Turn Off PC Problem

[kuntakinte]

Dobrý deň, chcel by som Vás požiadať o radu s pc, už dlhšiu dobu sa pomerne často vyskytuje problém pri vypnutí/reštarte pc, totiž keď ho dám vypnúť, všetko vyzerá že sa normálne poukončuje, až nakoniec ostane len pozadie (ikony zmiznú, lišty zmiznú,...) no a ďalej sa už nič nedeje. Ostane jednoducho taktzo zapnutý a jediný spôsob ako ide vypnúť je pridržaním Power. Nieje to pravidelne, niekedy to ide, ale večšinou ho normálne nevypnem. Prvý raz sa to začalo diať pri používaní Mozilly Firefox, ktorá sa nechcela ukončiť v procesoch ani pri reštarte, ale potom som ju prestal používať a po istej dobe sa problém vrátil aj tak. Momentálne ju zase používam. Neviem možno by bolo ešte vhodné spomenúť že posledné 3-4 dni mi nejde updatetnúť ani Avira, dôvod neviem, skúšal som ju preinštalovať ale problém zotrval. Ďakujem za pomoc, vkladám log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by ivan at 2010-04-16 11:41:54
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 63 GB (48%) free of 131 GB
Total RAM: 2046 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:41:59, on 16.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\OAcat.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Tall Emu\Online Armor\OAui.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Tall Emu\Online Armor\OAhlp.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\ivan\Desktop\RSIT.exe
C:\Program Files\trend micro\ivan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://toolbar.ask.com/toolbarv/askRedi ... &gc=1&q=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\OAui.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\ivan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe -silent
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E933544-D40E-457F-95E0-1E7F0C6D435D}: NameServer = 195.168.1.2,195.168.1.4
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: Služba Google Update (gupdate1c99ca5d283c91e) (gupdate1c99ca5d283c91e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Online Armor Helper Service (OAcat) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\OAcat.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Prime95 Service - Unknown owner - C:\Program Files\Prime95\prime95.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 10119 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cab6eebdc09bce.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-492894223-725345543-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-492894223-725345543-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-31 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-31 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-01-03 1019128]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-02-19 1262888]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-07 16862208]
"Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-01-26 495616]
"NSLauncher"=C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [2007-11-06 3096576]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-07 57344]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2005-01-12 32768]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
"@OnlineArmor GUI"=C:\Program Files\Tall Emu\Online Armor\OAui.exe [2009-12-05 6622920]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-02-03 98304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Documents and Settings\ivan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-21 133104]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe [2008-07-22 2772992]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-02-03 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [2009-12-05 923336]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=43010000
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\MY DOCUMENTS\My Games\Dead Space\Dead Space.exe"="D:\MY DOCUMENTS\My Games\Dead Space\Dead Space.exe:*:Disabled:Dead Space ™"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\ivan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\ivan\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\utorrent-lite\utorrent.exe"="C:\Program Files\utorrent-lite\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\FlatOut2\FlatOut2.exe"="C:\Program Files\FlatOut2\FlatOut2.exe:*:Enabled:FlatOut2"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\MY DOCUMENTS\z netu\Bulanci_1.82-0.exe"="D:\MY DOCUMENTS\z netu\Bulanci_1.82-0.exe:*:Enabled:Bulanci_1.82-0"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe"="C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe:*:Enabled:Neverwinter Nights 2 Main"
"C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe"="C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe:*:Enabled:Neverwinter Nights 2 AMD"
"C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe"="C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe:*:Enabled:Neverwinter Nights 2 Updater"
"C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe"="C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe:*:Enabled:Neverwinter Nights 2 Server"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Dragon Age\bin_ship\daorigins.exe"="C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins Game"
"C:\Program Files\Dragon Age\DAOriginsLauncher.exe"="C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher"
"C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe"="C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutLauncher.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutConfigTool.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe"="C:\Program Files\Electronic Arts\Burnout(TM) Paradise The Ultimate Box\BurnoutParadise.exe:*:Enabled:Burnout(TM) Paradise The Ultimate Box"
"C:\Program Files\Electronic Arts\EADM\Core.exe"="C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager"
"C:\Documents and Settings\ivan\Desktop\utorrent-portable\utorrent.exe"="C:\Documents and Settings\ivan\Desktop\utorrent-portable\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ.exe"

