Pomoc! vir v explorer.exe

Zpráva

zipicek · #46 Příspěvek od **zipicek** » 13 úno 2011 14:53

nouzový režim jede nabehne nekdy i v normalu ale nefunguje antivirus takze ten systém je určite nejak poškozen.

#47 Příspěvek od **motji** » 13 úno 2011 15:36

Dobře, běžte do nouzového režimu

1. zazálohujte si osobní data (fotky, dokumenty a podobně)

2. najděte složku C:\Windows\minidump.. Pokud v ní máte nějaké soubory, dejte je do raru a přidejte sem jako přílohu. Minidump by mi měl říct, v čem je problém.

3. Máte inst.cd na opravu? Kdyby bylo potřeba?
Je možné, že ten systém je nabořený, měl jste ho těžce zavirovaný. Spíš Vám ale bude chybět nějaký systémový soubor.

4.

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

Chtělo by to teď, aby jsme byli oba online a trošku s tím pohnuli. Já tu bývám večer kolem 9.hodiny, můžeme se nějak domluvit, klidně i přes den.

zipicek · #48 Příspěvek od **zipicek** » 13 úno 2011 15:44

dobre tak kolem 20 h. bych tu mohl být (dnes)

#49 Příspěvek od **motji** » 13 úno 2011 15:49

Já spíš trochu později, až v těch 21., nebo máte čas provést co jsem, psala ted?

zipicek · #50 Příspěvek od **zipicek** » 13 úno 2011 15:52

dobre ted to jdu teda zkusit jestli tady budete

#51 Příspěvek od **motji** » 13 úno 2011 15:53

za chvilku mrknu

zipicek · #52 Příspěvek od **zipicek** » 13 úno 2011 15:57

tady je

zipicek · #53 Příspěvek od **zipicek** » 13 úno 2011 16:14

OTL logfile created on: 13.2.2011 16:06:06 - Run 2
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\rodinka\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 85,00% Memory free
6,00 Gb Paging File | 6,00 Gb Available in Paging File | 94,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 367,53 Gb Free Space | 78,93% Space Free | Partition Type: NTFS

Computer Name: TOMÁŠ-PC | User Name: rodinka | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.02.13 15:57:31 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\rodinka\Downloads\OTL.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

========== Modules (SafeList) ==========

MOD - [2011.02.13 15:57:31 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\rodinka\Downloads\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 02:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 02:15:07 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AVG Security Toolbar Service)
SRV - [2011.01.13 09:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.12.20 17:49:39 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2010.12.20 17:49:37 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010.10.14 17:53:37 | 000,435,008 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.09.30 16:54:28 | 001,051,968 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.09.30 16:51:26 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.07.27 14:46:08 | 000,249,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009.10.20 03:17:30 | 000,172,032 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) Protokol PNRP (Peer Name Resolution Protocol)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalační program ovládacích prvků ActiveX (AxInstSV)
SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2008.10.19 13:30:02 | 000,222,456 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)

========== Driver Services (SafeList) ==========

DRV - [2011.01.13 09:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011.01.13 09:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011.01.13 09:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011.01.13 09:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011.01.13 09:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.12.20 17:49:40 | 000,243,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2010.12.20 17:49:40 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2010.12.20 17:49:37 | 000,216,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2010.12.20 17:49:37 | 000,052,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\Drivers\avgrkx86.sys -- (AvgRkx86)
DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.10.22 12:54:18 | 000,037,392 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\00870222.sys -- (00870222)
DRV - [2009.10.20 03:49:30 | 005,089,280 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.10.14 06:24:44 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.10.09 22:31:02 | 000,311,312 | ---- | M] (Kaspersky Lab) [File_System | System | Stopped] -- C:\Windows\System32\drivers\0087022.sys -- (setup_9.0.0.722_08.02.2011_20-05drv)
DRV - [2009.09.25 16:59:42 | 000,128,016 | ---- | M] (Kaspersky Lab) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\00870221.sys -- (00870221)
DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\amdppm.sys -- (AmdPPM)
DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.13 23:02:52 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)

IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1789673904-1677065206-1250108036-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
IE - HKU\S-1-5-21-1789673904-1677065206-1250108036-1003\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKU\S-1-5-21-1789673904-1677065206-1250108036-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.02.08 15:22:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.02.08 15:22:25 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll (Conduit Ltd.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ToggleEN Toolbar) - {038cb5c7-48ea-4af9-94e0-a1646542e62b} - C:\Program Files\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Softonic-Eng7 Toolbar) - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKU\S-1-5-21-1789673904-1677065206-1250108036-1003\..\Toolbar\WebBrowser: (ToggleEN Toolbar) - {038CB5C7-48EA-4AF9-94E0-A1646542E62B} - C:\Program Files\ToggleEN\tbTogg.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1789673904-1677065206-1250108036-1003\..\Toolbar\WebBrowser: (Softonic-Eng7 Toolbar) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - C:\Program Files\Softonic-Eng7\tbSof1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1789673904-1677065206-1250108036-1003\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_08.02.2011_20-05.lnk = C:\Users\rodinka\Desktop\Virus Removal Tool1\setup_9.0.0.722_08.02.2011_20-05\startup.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.02.10 18:19:32 | 000,000,000 | R--D | C] -- C:\Users\rodinka\Documents\Scanned Documents
[2011.02.10 18:19:31 | 000,000,000 | ---D | C] -- C:\Users\rodinka\Documents\Fax
[2011.02.09 18:08:53 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.02.08 19:39:43 | 000,000,000 | ---D | C] -- C:\Users\rodinka\AppData\Local\ElevatedDiagnostics
[2011.02.08 18:26:10 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\0087022.sys
[2011.02.08 18:26:10 | 000,128,016 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\00870221.sys
[2011.02.08 18:26:10 | 000,037,392 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\00870222.sys
[2011.02.08 18:26:10 | 000,000,000 | ---D | C] -- C:\Users\rodinka\Desktop\Virus Removal Tool1
[2011.02.08 18:21:52 | 091,039,104 | ---- | C] ( ) -- C:\Users\rodinka\Desktop\setup_9.0.0.722_08.02.2011_20-05.exe
[2011.02.08 16:14:43 | 000,000,000 | ---D | C] -- C:\Users\rodinka\AppData\Roaming\Malwarebytes
[2011.02.08 16:14:39 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.02.08 16:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.02.08 16:14:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.02.08 16:14:36 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.02.08 16:14:36 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.02.08 16:12:49 | 007,734,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\rodinka\Desktop\mbam-setup-1.50.1.1100.exe
[2011.02.08 15:47:07 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\rodinka\Desktop\OTL.exe
[2011.02.06 15:58:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011.02.06 15:57:23 | 000,000,000 | ---D | C] -- C:\Users\rodinka\Desktop\Virus Removal Tool
[2011.02.05 14:38:54 | 000,000,000 | ---D | C] -- C:\rsit
[2011.02.02 15:22:18 | 000,017,744 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011.02.02 15:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011.02.02 15:22:17 | 000,294,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011.02.02 15:22:16 | 000,047,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011.02.02 15:22:16 | 000,023,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011.02.02 15:22:13 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011.02.02 15:21:25 | 000,188,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011.02.02 15:21:25 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011.02.02 15:21:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2011.02.02 15:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2011.02.02 11:09:31 | 000,000,000 | ---D | C] -- C:\Users\rodinka\AppData\Roaming\Opera
[2011.02.02 11:09:30 | 000,000,000 | ---D | C] -- C:\Users\rodinka\AppData\Local\Opera
[2011.02.02 11:09:27 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2011.02.02 11:08:14 | 009,280,200 | ---- | C] (Opera Software ASA) -- C:\Users\rodinka\Opera_1101_int_Setup.exe
[2011.02.01 20:10:11 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011.02.01 20:10:06 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011.02.01 17:38:43 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.02.01 16:01:19 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2011.02.01 16:01:19 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011.02.01 16:01:19 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2011.02.01 16:01:19 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011.02.01 16:01:19 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011.02.01 15:38:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011.02.01 15:33:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2011.02.01 15:33:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSN Toolbar
[2011.02.01 15:31:19 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2011.02.01 15:31:19 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2011.02.01 15:31:19 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll
[2011.02.01 15:31:19 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2011.02.01 15:31:19 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2011.02.01 15:31:19 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll
[2011.02.01 15:31:19 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll
[2011.02.01 15:31:18 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll
[2011.02.01 15:31:18 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2011.02.01 15:31:18 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll
[2011.02.01 15:31:18 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2011.02.01 15:31:18 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2011.02.01 15:31:18 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2011.02.01 15:31:18 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll
[2011.02.01 15:31:18 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2011.02.01 15:31:18 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2011.02.01 15:31:17 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2011.02.01 15:31:17 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2011.02.01 15:31:17 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2011.02.01 15:31:17 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2011.02.01 15:31:17 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll
[2011.02.01 15:31:16 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2011.02.01 15:31:16 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2011.02.01 15:31:16 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2011.02.01 15:31:16 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2011.02.01 15:31:16 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2011.02.01 15:31:16 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2011.02.01 15:31:16 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2011.02.01 15:31:15 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2011.02.01 15:31:15 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll
[2011.02.01 15:31:15 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2011.02.01 15:31:15 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll
[2011.02.01 15:31:15 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll
[2011.02.01 15:31:15 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2011.02.01 15:31:15 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll
[2011.02.01 15:31:11 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2011.02.01 15:31:11 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll
[2011.02.01 15:31:11 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll
[2011.02.01 15:31:11 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll
[2011.02.01 15:31:10 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll
[2011.02.01 15:31:10 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll
[2011.02.01 15:31:10 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll
[2011.02.01 15:31:10 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll
[2011.02.01 15:31:10 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll
[2011.02.01 15:31:09 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll
[2011.02.01 15:31:09 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll
[2011.02.01 15:31:09 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll
[2011.02.01 15:31:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll
[2011.02.01 15:31:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll
[2011.02.01 15:31:08 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll
[2011.02.01 15:31:08 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll
[2011.02.01 15:31:08 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll
[2011.02.01 15:31:08 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll
[2011.02.01 15:31:08 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll
[2011.02.01 15:31:07 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll
[2011.02.01 15:31:07 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll
[2011.02.01 15:31:07 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll
[2011.02.01 15:31:07 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll
[2011.02.01 15:29:38 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2011.02.01 15:29:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2011.01.31 18:38:09 | 000,000,000 | -H-D | C] -- C:\ProgramData\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}
[2011.01.31 16:51:56 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2011.01.31 16:51:56 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2011.01.31 16:51:55 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2011.01.31 16:51:55 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2011.01.31 16:51:55 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2011.01.31 16:51:55 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2011.01.31 16:51:55 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2011.01.31 16:51:54 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2011.01.31 16:51:54 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2011.01.31 16:51:54 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2011.01.31 16:51:54 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2011.01.31 16:51:54 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2011.01.31 16:51:54 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2011.01.31 16:51:53 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2011.01.31 16:51:53 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2011.01.31 16:51:53 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2011.01.31 16:14:41 | 000,000,000 | ---D | C] -- C:\Program Files\DaemonTools_WhenUSave_Installer
[2011.01.25 20:02:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011.01.25 14:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2011.01.24 15:42:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment
[2011.01.23 15:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft.temp
[2011.01.23 15:43:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Blizzard Entertainment.temp
[2011.01.21 18:26:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2011.01.20 09:47:25 | 000,000,000 | ---D | C] -- C:\Users\rodinka\Documents\ICQ
[2011.01.17 19:27:43 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Blizzard Entertainment
[2011.01.14 18:53:12 | 000,000,000 | ---D | C] -- C:\ProgramData\TrackMania
[2011.01.14 18:52:35 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2011.01.14 18:52:35 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2011.01.14 18:52:35 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2011.01.14 18:52:29 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2011.01.14 18:52:28 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2011.01.14 18:52:28 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2011.01.14 18:52:28 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2011.01.14 18:52:28 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2011.01.14 18:52:26 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2011.01.14 18:52:20 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll
[2011.01.14 18:51:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever
[2011.01.14 18:50:15 | 000,000,000 | ---D | C] -- C:\Program Files\TmNationsForever
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.02.13 15:54:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.13 15:53:57 | 2616,598,528 | -HS- | M] () -- C:\hiberfil.sys
[2011.02.10 20:47:30 | 197,123,826 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.02.10 18:34:26 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.10 18:34:26 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.10 18:29:02 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011.02.10 18:29:02 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.02.10 18:26:21 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2011.02.10 18:14:36 | 000,030,720 | ---- | M] () -- C:\Users\rodinka\Desktop\seznam-mori-a-oceanu-slepa-mapa-pojmy-2-.doc
[2011.02.10 15:36:35 | 000,342,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.02.09 20:57:00 | 000,000,970 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1789673904-1677065206-1250108036-1003UA.job
[2011.02.09 17:57:38 | 001,246,371 | ---- | M] () -- C:\Users\rodinka\Desktop\tdsskiller.zip
[2011.02.08 19:55:07 | 004,265,447 | R--- | M] () -- C:\Users\rodinka\Desktop\virus.com.exe
[2011.02.08 18:26:34 | 000,002,228 | ---- | M] () -- C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_08.02.2011_20-05.lnk
[2011.02.08 18:25:01 | 091,039,104 | ---- | M] ( ) -- C:\Users\rodinka\Desktop\setup_9.0.0.722_08.02.2011_20-05.exe
[2011.02.08 17:57:53 | 000,002,411 | ---- | M] () -- C:\Users\rodinka\Desktop\Google Chrome.lnk
[2011.02.08 16:14:39 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.08 16:13:28 | 007,734,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\rodinka\Desktop\mbam-setup-1.50.1.1100.exe
[2011.02.08 15:47:07 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\rodinka\Desktop\OTL.exe
[2011.02.02 15:18:34 | 070,627,222 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2011.02.02 11:09:29 | 000,001,779 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.02.02 11:08:14 | 009,280,200 | ---- | M] (Opera Software ASA) -- C:\Users\rodinka\Opera_1101_int_Setup.exe
[2011.02.01 17:28:18 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
[2011.02.01 17:28:18 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
[2011.02.01 17:28:06 | 000,000,319 | ---- | M] () -- C:\Windows\game.ini
[2011.01.31 18:47:28 | 000,000,286 | ---- | M] () -- C:\Windows\reimage.ini
[2011.01.31 16:51:15 | 000,022,328 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2011.01.25 15:02:18 | 000,001,295 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011.01.21 18:26:28 | 000,001,333 | ---- | M] () -- C:\Users\rodinka\Desktop\World of Warcraft Installer.lnk
[2011.01.18 20:40:51 | 000,622,422 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.01.18 20:40:51 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.01.18 20:40:51 | 000,118,604 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.01.18 20:40:51 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.01.14 18:51:45 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\TmNationsForever.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.02.10 15:44:06 | 000,030,720 | ---- | C] () -- C:\Users\rodinka\Desktop\seznam-mori-a-oceanu-slepa-mapa-pojmy-2-.doc
[2011.02.09 17:57:27 | 001,246,371 | ---- | C] () -- C:\Users\rodinka\Desktop\tdsskiller.zip
[2011.02.08 18:26:34 | 000,002,228 | ---- | C] () -- C:\Users\rodinka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup_9.0.0.722_08.02.2011_20-05.lnk
[2011.02.08 16:50:47 | 004,265,447 | R--- | C] () -- C:\Users\rodinka\Desktop\virus.com.exe
[2011.02.08 16:14:39 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.02.02 15:22:18 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011.02.02 11:09:29 | 000,001,791 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011.02.02 11:09:29 | 000,001,779 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.02.01 17:38:34 | 197,123,826 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.02.01 17:28:18 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
[2011.02.01 17:28:18 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
[2011.02.01 17:28:06 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2011.02.01 15:33:25 | 000,001,338 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk
[2011.01.31 18:47:17 | 000,000,286 | ---- | C] () -- C:\Windows\reimage.ini
[2011.01.31 18:35:22 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2011.01.25 14:34:08 | 000,001,295 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2011.01.21 18:26:28 | 000,001,333 | ---- | C] () -- C:\Users\rodinka\Desktop\World of Warcraft Installer.lnk
[2011.01.14 18:51:45 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\TmNationsForever.lnk
[2010.10.14 17:43:55 | 000,028,672 | ---- | C] () -- C:\Windows\System32\vorbisfile.dll
[2010.10.14 17:39:11 | 001,531,904 | ---- | C] () -- C:\Windows\System32\logs.dll
[2010.08.11 16:02:01 | 000,374,272 | ---- | C] () -- C:\Windows\System32\mss32.dll
[2010.07.29 11:38:19 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.30 17:50:38 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2009.07.14 01:55:09 | 000,587,776 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2005.10.14 10:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2005.10.14 10:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005.10.14 10:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005.10.14 10:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2005.10.14 10:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005.10.14 10:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005.10.14 10:56:50 | 000,155,136 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2005.10.14 10:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2004.07.29 19:17:19 | 000,028,672 | ---- | C] () -- C:\Windows\System32\frapsvid.dll

