VIRY.CZ

ComboFix 10-07-15.05 - Lenovo 16.07.2010 19:31:24.1.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1014.430 [GMT 2:00]
Running from: d:\moje dokumenty\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100715-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Lenovo\CF21229.cfxxe
c:\documents and settings\Lenovo\mbr.cfxxe

.
((((((((((((((((((((((((( Files Created from 2010-06-16 to 2010-07-16 )))))))))))))))))))))))))))))))
.

2010-07-16 16:05 . 2010-07-16 16:05 -------- d--h--w- c:\temp\dvmexp
2010-07-16 16:05 . 2010-07-16 16:05 -------- d-----w- C:\dvmexp
2010-07-15 19:06 . 2001-08-17 10:12 100936 -c--a-w- c:\windows\system32\dllcache\ibmtok.sys
2010-07-15 19:06 . 2001-08-17 20:34 9216 -c--a-w- c:\windows\system32\dllcache\ibmsgnet.dll
2010-07-15 19:06 . 2001-08-17 10:11 28700 -c--a-w- c:\windows\system32\dllcache\ibmexmp.sys
2010-07-15 19:06 . 2008-04-13 20:04 161020 -c--a-w- c:\windows\system32\dllcache\i81xnt5.sys
2010-07-15 19:06 . 2008-04-14 03:41 702845 -c--a-w- c:\windows\system32\dllcache\i81xdnt5.dll
2010-07-15 19:06 . 2001-08-17 10:49 58592 -c--a-w- c:\windows\system32\dllcache\i740nt5.sys
2010-07-15 19:04 . 2001-08-17 11:28 115807 -c--a-w- c:\windows\system32\dllcache\hsf_fsks.sys
2010-07-15 19:03 . 2001-08-17 20:36 101376 -c--a-w- c:\windows\system32\dllcache\hpgt34.dll
2010-07-15 19:02 . 2001-08-17 11:51 17408 -c--a-w- c:\windows\system32\dllcache\gpr400.sys
2010-07-15 19:02 . 2008-04-13 22:15 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys
2010-07-15 19:02 . 2008-04-13 22:15 10624 -c--a-w- c:\windows\system32\dllcache\gameenum.sys
2010-07-15 19:02 . 2008-04-13 22:06 46464 -c--a-w- c:\windows\system32\dllcache\gagp30kx.sys
2010-07-15 19:02 . 2001-08-17 10:49 322432 -c--a-w- c:\windows\system32\dllcache\g400m.sys
2010-07-15 19:02 . 2001-08-17 12:56 1733120 -c--a-w- c:\windows\system32\dllcache\g400d.dll
2010-07-15 19:02 . 2001-08-17 10:49 320384 -c--a-w- c:\windows\system32\dllcache\g200m.sys
2010-07-15 19:02 . 2001-08-17 12:56 470144 -c--a-w- c:\windows\system32\dllcache\g200d.dll
2010-07-15 19:02 . 2001-08-17 10:15 454912 -c--a-w- c:\windows\system32\dllcache\fxusbase.sys
2010-07-15 19:01 . 2001-08-17 20:36 92160 -c--a-w- c:\windows\system32\dllcache\fuusd.dll
2010-07-15 19:01 . 2001-08-17 10:15 455296 -c--a-w- c:\windows\system32\dllcache\fusbbase.sys
2010-07-15 19:01 . 2001-08-17 10:15 455680 -c--a-w- c:\windows\system32\dllcache\fus2base.sys
2010-07-15 19:00 . 2001-08-17 10:15 442240 -c--a-w- c:\windows\system32\dllcache\fpnpbase.sys
2010-07-15 19:00 . 2001-08-17 10:14 441728 -c--a-w- c:\windows\system32\dllcache\fpcmbase.sys
2010-07-15 19:00 . 2001-08-17 10:14 444416 -c--a-w- c:\windows\system32\dllcache\fpcibase.sys
2010-07-15 19:00 . 2008-04-13 20:05 34173 -c--a-w- c:\windows\system32\dllcache\forehe.sys
2010-07-15 19:00 . 2001-08-17 20:36 71680 -c--a-w- c:\windows\system32\dllcache\fnfilter.dll
2010-07-15 18:59 . 2001-08-17 10:13 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys
2010-07-15 18:59 . 2001-08-17 10:10 22090 -c--a-w- c:\windows\system32\dllcache\fem556n5.sys
2010-07-15 18:59 . 2001-08-17 10:12 24618 -c--a-w- c:\windows\system32\dllcache\fa410nd5.sys
2010-07-15 18:59 . 2001-08-17 10:12 16074 -c--a-w- c:\windows\system32\dllcache\fa312nd5.sys
2010-07-15 18:59 . 2001-08-17 10:11 11850 -c--a-w- c:\windows\system32\dllcache\f3ab18xj.sys
2010-07-15 18:59 . 2001-08-17 10:11 12362 -c--a-w- c:\windows\system32\dllcache\f3ab18xi.sys
2010-07-15 18:59 . 2001-08-17 11:52 7040 -c--a-w- c:\windows\system32\dllcache\exabyte2.sys
2010-07-15 18:59 . 2001-08-17 10:12 16998 -c--a-w- c:\windows\system32\dllcache\ex10.sys
2010-07-15 18:58 . 2001-08-17 20:36 45568 -c--a-w- c:\windows\system32\dllcache\esunib.dll
2010-07-15 18:58 . 2001-08-17 20:36 45568 -c--a-w- c:\windows\system32\dllcache\esuni.dll
2010-07-15 18:58 . 2001-08-17 20:36 34816 -c--a-w- c:\windows\system32\dllcache\esuimg.dll
2010-07-15 18:58 . 2001-08-17 20:36 43008 -c--a-w- c:\windows\system32\dllcache\esucm.dll
2010-07-15 18:58 . 2008-04-13 20:06 137088 -c--a-w- c:\windows\system32\dllcache\essm2e.sys
2010-07-15 18:58 . 2001-08-17 10:19 63360 -c--a-w- c:\windows\system32\dllcache\ess.sys
2010-07-15 18:58 . 2001-08-17 11:28 347550 -c--a-w- c:\windows\system32\dllcache\es56tpi.sys
2010-07-15 18:58 . 2001-08-17 11:28 594238 -c--a-w- c:\windows\system32\dllcache\es56hpi.sys
2010-07-15 18:58 . 2001-08-17 11:28 595647 -c--a-w- c:\windows\system32\dllcache\es56cvmp.sys
2010-07-15 18:58 . 2001-08-17 10:19 174464 -c--a-w- c:\windows\system32\dllcache\es198x.sys
2010-07-15 18:56 . 2001-08-17 11:28 241206 -c--a-w- c:\windows\system32\dllcache\el656se5.sys
2010-07-15 18:56 . 2001-08-17 10:11 77386 -c--a-w- c:\windows\system32\dllcache\el656nd5.sys
2010-07-15 18:56 . 2001-08-17 11:28 634134 -c--a-w- c:\windows\system32\dllcache\el656ct5.sys
2010-07-15 18:56 . 2001-08-17 10:11 69194 -c--a-w- c:\windows\system32\dllcache\el656cd5.sys
2010-07-15 18:56 . 2001-08-17 10:10 26141 -c--a-w- c:\windows\system32\dllcache\el589nd5.sys
2010-07-15 18:56 . 2001-08-17 10:10 69692 -c--a-w- c:\windows\system32\dllcache\el575nd5.sys
2010-07-15 18:56 . 2001-08-17 10:10 24653 -c--a-w- c:\windows\system32\dllcache\el574nd4.sys
2010-07-15 18:56 . 2001-08-17 10:10 55999 -c--a-w- c:\windows\system32\dllcache\el556nd5.sys
2010-07-15 18:56 . 2001-08-17 10:10 44103 -c--a-w- c:\windows\system32\dllcache\el515.sys
2010-07-15 18:54 . 2001-08-17 20:36 38985 -c--a-w- c:\windows\system32\dllcache\disrvsu.dll
2010-07-15 18:53 . 2001-08-17 20:36 80896 -c--a-w- c:\windows\system32\dllcache\dc210usd.dll
2010-07-15 18:52 . 2001-08-17 10:11 60970 -c--a-w- c:\windows\system32\dllcache\cpqtrnd5.sys
2010-07-15 18:52 . 2001-08-17 10:13 21533 -c--a-w- c:\windows\system32\dllcache\cpqndis5.sys
2010-07-15 18:52 . 2001-08-17 10:11 39936 -c--a-w- c:\windows\system32\dllcache\cnxt1803.sys
2010-07-15 18:52 . 2001-08-17 20:36 44032 -c--a-w- c:\windows\system32\dllcache\cnusd.dll
2010-07-15 18:52 . 2001-08-17 11:51 20736 -c--a-w- c:\windows\system32\dllcache\cmbp0wdm.sys