======List of files/folders created in the last 1 months======

2010-04-16 11:41:54 ----D---- C:\rsit
2010-04-15 15:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 15:22:45 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 15:21:08 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-15 15:21:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 15:20:59 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 15:20:54 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 15:20:48 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-07 21:38:20 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2010-04-07 16:57:02 ----D---- C:\Documents and Settings\ivan\Application Data\BSplayer
2010-04-07 16:57:01 ----D---- C:\Program Files\Webteh
2010-04-04 16:40:41 ----D---- C:\Documents and Settings\ivan\Application Data\Avira
2010-04-01 09:19:08 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-03-31 16:00:01 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-03-31 16:00:00 ----D---- C:\Program Files\Common Files\Java
2010-03-31 15:59:42 ----A---- C:\WINDOWS\system32\javaws.exe
2010-03-31 15:59:42 ----A---- C:\WINDOWS\system32\javaw.exe
2010-03-31 15:59:42 ----A---- C:\WINDOWS\system32\java.exe
2010-03-30 15:56:18 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-03-29 18:55:17 ----D---- C:\Program Files\ICQ6.5
2010-03-28 14:41:14 ----D---- C:\Program Files\PercussionStudio3

======List of files/folders modified in the last 1 months======

2010-04-16 11:41:59 ----D---- C:\WINDOWS\Prefetch
2010-04-16 11:41:57 ----D---- C:\Program Files\trend micro
2010-04-16 11:39:17 ----D---- C:\WINDOWS\temp
2010-04-16 11:39:16 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-16 11:39:09 ----D---- C:\WINDOWS
2010-04-15 17:16:06 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-04-15 16:27:10 ----D---- C:\Documents and Settings\ivan\Application Data\Mozilla
2010-04-15 16:26:46 ----D---- C:\Program Files\Mozilla Firefox
2010-04-15 15:41:59 ----D---- C:\WINDOWS\Debug
2010-04-15 15:35:41 ----D---- C:\Documents and Settings\ivan\Application Data\ICQ
2010-04-15 15:33:41 ----D---- C:\Config.Msi
2010-04-15 15:27:47 ----SHD---- C:\WINDOWS\Installer
2010-04-15 15:26:51 ----D---- C:\WINDOWS\system32
2010-04-15 15:22:55 ----HD---- C:\WINDOWS\inf
2010-04-15 15:22:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-15 15:22:49 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-15 15:22:46 ----D---- C:\WINDOWS\system32\drivers
2010-04-07 23:23:12 ----A---- C:\WINDOWS\wincmd.ini
2010-04-07 16:57:01 ----RD---- C:\Program Files
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-03-31 16:00:00 ----D---- C:\Program Files\Common Files
2010-03-31 15:59:33 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-03-30 12:01:28 ----D---- C:\Program Files\ICQ6Toolbar
2010-03-29 18:42:04 ----HD---- C:\Program Files\InstallShield Installation Information
2010-03-29 18:42:04 ----D---- C:\Documents and Settings\All Users\Application Data\ICQ
2010-03-28 15:04:37 ----A---- C:\WINDOWS\win.ini
2010-03-28 13:54:09 ----D---- C:\Program Files\Opera
2010-03-28 11:16:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-23 11:17:20 ----D---- C:\WINDOWS\Minidump
2010-03-21 02:14:00 ----D---- C:\Documents and Settings\ivan\Application Data\uTorrent
2010-03-21 02:05:14 ----SD---- C:\Documents and Settings\ivan\Application Data\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 OADevice;OADriver; \??\C:\WINDOWS\system32\drivers\OADriver.sys []
R1 OAmon;OAmon; \??\C:\WINDOWS\system32\drivers\OAmon.sys []
R1 OAnet;OAnet; \??\C:\WINDOWS\system32\drivers\OAnet.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-02-03 4605952]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-05-21 93696]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-07 4739072]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-16 115840]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl []
S3 ac188btx;ac188btx; C:\WINDOWS\system32\drivers\ac188btx.sys []
S3 ASPI;Advanced SCSI Programming Interface Driver; \??\C:\WINDOWS\System32\DRIVERS\ASPI32.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-15 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-12-17 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-12-17 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-12-17 21744]
S3 k600bus;Sony Ericsson 600i driver (WDM); C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-05-11 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-05-11 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-05-11 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-05-11 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-05-11 77072]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2007-02-22 137216]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2007-02-22 12288]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM); C:\WINDOWS\system32\DRIVERS\sea1bus.sys [2007-02-08 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\sea1mdfl.sys [2007-02-08 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\sea1mdm.sys [2007-02-08 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\sea1mgmt.sys [2007-02-08 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS); C:\WINDOWS\system32\DRIVERS\sea1nd5.sys [2007-02-08 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\sea1obex.sys [2007-02-08 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM); C:\WINDOWS\system32\DRIVERS\sea1unic.sys [2007-02-08 90800]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-03-16 267432]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2010-01-08 380928]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-02-03 602112]
R2 GEST Service;GEST Service for program management.; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-05-13 80392]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-31 153376]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-09-21 1028432]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 OAcat;Online Armor Helper Service; C:\Program Files\Tall Emu\Online Armor\OAcat.exe [2009-12-05 1282248]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2008-11-23 570880]
R2 SvcOnlineArmor;Online Armor; C:\Program Files\Tall Emu\Online Armor\oasrv.exe [2009-12-05 3291336]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-07-14 593920]
S2 gupdate1c99ca5d283c91e;Služba Google Update (gupdate1c99ca5d283c91e); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-04 133104]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S2 Prime95 Service;Prime95 Service; C:\Program Files\Prime95\prime95.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2007-02-08 212480]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-11-23 306432]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[kuntakinte]

