Dobrý deň,
nebudem rozpisovať, video hovorí za všetko... Idú len správcovské kontá, pokazilo sa to z ničoho nič... Vírus?
http://www.youtube.com/watch?v=D3Jv8MdSvZM
Logfile of random's system information tool 1.06 (written by random/random)
Run by Martin at 2010-09-12 18:08:47
Microsoft Windows 7 Ultimate Service Pack 2
System drive D: has 9 GB (17%) free of 52 GB
Total RAM: 3583 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:08:57, on 12. 9. 2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
E:\Program Files\Speed Typing [Windows 7]\STyping.exe
D:\Program Files (x86)\Opera\opera.exe
D:\Program Files\TotalMedia 3.5\TMMonitor.exe
D:\Users\Martin\Desktop\Iné ikony\RSIT.exe
D:\Program Files (x86)\trend micro\Martin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=D:\Windows\SysWOW64\Userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - D:\Windows\SysWow64\gigagetbho_v10.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - D:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Speed Typing] "E:\Program Files\Speed Typing [Windows 7]\STyping.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download All by Gigaget - D:\Program Files\Gigaget\getallurl.htm
O8 - Extra context menu item: &Download by Gigaget - D:\Program Files\Gigaget\geturl.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://D:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - D:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - D:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - D:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - D:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - D:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - D:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - D:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - D:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - D:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - D:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - D:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - D:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - D:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - D:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - D:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - D:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - D:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - D:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - D:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6571 bytes
======Scheduled tasks folder======
D:\Windows\tasks\AWC Update.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{111CAA23-6F4F-42AC-8555-B48C1D87BBAB}]
GigagetIEHelper Class - D:\Windows\SysWow64\gigagetbho_v10.dll [2006-01-09 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - D:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll [2009-08-05 113512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - D:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-08-19 1294336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-03-02 41760]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=D:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Speed Typing"=E:\Program Files\Speed Typing [Windows 7]\STyping.exe [2002-12-12 101376]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"UseOEMBackground"=0
"DisplayLastLogonInfo"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutoRun"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{756cd53a-26cb-11df-a9b1-001060ec31ac}]
shell\AutoRun\command - G:\autorun.exe
shell\setup\command - G:\setup.exe
======File associations======
.js - edit - D:\Windows\System32\Notepad.exe %1