2010-07-15 18:52 . 2001-08-17 11:57 248064 -c--a-w- c:\windows\system32\dllcache\cl546xm.sys
2010-07-15 18:52 . 2001-08-17 12:56 170880 -c--a-w- c:\windows\system32\dllcache\cl546x.dll
2010-07-15 18:52 . 2001-08-17 12:56 111232 -c--a-w- c:\windows\system32\dllcache\cl5465.dll
2010-07-15 18:52 . 2001-08-17 11:57 45696 -c--a-w- c:\windows\system32\dllcache\cirrus.sys
2010-07-15 18:52 . 2001-08-17 12:56 91264 -c--a-w- c:\windows\system32\dllcache\cirrus.dll
2010-07-15 18:52 . 2001-08-17 12:02 272640 -c--a-w- c:\windows\system32\dllcache\cinemclc.sys
2010-07-15 18:52 . 2001-08-17 10:13 980034 -c--a-w- c:\windows\system32\dllcache\cicap.sys
2010-07-15 18:34 . 2010-07-15 18:35 -------- d-----w- c:\program files\trend micro
2010-07-15 18:34 . 2001-08-17 11:51 13824 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
2010-07-15 18:34 . 2008-04-13 22:16 18944 -c--a-w- c:\windows\system32\dllcache\bthusb.sys
2010-07-15 18:34 . 2008-04-13 22:21 101120 -c--a-w- c:\windows\system32\dllcache\bthpan.sys
2010-07-15 18:34 . 2008-04-13 22:16 36480 -c--a-w- c:\windows\system32\dllcache\bthprint.sys
2010-07-15 18:34 . 2008-04-13 22:16 37888 -c--a-w- c:\windows\system32\dllcache\bthmodem.sys
2010-07-15 18:33 . 2008-04-13 22:16 17024 -c--a-w- c:\windows\system32\dllcache\bthenum.sys
2010-07-15 18:33 . 2001-08-17 10:11 31529 -c--a-w- c:\windows\system32\dllcache\brzwlan.sys
2010-07-15 18:33 . 2001-08-17 11:12 10368 -c--a-w- c:\windows\system32\dllcache\brusbscn.sys
2010-07-15 18:33 . 2001-08-17 11:12 11008 -c--a-w- c:\windows\system32\dllcache\brusbmdm.sys
2010-07-15 18:33 . 2001-08-17 11:12 60416 -c--a-w- c:\windows\system32\dllcache\brserwdm.sys
2010-07-15 18:33 . 2001-08-17 20:36 9728 -c--a-w- c:\windows\system32\dllcache\brserif.dll
2010-07-15 18:33 . 2001-08-17 20:36 5120 -c--a-w- c:\windows\system32\dllcache\brscnrsm.dll
2010-07-15 18:33 . 2001-08-17 11:12 39552 -c--a-w- c:\windows\system32\dllcache\brparwdm.sys
2010-07-15 18:33 . 2001-08-17 11:12 3168 -c--a-w- c:\windows\system32\dllcache\brparimg.sys
2010-07-15 18:33 . 2001-08-17 20:36 41472 -c--a-w- c:\windows\system32\dllcache\brmfusb.dll
2010-07-15 18:33 . 2001-08-17 20:36 32256 -c--a-w- c:\windows\system32\dllcache\brmfrsmg.exe
2010-07-15 18:33 . 2001-08-17 20:36 29696 -c--a-w- c:\windows\system32\dllcache\brmflpt.dll
2010-07-15 12:03 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-15 12:03 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-15 12:03 . 2010-07-15 12:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-15 10:02 . 2010-07-15 10:02 -------- d-----w- C:\Nový priečinok
2010-07-15 07:47 . 2010-07-15 07:47 -------- d-sh--w- c:\documents and settings\Administrator.CINKANC\PrivacIE
2010-07-15 07:47 . 2010-07-15 07:47 -------- d-----w- c:\documents and settings\Administrator.CINKANC\Application Data\DivX
2010-07-15 07:40 . 2001-08-17 20:36 81408 -c--a-w- c:\windows\system32\dllcache\brmfcwia.dll
2010-07-15 07:40 . 2001-08-17 20:36 15360 -c--a-w- c:\windows\system32\dllcache\brmfbidi.dll
2010-07-15 07:40 . 2001-08-17 11:12 3968 -c--a-w- c:\windows\system32\dllcache\brfiltup.sys
2010-07-15 07:40 . 2001-08-17 11:12 12160 -c--a-w- c:\windows\system32\dllcache\brfiltlo.sys
2010-07-15 07:40 . 2001-08-17 11:12 2944 -c--a-w- c:\windows\system32\dllcache\brfilt.sys
2010-07-15 07:40 . 2001-08-17 20:36 12800 -c--a-w- c:\windows\system32\dllcache\brevif.dll
2010-07-15 07:40 . 2001-08-17 20:36 9728 -c--a-w- c:\windows\system32\dllcache\brcoinst.dll
2010-07-15 07:40 . 2001-08-17 20:36 19456 -c--a-w- c:\windows\system32\dllcache\brbidiif.dll
2010-07-15 07:15 . 2001-08-17 20:36 102400 -c--a-w- c:\windows\system32\dllcache\binlsvc.dll
2010-07-15 07:13 . 2008-04-13 20:04 57856 -c--a-w- c:\windows\system32\dllcache\atinbtxx.sys
2010-07-15 06:51 . 2010-07-15 06:51 -------- d-----w- c:\windows\MATS
2010-07-15 06:51 . 2010-07-15 06:51 -------- d-----w- c:\program files\Microsoft Fix it Center
2010-07-15 06:46 . 2008-04-14 03:41 3775 -c--a-w- c:\windows\system32\dllcache\adv11nt5.dll
2010-07-15 06:46 . 2008-04-14 03:41 3711 -c--a-w- c:\windows\system32\dllcache\adv09nt5.dll
2010-07-15 06:46 . 2008-04-14 03:41 3135 -c--a-w- c:\windows\system32\dllcache\adv08nt5.dll
2010-07-15 06:46 . 2008-04-14 03:41 3647 -c--a-w- c:\windows\system32\dllcache\adv07nt5.dll
2010-07-15 06:44 . 2001-08-17 12:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-07-14 12:02 . 2010-07-14 12:02 -------- d-----w- c:\program files\Microsoft Private Folder 1.0
2010-07-14 11:40 . 2010-07-14 11:40 -------- d-----w- c:\documents and settings\Lenovo\Local Settings\Application Data\Frogger
2010-07-14 07:42 . 2010-07-14 07:42 -------- d-----w- c:\documents and settings\sss\Local Settings\Application Data\Identities
2010-07-14 07:42 . 2010-07-14 07:42 -------- d-----w- c:\documents and settings\sss\Application Data\Windows Search
2010-07-14 07:42 . 2010-07-14 07:42 -------- d-----w- c:\documents and settings\sss\Application Data\Windows Desktop Search
2010-07-14 07:38 . 2009-08-07 01:37 -------- d-----w- c:\documents and settings\sss\Local Settings\Application Data\Microsoft Help
2010-07-14 07:38 . 2009-08-07 01:30 -------- d-----w- c:\documents and settings\sss\Local Settings\Application Data\Adobe
2010-07-14 07:38 . 2009-08-07 01:20 -------- d-----w- c:\documents and settings\sss\Bluetooth Software
2010-07-14 07:38 . 2008-07-21 19:31 -------- d-----w- c:\documents and settings\sss\Local Settings\Application Data\ApplicationHistory
2010-07-14 07:38 . 2010-07-14 07:39 -------- d-----w- c:\documents and settings\sss
2010-07-11 13:27 . 1999-01-20 03:01 210032 ----a-w- c:\windows\system32\DBCLIENT.DLL
2010-07-11 13:27 . 2010-07-11 13:27 -------- d-----w- c:\program files\Common Files\Borland Shared
2010-07-11 13:25 . 2010-07-11 13:53 -------- d-----w- c:\program files\Trell
2010-07-11 13:23 . 2010-07-11 13:53 -------- d-----w- c:\program files\Ztrl
2010-07-11 07:31 . 2010-07-11 07:31 -------- d-----w- C:\apache
2010-06-21 11:44 . 2010-06-21 11:44 -------- d-----w- c:\documents and settings\Lenovo\Local Settings\Application Data\Macromedia