Pridávam ešte jeden log z posledného scannu Aviry, ktorý po pár minútach skončil s hláškou Hidden objects were found, one or more hidden objects that indicate a hidden virus or onwanted program were found. An analysis of your comupter with the AVIRA rescue CD is necessary for exact identification and repair.


Avira AntiVir Personal
Report file date: 16. apríla 2010 11:51

Scanning for 1867270 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : B-3DFA3368B9EC4

Version information:
BUILD.DAT : 10.0.0.561 32098 Bytes 18. 3. 2010 15:46:00
AVSCAN.EXE : 10.0.2.3 433832 Bytes 7. 3. 2010 15:57:10
AVSCAN.DLL : 10.0.2.2 45928 Bytes 2. 3. 2010 10:48:47
LUKE.DLL : 10.0.2.3 104296 Bytes 7. 3. 2010 16:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 10. 2. 2010 21:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 6. 11. 2009 14:14:48
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19. 11. 2009 14:12:51
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20. 1. 2010 13:57:15
VBASE003.VDF : 7.10.3.75 996864 Bytes 26. 1. 2010 21:03:21
VBASE004.VDF : 7.10.4.203 1579008 Bytes 5. 3. 2010 14:24:00
VBASE005.VDF : 7.10.4.204 2048 Bytes 5. 3. 2010 14:24:00
VBASE006.VDF : 7.10.4.205 2048 Bytes 5. 3. 2010 14:24:00
VBASE007.VDF : 7.10.4.206 2048 Bytes 5. 3. 2010 14:24:00
VBASE008.VDF : 7.10.4.207 2048 Bytes 5. 3. 2010 14:24:00
VBASE009.VDF : 7.10.4.208 2048 Bytes 5. 3. 2010 14:24:00
VBASE010.VDF : 7.10.4.209 2048 Bytes 5. 3. 2010 14:24:00
VBASE011.VDF : 7.10.4.210 2048 Bytes 5. 3. 2010 14:24:00
VBASE012.VDF : 7.10.4.211 2048 Bytes 5. 3. 2010 14:24:00
VBASE013.VDF : 7.10.4.242 153088 Bytes 8. 3. 2010 15:32:11
VBASE014.VDF : 7.10.5.17 99328 Bytes 10. 3. 2010 15:33:09
VBASE015.VDF : 7.10.5.44 107008 Bytes 11. 3. 2010 20:01:43
VBASE016.VDF : 7.10.5.69 92672 Bytes 12. 3. 2010 20:28:48
VBASE017.VDF : 7.10.5.91 119808 Bytes 15. 3. 2010 20:28:50
VBASE018.VDF : 7.10.5.121 112640 Bytes 18. 3. 2010 20:28:51
VBASE019.VDF : 7.10.5.122 2048 Bytes 18. 3. 2010 11:01:24
VBASE020.VDF : 7.10.5.123 2048 Bytes 18. 3. 2010 11:01:24
VBASE021.VDF : 7.10.5.124 2048 Bytes 18. 3. 2010 11:01:24
VBASE022.VDF : 7.10.5.125 2048 Bytes 18. 3. 2010 11:01:24
VBASE023.VDF : 7.10.5.126 2048 Bytes 18. 3. 2010 11:01:24
VBASE024.VDF : 7.10.5.127 2048 Bytes 18. 3. 2010 11:01:24
VBASE025.VDF : 7.10.5.128 2048 Bytes 18. 3. 2010 11:01:24
VBASE026.VDF : 7.10.5.129 2048 Bytes 18. 3. 2010 11:01:24
VBASE027.VDF : 7.10.5.130 2048 Bytes 18. 3. 2010 11:01:24
VBASE028.VDF : 7.10.5.131 2048 Bytes 18. 3. 2010 11:01:24
VBASE029.VDF : 7.10.5.132 2048 Bytes 18. 3. 2010 11:01:24
VBASE030.VDF : 7.10.5.133 2048 Bytes 18. 3. 2010 11:01:25
VBASE031.VDF : 7.10.5.134 16384 Bytes 18. 3. 2010 11:01:25
Engineversion : 8.2.1.194
AEVDF.DLL : 8.1.1.3 106868 Bytes 23. 1. 2010 13:51:33
AESCRIPT.DLL : 8.1.3.18 1024378 Bytes 17. 3. 2010 09:09:47
AESCN.DLL : 8.1.5.0 127347 Bytes 27. 2. 2010 02:50:50
AESBX.DLL : 8.1.2.1 254323 Bytes 17. 3. 2010 21:04:48
AERDL.DLL : 8.1.4.3 541043 Bytes 17. 3. 2010 21:04:37
AEPACK.DLL : 8.2.1.0 426356 Bytes 2. 3. 2010 13:01:39
AEOFFICE.DLL : 8.1.0.41 201083 Bytes 17. 3. 2010 21:04:30
AEHEUR.DLL : 8.1.1.13 2470262 Bytes 17. 3. 2010 09:09:46
AEHELP.DLL : 8.1.10.2 237941 Bytes 17. 3. 2010 09:09:46
AEGEN.DLL : 8.1.2.2 373107 Bytes 17. 3. 2010 09:09:45
AEEMU.DLL : 8.1.1.0 393587 Bytes 4. 10. 2009 08:06:59
AECORE.DLL : 8.1.12.3 188789 Bytes 17. 3. 2010 09:09:45
AEBB.DLL : 8.1.0.3 53618 Bytes 9. 10. 2008 13:32:40
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14. 1. 2010 10:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 14. 1. 2010 10:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 18. 2. 2010 14:47:40
AVREG.DLL : 10.0.1.2 52072 Bytes 29. 1. 2010 09:47:41
AVSCPLR.DLL : 10.0.2.3 83304 Bytes 7. 3. 2010 16:02:30
AVARKT.DLL : 10.0.0.13 227176 Bytes 7. 3. 2010 15:48:41
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26. 1. 2010 07:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28. 1. 2010 10:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16. 3. 2010 13:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 19. 2. 2010 12:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28. 1. 2010 11:10:20
RCTEXT.DLL : 10.0.46.0 97128 Bytes 5. 3. 2010 08:09:41

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, F:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: 16. apríla 2010 11:51

Starting search for hidden objects.
At the end of the scan!
HKEY_USERS\S-1-5-21-1004336348-492894223-725345543-1004\Software\SecuROM\License information\datasecu
[NOTE] The registry entry is invisible.
HKEY_USERS\S-1-5-21-1004336348-492894223-725345543-1004\Software\SecuROM\License information\rkeysecu
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\Software\GIGABYTE\GEST\vout
[NOTE] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet002\Control\Session Manager\Power\heuristics
[NOTE] The registry entry is invisible.
\Driver\Cdrom
[NOTE] The registry entry is invisible.

[motji]

Hezké odpoledne

Zazálohujte si důležitá data, pro jistotu

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

[kuntakinte]

ComboFix 10-04-17.07 - ivan 18.04.2010 23:10:02.6.4 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2046.1555 [GMT 2:00]
Running from: c:\documents and settings\ivan\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
FW: Online Armor Firewall *disabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
* Resident AV is active

.

