Search Babylon

[maruse1994]

http://leteckaposta.cz/uploaded/751045056
Vyskytl se nejspíš problém opět s babylonem. Po aktualizaci ICQ. Když jsem chtěla odeslat sms jednomu z mích kontaktů objevila se mi tam možnost babylonu! To znamená, že to tam zase někde je?

[vyosek]

Ona vam jej asi ta aktualizace ICQ podstrcila a vy odklikla

Aktualizace nainstalujte co to nabizi - ne vsak ty beta verze - ty jsou urceny pro testovani. Nastaveni programu zustava zachovano

Pak dejte novy log z RSIT a mrknem co se nam tam kde dostalo

[maruse1994]

Na aktualizaci ICQ 7, jsem si dávala opravdu pozor. Při instalaci místo doporučeně jsem dala ručně a odškrtla jsem vše, co mi přišlo podezřelé nebo zbytečné (např. všechno kde bylo search, toolbare apod..). Zmínka o babylonu tam nikde nebyla.
Co mám dělat s tím iobitem prosim vás?

LOG:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Petr Neuwirth at 2012-08-09 19:50:56
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 378 GB (79%) free of 477 GB
Total RAM: 8191 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:50:58, on 9.8.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\Petr Neuwirth.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Petr Neuwirth\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 6033 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {B461BC64-EEDE-4475-8437-98D8F59104DB}
"C:\Program Files\CoreTemp64\Core Temp.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\nvvsvc.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\Users\Petr Neuwirth\Documents\RSITx64-VIRY_CZ.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr Neuwirth\AppData\Roaming\Mozilla\Firefox\Profiles\0lsw7byp.default