.js - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
.vbs - open - %SystemRoot%\SysWow64\CScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-09-12 12:56:42 ----D---- D:\Program Files (x86)\Common Files\Skype
2010-09-12 12:47:48 ----D---- D:\Program Files (x86)\Mozilla Firefox 4.0 Beta 5
2010-09-12 12:01:59 ----D---- D:\Windows\pss
2010-09-12 11:02:57 ----A---- D:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2010-09-12 10:59:17 ----D---- D:\ProgramData\Soluto
2010-09-10 15:26:21 ----D---- D:\Program Files (x86)\TeamViewer
2010-09-07 16:22:57 ----D---- D:\Users\Martin\AppData\Roaming\FUEL Demo
2010-09-07 15:17:14 ----A---- D:\Windows\system32\D3DX9_39.dll
2010-09-07 15:11:44 ----D---- D:\Users\Martin\AppData\Roaming\InstallShield Installation Information
2010-09-07 14:35:44 ----A---- D:\Windows\system32\gigagetbho_v10.dll
2010-09-05 13:38:39 ----A---- D:\Windows\ntbtlog.txt
2010-09-05 13:16:14 ----D---- D:\ProgramData\Apple Computer
2010-09-05 13:16:14 ----D---- D:\Program Files (x86)\QuickTime
2010-09-03 13:29:43 ----D---- D:\Users\Martin\AppData\Roaming\Jumping Bytes
2010-09-02 17:44:54 ----D---- D:\ProgramData\Playrix Entertainment
2010-08-31 10:28:43 ----D---- D:\Program Files (x86)\Orban
2010-08-30 09:16:25 ----A---- D:\Windows\tv_viewer.ini
2010-08-28 18:16:43 ----D---- D:\Users\Martin\AppData\Roaming\Need for Speed World
2010-08-26 21:59:29 ----D---- D:\Users\Martin\AppData\Roaming\vlc
2010-08-26 18:47:19 ----D---- D:\Users\Martin\AppData\Roaming\IrfanView
2010-08-16 10:39:35 ----D---- D:\Users\Martin\AppData\Roaming\Eyes Relax
2010-08-16 10:39:35 ----D---- D:\ProgramData\Eyes Relax
2010-08-15 19:17:23 ----A---- D:\Windows\system32\ntkrnlpa.exe
2010-08-15 19:17:21 ----A---- D:\Windows\system32\ntoskrnl.exe
2010-08-15 19:17:07 ----A---- D:\Windows\system32\mshtml.dll
2010-08-15 19:17:02 ----A---- D:\Windows\system32\ieframe.dll
2010-08-15 19:17:00 ----A---- D:\Windows\system32\urlmon.dll
2010-08-15 19:16:59 ----A---- D:\Windows\system32\wininet.dll
2010-08-15 19:16:59 ----A---- D:\Windows\system32\iepeers.dll
2010-08-15 19:16:59 ----A---- D:\Windows\system32\iedkcs32.dll
2010-08-15 19:16:58 ----A---- D:\Windows\system32\mstime.dll
2010-08-15 19:16:58 ----A---- D:\Windows\system32\msfeedsbs.dll
2010-08-15 19:16:58 ----A---- D:\Windows\system32\ieui.dll
2010-08-15 19:16:57 ----A---- D:\Windows\system32\msfeedssync.exe
2010-08-15 19:16:57 ----A---- D:\Windows\system32\jsproxy.dll
2010-08-15 19:16:53 ----A---- D:\Windows\system32\msxml3.dll
2010-08-15 19:16:52 ----A---- D:\Windows\system32\rtutils.dll
2010-08-15 19:16:49 ----A---- D:\Windows\system32\iccvid.dll
2010-08-15 19:16:43 ----A---- D:\Windows\system32\schannel.dll
======List of files/folders modified in the last 1 months======
2010-09-12 18:08:57 ----D---- D:\Windows\Prefetch
2010-09-12 18:08:56 ----D---- D:\Windows\Temp
2010-09-12 18:08:50 ----D---- D:\Program Files (x86)\trend micro
2010-09-12 18:00:29 ----SHD---- D:\System Volume Information
2010-09-12 17:02:57 ----D---- D:\Windows\System32
2010-09-12 17:02:56 ----D---- D:\Windows\inf
2010-09-12 16:13:27 ----HD---- D:\Config.Msi
2010-09-12 13:06:31 ----D---- D:\Users\Martin\AppData\Roaming\Skype
2010-09-12 12:56:55 ----SHD---- D:\Windows\Installer
2010-09-12 12:56:42 ----D---- D:\Program Files (x86)\Common Files
2010-09-12 12:56:20 ----D---- D:\ProgramData\Skype
2010-09-12 12:56:18 ----RD---- D:\Program Files (x86)
2010-09-12 12:55:05 ----HD---- D:\Program Files (x86)\InstallShield Installation Information
2010-09-12 12:52:23 ----D---- D:\Program Files (x86)\Common Files\Microsoft Games
2010-09-12 12:16:30 ----RD---- D:\Program Files
2010-09-12 12:01:59 ----D---- D:\Windows