((((((((((((((((((((((((( Files Created from 2010-03-18 to 2010-04-18 )))))))))))))))))))))))))))))))
.

2010-04-16 09:41 . 2010-04-16 09:42 -------- d-----w- C:\rsit
2010-04-12 12:44 . 2010-04-12 12:44 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-04-07 19:38 . 2010-04-07 19:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2010-04-07 14:57 . 2010-02-23 15:01 1185871 ----a-w- c:\documents and settings\ivan\Application Data\BSplayer\FFDShow\unins000.exe
2010-04-04 14:40 . 2010-04-04 14:40 -------- d-----w- c:\documents and settings\ivan\Application Data\Avira
2010-03-31 14:00 . 2010-03-31 14:00 -------- d-----w- c:\program files\Common Files\Java
2010-03-31 13:59 . 2010-03-31 13:59 503808 ----a-w- c:\documents and settings\ivan\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2aede7eb-n\msvcp71.dll
2010-03-31 13:59 . 2010-03-31 13:59 499712 ----a-w- c:\documents and settings\ivan\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2aede7eb-n\jmc.dll
2010-03-31 13:59 . 2010-03-31 13:59 348160 ----a-w- c:\documents and settings\ivan\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-2aede7eb-n\msvcr71.dll
2010-03-31 13:59 . 2010-03-31 13:59 61440 ----a-w- c:\documents and settings\ivan\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-714efdf9-n\decora-sse.dll
2010-03-31 13:59 . 2010-03-31 13:59 12800 ----a-w- c:\documents and settings\ivan\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-714efdf9-n\decora-d3d.dll
2010-03-30 13:56 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-03-29 16:55 . 2010-03-29 16:56 -------- d-----w- c:\program files\ICQ6.5
2010-03-29 16:41 . 2010-03-29 16:41 -------- d-----w- c:\documents and settings\ivan\Local Settings\Application Data\AOL
2010-03-28 12:41 . 2010-03-28 12:52 -------- d-----w- c:\program files\PercussionStudio3
2010-03-24 08:04 . 2010-03-24 18:17 952768 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\32306\AdobeARM.exe
2010-03-24 08:04 . 2010-03-24 18:17 70584 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\32306\AdobeExtractFiles.dll
2010-03-24 08:04 . 2010-03-24 18:17 326056 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\32306\ReaderUpdater.exe
2010-03-24 08:04 . 2010-03-24 18:17 326056 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\32306\AcrobatUpdater.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-18 21:08 . 2008-11-21 19:17 16608 ----a-w- c:\windows\gdrv.sys
2010-04-18 21:03 . 2009-02-09 16:03 -------- d-----w- c:\documents and settings\ivan\Application Data\ICQ
2010-04-16 09:41 . 2009-04-14 20:34 -------- d-----w- c:\program files\trend micro
2010-04-14 19:07 . 2010-04-07 14:57 -------- d-----w- c:\documents and settings\ivan\Application Data\BSplayer
2010-04-07 14:57 . 2010-04-07 14:57 -------- d-----w- c:\program files\Webteh
2010-03-31 13:59 . 2009-04-16 18:30 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-30 10:01 . 2009-02-08 17:11 -------- d-----w- c:\program files\ICQ6Toolbar
2010-03-29 16:42 . 2009-02-08 17:11 -------- d-----w- c:\documents and settings\All Users\Application Data\ICQ
2010-03-29 16:42 . 2008-11-21 19:18 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-28 11:54 . 2009-06-04 15:26 -------- d-----w- c:\program files\Opera
2010-03-22 12:52 . 2010-04-07 14:58 697690 ----a-w- c:\documents and settings\ivan\Application Data\BSplayer\AC3 Filter\unins000.exe
2010-03-21 00:14 . 2009-02-12 14:19 -------- d-----w- c:\documents and settings\ivan\Application Data\uTorrent
2010-03-15 17:38 . 2008-11-23 06:45 -------- d-----w- c:\documents and settings\ivan\Application Data\Spyware Terminator
2010-03-15 17:38 . 2008-11-23 06:45 -------- d-----w- c:\program files\Spyware Terminator
2010-03-14 12:52 . 2008-12-28 19:46 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-09 11:09 . 2006-02-28 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-03-01 07:05 . 2009-04-30 18:01 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-02-27 18:06 . 2010-02-27 18:00 -------- d-----w- c:\program files\ATI
2010-02-27 18:05 . 2010-02-27 18:05 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2010-02-27 18:02 . 2008-11-21 19:31 -------- d-----w- c:\program files\ATI Technologies
2010-02-27 18:00 . 2010-02-27 18:00 10134 ----a-r- c:\documents and settings\ivan\Application Data\Microsoft\Installer\{2FB2169F-04D8-FFC0-6A66-80EE652B93A5}\ARPPRODUCTICON.exe