prefs.js - "browser.search.useDBForOrder" - ""
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-03-26 1271168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\Windows\UpdReg.EXE [2000-05-11 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-08-09 12:36:44 ----D---- C:\Program Files (x86)\ICQ7M
2012-08-09 12:30:15 ----D---- C:\Program Files (x86)\FileHippo.com
2012-08-09 00:49:28 ----D---- C:\rsit
2012-08-09 00:49:28 ----D---- C:\Program Files\trend micro
2012-08-09 00:00:12 ----SHD---- C:\$RECYCLE.BIN
2012-08-08 23:50:24 ----D---- C:\Windows\temp
2012-08-04 23:00:34 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\YourFileDownloader
2012-08-04 22:48:22 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\Ubisoft
2012-08-04 01:26:08 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-08-04 01:26:08 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\Adobe Mini Bridge CS5
2012-07-30 15:15:22 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-07-30 15:15:22 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2012-07-30 15:15:21 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\PunkBuster
2012-07-30 15:14:32 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2012-07-30 15:14:32 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2012-07-30 15:14:32 ----A---- C:\Windows\system32\d3dx10_40.dll
2012-07-30 15:14:32 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2012-07-30 15:14:31 ----A---- C:\Windows\system32\D3DX9_40.dll
2012-07-30 13:22:09 ----D---- C:\Program Files (x86)\Machinarium
2012-07-26 07:26:59 ----A---- C:\Windows\system32\drivers\atksgt.sys
2012-07-26 07:26:53 ----A---- C:\Windows\system32\drivers\lirsgt.sys
2012-07-26 07:26:37 ----D---- C:\Windows\system32\AGEIA
2012-07-26 07:26:32 ----D---- C:\Windows\SYSWOW64\AGEIA
2012-07-26 07:26:31 ----D---- C:\Program Files (x86)\AGEIA Technologies
2012-07-23 14:50:20 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\ICQ
2012-07-23 03:42:57 ----D---- C:\Program Files (x86)\Steam
2012-07-19 01:02:51 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\DVDVideoSoftIEHelpers
2012-07-19 01:02:34 ----A---- C:\Windows\SYSWOW64\Newtonsoft.Json.Net20.dll
2012-07-19 01:02:25 ----D---- C:\Program Files (x86)\DVDVideoSoft
2012-07-19 01:01:15 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\DVDVideoSoft
2012-07-18 21:47:03 ----AH---- C:\Windows\SYSWOW64\ezsidmv.dat
2012-07-18 21:46:58 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\skypePM
2012-07-18 21:34:32 ----RD---- C:\Program Files (x86)\Skype
2012-07-18 21:34:32 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\Skype
2012-07-18 21:34:29 ----D---- C:\ProgramData\Skype
2012-07-18 17:27:50 ----RHD---- C:\Users\Petr Neuwirth\AppData\Roaming\SecuROM
2012-07-15 20:57:17 ----D---- C:\Windows\Sun
2012-07-14 20:43:58 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\VitySoft
2012-07-14 20:39:20 ----D---- C:\ProgramData\Sun
2012-07-14 20:39:06 ----D---- C:\Program Files (x86)\Oracle
2012-07-14 20:39:04 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2012-07-14 20:39:04 ----A---- C:\Windows\SYSWOW64\javaws.exe
2012-07-14 20:39:04 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2012-07-14 20:39:01 ----A---- C:\Windows\SYSWOW64\javaw.exe
2012-07-14 20:39:01 ----A---- C:\Windows\SYSWOW64\java.exe
2012-07-14 20:38:55 ----D---- C:\Program Files (x86)\Java
2012-07-14 20:37:18 ----D---- C:\Program Files (x86)\FreeRapid-0.86u1
2012-07-13 21:57:27 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\mkvtoolnix
2012-07-13 21:57:03 ----D---- C:\Program Files (x86)\MKVToolNix
2012-07-11 22:14:03 ----A---- C:\Windows\system32\drivers\yk62x64.sys
2012-07-11 21:56:57 ----AD---- C:\Windows\SYSWOW64\oem
2012-07-10 22:20:31 ----A---- C:\Windows\system32\win32k.sys
2012-07-10 22:17:20 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-07-10 22:17:20 ----A---- C:\Windows\system32\mshtmled.dll
2012-07-10 22:17:19 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-07-10 22:17:19 ----A---- C:\Windows\SYSWOW64\url.dll
2012-07-10 22:17:19 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-07-10 22:17:19 ----A---- C:\Windows\system32\urlmon.dll
2012-07-10 22:17:19 ----A---- C:\Windows\system32\url.dll
2012-07-10 22:17:19 ----A---- C:\Windows\system32\iertutil.dll
2012-07-10 22:17:18 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2012-07-10 22:17:18 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-07-10 22:17:18 ----A---- C:\Windows\system32\ieUnatt.exe
2012-07-10 22:17:18 ----A---- C:\Windows\system32\ieui.dll
2012-07-10 22:17:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-07-10 22:17:17 ----A---- C:\Windows\system32\wininet.dll
2012-07-10 22:17:17 ----A---- C:\Windows\system32\jsproxy.dll
2012-07-10 22:17:16 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-07-10 22:17:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-07-10 22:17:16 ----A---- C:\Windows\system32\jscript9.dll
2012-07-10 22:17:16 ----A---- C:\Windows\system32\jscript.dll
2012-07-10 22:17:15 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-07-10 22:17:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-07-10 22:17:13 ----A---- C:\Windows\system32\mshtml.dll
2012-07-10 22:17:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-07-10 22:17:12 ----A---- C:\Windows\system32\ieframe.dll
2012-07-10 22:16:30 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2012-07-10 22:16:30 ----A---- C:\Windows\system32\msxml6.dll
2012-07-10 22:16:30 ----A---- C:\Windows\system32\msxml3.dll
2012-07-10 22:16:29 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-07-10 22:16:29 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-07-10 22:16:29 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-07-10 22:16:29 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2012-07-10 22:16:29 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2012-07-10 22:16:29 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2012-07-10 22:16:29 ----A---- C:\Windows\system32\schannel.dll
2012-07-10 22:16:29 ----A---- C:\Windows\system32\ncrypt.dll
2012-07-10 22:16:29 ----A---- C:\Windows\system32\msxml3r.dll
2012-07-10 22:16:29 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-07-10 22:16:29 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-07-10 22:16:29 ----A---- C:\Windows\system32\drivers\cng.sys
2012-07-10 22:16:28 ----A---- C:\Windows\system32\shell32.dll
2012-07-10 22:16:27 ----A---- C:\Windows\SYSWOW64\shell32.dll
2012-07-10 22:16:26 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2012-07-10 22:16:26 ----A---- C:\Windows\system32\cdosys.dll