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-16 16:07 . 2009-11-27 08:21 -------- d-----w- c:\program files\LanSchool
2010-07-16 07:55 . 2010-04-27 14:10 -------- d-----w- c:\documents and settings\Lenovo\Application Data\vlc
2010-07-14 14:47 . 2010-05-11 11:28 -------- d-----w- c:\documents and settings\Lenovo\Application Data\Winsplit Revolution
2010-07-14 13:34 . 2010-06-04 09:32 63488 ----a-w- c:\documents and settings\Lenovo\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-07-14 13:33 . 2010-01-18 14:07 117760 ----a-w- c:\documents and settings\Lenovo\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-07-14 13:11 . 2009-10-26 15:21 -------- d-----w- c:\program files\Avast4
2010-07-14 12:52 . 2010-04-09 07:39 53700556 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-07-14 12:40 . 2010-01-18 14:06 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-07-14 11:31 . 2009-10-26 12:50 -------- d-----w- c:\program files\Windows Desktop Search
2010-07-14 07:37 . 2009-08-07 01:29 -------- d-----w- c:\documents and settings\All Users\Application Data\VeriFace
2010-07-13 17:44 . 2010-03-27 13:40 -------- d-----w- c:\documents and settings\Lenovo\Application Data\dvdcss
2010-07-13 07:43 . 2009-12-04 15:36 -------- d-----w- c:\documents and settings\Lenovo\Application Data\Skype
2010-07-13 07:40 . 2009-12-04 15:44 -------- d-----w- c:\documents and settings\Lenovo\Application Data\skypePM
2010-07-11 13:43 . 2010-07-11 13:23 5 ----a-w- c:\program files\trl.trl
2010-07-03 09:29 . 2009-12-05 08:34 -------- d-----w- c:\documents and settings\Lenovo\Application Data\Media Player Classic
2010-06-23 13:26 . 2010-05-13 13:17 3140 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-06-21 11:13 . 2009-08-07 01:19 -------- d-----w- c:\program files\Common Files\InstallShield
2010-06-20 18:02 . 2010-02-17 13:55 -------- d-----w- c:\documents and settings\Lenovo\Application Data\gtk-2.0
2010-06-18 05:58 . 2009-10-27 01:46 120712 ----a-w- c:\documents and settings\Lenovo\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-17 11:34 . 2010-06-17 11:32 -------- d-----w- c:\documents and settings\All Users\Application Data\MAGIX
2010-06-16 12:22 . 2010-06-16 12:22 16792 ----a-w- c:\windows\War3Unin.dat
2010-06-16 12:22 . 2010-06-16 12:22 2829 ----a-w- c:\windows\War3Unin.pif
2010-06-16 12:22 . 2010-06-16 12:22 126976 ----a-w- c:\windows\War3Unin.exe
2010-06-14 14:31 . 2008-07-21 19:14 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-09 13:03 . 2010-06-09 13:03 -------- d-----w- c:\program files\Digital Photo Software
2010-06-09 09:04 . 2009-08-07 01:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-06-04 12:28 . 2009-08-07 01:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-04 11:51 . 2009-10-26 13:01 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-15 09:22 . 2010-05-15 09:22 77824 ----a-w- c:\windows\system32\Picclp32.dll
2010-05-06 10:41 . 2008-07-21 20:04 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 05:22 . 2008-07-21 20:04 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30 . 2008-07-21 20:04 285696 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2009-08-07 01:29 241752 ----a-w- c:\windows\system32\IcnOvrly.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StudentDOG"="d:\program files\Student DOG\StudentDOG.exe" [2010-01-05 2278400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-05-23 1146880]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2008-07-09 4456448]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-17 17508864]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2008-08-28 1283984]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]