2010-02-27 17:53 . 2010-01-20 20:25 -------- d-----w- c:\documents and settings\All Users\Application Data\OnlineArmor
2010-02-26 18:34 . 2008-12-03 05:46 -------- d-----w- c:\program files\Common Files\Nero
2010-02-26 18:34 . 2008-12-03 05:47 -------- d-----w- c:\program files\Nero
2010-02-26 18:32 . 2010-02-26 18:32 -------- d-----w- c:\program files\Windows Sidebar
2010-02-26 18:14 . 2008-12-03 05:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2010-02-26 05:43 . 2006-02-28 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-02-24 13:11 . 2006-02-28 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-23 14:00 . 2010-04-07 14:58 42288 ----a-w- c:\documents and settings\ivan\Application Data\BSplayer\Haali media splitter\uninstall.exe
2010-02-22 20:36 . 2009-02-17 14:50 -------- d-----w- c:\program files\utorrent-lite
2010-02-21 21:22 . 2009-01-18 12:10 -------- d-----w- c:\program files\Electronic Arts
2010-02-21 21:21 . 2009-02-24 14:43 5076 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-02-20 15:44 . 2010-02-20 15:44 -------- d-----w- c:\program files\Ubi Soft
2010-02-16 14:08 . 2006-02-28 12:00 2146304 ------w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2004-08-03 22:59 2024448 ------w- c:\windows\system32\ntkrnlpa.exe
2010-02-16 11:24 . 2009-04-30 18:01 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-02-12 04:33 . 2006-02-28 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2006-02-28 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-03 04:52 . 2008-06-03 06:20 4605952 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-02-03 04:12 . 2009-03-16 19:35 45056 ----a-w- c:\windows\system32\aticalrt.dll
2010-02-03 04:12 . 2009-03-16 19:34 45056 ----a-w- c:\windows\system32\aticalcl.dll
2010-02-03 04:10 . 2009-03-16 19:33 3633152 ----a-w- c:\windows\system32\aticaldd.dll
2010-02-03 04:07 . 2008-11-21 19:31 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-02-03 04:02 . 2008-10-29 02:10 14188544 ----a-w- c:\windows\system32\atioglxx.dll
2010-02-03 03:50 . 2008-06-03 02:59 3566048 ----a-w- c:\windows\system32\ati3duag.dll
2010-02-03 03:40 . 2008-11-21 19:31 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-02-03 03:39 . 2008-06-03 03:21 301568 ----a-w- c:\windows\system32\ati2dvag.dll
2010-02-03 03:35 . 2008-06-03 02:48 2176640 ----a-w- c:\windows\system32\ativvaxx.dll
2010-02-03 03:34 . 2008-11-21 19:31 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-02-03 03:34 . 2008-11-21 19:31 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-02-03 03:32 . 2008-06-03 03:04 397312 ----a-w- c:\windows\system32\atiok3x2.dll
2010-02-03 03:23 . 2008-06-03 03:11 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-02-03 03:23 . 2008-06-03 03:11 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-02-03 03:23 . 2008-06-03 03:11 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-02-03 03:23 . 2008-06-03 03:11 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-02-03 03:22 . 2008-06-03 03:11 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-02-03 03:21 . 2008-06-03 03:09 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2010-02-03 03:19 . 2008-06-03 03:08 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-02-03 03:19 . 2010-02-27 18:00 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-02-03 03:18 . 2009-03-16 19:40 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-02-03 03:18 . 2008-06-03 02:33 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2010-02-03 03:17 . 2008-06-03 02:27 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-02-03 03:15 . 2008-06-03 02:29 565248 ----a-w- c:\windows\system32\atikvmag.dll
2010-02-03 03:12 . 2008-06-03 02:28 180224 ----a-w- c:\windows\system32\atiadlxx.dll
2010-02-03 03:12 . 2008-06-03 02:28 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-02-03 03:06 . 2008-06-03 02:21 638976 ----a-w- c:\windows\system32\ati2cqag.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-02-19 1262888]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\ivan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2008-11-21 133104]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2008-07-22 2772992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-07 16862208]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-01-26 495616]