2010-09-12 11:59:32 ----HD---- D:\ProgramData
2010-09-12 11:58:37 ----D---- D:\Windows\system32\drivers
2010-09-12 11:55:37 ----RSD---- D:\Windows\assembly
2010-09-12 09:51:28 ----D---- D:\Users\Martin\AppData\Roaming\skypePM
2010-09-11 14:29:56 ----D---- D:\Program Files (x86)\Opera
2010-09-10 15:27:15 ----D---- D:\Users\Martin\AppData\Roaming\TeamViewer
2010-09-07 20:10:31 ----D---- D:\ProgramData\ArcSoft
2010-09-07 18:42:48 ----RD---- D:\Users
2010-09-07 16:40:01 ----D---- D:\Windows\system32\config
2010-09-07 15:17:15 ----D---- D:\Windows\SysWOW64
2010-09-05 13:13:05 ----D---- D:\Program Files (x86)\Google
2010-09-05 13:09:57 ----D---- D:\Program Files (x86)\Common Files\Adobe AIR
2010-09-04 22:23:29 ----D---- D:\Program Files (x86)\Microsoft Silverlight
2010-09-02 20:04:52 ----SHD---- D:\$Recycle.Bin
2010-08-28 17:56:18 ----D---- D:\ProgramData\Electronic Arts
2010-08-17 22:03:14 ----D---- D:\Users\Martin\AppData\Roaming\IObit
2010-08-17 11:23:59 ----D---- D:\Users\Martin\AppData\Roaming\dvdcss
2010-08-17 11:23:00 ----D---- D:\Windows.old
2010-08-16 19:45:25 ----D---- D:\Windows\Microsoft.NET
2010-08-16 08:03:56 ----D---- D:\Windows\winsxs
2010-08-15 23:13:46 ----D---- D:\Windows\system32\migration
2010-08-15 23:13:46 ----D---- D:\Program Files (x86)\Internet Explorer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 blbdrive;blbdrive; D:\Windows\system32\DRIVERS\blbdrive.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; D:\Windows\system32\drivers\csc.sys []
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; D:\Windows\System32\Drivers\dfsc.sys []
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; D:\Windows\System32\drivers\discache.sys []
R1 ehdrv;ehdrv; D:\Windows\system32\DRIVERS\ehdrv.sys []
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; D:\Windows\system32\drivers\nsiproxy.sys []
R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; D:\Windows\system32\drivers\rdpencdd.sys []
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; D:\Windows\system32\drivers\rdprefmp.sys []
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; D:\Windows\system32\DRIVERS\tdx.sys []
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; D:\Windows\system32\DRIVERS\wanarp.sys []
R1 WfpLwf;WFP Lightweight Filter; D:\Windows\system32\DRIVERS\wfplwf.sys []
R2 acedrv11;acedrv11; \??\D:\Windows\system32\drivers\acedrv11.sys []
R2 eamonm;eamonm; D:\Windows\system32\DRIVERS\eamonm.sys []
R2 epfwwfpr;epfwwfpr; D:\Windows\system32\DRIVERS\epfwwfpr.sys []
R2 fssfltr;FssFltr; D:\Windows\system32\DRIVERS\fssfltr.sys []
R2 irda;IrDA Protocol; D:\Windows\system32\DRIVERS\irda.sys []
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; D:\Windows\system32\DRIVERS\lltdio.sys []
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; D:\Windows\system32\drivers\luafv.sys []
R2 PEAUTH;PEAUTH; D:\Windows\system32\drivers\peauth.sys []
R2 rspndr;Link-Layer Topology Discovery Responder; D:\Windows\system32\DRIVERS\rspndr.sys []
R2 tcpipreg;TCP/IP Registry Compatibility; D:\Windows\System32\drivers\tcpipreg.sys []
R3 Afc;PPdus ASPI Shell; D:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 AmdK8;Ovladač procesoru AMD K8; D:\Windows\system32\DRIVERS\amdk8.sys []
R3 atikmdag;atikmdag; D:\Windows\system32\DRIVERS\atikmdag.sys []
R3 bowser;@%systemroot%\system32\browser.dll,-102; D:\Windows\system32\DRIVERS\bowser.sys []
R3 CompositeBus;Ovladač rozpoznávacího modulu složené sběrnice; D:\Windows\system32\DRIVERS\CompositeBus.sys []
R3 DXGKrnl;LDDM Graphics Subsystem; D:\Windows\System32\drivers\dxgkrnl.sys []
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; D:\Windows\system32\drivers\HdAudio.sys []