c:\documents and settings\Lenovo\Start Menu\Programs\Startup\
Odkaz na BTTray.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-1-17 604776]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideFastUserSwitching"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\program files\superantispyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- d:\program files\superantispyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LanSchoolStudent]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 12:42 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StudentDOG]
2010-01-05 18:06 2278400 ----a-w- d:\program files\Student DOG\StudentDOG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Teacher]
2009-11-06 13:38 1041712 ----a-w- c:\program files\LanSchool\student.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LanSchoolStudent"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"StudentDOG"=d:\program files\Student DOG\StudentDOG.exe -h

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Total Commander\\TOTALCMD.EXE"=
"d:\\Program files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\LanSchool\\student.exe"=
"d:\\Program files\\superantispyware\\SUPERANTISPYWARE.EXE"=
"d:\\Moje dokumenty\\Desktop\\Moje Dokumenty 2\\Iné\\OpenLieroX\\OpenLieroX.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [26.10.2009 17:21 114768]
R1 SASDIFSV;SASDIFSV;d:\program files\superantispyware\SASDIFSV.SYS [5.1.2010 8:56 12872]
R1 SASKUTIL;SASKUTIL;d:\program files\superantispyware\SASKUTIL.SYS [5.1.2010 8:56 61440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [26.10.2009 17:21 20560]
R2 DvmMDES;DeviceVM Meta Data Export Service;c:\qstart.sys\config\DVMExportService.exe [20.11.2008 18:15 307200]
R2 LanSchoolStudent;LanSchool Student Service;c:\program files\LanSchool\student.exe [6.11.2009 15:38 1041712]
R2 Prvflder;Prvflder;c:\windows\system32\drivers\prvflder.sys [21.4.2006 8:22 70912]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [7.8.2009 3:22 9472]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [7.8.2009 3:27 157696]
S1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [14.12.2009 15:56 24786]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.2.2010 9:43 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [7.8.2009 3:22 1684736]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;d:\program files\Common\Database\bin\fbserver.exe [17.6.2010 13:34 1527900]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [10.4.2010 17:05 266544]
S3 SASENUM;SASENUM;d:\program files\superantispyware\SASENUM.SYS [5.1.2010 8:56 12872]
.
.
------- Supplementary Scan -------
.
IE: + Offline &Explorer: Download the link - file://c:\program files\Portable Offline Browser\Add_UrlO.htm
IE: + Offline E&xplorer: Download the current page - file://c:\program files\Portable Offline Browser\Add_AllO.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki...
IE: Send to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\documents and settings\Lenovo\Application Data\Mozilla\Firefox\Profiles\o34pe17o.default\
FF - prefs.js: browser.search.selectedEngine - Slovnik.sk (EN-SK)
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - plugin: c:\documents and settings\Lenovo\Application Data\Mozilla\plugins\np-mswmp.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Photosynth\npPhotosynthMozilla.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npImagine.dll
FF - plugin: d:\program files\VLC\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
d:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-16 19:41
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-4014759837-701437581-457512304-1009\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7B095D8F-C365-C619-D374-B9665B19C151}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"eapgkdfjmo"=hex:67,61,61,62,6b,61,67,65,70,6f,63,6d,6d,68,00,00

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
@DACL=(02 0000)
@=""
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
@DACL=(02 0000)
@=""
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
@DACL=(02 0000)
@=""
"Installed"="1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1420)
d:\program files\superantispyware\SASWINLO.dll
c:\windows\system32\WININET.dll
.
Completion time: 2010-07-16 19:46:02
ComboFix-quarantined-files.txt 2010-07-16 17:45

Pre-Run: 26 069 471 232 bytes free
Post-Run: 19 adresárov, 26 023 612 416 voľných bajtov

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - CCCD47C149A3909008C2905D5D8F8E8F

Pokud nemáte, přesuňte Combofix na plochu

Otevřete si Poznámkový blok a zkopírujte do něj text z bílého okénka.

Kód: Vybrat vše

RegNull::
[HKEY_USERS\S-1-5-21-4014759837-701437581-457512304-1009\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7B095D8F-C365-C619-D374-B9665B19C151}*]

RegLock::
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]

Uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
Po uložení uchopte vámi vytvořený skript levým myšítkem a přesuňte ho nad ikonu Combofixu, kde ho upustíte:
Po aplikaci na Vás vypadne další log,vložte ho sem

Může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

ComboFix 10-07-15.05 - Lenovo 16.07.2010 19:31:24.1.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.1014.430 [GMT 2:00]
Running from: d:\moje dokumenty\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100715-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Lenovo\CF21229.cfxxe
c:\documents and settings\Lenovo\mbr.cfxxe

.
((((((((((((((((((((((((( Files Created from 2010-06-16 to 2010-07-16 )))))))))))))))))))))))))))))))
.

