VIRY.CZ

Poslal som vam to poporade, predtym som to poplietol

vsimol som si vas citat

Ovšem co mi řeknete na SKIDROW

Ja neviem co to je, pocitac je setrinho 12 rocneho syna, musite mi to prosim priblizit co s tym,
co je to za program a ci ho treba zmazat a kde ho najdem ak je to zavyrene.

ale avira mi tu stale vyskakuje ta ista hlaska z virom, ked ju zavrem skoci opat, netreba restart PC??

Restart není třeba, je tam tolik havěti, že si s tím Avira neporadí.

SKIDROW je jeden velice známý tvůrce cracků a nástrojů k obcházení legálnosti her. Jde o to, že je to nelegální a pro nás nemá smyl odvirovávat PC, které si uživatel zase brzy zaneřádí cracky, jsou totiž nejčastějším zdrojem havěti.

Jsem ochoten vám pomoct, ale až poté, co zmiznou nelegální programy z PC.

No ja sa v hrach nevyznam, v poriadku napiste mi co mam odstranit a ja mu to odstranim,
vsetko co treba kedze je to nelegalne, to viete deti po nete kadeco postahuju. dakujem

este dodatok, ja co viem ma doma asi 30 hier ale vsetko kupene v obchodoch s licenciou,
nepripada mi to nelegalne, jedine ak by daco stiahol z netu.

Já také přesně nevím, co za hry je legální a co není, to přesně z logu nepoznám, abych vám nesmazal i legální. Případně se poptejte, co je zakoupené a co nelegálně postahované a to nelegální smažte.

Věřím vám, takže myslím, že můžeme pokračovat v odvirování. chvilku vydržte, napíšu vám postup.

Veru ja neviem co mu zmazat, ma tu asi 25 hier nainstalovanych, pravdepodobne ani sam nebude vediet co, ma 12 rokov
, uz som mu raz pocitac preinstalovaval, co sa mi moc nechce, mam aj svoju robotu a malo casu.
Pravdepodobne do zakupenych hier instaloval rozne mody, co viem a urcite stahoval nejake hry, nakolko
vyuzival moj ucet na czshare, jedine co mozem mu zakazat pouzivat ucet a zabranit stahovaniu hier. A dakujem
za pomoc a je mi to neprijemne taketo problemy.

To bych doporučoval, jinak bude PC za chvilku v podobném stavu...


Znovu spusťte OTL a do spodního bílého okna vložte následující skript. Poté klikněte na Opravit, PC se restartuje, výsledný log vložte sem.

Uvedeny ukon som vykonal, hned po stlaceny opravit vypol pocitac, nabehla modra obrazovka a nasledny restart,
logy na ploche nie su a avira po restarte nenabehla vobec, pravdepodobne vznikol nikede problem, ked po stlaceni opravit
hned restartol pc asi za 2 sekundy po stlaceni.

Zkuste restartovat PC, mačkat F8 a zvolit možnost Poslední známá funkční konfigurace.

zvolil som poslednu konfiguraciu a avira nenabehla, z plochy som aviru nespustal zatial, co dalej ? nestala sa niekde chyba?

Zkusíme to jinak

Pokračujte podle návodu http://www.bleepingcomputer.com/combofi ... t-combofix

log z comboxfix, konzolu na zotavenie som neinstaloval, nepouzivam ju ani ja na svojom pc, pravdepodobne by som ju aj tak odstranil,
pokial to bude potrebne ukon zopakujem.