======List of files/folders modified in the last 1 month======

2012-08-09 19:42:04 ----D---- C:\Windows\Prefetch
2012-08-09 19:42:02 ----RD---- C:\Program Files
2012-08-09 19:42:02 ----D---- C:\Windows\system32\Tasks
2012-08-09 14:47:14 ----D---- C:\Windows\system32\config
2012-08-09 14:36:19 ----D---- C:\Windows\inf
2012-08-09 14:36:19 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\Media Player Classic
2012-08-09 14:36:19 ----AD---- C:\Windows
2012-08-09 13:19:22 ----D---- C:\Windows\SysWOW64
2012-08-09 13:19:20 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-08-09 12:37:10 ----RD---- C:\Program Files (x86)
2012-08-09 12:37:10 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2012-08-09 12:32:30 ----D---- C:\Windows\Tasks
2012-08-09 00:52:57 ----SHD---- C:\System Volume Information
2012-08-09 00:39:11 ----D---- C:\Windows\SoftwareDistribution
2012-08-09 00:38:50 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\uTorrent
2012-08-08 23:50:25 ----D---- C:\Windows\system32\drivers
2012-08-08 23:48:00 ----A---- C:\Windows\system.ini
2012-08-08 23:47:51 ----D---- C:\Windows\system32\drivers\etc
2012-08-08 23:45:06 ----D---- C:\Windows\SYSWOW64\drivers
2012-08-08 23:45:06 ----D---- C:\Windows\AppPatch
2012-08-08 23:45:05 ----D---- C:\Program Files (x86)\Common Files
2012-08-05 23:59:20 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2012-08-05 01:04:35 ----SHD---- C:\Windows\Installer
2012-08-05 01:03:02 ----D---- C:\Windows\Logs
2012-08-05 00:11:47 ----D---- C:\ProgramData
2012-08-04 22:39:30 ----RSD---- C:\Windows\assembly
2012-08-04 03:32:32 ----D---- C:\Program Files (x86)\AIDA64 Extreme 2.50.2000
2012-08-04 02:33:36 ----D---- C:\Windows\system32\NDF
2012-07-30 15:15:21 ----D---- C:\Windows\system32\LogFiles
2012-07-30 15:14:33 ----D---- C:\Windows\System32
2012-07-30 00:30:49 ----D---- C:\Windows\system32\catroot2
2012-07-29 18:12:10 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-07-27 15:53:29 ----D---- C:\Windows\system32\drivers\UMDF
2012-07-26 07:26:36 ----D---- C:\Windows\system32\DriverStore
2012-07-26 07:26:36 ----D---- C:\Windows\system32\catroot
2012-07-22 22:00:35 ----D---- C:\Windows\SYSWOW64\directx
2012-07-18 17:24:25 ----SD---- C:\ProgramData\Microsoft
2012-07-18 17:15:12 ----D---- C:\Windows\winsxs
2012-07-17 23:16:25 ----D---- C:\Program Files (x86)\Seznam
2012-07-17 23:04:52 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-07-16 11:30:41 ----D---- C:\Users\Petr Neuwirth\AppData\Roaming\AV Bros Puzzle Pro 3.1
2012-07-16 11:17:02 ----HD---- C:\Windows\system32\GroupPolicy
2012-07-14 23:29:52 ----D---- C:\Program Files (x86)\vLite
2012-07-12 22:46:17 ----D---- C:\Program Files\cpu-z_1.60.1-64bits-en
2012-07-11 21:56:57 ----AD---- C:\Windows\SYSWOW64\oobe
2012-07-10 23:15:29 ----D---- C:\Windows\debug
2012-07-10 22:30:57 ----D---- C:\Windows\SYSWOW64\migration
2012-07-10 22:30:57 ----D---- C:\Windows\system32\migration
2012-07-10 22:30:57 ----D---- C:\Program Files\Internet Explorer
2012-07-10 22:30:57 ----D---- C:\Program Files (x86)\Internet Explorer
2012-07-10 22:19:25 ----D---- C:\ProgramData\Microsoft Help
2012-07-10 22:18:07 ----A---- C:\Windows\system32\MRT.exe
2012-07-10 00:27:19 ----A---- C:\Windows\posta2.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-02 537112]
R0 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2009-07-18 109480]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-03-20 203888]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R3 ALSysIO;ALSysIO; \??\C:\Users\PETRNE~1\AppData\Local\Temp\ALSysIO64.sys []
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2010-07-07 230488]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2010-07-07 697816]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2010-07-07 95320]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2010-07-07 15960]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2010-07-07 213080]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2010-07-07 118360]
R3 ha20x22k;Creative 20X2 HAL Driver; C:\Windows\system32\drivers\ha20x22k.sys [2010-07-07 1612888]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2010-07-07 179288]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-07-26 303616]
S2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-07-26 35328]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2010-07-07 230488]
S3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2010-07-07 580696]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2010-07-07 1445976]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2010-07-07 95320]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2010-07-07 1567832]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-20 98688]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-01-19 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-03-26 12600]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-07-30 75136]
R3 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-05-15 889664]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-09 250056]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
S3 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-05-30 79360]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-06-13 654848]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
S3 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2011-01-31 66560]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S4 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]