2010-07-16 16:05 . 2010-07-16 16:05 -------- d--h--w- c:\temp\dvmexp
2010-07-16 16:05 . 2010-07-16 16:05 -------- d-----w- C:\dvmexp
2010-07-15 19:06 . 2001-08-17 10:12 100936 -c--a-w- c:\windows\system32\dllcache\ibmtok.sys
2010-07-15 19:06 . 2001-08-17 20:34 9216 -c--a-w- c:\windows\system32\dllcache\ibmsgnet.dll
2010-07-15 19:06 . 2001-08-17 10:11 28700 -c--a-w- c:\windows\system32\dllcache\ibmexmp.sys
2010-07-15 19:06 . 2008-04-13 20:04 161020 -c--a-w- c:\windows\system32\dllcache\i81xnt5.sys
2010-07-15 19:06 . 2008-04-14 03:41 702845 -c--a-w- c:\windows\system32\dllcache\i81xdnt5.dll
2010-07-15 19:06 . 2001-08-17 10:49 58592 -c--a-w- c:\windows\system32\dllcache\i740nt5.sys
2010-07-15 19:04 . 2001-08-17 11:28 115807 -c--a-w- c:\windows\system32\dllcache\hsf_fsks.sys
2010-07-15 19:03 . 2001-08-17 20:36 101376 -c--a-w- c:\windows\system32\dllcache\hpgt34.dll
2010-07-15 19:02 . 2001-08-17 11:51 17408 -c--a-w- c:\windows\system32\dllcache\gpr400.sys
2010-07-15 19:02 . 2008-04-13 22:15 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys
2010-07-15 19:02 . 2008-04-13 22:15 10624 -c--a-w- c:\windows\system32\dllcache\gameenum.sys
2010-07-15 19:02 . 2008-04-13 22:06 46464 -c--a-w- c:\windows\system32\dllcache\gagp30kx.sys
2010-07-15 19:02 . 2001-08-17 10:49 322432 -c--a-w- c:\windows\system32\dllcache\g400m.sys
2010-07-15 19:02 . 2001-08-17 12:56 1733120 -c--a-w- c:\windows\system32\dllcache\g400d.dll
2010-07-15 19:02 . 2001-08-17 10:49 320384 -c--a-w- c:\windows\system32\dllcache\g200m.sys
2010-07-15 19:02 . 2001-08-17 12:56 470144 -c--a-w- c:\windows\system32\dllcache\g200d.dll
2010-07-15 19:02 . 2001-08-17 10:15 454912 -c--a-w- c:\windows\system32\dllcache\fxusbase.sys
2010-07-15 19:01 . 2001-08-17 20:36 92160 -c--a-w- c:\windows\system32\dllcache\fuusd.dll
2010-07-15 19:01 . 2001-08-17 10:15 455296 -c--a-w- c:\windows\system32\dllcache\fusbbase.sys
2010-07-15 19:01 . 2001-08-17 10:15 455680 -c--a-w- c:\windows\system32\dllcache\fus2base.sys
2010-07-15 19:00 . 2001-08-17 10:15 442240 -c--a-w- c:\windows\system32\dllcache\fpnpbase.sys
2010-07-15 19:00 . 2001-08-17 10:14 441728 -c--a-w- c:\windows\system32\dllcache\fpcmbase.sys
2010-07-15 19:00 . 2001-08-17 10:14 444416 -c--a-w- c:\windows\system32\dllcache\fpcibase.sys
2010-07-15 19:00 . 2008-04-13 20:05 34173 -c--a-w- c:\windows\system32\dllcache\forehe.sys
2010-07-15 19:00 . 2001-08-17 20:36 71680 -c--a-w- c:\windows\system32\dllcache\fnfilter.dll
2010-07-15 18:59 . 2001-08-17 10:13 27165 -c--a-w- c:\windows\system32\dllcache\fetnd5.sys
2010-07-15 18:59 . 2001-08-17 10:10 22090 -c--a-w- c:\windows\system32\dllcache\fem556n5.sys
2010-07-15 18:59 . 2001-08-17 10:12 24618 -c--a-w- c:\windows\system32\dllcache\fa410nd5.sys
2010-07-15 18:59 . 2001-08-17 10:12 16074 -c--a-w- c:\windows\system32\dllcache\fa312nd5.sys
2010-07-15 18:59 . 2001-08-17 10:11 11850 -c--a-w- c:\windows\system32\dllcache\f3ab18xj.sys
2010-07-15 18:59 . 2001-08-17 10:11 12362 -c--a-w- c:\windows\system32\dllcache\f3ab18xi.sys
2010-07-15 18:59 . 2001-08-17 11:52 7040 -c--a-w- c:\windows\system32\dllcache\exabyte2.sys
2010-07-15 18:59 . 2001-08-17 10:12 16998 -c--a-w- c:\windows\system32\dllcache\ex10.sys
2010-07-15 18:58 . 2001-08-17 20:36 45568 -c--a-w- c:\windows\system32\dllcache\esunib.dll
2010-07-15 18:58 . 2001-08-17 20:36 45568 -c--a-w- c:\windows\system32\dllcache\esuni.dll
2010-07-15 18:58 . 2001-08-17 20:36 34816 -c--a-w- c:\windows\system32\dllcache\esuimg.dll
2010-07-15 18:58 . 2001-08-17 20:36 43008 -c--a-w- c:\windows\system32\dllcache\esucm.dll
2010-07-15 18:58 . 2008-04-13 20:06 137088 -c--a-w- c:\windows\system32\dllcache\essm2e.sys
2010-07-15 18:58 . 2001-08-17 10:19 63360 -c--a-w- c:\windows\system32\dllcache\ess.sys
2010-07-15 18:58 . 2001-08-17 11:28 347550 -c--a-w- c:\windows\system32\dllcache\es56tpi.sys
2010-07-15 18:58 . 2001-08-17 11:28 594238 -c--a-w- c:\windows\system32\dllcache\es56hpi.sys
2010-07-15 18:58 . 2001-08-17 11:28 595647 -c--a-w- c:\windows\system32\dllcache\es56cvmp.sys
2010-07-15 18:58 . 2001-08-17 10:19 174464 -c--a-w- c:\windows\system32\dllcache\es198x.sys
2010-07-15 18:56 . 2001-08-17 11:28 241206 -c--a-w- c:\windows\system32\dllcache\el656se5.sys
2010-07-15 18:56 . 2001-08-17 10:11 77386 -c--a-w- c:\windows\system32\dllcache\el656nd5.sys
2010-07-15 18:56 . 2001-08-17 11:28 634134 -c--a-w- c:\windows\system32\dllcache\el656ct5.sys
2010-07-15 18:56 . 2001-08-17 10:11 69194 -c--a-w- c:\windows\system32\dllcache\el656cd5.sys
2010-07-15 18:56 . 2001-08-17 10:10 26141 -c--a-w- c:\windows\system32\dllcache\el589nd5.sys
2010-07-15 18:56 . 2001-08-17 10:10 69692 -c--a-w- c:\windows\system32\dllcache\el575nd5.sys
2010-07-15 18:56 . 2001-08-17 10:10 24653 -c--a-w- c:\windows\system32\dllcache\el574nd4.sys
2010-07-15 18:56 . 2001-08-17 10:10 55999 -c--a-w- c:\windows\system32\dllcache\el556nd5.sys
2010-07-15 18:56 . 2001-08-17 10:10 44103 -c--a-w- c:\windows\system32\dllcache\el515.sys
2010-07-15 18:54 . 2001-08-17 20:36 38985 -c--a-w- c:\windows\system32\dllcache\disrvsu.dll
2010-07-15 18:53 . 2001-08-17 20:36 80896 -c--a-w- c:\windows\system32\dllcache\dc210usd.dll
2010-07-15 18:52 . 2001-08-17 10:11 60970 -c--a-w- c:\windows\system32\dllcache\cpqtrnd5.sys
2010-07-15 18:52 . 2001-08-17 10:13 21533 -c--a-w- c:\windows\system32\dllcache\cpqndis5.sys
2010-07-15 18:52 . 2001-08-17 10:11 39936 -c--a-w- c:\windows\system32\dllcache\cnxt1803.sys
2010-07-15 18:52 . 2001-08-17 20:36 44032 -c--a-w- c:\windows\system32\dllcache\cnusd.dll
2010-07-15 18:52 . 2001-08-17 11:51 20736 -c--a-w- c:\windows\system32\dllcache\cmbp0wdm.sys
2010-07-15 18:52 . 2001-08-17 11:57 248064 -c--a-w- c:\windows\system32\dllcache\cl546xm.sys
2010-07-15 18:52 . 2001-08-17 12:56 170880 -c--a-w- c:\windows\system32\dllcache\cl546x.dll
2010-07-15 18:52 . 2001-08-17 12:56 111232 -c--a-w- c:\windows\system32\dllcache\cl5465.dll
