:\WINDOWS\Installer\MSI62.tmp moved successfully.
C:\WINDOWS\Installer\MSI63.tmp moved successfully.
C:\WINDOWS\Installer\MSI64.tmp moved successfully.
C:\WINDOWS\Installer\MSI65.tmp moved successfully.
C:\WINDOWS\Installer\MSI66.tmp moved successfully.
C:\WINDOWS\Installer\MSI67.tmp moved successfully.
C:\WINDOWS\Installer\MSI68.tmp moved successfully.
C:\WINDOWS\Installer\MSI69.tmp moved successfully.
C:\WINDOWS\Installer\MSI692.tmp moved successfully.
C:\WINDOWS\Installer\MSI693.tmp moved successfully.
C:\WINDOWS\Installer\MSI694.tmp moved successfully.
C:\WINDOWS\Installer\MSI695.tmp moved successfully.
C:\WINDOWS\Installer\MSI696.tmp moved successfully.
C:\WINDOWS\Installer\MSI6C.tmp moved successfully.
C:\WINDOWS\Installer\MSI6D.tmp moved successfully.
C:\WINDOWS\Installer\MSI6E.tmp moved successfully.
C:\WINDOWS\Installer\MSI6F.tmp moved successfully.
C:\WINDOWS\Installer\MSI70.tmp moved successfully.
C:\WINDOWS\Installer\MSI71.tmp moved successfully.
C:\WINDOWS\Installer\MSI72.tmp moved successfully.
C:\WINDOWS\Installer\MSI75.tmp moved successfully.
C:\WINDOWS\Installer\MSI76.tmp moved successfully.
C:\WINDOWS\Installer\MSI77.tmp moved successfully.
C:\WINDOWS\Installer\MSI78.tmp moved successfully.
C:\WINDOWS\Installer\MSI79.tmp moved successfully.
C:\WINDOWS\Installer\MSI7A.tmp moved successfully.
C:\WINDOWS\Installer\MSI7B.tmp moved successfully.
C:\WINDOWS\Installer\MSI7C.tmp moved successfully.
C:\WINDOWS\Installer\MSI7D.tmp moved successfully.
C:\WINDOWS\Installer\MSI7E.tmp moved successfully.
C:\WINDOWS\Installer\MSI7F.tmp moved successfully.
C:\WINDOWS\Installer\MSI80.tmp moved successfully.
C:\WINDOWS\Installer\MSI81.tmp moved successfully.
C:\WINDOWS\Installer\MSI82.tmp moved successfully.
C:\WINDOWS\Installer\MSI83.tmp moved successfully.
C:\WINDOWS\Installer\MSI84.tmp moved successfully.
C:\WINDOWS\Installer\MSI85.tmp moved successfully.
C:\WINDOWS\Installer\MSI86.tmp moved successfully.
C:\WINDOWS\Installer\MSI87.tmp moved successfully.
C:\WINDOWS\Installer\MSI88.tmp moved successfully.
C:\WINDOWS\Installer\MSI89.tmp moved successfully.
C:\WINDOWS\Installer\MSI8A.tmp moved successfully.
C:\WINDOWS\Installer\MSI8B.tmp moved successfully.
C:\WINDOWS\Installer\MSI8C.tmp moved successfully.
C:\WINDOWS\Installer\MSI8D.tmp moved successfully.
C:\WINDOWS\Installer\MSI8E.tmp moved successfully.
C:\WINDOWS\Installer\MSI8F.tmp moved successfully.
C:\WINDOWS\Installer\MSI90.tmp moved successfully.
C:\WINDOWS\Installer\MSI91.tmp moved successfully.
C:\WINDOWS\Installer\MSI92.tmp moved successfully.
C:\WINDOWS\Installer\MSI93.tmp moved successfully.
C:\WINDOWS\Installer\MSI94.tmp moved successfully.
C:\WINDOWS\Installer\MSI95.tmp moved successfully.
C:\WINDOWS\Installer\MSI96.tmp moved successfully.
C:\WINDOWS\Installer\MSI97.tmp moved successfully.
C:\WINDOWS\Installer\MSI98.tmp moved successfully.
C:\WINDOWS\Installer\MSI99.tmp moved successfully.
C:\WINDOWS\Installer\MSI9A.tmp moved successfully.
C:\WINDOWS\Installer\MSI9B.tmp moved successfully.
C:\WINDOWS\Installer\MSI9C.tmp moved successfully.
C:\WINDOWS\Installer\MSI9D.tmp moved successfully.
C:\WINDOWS\Installer\MSI9E.tmp moved successfully.
C:\WINDOWS\Installer\MSI9F.tmp moved successfully.
C:\WINDOWS\Installer\MSIA2.tmp moved successfully.
C:\WINDOWS\Installer\MSIA3.tmp moved successfully.
C:\WINDOWS\Installer\MSIA4.tmp moved successfully.
C:\WINDOWS\Installer\MSIA5.tmp moved successfully.
C:\WINDOWS\Installer\MSIA6.tmp moved successfully.
C:\WINDOWS\Installer\MSIAB.tmp moved successfully.
C:\WINDOWS\Installer\MSIAC.tmp moved successfully.
C:\WINDOWS\Installer\MSIAD.tmp moved successfully.
C:\WINDOWS\Installer\MSIAE.tmp moved successfully.
C:\WINDOWS\Installer\MSIAF.tmp moved successfully.
C:\WINDOWS\Installer\MSIB4.tmp moved successfully.