"NSLauncher"="c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2007-11-06 3096576]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2005-01-12 32768]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 49152]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\OAui.exe" [2009-12-05 6622920]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-02 98304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-11 282624]
HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-5-12 73728]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-18 65588]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2009-12-05 923336]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe
"Google Update"="c:\documents and settings\ivan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"OSSelectorReinstall"=c:\program files\Common Files\Acronis\AcronisDiskDirector\oss_reinstall.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\MY DOCUMENTS\\My Games\\Dead Space\\Dead Space.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\ivan\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\utorrent-lite\\utorrent.exe"=
"c:\\Program Files\\FlatOut2\\FlatOut2.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"d:\\MY DOCUMENTS\\z netu\\Bulanci_1.82-0.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwupdate.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2server.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"=
"c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"=
"c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutLauncher.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Documents and Settings\\ivan\\Desktop\\utorrent-portable\\utorrent.exe"=
"c:\\Program Files\\Opera\\opera.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [18.8.2009 23:25 64160]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [20.1.2010 22:25 223312]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [20.1.2010 22:25 24656]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [20.1.2010 22:25 29776]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [30.4.2009 20:01 135336]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [8.1.2010 1:51 380928]
R2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [21.11.2008 21:18 80392]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [8.2.2009 19:11 246520]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3.7.2009 16:49 1028432]
R2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\oacat.exe [20.1.2010 22:25 1282248]
R2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [20.1.2010 22:25 3291336]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.11.2008 11:36 691696]
S2 gupdate1c99ca5d283c91e;Služba Google Update (gupdate1c99ca5d283c91e);c:\program files\Google\Update\GoogleUpdate.exe [4.3.2009 10:47 133104]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [1.3.2010 23:51 16512]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [16.11.2009 15:34 25832]
S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\drivers\k600bus.sys [11.5.2005 14:12 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\drivers\k600mdfl.sys [11.5.2005 14:12 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\drivers\k600mdm.sys [11.5.2005 14:12 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\drivers\k600mgmt.sys [11.5.2005 14:12 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\k600obex.sys [11.5.2005 14:12 77072]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\drivers\sea1bus.sys [28.11.2008 13:05 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;c:\windows\system32\drivers\sea1mdfl.sys [28.11.2008 13:05 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;c:\windows\system32\drivers\sea1mdm.sys [28.11.2008 13:05 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea1mgmt.sys [28.11.2008 13:05 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS);c:\windows\system32\drivers\sea1nd5.sys [28.11.2008 13:06 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface;c:\windows\system32\drivers\sea1obex.sys [28.11.2008 13:05 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM);c:\windows\system32\drivers\sea1unic.sys [28.11.2008 13:05 90800]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder

2010-04-02 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClick.exe [2007-12-21 12:49]

2010-04-05 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 21:25]

2010-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cab6eebdc09bce.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-04 08:47]

2010-04-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-04 08:47]

2010-04-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-492894223-725345543-1004Core.job
- c:\documents and settings\ivan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-21 20:27]

2010-04-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1004336348-492894223-725345543-1004UA.job
- c:\documents and settings\ivan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-11-21 20:27]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.icq.com/
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=101761&gct=&gc=1&q=%s
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
TCP: {0E933544-D40E-457F-95E0-1E7F0C6D435D} = 195.168.1.2,195.168.1.4
FF - ProfilePath - c:\documents and settings\ivan\Application Data\Mozilla\Firefox\Profiles\kyqg5x4k.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.type - 2
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{7c5c0f58-e061-457d-9033-77307f5ed00c}\components\FFAlert.dll
FF - plugin: c:\documents and settings\ivan\Local Settings\Application Data\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)
Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-18 23:16
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1004336348-492894223-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:8c,15,64,d7,0c,8f,e1,c6,58,0e,98,2c,89,fc,d7,c8,cb,e7,b9,36,6c,
1e,4c,70,24,37,1c,7b,ed,da,25,a1,a3,a3,6a,e3,28,a7,60,74,02,fa,f5,7e,b0,5e,\
"rkeysecu"=hex:71,42,a7,a0,29,61,b5,70,08,17,d8,78,e0,ff,0f,48
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(648)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Completion time: 2010-04-18 23:18:53
ComboFix-quarantined-files.txt 2010-04-18 21:18