2010-07-15 18:52 . 2001-08-17 11:57 45696 -c--a-w- c:\windows\system32\dllcache\cirrus.sys
2010-07-15 18:52 . 2001-08-17 12:56 91264 -c--a-w- c:\windows\system32\dllcache\cirrus.dll
2010-07-15 18:52 . 2001-08-17 12:02 272640 -c--a-w- c:\windows\system32\dllcache\cinemclc.sys
2010-07-15 18:52 . 2001-08-17 10:13 980034 -c--a-w- c:\windows\system32\dllcache\cicap.sys
2010-07-15 18:34 . 2010-07-15 18:35 -------- d-----w- c:\program files\trend micro
2010-07-15 18:34 . 2001-08-17 11:51 13824 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
2010-07-15 18:34 . 2008-04-13 22:16 18944 -c--a-w- c:\windows\system32\dllcache\bthusb.sys
2010-07-15 18:34 . 2008-04-13 22:21 101120 -c--a-w- c:\windows\system32\dllcache\bthpan.sys
2010-07-15 18:34 . 2008-04-13 22:16 36480 -c--a-w- c:\windows\system32\dllcache\bthprint.sys
2010-07-15 18:34 . 2008-04-13 22:16 37888 -c--a-w- c:\windows\system32\dllcache\bthmodem.sys
2010-07-15 18:33 . 2008-04-13 22:16 17024 -c--a-w- c:\windows\system32\dllcache\bthenum.sys
2010-07-15 18:33 . 2001-08-17 10:11 31529 -c--a-w- c:\windows\system32\dllcache\brzwlan.sys
2010-07-15 18:33 . 2001-08-17 11:12 10368 -c--a-w- c:\windows\system32\dllcache\brusbscn.sys
2010-07-15 18:33 . 2001-08-17 11:12 11008 -c--a-w- c:\windows\system32\dllcache\brusbmdm.sys
2010-07-15 18:33 . 2001-08-17 11:12 60416 -c--a-w- c:\windows\system32\dllcache\brserwdm.sys
2010-07-15 18:33 . 2001-08-17 20:36 9728 -c--a-w- c:\windows\system32\dllcache\brserif.dll
2010-07-15 18:33 . 2001-08-17 20:36 5120 -c--a-w- c:\windows\system32\dllcache\brscnrsm.dll
2010-07-15 18:33 . 2001-08-17 11:12 39552 -c--a-w- c:\windows\system32\dllcache\brparwdm.sys
2010-07-15 18:33 . 2001-08-17 11:12 3168 -c--a-w- c:\windows\system32\dllcache\brparimg.sys
2010-07-15 18:33 . 2001-08-17 20:36 41472 -c--a-w- c:\windows\system32\dllcache\brmfusb.dll
2010-07-15 18:33 . 2001-08-17 20:36 32256 -c--a-w- c:\windows\system32\dllcache\brmfrsmg.exe
2010-07-15 18:33 . 2001-08-17 20:36 29696 -c--a-w- c:\windows\system32\dllcache\brmflpt.dll
2010-07-15 12:03 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-15 12:03 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-15 12:03 . 2010-07-15 12:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-15 10:02 . 2010-07-15 10:02 -------- d-----w- C:\Nový priečinok
2010-07-15 07:47 . 2010-07-15 07:47 -------- d-sh--w- c:\documents and settings\Administrator.CINKANC\PrivacIE
2010-07-15 07:47 . 2010-07-15 07:47 -------- d-----w- c:\documents and settings\Administrator.CINKANC\Application Data\DivX
2010-07-15 07:40 . 2001-08-17 20:36 81408 -c--a-w- c:\windows\system32\dllcache\brmfcwia.dll
2010-07-15 07:40 . 2001-08-17 20:36 15360 -c--a-w- c:\windows\system32\dllcache\brmfbidi.dll
2010-07-15 07:40 . 2001-08-17 11:12 3968 -c--a-w- c:\windows\system32\dllcache\brfiltup.sys
2010-07-15 07:40 . 2001-08-17 11:12 12160 -c--a-w- c:\windows\system32\dllcache\brfiltlo.sys
2010-07-15 07:40 . 2001-08-17 11:12 2944 -c--a-w- c:\windows\system32\dllcache\brfilt.sys
2010-07-15 07:40 . 2001-08-17 20:36 12800 -c--a-w- c:\windows\system32\dllcache\brevif.dll
2010-07-15 07:40 . 2001-08-17 20:36 9728 -c--a-w- c:\windows\system32\dllcache\brcoinst.dll
2010-07-15 07:40 . 2001-08-17 20:36 19456 -c--a-w- c:\windows\system32\dllcache\brbidiif.dll
2010-07-15 07:15 . 2001-08-17 20:36 102400 -c--a-w- c:\windows\system32\dllcache\binlsvc.dll
2010-07-15 07:13 . 2008-04-13 20:04 57856 -c--a-w- c:\windows\system32\dllcache\atinbtxx.sys
2010-07-15 06:51 . 2010-07-15 06:51 -------- d-----w- c:\windows\MATS
2010-07-15 06:51 . 2010-07-15 06:51 -------- d-----w- c:\program files\Microsoft Fix it Center
2010-07-15 06:46 . 2008-04-14 03:41 3775 -c--a-w- c:\windows\system32\dllcache\adv11nt5.dll
2010-07-15 06:46 . 2008-04-14 03:41 3711 -c--a-w- c:\windows\system32\dllcache\adv09nt5.dll
2010-07-15 06:46 . 2008-04-14 03:41 3135 -c--a-w- c:\windows\system32\dllcache\adv08nt5.dll
2010-07-15 06:46 . 2008-04-14 03:41 3647 -c--a-w- c:\windows\system32\dllcache\adv07nt5.dll
2010-07-15 06:44 . 2001-08-17 12:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2010-07-14 12:02 . 2010-07-14 12:02 -------- d-----w- c:\program files\Microsoft Private Folder 1.0
2010-07-14 11:40 . 2010-07-14 11:40 -------- d-----w- c:\documents and settings\Lenovo\Local Settings\Application Data\Frogger
2010-07-14 07:42 . 2010-07-14 07:42 -------- d-----w- c:\documents and settings\sss\Local Settings\Application Data\Identities
2010-07-14 07:42 . 2010-07-14 07:42 -------- d-----w- c:\documents and settings\sss\Application Data\Windows Search
2010-07-14 07:42 . 2010-07-14 07:42 -------- d-----w- c:\documents and settings\sss\Application Data\Windows Desktop Search
2010-07-14 07:38 . 2009-08-07 01:37 -------- d-----w- c:\documents and settings\sss\Local Settings\Application Data\Microsoft Help
2010-07-14 07:38 . 2009-08-07 01:30 -------- d-----w- c:\documents and settings\sss\Local Settings\Application Data\Adobe
2010-07-14 07:38 . 2009-08-07 01:20 -------- d-----w- c:\documents and settings\sss\Bluetooth Software
2010-07-14 07:38 . 2008-07-21 19:31 -------- d-----w- c:\documents and settings\sss\Local Settings\Application Data\ApplicationHistory
2010-07-14 07:38 . 2010-07-14 07:39 -------- d-----w- c:\documents and settings\sss
2010-07-11 13:27 . 1999-01-20 03:01 210032 ----a-w- c:\windows\system32\DBCLIENT.DLL
2010-07-11 13:27 . 2010-07-11 13:27 -------- d-----w- c:\program files\Common Files\Borland Shared
2010-07-11 13:25 . 2010-07-11 13:53 -------- d-----w- c:\program files\Trell
2010-07-11 13:23 . 2010-07-11 13:53 -------- d-----w- c:\program files\Ztrl
2010-07-11 07:31 . 2010-07-11 07:31 -------- d-----w- C:\apache
2010-06-21 11:44 . 2010-06-21 11:44 -------- d-----w- c:\documents and settings\Lenovo\Local Settings\Application Data\Macromedia