R3 HDAudBus;Ovladač sběrnice Microsoft UAA pro zvuk High Definition Audio; D:\Windows\system32\DRIVERS\HDAudBus.sys []
R3 kbdhid;Ovladač klávesnice standardu HID; D:\Windows\system32\DRIVERS\kbdhid.sys []
R3 ksthunk;Kernel Streaming Thunks; D:\Windows\system32\drivers\ksthunk.sys []
R3 monitor;Služba ovladače funkce třídy monitorů Microsoft; D:\Windows\system32\DRIVERS\monitor.sys []
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; D:\Windows\System32\drivers\mpsdrv.sys []
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; D:\Windows\system32\DRIVERS\mrxsmb10.sys []
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; D:\Windows\system32\DRIVERS\mrxsmb20.sys []
R3 MTsensor;ATK0110 ACPI UTILITY; D:\Windows\system32\DRIVERS\ASACPI.sys []
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; D:\Windows\system32\DRIVERS\nvm62x64.sys []
R3 RasAgileVpn;WAN Miniport (IKEv2); D:\Windows\system32\DRIVERS\AgileVpn.sys []
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; D:\Windows\system32\DRIVERS\rassstp.sys []
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; D:\Windows\system32\DRIVERS\rdpbus.sys []
R3 RTL2832U_IRHID;HID Infrared Remote Receiver; D:\Windows\system32\DRIVERS\RTL2832U_IRHID.sys [2009-10-05 44320]
R3 RTL2832UBDA;REALTEK 2832U BDA Driver; D:\Windows\system32\drivers\RTL2832UBDA.sys [2009-10-26 117152]
R3 RTL2832UUSB;REALTEK 2832U USB Driver; D:\Windows\System32\Drivers\RTL2832UUSB.sys [2009-10-26 38944]
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; D:\Windows\System32\DRIVERS\srv2.sys []
R3 srvnet;srvnet; D:\Windows\System32\DRIVERS\srvnet.sys []
R3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; D:\Windows\System32\DRIVERS\tssecsrv.sys []
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver; D:\Windows\system32\DRIVERS\tunnel.sys []
R3 umbus;Ovladač sběrnice UMBus Enumerator; D:\Windows\system32\DRIVERS\umbus.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\Windows\system32\DRIVERS\usbccgp.sys []
R3 usbehci;Ovladač miniportu vylepšeného hostitelského řadiče Microsoft USB 2.0; D:\Windows\system32\DRIVERS\usbehci.sys []
R3 usbhub;Ovladač standardního rozbočovače USB; D:\Windows\system32\DRIVERS\usbhub.sys []
R3 usbohci;Ovladač miniportu otevřeného hostitelského řadiče Microsoft USB; D:\Windows\system32\DRIVERS\usbohci.sys []
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\Windows\system32\DRIVERS\USBSTOR.SYS []
R3 WudfPf;User Mode Driver Frameworks Platform Driver; D:\Windows\system32\drivers\WudfPf.sys []
S2 EIO;EIO; \??\D:\Windows\system32\drivers\EIO64.sys []
S3 1394ohci;1394 OHCI Compliant Host Controller; D:\Windows\system32\DRIVERS\1394ohci.sys []
S3 a50ddbeo;a50ddbeo; D:\Windows\system32\drivers\a50ddbeo.sys []
S3 AcpiPmi;ACPI Power Meter Driver; D:\Windows\system32\DRIVERS\acpipmi.sys []
S3 adp94xx;adp94xx; D:\Windows\system32\DRIVERS\adp94xx.sys []
S3 adpahci;adpahci; D:\Windows\system32\DRIVERS\adpahci.sys []
S3 adpu320;adpu320; D:\Windows\system32\DRIVERS\adpu320.sys []
S3 agp440;Intel AGP Bus Filter; D:\Windows\system32\DRIVERS\agp440.sys []
S3 amdide;amdide; D:\Windows\system32\DRIVERS\amdide.sys []
S3 AmdPPM;AMD Processor Driver; D:\Windows\system32\DRIVERS\amdppm.sys []
S3 amdsata;amdsata; D:\Windows\system32\DRIVERS\amdsata.sys []
S3 amdsbs;amdsbs; D:\Windows\system32\DRIVERS\amdsbs.sys []
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; D:\Windows\system32\drivers\appid.sys []
S3 arc;arc; D:\Windows\system32\DRIVERS\arc.sys []
S3 arcsas;arcsas; D:\Windows\system32\DRIVERS\arcsas.sys []
S3 b06bdrv;Broadcom NetXtreme II VBD; D:\Windows\system32\DRIVERS\bxvbda.sys []
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; D:\Windows\system32\DRIVERS\b57nd60a.sys []