ComboFix 11-08-11.02 - Marco 11.08.2011 22:20:12.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1789.965 [GMT 2:00]
Spuštěný z: c:\documents and settings\Marco\Plocha\ComboFix.exe
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Marco\Data aplikací\OpenCl.exe
c:\windows\driver.exe
c:\windows\iun6002.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-11 do 2011-08-11 )))))))))))))))))))))))))))))))
.
.
2011-08-11 19:59 . 2011-08-11 19:59 -------- d-----w- c:\program files\LogMeIn Hamachi
2011-08-11 19:49 . 2011-08-11 19:49 -------- d-----w- c:\documents and settings\Marco\Data aplikací\OpenCl
2011-08-11 19:48 . 2011-08-11 19:48 -------- d-----w- C:\_OTL
2011-08-11 18:37 . 2011-08-11 18:37 512 ----a-w- C:\PhysicalMBR.bin
2011-08-11 18:04 . 2011-08-11 18:04 -------- d-----w- C:\rsit
2011-08-11 18:03 . 2011-08-11 18:04 -------- d-----w- c:\program files\trend micro
2011-08-08 13:45 . 2004-07-09 02:26 47104 -c--a-w- c:\windows\system32\dllcache\wstdecod.dll
2011-08-08 13:45 . 2004-07-09 02:26 30208 ----a-w- c:\windows\system32\psisrndr.ax
2011-08-08 13:45 . 2004-07-09 02:26 354816 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
2011-08-08 13:45 . 2004-07-09 02:26 354816 ----a-w- c:\windows\system32\psisdecd.dll
2011-08-08 13:45 . 2004-07-09 02:26 52224 ----a-w- c:\windows\system32\msdvbnp.ax
2011-08-08 13:45 . 2004-07-09 02:26 52096 -c--a-w- c:\windows\system32\dllcache\msdv.sys
2011-08-08 13:45 . 2004-07-09 02:26 52096 ----a-w- c:\windows\system32\drivers\msdv.sys
2011-08-08 13:45 . 2004-07-09 02:26 15104 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2011-08-08 13:45 . 2004-07-09 02:26 15104 ----a-w- c:\windows\system32\drivers\mpe.sys
2011-08-08 13:45 . 2004-07-09 02:26 1230336 -c--a-w- c:\windows\system32\dllcache\msvidctl.dll
2011-08-08 13:45 . 2004-07-09 02:26 11392 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
2011-08-08 13:45 . 2004-07-09 02:26 11392 ----a-w- c:\windows\system32\drivers\bdasup.sys
2011-08-08 13:31 . 2011-08-08 13:31 -------- d-----w- c:\program files\Steam
2011-08-08 13:31 . 2011-08-08 13:31 -------- d-----w- c:\program files\Valve
2011-08-06 22:01 . 2011-08-06 22:01 -------- d-----w- c:\program files\BitTorrent
2011-08-06 21:55 . 2011-08-06 21:59 -------- d-----w- c:\program files\uTorrent
2011-08-06 21:55 . 2011-08-06 21:55 -------- d-----w- c:\program files\BabylonToolbar
2011-08-06 21:55 . 2011-08-06 21:55 -------- d-----w- c:\documents and settings\Marco\Local Settings\Data aplikací\Babylon
2011-08-06 21:55 . 2011-08-06 21:55 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Babylon
2011-08-06 21:55 . 2011-08-06 21:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Babylon
2011-08-04 21:10 . 2011-08-04 21:34 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-08-04 21:10 . 2011-08-04 21:34 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-08-04 20:56 . 2011-08-04 20:56 -------- d-----w- c:\program files\Deep Silver
2011-08-04 08:38 . 2011-08-04 08:38 284160 ----a-w- c:\program files\umad.exe
2011-08-02 11:35 . 2011-08-07 09:12 -------- d-----w- c:\program files\Metin2
2011-07-30 17:44 . 2011-07-30 17:44 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Need for Speed World
2011-07-30 17:33 . 2011-07-30 17:33 -------- d-----w- c:\documents and settings\Marco\Local Settings\Data aplikací\Electronic_Arts_Inc
2011-07-24 10:12 . 2011-07-24 10:17 2829 ----a-w- c:\windows\War3Unin.pif
2011-07-24 10:12 . 2011-07-24 10:17 139264 ----a-w- c:\windows\War3Unin.exe
2011-07-24 10:09 . 2011-07-24 12:00 -------- d-----w- c:\program files\Warcraft III
2011-07-19 20:19 . 2011-07-19 20:19 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Publish Providers
2011-07-19 20:19 . 2011-07-19 20:19 -------- d-----w- c:\documents and settings\Marco\Local Settings\Data aplikací\Sony
2011-07-19 20:19 . 2011-07-19 20:19 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Sony