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-16 16:07 . 2009-11-27 08:21 -------- d-----w- c:\program files\LanSchool
2010-07-16 07:55 . 2010-04-27 14:10 -------- d-----w- c:\documents and settings\Lenovo\Application Data\vlc
2010-07-14 14:47 . 2010-05-11 11:28 -------- d-----w- c:\documents and settings\Lenovo\Application Data\Winsplit Revolution
2010-07-14 13:34 . 2010-06-04 09:32 63488 ----a-w- c:\documents and settings\Lenovo\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-07-14 13:33 . 2010-01-18 14:07 117760 ----a-w- c:\documents and settings\Lenovo\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-07-14 13:11 . 2009-10-26 15:21 -------- d-----w- c:\program files\Avast4
2010-07-14 12:52 . 2010-04-09 07:39 53700556 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2010-07-14 12:40 . 2010-01-18 14:06 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-07-14 11:31 . 2009-10-26 12:50 -------- d-----w- c:\program files\Windows Desktop Search
2010-07-14 07:37 . 2009-08-07 01:29 -------- d-----w- c:\documents and settings\All Users\Application Data\VeriFace
2010-07-13 17:44 . 2010-03-27 13:40 -------- d-----w- c:\documents and settings\Lenovo\Application Data\dvdcss
2010-07-13 07:43 . 2009-12-04 15:36 -------- d-----w- c:\documents and settings\Lenovo\Application Data\Skype
2010-07-13 07:40 . 2009-12-04 15:44 -------- d-----w- c:\documents and settings\Lenovo\Application Data\skypePM
2010-07-11 13:43 . 2010-07-11 13:23 5 ----a-w- c:\program files\trl.trl
2010-07-03 09:29 . 2009-12-05 08:34 -------- d-----w- c:\documents and settings\Lenovo\Application Data\Media Player Classic
2010-06-23 13:26 . 2010-05-13 13:17 3140 --sha-w- c:\windows\system32\KGyGaAvL.sys
2010-06-21 11:13 . 2009-08-07 01:19 -------- d-----w- c:\program files\Common Files\InstallShield
2010-06-20 18:02 . 2010-02-17 13:55 -------- d-----w- c:\documents and settings\Lenovo\Application Data\gtk-2.0
2010-06-18 05:58 . 2009-10-27 01:46 120712 ----a-w- c:\documents and settings\Lenovo\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-17 11:34 . 2010-06-17 11:32 -------- d-----w- c:\documents and settings\All Users\Application Data\MAGIX
2010-06-16 12:22 . 2010-06-16 12:22 16792 ----a-w- c:\windows\War3Unin.dat
2010-06-16 12:22 . 2010-06-16 12:22 2829 ----a-w- c:\windows\War3Unin.pif
2010-06-16 12:22 . 2010-06-16 12:22 126976 ----a-w- c:\windows\War3Unin.exe
2010-06-14 14:31 . 2008-07-21 19:14 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-09 13:03 . 2010-06-09 13:03 -------- d-----w- c:\program files\Digital Photo Software
2010-06-09 09:04 . 2009-08-07 01:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-06-04 12:28 . 2009-08-07 01:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-04 11:51 . 2009-10-26 13:01 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-15 09:22 . 2010-05-15 09:22 77824 ----a-w- c:\windows\system32\Picclp32.dll
2010-05-06 10:41 . 2008-07-21 20:04 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 05:22 . 2008-07-21 20:04 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-20 05:30 . 2008-07-21 20:04 285696 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2009-08-07 01:29 241752 ----a-w- c:\windows\system32\IcnOvrly.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StudentDOG"="d:\program files\Student DOG\StudentDOG.exe" [2010-01-05 2278400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-05-23 1146880]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2008-07-09 4456448]
"RTHDCPL"="RTHDCPL.EXE" [2009-02-17 17508864]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2008-08-28 1283984]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]