========== LOP Check ==========

[2010.12.16 09:14:23 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\DAEMON Tools Lite
[2011.01.17 12:20:35 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\ICQ
[2011.02.08 15:22:46 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\Opera
[2010.07.01 17:09:12 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\TuneUp Software
[2010.07.23 09:22:26 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\Zoner
[2010.10.18 20:12:16 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\DAEMON Tools Lite
[2011.01.19 21:18:19 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\ICQ
[2011.02.08 15:22:56 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Opera
[2010.06.30 16:20:02 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\TuneUp Software
[2011.01.31 18:35:21 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Uniblue
[2010.06.30 17:02:50 | 000,000,000 | ---D | M] -- C:\Users\Tomáš\AppData\Roaming\Zoner
[2011.02.10 18:26:21 | 000,000,332 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2010.12.10 14:27:31 | 000,032,518 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

>

zipicek · #54 Příspěvek od **zipicek** » 13 úno 2011 16:14

druhá polovina
========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.07.03 22:51:02 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\Adobe
[2010.12.16 09:14:23 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\DAEMON Tools Lite
[2011.01.17 12:20:35 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\ICQ
[2010.06.30 20:13:40 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\Identities
[2010.07.01 17:48:42 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\Macromedia
[2011.02.08 16:14:43 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\Malwarebytes
[2009.07.14 10:20:06 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\Media Center Programs
[2011.02.08 19:45:00 | 000,000,000 | --SD | M] -- C:\Users\rodinka\AppData\Roaming\Microsoft
[2011.02.08 15:22:46 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\Opera
[2010.07.01 17:09:12 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\TuneUp Software
[2010.08.15 13:18:47 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\WinRAR
[2010.07.23 09:22:26 | 000,000,000 | ---D | M] -- C:\Users\rodinka\AppData\Roaming\Zoner

< %APPDATA%\*.exe /s >

< MD5 for: AGP440.SYS >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\drivers\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_db87d184bc84f910\cdrom.sys
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\System32\cryptsvc.dll
[2009.07.14 02:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\System32\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\drivers\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\isapnp.sys
[2009.07.14 02:20:36 | 000,046,656 | ---- | M] (Microsoft Corporation) MD5=1F32BB6B38F62F7DF1A7AB7292638A35 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\System32\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_a620e0e5be1ecda7\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_a61fe281be1fb177\lsass.exe
[2009.07.14 02:14:23 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=F42309C4191C506B71DB5D1126D26318 -- C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_a69eaf60d7456d32\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\System32\drivers\ndis.sys
[2009.07.14 02:20:44 | 000,710,720 | ---- | M] (Microsoft Corporation) MD5=23759D175A0A9BAAF04D05047BC135A8 -- C:\Windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_a79d81ea7d62a289\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\drivers\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) MD5=3F3D04B1D08D43C16EA7963954EC768D -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\System32\smss.exe
[2009.07.14 02:14:39 | 000,069,632 | ---- | M] (Microsoft Corporation) MD5=16742790895960690237A5143CEDEC8B -- C:\Windows\winsxs\x86_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_ac10fe207a85352b\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010.06.14 07:06:58 | 001,288,576 | ---- | M] (Microsoft Corporation) MD5=A39EA325C081AD27461F630C8E3E56E0 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20733_none_b3b219fae0b0af43\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\System32\drivers\tcpip.sys
[2010.06.14 07:12:30 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=BB7F39C31C4A4417FD318E7CD184E225 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16610_none_b33b1c29c7858b92\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\System32\ws2_32.dll
[2009.07.14 02:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2011.02.10 18:34:26 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.10 18:34:26 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.10 18:29:02 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

< End of report

zipicek · #55 Příspěvek od **zipicek** » 13 úno 2011 16:15

ten extras.txt se mi neobjevil zkousím to znovu

#56 Příspěvek od **motji** » 13 úno 2011 16:18

Vy tam máte pořád ještě to AVG i Avast?

zipicek · #57 Příspěvek od **zipicek** » 13 úno 2011 16:21

Mám tam jen ten avast a ten extras.txt se mi furt neobjevuje

#58 Příspěvek od **motji** » 13 úno 2011 16:23

Ale já ho v logu pořád vidím

. No nic, zkusím to všechno vyčistit a uvidíme. Ale ted musím od pc, budu tu večer.
zatím si zazálohujte ty data

zipicek · #59 Příspěvek od **zipicek** » 13 úno 2011 16:24

jjj podívam se na to avg

#60 Příspěvek od **motji** » 13 úno 2011 16:31

ok, a odinstalujte i avptool, ten tam taky zlobí, a já pak zbytek vyčistím

VIRY.CZ

Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe

Re: Pomoc! vir v explorer.exe