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; D:\Windows\system32\DRIVERS\BrFiltLo.sys []
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; D:\Windows\system32\DRIVERS\BrFiltUp.sys []
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); D:\Windows\System32\Drivers\Brserid.sys []
S3 BrSerWdm;Brother WDM Serial driver; D:\Windows\System32\Drivers\BrSerWdm.sys []
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; D:\Windows\System32\Drivers\BrUsbMdm.sys []
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; D:\Windows\System32\Drivers\BrUsbSer.sys []
S3 BthAudioHF;BthAudioHF Service; D:\Windows\system32\DRIVERS\BthAudioHF.sys []
S3 BthAvrcp;Bluetooth AVRCP Profile; D:\Windows\system32\DRIVERS\BthAvrcp.sys []
S3 BthEnum;Služba Bluetooth Enumerator; D:\Windows\system32\DRIVERS\BthEnum.sys []
S3 BTHMODEM;Ovladač pro komunikaci pomocí modemu Bluetooth; D:\Windows\system32\DRIVERS\bthmodem.sys []
S3 BthPan;Zařízení Bluetooth (síť PAN); D:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; D:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; D:\Windows\System32\Drivers\BTHUSB.sys []
S3 circlass;Consumer IR Devices; D:\Windows\system32\DRIVERS\circlass.sys []
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; D:\Windows\system32\DRIVERS\CmBatt.sys []
S3 Compbatt;Compbatt; D:\Windows\system32\DRIVERS\compbatt.sys []
S3 cpuz132;cpuz132; \??\D:\Users\Martin\AppData\Local\Temp\cpuz132\cpuz132_x64.sys []
S3 csr_a2dp;Bluetooth AV Profile; D:\Windows\system32\drivers\bthav.sys []
S3 CX88VID;WinFast CX2388x AvStream Driver; D:\Windows\system32\drivers\cxavsvid.sys []
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; D:\Windows\system32\DRIVERS\evbda.sys []
S3 elxstor;elxstor; D:\Windows\system32\DRIVERS\elxstor.sys []
S3 ErrDev;Microsoft Hardware Error Device Driver; D:\Windows\system32\DRIVERS\errdev.sys []
S3 exfat;exFAT File System Driver; D:\Windows\system32\drivers\exfat.sys []
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; D:\Windows\system32\drivers\filetrace.sys []
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; D:\Windows\System32\drivers\FsDepends.sys []
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; D:\Windows\system32\DRIVERS\gagp30kx.sys []
S3 hamachi;Hamachi Network Interface; D:\Windows\system32\DRIVERS\hamachi.sys []
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; D:\Windows\system32\drivers\hcw85cir.sys []
S3 HidBatt;HID UPS Battery Driver; D:\Windows\system32\DRIVERS\HidBatt.sys []
S3 HidBth;Miniport Microsoft Bluetooth HID; D:\Windows\system32\DRIVERS\hidbth.sys []
S3 HidIr;Microsoft Infrared HID Driver; D:\Windows\system32\DRIVERS\hidir.sys []
S3 HidUsb;Ovladač třídy standardu HID Microsoft; D:\Windows\system32\DRIVERS\hidusb.sys []
S3 HpSAMD;HpSAMD; D:\Windows\system32\DRIVERS\HpSAMD.sys []
S3 iaStorV;iaStorV; D:\Windows\system32\DRIVERS\iaStorV.sys []
S3 iirsp;iirsp; D:\Windows\system32\DRIVERS\iirsp.sys []
S3 intelide;intelide; D:\Windows\system32\DRIVERS\intelide.sys []
S3 intelppm;Intel Processor Driver; D:\Windows\system32\DRIVERS\intelppm.sys []
S3 IPMIDRV;IPMIDRV; D:\Windows\system32\DRIVERS\IPMIDrv.sys []
S3 isapnp;isapnp; D:\Windows\system32\DRIVERS\isapnp.sys []
S3 iScsiPrt;iScsiPort Driver; D:\Windows\system32\DRIVERS\msiscsi.sys []
S3 LSI_FC;LSI_FC; D:\Windows\system32\DRIVERS\lsi_fc.sys []
S3 LSI_SAS;LSI_SAS; D:\Windows\system32\DRIVERS\lsi_sas.sys []
S3 LSI_SAS2;LSI_SAS2; D:\Windows\system32\DRIVERS\lsi_sas2.sys []
S3 LSI_SCSI;LSI_SCSI; D:\Windows\system32\DRIVERS\lsi_scsi.sys []
S3 megasas;megasas; D:\Windows\system32\DRIVERS\megasas.sys []