2011-07-19 20:13 . 2011-07-19 20:13 -------- d-----w- c:\program files\Vstplugins
2011-07-19 20:13 . 2011-07-19 20:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Sony
2011-07-19 20:13 . 2011-07-19 20:13 -------- d-----w- c:\program files\Sony
2011-07-19 20:12 . 2011-07-19 20:12 -------- d-----w- c:\program files\Sony Setup
2011-07-19 19:57 . 2011-07-19 19:57 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Media Player Classic
2011-07-19 19:51 . 2011-07-19 19:51 -------- d-----w- C:\videodvdmaker
2011-07-19 19:51 . 2011-07-19 19:51 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Video DVD Maker FREE
2011-07-19 19:50 . 2011-07-19 19:50 -------- d-----w- c:\program files\Video DVD Maker
2011-07-19 13:28 . 2011-07-25 17:37 -------- d-----w- c:\program files\Microsoft Games
2011-07-18 20:49 . 2011-07-18 20:49 -------- d-----w- c:\program files\Editeur Handling GTA-SA
2011-07-18 09:31 . 2011-07-18 09:31 -------- d-----w- c:\program files\Common Files\Java
2011-07-15 14:34 . 2011-07-15 14:34 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Day 1 Studios
2011-07-15 14:34 . 2011-07-15 14:34 -------- d-----w- c:\documents and settings\Marco\Local Settings\Data aplikací\SKIDROW
2011-07-15 14:25 . 2011-07-15 14:25 -------- d-----w- c:\program files\WB Games
2011-07-15 09:59 . 2011-07-15 10:10 -------- d-----w- C:\Root
2011-07-15 09:58 . 2011-07-15 09:58 -------- d-----w- c:\program files\Activision
2011-07-14 19:42 . 2011-07-14 19:42 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-07-14 19:27 . 2011-07-19 21:32 -------- d-----w- c:\program files\DAEMON Tools Pro
2011-07-14 19:27 . 2011-07-14 19:28 -------- d-----w- c:\documents and settings\Marco\Data aplikací\DAEMON Tools Pro
2011-07-14 19:27 . 2011-07-14 19:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Pro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-06 12:05 . 2011-02-28 13:06 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-07-18 09:30 . 2011-03-12 20:37 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-07-18 09:30 . 2011-03-12 20:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-03 20:39 . 2011-07-03 20:29 281656 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-07-03 20:39 . 2011-03-02 14:11 281656 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-07-03 20:36 . 2011-03-02 14:11 141200 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-07-03 20:36 . 2011-03-02 14:11 281656 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-03 20:16 . 2011-03-02 14:11 138056 ----a-w- c:\documents and settings\Marco\Data aplikací\PnkBstrK.sys
2011-07-03 20:16 . 2011-03-02 14:11 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-06-30 12:47 . 2011-02-28 12:56 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-30 12:47 . 2011-02-28 12:56 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-27 11:13 . 2011-06-27 11:13 0 ----a-w- c:\windows\system32\REN36.tmp
2011-06-27 11:13 . 2011-06-27 11:13 0 ----a-w- c:\windows\system32\REN35.tmp
2011-06-27 11:13 . 2011-06-27 11:13 0 ----a-w- c:\windows\system32\REN34.tmp
2011-06-26 19:16 . 2011-04-03 16:14 8070 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2011-06-10 21:27 . 2011-06-10 21:27 108336 ----a-w- c:\windows\system32\MSWINSCK.OCX
2011-05-21 20:04 . 2011-02-28 13:12 235 ----a-w- c:\windows\system32\nxEuUninstall.bat
2011-05-21 20:04 . 2011-02-28 13:12 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-05-21 08:15 . 2011-05-21 08:15 53248 ----a-r- c:\documents and settings\Marco\Data aplikací\Microsoft\Installer\{1E05D2CE-6402-4D64-B515-6F587D0F6BA5}\ARPPRODUCTICON.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-06-15 15141768]
"hfupdaten"="c:\program files\umad.exe" [2011-08-04 284160]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-04 1955208]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Marco\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-12-11 604776]
GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2011-6-1 2586736]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\cs1.6 ahahahaha\\hl.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\moha\\UnrealEngine3\\Binaries\\MOHA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Metin2\\metin2.bin"=
"c:\\Program Files\\Metin2\\metin2client.bin"=
"d:\\marco\\CoDWaWmp.exe"=
"d:\\marco\\CoDWaW.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"d:\\IDM stahovanie\\vsetko\\styriaponechanynasmrt_chudaci\\left 4 dead\\left4dead.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"d:\\kf\\KillingFloor\\System\\KillingFloor.exe"=
"d:\\return to castle wolfeinten\\MP\\Wolf2MP.exe"=
"d:\\return to castle wolfeinten\\MP\\Wolf2MPLite.exe"=
"d:\\fear\\FEARMP.exe"=
"d:\\lama\\hl.exe"=
"d:\\cs16\\hl.exe"=
"d:\\Call of duty Moden warfare 2\\Modern Warfare 2\\iw4mp.exe"=
"c:\\Documents and Settings\\Marco\\Plocha\\NST\\CSO-NST\\hl.exe"=
"d:\\NST\\CSO-NST\\hl.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"d:\\Call of Duty modern warfare\\iw3mp.exe"=
"c:\\Documents and Settings\\Marco\\Plocha\\Client by abesgaara v3.5 - Evolution CATACLYSM\\Client by abesgaara v3.5 - Evolution CATACLYSM\\mc.exe"=
"c:\\Program Files\\R.G. Catalyst\\Crysis 2\\bin32\\Crysis2.exe"=
"d:\\Medal of Honor 2010\\Binaries\\moh.exe"=
"d:\\Medal of Honor 2010\\MP\\MoHMPGame.exe"=
"c:\\Documents and Settings\\Marco\\Plocha\\NST\\CSO-NST\\hltv.exe"=
"c:\\Vietcong\\vietcong.exe"=
"d:\\worms 4\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE"=
"c:\\Program Files\\Activision\\Prototype\\prototypef.exe"=
"c:\\Program Files\\WB Games\\F.E.A.R. 3\\F.E.A.R. 3.exe"=
"c:\\Program Files\\Electronic Arts\\Dead Space\\Dead Space.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe"=
"c:\\Program Files\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Documents and Settings\\Marco\\Plocha\\Sindicate\\client.bin"=
"c:\\Program Files\\Valve\\Half-Life 2\\hl2.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56543:TCP"= 56543:TCP:Pando Media Booster
"56543:UDP"= 56543:UDP:Pando Media Booster
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R0 xmasbus;xmasbus;c:\windows\system32\drivers\xmasbus.sys [28.2.2011 14:48 140800]
R0 xmasscsi;xmasscsi;c:\windows\system32\drivers\xmasscsi.sys [28.2.2011 14:48 5504]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [28.2.2011 14:56 136360]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [4.8.2011 14:34 1361288]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [28.2.2011 13:56 113536]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.sk/
mStart Page = hxxp://www.games-fusion.net
uInternet Settings,ProxyServer = 62.209.212.66:8080
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
TCP: DhcpNameServer = 195.12.128.1 195.72.0.3
FF - ProfilePath - c:\documents and settings\Marco\Data aplikací\Mozilla\Firefox\Profiles\liaadxmy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=fc7e1de500000000000000247e994c13&tlver=1.4.31.2&instlRef=sst&affID=100370&q=
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
------- Asociace souborů -------
.
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-sDVMtZaRAHXiZ0dfxqnVlMRuhdOnHb09BlxGjNK8cwWfTLVkJ84CuNok7vi1Rb6orlV3FA2LkC4lHk3RzLWXuE4wZJbFCjdN6k6fA82n6EASgdnaPK1wFW97Kz03An5OHAI0z6jmBXO5SDENFrzWSwfPq3SHdHnxM0IzVTZuqShgC7J3IixGPAGKWJTWw8onkB9lCCSxOvhmBpSzR94IwTwd5635YFnhIvSGB7AdndPtLOH6Ah7IqRujXeDh2KT3I - (no file)
HKCU-Run-OpenGL - c:\documents and settings\Marco\Data aplikacÝ\OpenCl\OpenCl.exe
HKCU-Run-OpenCl - c:\documents and settings\Marco\Data aplikací\OpenCl.exe
HKLM-Run-vGItlTZNc40dpUGAUDBkThoIhwVr85liRs2O1uRFCGpIgl2ZFmMcU42D2hLDRV6azuhnrafJ8nN3q3K53VCECDNusz90vlir4L1uElw25uop3M4gpDjoSyAoYI4QIoB3TNn5aQUhWD7hlKmrS593rBwS5Q0gjn22NEn7UWnoyfh8Msx6esopdy01xzZXXb28nirDeiEWNxBL29llFsWc9G3fDAoW5tw2WfQnbLxE7NXoPrtbweOAvthjfOrupDvAI - (no file)