c:\documents and settings\Lenovo\Start Menu\Programs\Startup\
Odkaz na BTTray.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-1-17 604776]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideFastUserSwitching"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\program files\superantispyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- d:\program files\superantispyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LanSchoolStudent]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 12:42 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StudentDOG]
2010-01-05 18:06 2278400 ----a-w- d:\program files\Student DOG\StudentDOG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Teacher]
2009-11-06 13:38 1041712 ----a-w- c:\program files\LanSchool\student.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LanSchoolStudent"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"StudentDOG"=d:\program files\Student DOG\StudentDOG.exe -h

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Total Commander\\TOTALCMD.EXE"=
"d:\\Program files\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\LanSchool\\student.exe"=
"d:\\Program files\\superantispyware\\SUPERANTISPYWARE.EXE"=
"d:\\Moje dokumenty\\Desktop\\Moje Dokumenty 2\\Iné\\OpenLieroX\\OpenLieroX.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [26.10.2009 17:21 114768]
R1 SASDIFSV;SASDIFSV;d:\program files\superantispyware\SASDIFSV.SYS [5.1.2010 8:56 12872]
R1 SASKUTIL;SASKUTIL;d:\program files\superantispyware\SASKUTIL.SYS [5.1.2010 8:56 61440]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [26.10.2009 17:21 20560]
R2 DvmMDES;DeviceVM Meta Data Export Service;c:\qstart.sys\config\DVMExportService.exe [20.11.2008 18:15 307200]
R2 LanSchoolStudent;LanSchool Student Service;c:\program files\LanSchool\student.exe [6.11.2009 15:38 1041712]
R2 Prvflder;Prvflder;c:\windows\system32\drivers\prvflder.sys [21.4.2006 8:22 70912]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [7.8.2009 3:22 9472]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [7.8.2009 3:27 157696]
S1 eusk2par;EUTRON SmartKey Parallel Driver;c:\windows\system32\drivers\eusk2par.sys [14.12.2009 15:56 24786]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.2.2010 9:43 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [7.8.2009 3:22 1684736]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;d:\program files\Common\Database\bin\fbserver.exe [17.6.2010 13:34 1527900]
S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\Microsoft Fix it Center\Matsvc.exe [10.4.2010 17:05 266544]
S3 SASENUM;SASENUM;d:\program files\superantispyware\SASENUM.SYS [5.1.2010 8:56 12872]
.
.
------- Supplementary Scan -------
.
IE: + Offline &Explorer: Download the link - file://c:\program files\Portable Offline Browser\Add_UrlO.htm
IE: + Offline E&xplorer: Download the current page - file://c:\program files\Portable Offline Browser\Add_AllO.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki...
IE: Send to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\documents and settings\Lenovo\Application Data\Mozilla\Firefox\Profiles\o34pe17o.default\
FF - prefs.js: browser.search.selectedEngine - Slovnik.sk (EN-SK)
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - plugin: c:\documents and settings\Lenovo\Application Data\Mozilla\plugins\np-mswmp.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Photosynth\npPhotosynthMozilla.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npImagine.dll
FF - plugin: d:\program files\VLC\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
d:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
d:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-16 19:41
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-4014759837-701437581-457512304-1009\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7B095D8F-C365-C619-D374-B9665B19C151}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"eapgkdfjmo"=hex:67,61,61,62,6b,61,67,65,70,6f,63,6d,6d,68,00,00

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
@DACL=(02 0000)
@=""
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
@DACL=(02 0000)
@=""
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
@DACL=(02 0000)
@=""
"Installed"="1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1420)
d:\program files\superantispyware\SASWINLO.dll
c:\windows\system32\WININET.dll
.
Completion time: 2010-07-16 19:46:02
ComboFix-quarantined-files.txt 2010-07-16 17:45

Pre-Run: 26 069 471 232 bytes free
Post-Run: 19 adresárov, 26 023 612 416 voľných bajtov

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - CCCD47C149A3909008C2905D5D8F8E8F

Jak se chová PC

nic sa nezmenilo

Zkuste použít WinXP Manager http://www.viry.cz/forum/viewtopic.php?f=46&t=17549

s tým programom nemám dobré skúsenosti uz dva-krát som ho musel odonstalovat lebo mi nieco pokazil, a keby sa mi teraz stalo o isté... tak by som nemohol ani obnovit system

Ona tady už potom nezbude jiná možnost, než oprava z install. CD. Ještě můžeme PC prověřit na rootkity (viz. návod níže), ale PC se mi zdá ohledně virů čistý.

Obrázek

Odinstalujte všechny emulátory virtuálních mechanik.

Obrázek

Stáhněte SPTD http://www.duplexsecure.com/en/downloads

Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
zvolte možnost Uninstall a restartujte PC.

Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe

Klikněte na "Disable" a restartujte PC.

Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Obrázek

Start > Spustit (Win + R)

Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

Klikněte na OK

Vytvoří se log s názvem mbr.log, vložte ho sem.

Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

Odinstalujte všechny emulátory virtuálních mechanik.
neporozumel som

Ja som v prvom programe mal len možnosť instal
tak som to klikol a restartoval PC

MBR sa nespusti. "Odkaz... sa vztahuje na umiestnene ktore nieje k dispozicii"
aMBR je na ploche

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-07-17 13:06:03
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Lenovo\LOCALS~1\Temp\agtdypow.sys

---- System - GMER 1.0.15 ----

Code 8606DCEC ZwRequestPort
Code 8606DD8C ZwRequestWaitReplyPort
Code 8606DC4C ZwTraceEvent
Code 8606DCEB NtRequestPort
Code 8606DD8B NtRequestWaitReplyPort
Code 8606DC4B NtTraceEvent

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)

Device \Driver\Tcpip \Device\Ip vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)

AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Tcpip \Device\Tcp vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Tcpip \Device\Udp vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\Tcpip \Device\RawIp vsdatant.sys (TrueVector Device Driver/Check Point Software Technologies LTD)

AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)

---- EOF - GMER 1.0.15 ----

hned po ulozeni 1. logu, mi vybehla modra obrazovka a pc sa restartovalo

Odinstalujte programy typu Alcohol, Daemon Tools.

Obrázek

Stáhněte SPTD http://www.duplexsecure.com/en/downloads

Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
zvolte možnost Uninstall a restartujte PC.

Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Obrázek

Start > Spustit (Win + R)

Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

Klikněte na OK

Vytvoří se log s názvem mbr.log, vložte ho sem.

v progame sptd mi nejde kliknut volba uninstal
-ked som v gmeri dal scan po chvili mi znova vyhodilo modru obrazovku a znova restart PC...

MBR nefunguje-ja v Documents and settings zlozku Plocha nemam (iba desktop ale tam je nejaka hlupost

VIRY.CZ

nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu

Re: nefunguje Obnovovanie systemu