Pre-Run: 66 038 112 256 bytes free
Post-Run: 13 adresárov, 66 107 596 800 voľných bajtov

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 87154CD42DF1D8DC6CE97A19C5E21718

[kuntakinte]

Tady je log, jenom se vyskytl malý problém, který jaksi nevím nakolik může ovlivnit výsledek z ComboFixu, on se totiž po spuštění CF restartovalo PC, a po startu okamžitě začal scan. Jenomže po restartu se taky znovu spustil OA a Avira, které měli být počas skenu vypnuté.

[motji]

Je to v pořádku.
Změnilo se něco po použití combofixu?

[kuntakinte]

Ani ne, teda podle toho co jsem měl čekat. Avira pořád nachází těch 5 hidden objects, a pořád i po doporučení co mám udělat pro jejich odstranění tam jsou, a co se týče problému s vypnutím PC, těžko říct protože jak jsem již uvedl, neděje se to pravidelně, a tam výsledek zjistím pravděpodobně až s odstupem času po několika restartech.

[motji]

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[kuntakinte]

Malwarebytes' Anti-Malware 1.44
Verzia databázy: 3677
Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

19.4.2010 0:36:03
mbam-log-2010-04-19 (00-35-59).txt

Typ kontroly: Úplná (C:\|D:\|F:\|)
Objektov kontrolovaných: 316663
Uplynutý cas: 40 minute(s), 8 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 5

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
C:\System Volume Information\_restore{DEC9D5D0-81A6-4B8D-823A-B1FF764B6354}\RP117\A0023722.sys (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{DEC9D5D0-81A6-4B8D-823A-B1FF764B6354}\RP117\A0023746.com (Adware.Swizzor) -> No action taken.
D:\MY DOCUMENTS\My Games\INSTAL\deadspace instal\bin.dll (Spyware.OnlineGames) -> No action taken.
D:\New instal\motherboard_driver_lan_realtek_8111.exe (Spyware.OnlineGames) -> No action taken.
D:\New instal\motherboard_driver_chipset_intel._p4x_sereis.exe (Spyware.OnlineGames) -> No action taken.

[motji]

Otestujte na http://www.virustotal.com
D:\MY DOCUMENTS\My Games\INSTAL\deadspace instal\bin.dll
D:\New instal\motherboard_driver_lan_realtek_8111.exe
D:\New instal\motherboard_driver_chipset_intel._p4x_sereis.exe

-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
-pokud se Vás zeptá, dejte soubor otestovat znovu, tak aby to byl soubor z Vašeho počítače

[kuntakinte]

Nevím, které s toho mám považovat za výsledek, nejak jsem tu stránku trochu nepochopil, tak se nedivte že ke každému dávám dva odkazy, nevím přesně co jste požadoval

http://www.virustotal.com/reanalisis.ht ... 1271679904
http://www.virustotal.com/analisis/8459 ... 1255876739

http://www.virustotal.com/reanalisis.ht ... 1271680106
http://www.virustotal.com/analisis/b60d ... 1235952657

http://www.virustotal.com/reanalisis.ht ... 1271680191
http://www.virustotal.com/analisis/e616 ... 1224054275

[kuntakinte]

S tím MBamem nemám dělat nic? Nic nemazat apod?

[motji]

Zatím v mbamu nemažte, zjištujeme právě na virustotalu, jestli to není falešná detekce.

Ty odkazy jsou špatné. Já potřebuji, aby , když se Vás virustotal zeptá, dal možnost reanalyze file now, tak jak je zakroužkováno zde na obrázku. Potřebuji otestovat ten Váš soubor, z Vašeho počítače

[kuntakinte]

http://www.virustotal.com/analisis/8459 ... 1271681451
http://www.virustotal.com/analisis/b60d ... 1271681631
http://www.virustotal.com/analisis/e616 ... 1271681863

[motji]

V mbamu to nemažte, viry v SVI smažeme jinak a ty soubory by měly být v pořádku.
To co Avira označuje, je také v pořádku, občas je trochu paranoidní .
Jsou ještě jiné problémy s počítačem?