-----------------EOF-----------------

[vyosek]

zadny babylon nebo tak nainstalovany nevidim, spis to bude jen soucast icq

Mrknem, kde vsude se nam iobit zasil a jeste si overim jeden soubor

Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/

• C:\Windows\system32\drivers\yk62x64.sys
• Kliknete na Choose file
• Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
• Kliknete na Scan It
• Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
  
• Vysledek analyzy sem vlozte (jako odkaz)

Stahnete SytemLook http://jpshortstuff.247fixes.com/SystemLook.exe a ulozte jej na plochu

• Do okna vlozte skript nize

• Kód: Vybrat vše

  :file
  C:\Windows\system32\drivers\yk62x64.sys
  
  :filefind
  *iobit*.*
  
  :folderfind
  *iobit*
  
  :regfind
  *iobit*
  

• Kliknete na Look
• Tlacitko Look se zmeni na Scanning a zsedne
• Pockejte pokud se tlacitko Scanning opet nezmeni na Look - tak poznate ze SystemLook dokoncil svou praci
• Vyskoci na Vas log s nazvem SystemLook (pripadne bude ulozen na plose), jeho obsah mi sem vlozte

[maruse1994]

http://leteckaposta.cz/511887760
Na stránku na kterou jste mi posílal odkaz. Nemám nic hledat, pouze zadat cestu? Jakmile kliknu do ikonky abych tam dala cestu, vyjede mi tabulka pro o tevření souboru. Když vložim tedy cestu tam, zobrazí se mi tam toto..

[maruse1994]

SystemLook
LOG:

SystemLook 30.07.11 by jpshortstuff
Log created at 12:44 on 11/08/2012 by Petr Neuwirth
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== file ==========

C:\Windows\system32\drivers\yk62x64.sys - Unable to find/read file.

========== filefind ==========

Searching for "*iobit*.*"
C:\Program Files (x86)\iobit-uninstaller.exe --a---- 1688408 bytes [18:25 14/06/2012] [18:25 14/06/2012] EB732C43B23E848EBDA2E2C429C55516
C:\Users\Petr Neuwirth\Desktop\iobit-uninstaller.lnk --a---- 1344 bytes [18:28 14/06/2012] [18:28 14/06/2012] 7856AEF8FFBA7A61BD06FB7B8385FDD5

========== folderfind ==========

Searching for "*iobit*"
C:\Users\Petr Neuwirth\AppData\Roaming\IObit d------ [18:26 14/06/2012]
C:\Users\Petr Neuwirth\AppData\Roaming\IObit\IObit Uninstaller d------ [18:26 14/06/2012]

========== regfind ==========

Searching for "*iobit*"
No data found.

-= EOF =-

[vyosek]

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe

• Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
• Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

• Kód: Vybrat vše

  :files
  C:\Windows\system32\drivers\yk62x64.sys
  C:\Program Files (x86)\iobit-uninstaller.exe
  C:\Users\Petr Neuwirth\Desktop\iobit-uninstaller.lnk
  C:\Users\Petr Neuwirth\AppData\Roaming\IObit
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp
  
  :commands
  [RESETHOSTS]
  [EMPTYTEMP]
  [EMPTYFLASH]
  [EMPTYJAVA]

• Kliknete na cervene tlacitko MoveIt!
• Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

[maruse1994]

Mohu se Vás prosím zeptat, jaký odinstalační program je dobrý? Stačí ten CCleaner na příští odinstalace?

All processes killed
========== FILES ==========
File/Folder C:\Windows\system32\drivers\yk62x64.sys not found.
C:\Program Files (x86)\iobit-uninstaller.exe moved successfully.
C:\Users\Petr Neuwirth\Desktop\iobit-uninstaller.lnk moved successfully.
C:\Users\Petr Neuwirth\AppData\Roaming\IObit\IObit Uninstaller\Log folder moved successfully.
C:\Users\Petr Neuwirth\AppData\Roaming\IObit\IObit Uninstaller\Language folder moved successfully.
C:\Users\Petr Neuwirth\AppData\Roaming\IObit\IObit Uninstaller folder moved successfully.
C:\Users\Petr Neuwirth\AppData\Roaming\IObit folder moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Petr Neuwirth
->Temp folder emptied: 881999287 bytes
->Temporary Internet Files folder emptied: 3589908 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 846963776 bytes
->Flash cache emptied: 8407 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3956 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1 652,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Petr Neuwirth
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Petr Neuwirth
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 08112012_232558

Files moved on Reboot...

Registry entries deleted on Reboot...

[vyosek]

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Na odinstalaci bud CCleaner nebo revo uninstaller http://www.stahuj.centrum.cz/utility_a_ ... installer/

[maruse1994]

Děkuji, moc jste mi pomohl

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy


A na rozloucenou vam zahraje nase kapela