C:\WINDOWS\Installer\MSIB5.tmp moved successfully.
C:\WINDOWS\Installer\MSIB6.tmp moved successfully.
C:\WINDOWS\Installer\MSIB7.tmp moved successfully.
C:\WINDOWS\Installer\MSIB8.tmp moved successfully.
C:\WINDOWS\Installer\MSIC7.tmp moved successfully.
C:\WINDOWS\Installer\MSIC8.tmp moved successfully.
C:\WINDOWS\Installer\MSIC9.tmp moved successfully.
C:\WINDOWS\Installer\MSICA.tmp moved successfully.
C:\WINDOWS\Installer\MSICB.tmp moved successfully.
C:\WINDOWS\Installer\MSICC.tmp moved successfully.
C:\WINDOWS\Installer\MSICD.tmp moved successfully.
C:\WINDOWS\Installer\MSICE.tmp moved successfully.
C:\WINDOWS\Installer\MSICF.tmp moved successfully.
C:\WINDOWS\Installer\MSID.tmp moved successfully.
C:\WINDOWS\Installer\MSID0.tmp moved successfully.
C:\WINDOWS\Installer\MSID0DB.tmp moved successfully.
C:\WINDOWS\Installer\MSID0DC.tmp moved successfully.
C:\WINDOWS\Installer\MSID0E1.tmp moved successfully.
C:\WINDOWS\Installer\MSID0E2.tmp moved successfully.
C:\WINDOWS\Installer\MSID0E3.tmp moved successfully.
C:\WINDOWS\Installer\MSID0E4.tmp moved successfully.
C:\WINDOWS\Installer\MSID0E5.tmp moved successfully.
C:\WINDOWS\Installer\MSID1.tmp moved successfully.
C:\WINDOWS\Installer\MSID2.tmp moved successfully.
C:\WINDOWS\Installer\MSID3.tmp moved successfully.
C:\WINDOWS\Installer\MSID4.tmp moved successfully.
C:\WINDOWS\Installer\MSID5.tmp moved successfully.
C:\WINDOWS\Installer\MSID6.tmp moved successfully.
C:\WINDOWS\Installer\MSID7.tmp moved successfully.
C:\WINDOWS\Installer\MSID8.tmp moved successfully.
C:\WINDOWS\Installer\MSID9.tmp moved successfully.
C:\WINDOWS\Installer\MSIDA.tmp moved successfully.
C:\WINDOWS\Installer\MSIDB.tmp moved successfully.
C:\WINDOWS\Installer\MSIDC.tmp moved successfully.
C:\WINDOWS\Installer\MSIDD.tmp moved successfully.
C:\WINDOWS\Installer\MSIDE.tmp moved successfully.
C:\WINDOWS\Installer\MSIDF.tmp moved successfully.
C:\WINDOWS\Installer\MSIE.tmp moved successfully.
C:\WINDOWS\Installer\MSIE0.tmp moved successfully.
C:\WINDOWS\Installer\MSIE1.tmp moved successfully.
C:\WINDOWS\Installer\MSIE2.tmp moved successfully.
C:\WINDOWS\Installer\MSIE3.tmp moved successfully.
C:\WINDOWS\Installer\MSIE4.tmp moved successfully.
C:\WINDOWS\Installer\MSIE5.tmp moved successfully.
C:\WINDOWS\Installer\MSIE9.tmp moved successfully.
C:\WINDOWS\Installer\MSIEA.tmp moved successfully.
C:\WINDOWS\Installer\MSIEB.tmp moved successfully.
C:\WINDOWS\Installer\MSIEC.tmp moved successfully.
C:\WINDOWS\Installer\MSIED.tmp moved successfully.
C:\WINDOWS\Installer\MSIEE.tmp moved successfully.
C:\WINDOWS\Installer\MSIEF.tmp moved successfully.
C:\WINDOWS\Installer\MSIF.tmp moved successfully.
C:\WINDOWS\Installer\MSIF0.tmp moved successfully.
C:\WINDOWS\Installer\MSIF1.tmp moved successfully.
C:\WINDOWS\Installer\MSIF2.tmp moved successfully.
C:\WINDOWS\Installer\MSIF3.tmp moved successfully.
C:\WINDOWS\Installer\MSIF4.tmp moved successfully.
C:\WINDOWS\Installer\MSIF5.tmp moved successfully.
C:\WINDOWS\Installer\MSIF6.tmp moved successfully.
C:\WINDOWS\Installer\MSIF7.tmp moved successfully.
C:\WINDOWS\Installer\MSIF8.tmp moved successfully.
C:\WINDOWS\Installer\MSIF9.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wlt30.tmp moved successfully.
C:\WINDOWS\SoftwareDistribution\AuthCabs\7971f918-a847-4430-9279-4a52d1efe18d\wltA.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
< ipconfig /flushdns /c >
Konfigurácia protokolu IP systému Windows
Vyrovnávacia pamäť prekladania DNS sa úspešne vyprázdnila.
C:\Documents and Settings\miro\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\miro\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.
[EMPTYTEMP]
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: M. Janočko starší
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: miro
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 1301516 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 28481831 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 456 bytes
User: Miroslav Janočko
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: NetworkService
->Temp folder emptied: 4690 bytes
->Temporary Internet Files folder emptied: 33170 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12054 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 28,00 mb
OTM by OldTimer - Version 3.1.17.2 log created on 02042011_201932
Files moved on Reboot...
Registry entries deleted on Reboot...
Přispějete na provoz fóra?