HKLM-Run-OpenCl - c:\documents and settings\Marco\Data aplikací\OpenCl.exe
HKLM-Explorer_Run-OpenCl - c:\documents and settings\Marco\Data aplikací\OpenCl.exe
AddRemove-584D4194-D835-E38A-B67B-B049BC4EF65E - c:\program files\Metin2 Guabina\uninstall.exe
AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel
AddRemove-Assassin's Creed Brotherhood - perfect_is1 - d:\acb\Assassin's Creed Brotherhood\unins000.exe
AddRemove-Call of Duty: Black Ops_is1 - d:\call of duty black ops\Call of Duty - Black Ops\unins000.exe
AddRemove-Codex Edition Content_is1 - d:\acb\Assassin's Creed Brotherhood\Codex Edition Unlocker\unins000.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-Counter-Strike: Source - c:\program files\Counter-Strike Source\Uninst.exe
AddRemove-Crazy Shooter Online_is1 - c:\program files\CiB Net Station\CSO\unins000.exe
AddRemove-EADM - c:\program files\Electronic Arts\EADM\EADMUninstall.exe
AddRemove-F.E.A.R.2 Reborn_is1 - d:\fear 2reborn\Fear 2 Project Origin\unins000.exe
AddRemove-GTA San Andreas Powerful Mode Mod 2.4_is1 - c:\program files\GTA San Andreas\PMM2\UNINST\unins000.exe
AddRemove-GTASA Ultimate Editor_is1 - d:\idm stahovanie\GTASA-UltimateEditor-Download2\GTASA Ultimate Editor\unins000.exe
AddRemove-H&D2_is1 - c:\program files\Illusion Softworks\Hidden & Dangerous 2\unins000.exe
AddRemove-Killing Floor 2.5 - c:\ut2004\KFMod20\Uninstal.exe
AddRemove-MinecraftAlpha - d:\idm stahovanie\Minecraft-1.7.2-funkcni\Minecraft for my friends\MinecraftAlpha\Uninstall.exe
AddRemove-Mod Call of Duty V4 - Modern Warfare 2 - c:\arquivos de programas\Valve\Cstrike\Uninstal.exe
AddRemove-PunkBusterSvc - c:\program files\GAMERSFIRST\APB RELOADED\Binaries\pbsvc_apb.exe
AddRemove-W3_Frozen throne crack - c:\program files\Warcraft3_Frozen throne CRACK\Crack_remove.exe
AddRemove-{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1 - c:\program files\GSC World Publishing\S.T.A.L.K.E.R. - Call of Pripyat\unins000.exe
AddRemove-{5BD55BA3-CE71-442B-87BD-86C83DA68E1D}_is1 - c:\program files\IAHGames\Counter-Strike Online\unins000.exe
AddRemove-Battelfield 2 Nuke Mini Mod - c:\program files\EA GAMES\Battlefield 2\mods\Uninstal.exe
AddRemove-CS Zombie mod v3.5 - c:\program files\Valve\Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-11 22:31
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-448539723-1202660629-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:0c,9f,4c,80,69,d1,a8,fe,37,5d,c5,9f,51,d5,56,93,ff,5b,62,49,fb,29,7a,
b6,f3,c9,48,b1,01,ad,af,44,2f,c6,00,26,91,ff,94,ed,26,8b,f2,cd,cc,6f,76,e6,\
"??"=hex:2f,b6,6f,45,ee,e2,ec,0a,29,d5,69,d3,55,fd,2c,18
.
[HKEY_USERS\S-1-5-21-448539723-1202660629-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:51,ac,a1,d8,70,e1,02,38,72,a0,d8,a3,86,1f,1b,83,f5,16,20,f7,30,
c1,07,f0,3d,60,bf,77,56,0c,47,98,d3,8f,36,73,4b,77,01,0e,00,1a,34,0b,be,e1,\
"rkeysecu"=hex:74,7d,39,f0,b8,8d,b5,b5,f7,5b,e5,9a,30,3e,d2,4e
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):b3,5e,e8,0e,c7,dc,d4,7b,48,02,9b,39,7c,99,56,fb,fd,ea,20,e3,20,
af,cf,bf,f2,c9,f0,30,56,cf,85,0f,97,e3,d5,e4,52,d1,71,1b,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7e6d2f47-2a32-4093-9083-3d830c88f1b7}]
@Denied: (Full) (Everyone)
"Model"=dword:0000008d
"Therad"=dword:00000015
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1016)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2940)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\idt\wdm\STacSV.exe
c:\program files\Pando Networks\Media Booster\PMB.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2011-08-11 22:35:04 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-11 20:35
.
Před spuštěním: 9 893 564 416
Po spuštění: Volných bajtů: 13 214 310 400
.
- - End Of File - - 05C39EF2520DD1C10A88410C0A4FF7E4

este dodam ze avira stale nenabehla.