S3 MegaSR;MegaSR; D:\Windows\system32\DRIVERS\MegaSR.sys []
S3 mouhid;Ovladač myši standardu HID; D:\Windows\system32\DRIVERS\mouhid.sys []
S3 mpio;mpio; D:\Windows\system32\DRIVERS\mpio.sys []
S3 msahci;msahci; D:\Windows\system32\DRIVERS\msahci.sys []
S3 msdsm;msdsm; D:\Windows\system32\DRIVERS\msdsm.sys []
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; D:\Windows\System32\drivers\mshidkmdf.sys []
S3 MsRPC;MsRPC; D:\Windows\system32\drivers\MsRPC.sys []
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; D:\Windows\system32\drivers\MSTEE.sys []
S3 MTConfig;Microsoft Input Configuration Driver; D:\Windows\system32\DRIVERS\MTConfig.sys []
S3 NativeWifiP;NativeWiFi Filter; D:\Windows\system32\DRIVERS\nwifi.sys []
S3 NdisCap;NDIS Capture LightWeight Filter; D:\Windows\system32\DRIVERS\ndiscap.sys []
S3 nfrd960;nfrd960; D:\Windows\system32\DRIVERS\nfrd960.sys []
S3 nmwcdx64;Nokia USB Phone Parent; D:\Windows\system32\drivers\nmwcdx64.sys []
S3 nv_agp;NVIDIA nForce AGP Bus Filter; D:\Windows\system32\DRIVERS\nv_agp.sys []
S3 nvraid;nvraid; D:\Windows\system32\DRIVERS\nvraid.sys []
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); D:\Windows\system32\DRIVERS\ohci1394.sys []
S3 ql2300;ql2300; D:\Windows\system32\DRIVERS\ql2300.sys []
S3 ql40xx;ql40xx; D:\Windows\system32\DRIVERS\ql40xx.sys []
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; D:\Windows\system32\drivers\qwavedrv.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); D:\Windows\system32\DRIVERS\rfcomm.sys []
S3 s3cap;s3cap; D:\Windows\system32\DRIVERS\vms3cap.sys []
S3 sbp2port;sbp2port; D:\Windows\system32\DRIVERS\sbp2port.sys []
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; D:\Windows\System32\DRIVERS\scfilter.sys []
S3 sermouse;Serial Mouse Driver; D:\Windows\system32\DRIVERS\sermouse.sys []
S3 sffdisk;Ovladač třídy úložiště SFF; D:\Windows\system32\DRIVERS\sffdisk.sys []
S3 sffp_mmc;Ovladač protokolu úložiště SFF pro konzolu MMC; D:\Windows\system32\DRIVERS\sffp_mmc.sys []
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; D:\Windows\system32\DRIVERS\sffp_sd.sys []
S3 SiSRaid2;SiSRaid2; D:\Windows\system32\DRIVERS\SiSRaid2.sys []
S3 SiSRaid4;SiSRaid4; D:\Windows\system32\DRIVERS\sisraid4.sys []
S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; D:\Windows\system32\DRIVERS\smb.sys []
S3 StarOpen;StarOpen; D:\Windows\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 stexstor;stexstor; D:\Windows\system32\DRIVERS\stexstor.sys []
S3 storvsc;storvsc; D:\Windows\system32\DRIVERS\storvsc.sys []
S3 stus2x64;USB 2.0 IrDA Bridge; D:\Windows\system32\DRIVERS\stusb2ir.sys []
S3 TCPIP6;Microsoft IPv6 Protocol Driver; D:\Windows\system32\DRIVERS\tcpip.sys []
S3 uagp35;Microsoft AGPv3.5 Filter; D:\Windows\system32\DRIVERS\uagp35.sys []
S3 uliagpkx;Uli AGP Bus Filter; D:\Windows\system32\DRIVERS\uliagpkx.sys []
S3 UmPass;Microsoft UMPass Driver; D:\Windows\system32\DRIVERS\umpass.sys []
S3 usbcir;eHome Infrared Receiver (USBCIR); D:\Windows\system32\DRIVERS\usbcir.sys []
S3 usbprint;Třída USB Printer; D:\Windows\system32\DRIVERS\usbprint.sys []
S3 usbscan;Ovladač skeneru USB; D:\Windows\system32\DRIVERS\usbscan.sys []
S3 usbuhci;Ovladač miniportu univerzálního hostitelského řadiče Microsoft USB; D:\Windows\system32\DRIVERS\usbuhci.sys []
S3 vga;vga; D:\Windows\system32\DRIVERS\vgapnp.sys []
S3 vhdmp;vhdmp; D:\Windows\system32\DRIVERS\vhdmp.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; D:\Windows\system32\DRIVERS\vmbus.sys []
S3 VMBusHID;VMBusHID; D:\Windows\system32\DRIVERS\VMBusHID.sys []
S3 vsmraid;vsmraid; D:\Windows\system32\DRIVERS\vsmraid.sys []
S3 vwifibus;@%SystemRoot%\System32\drivers\vwifibus.sys,-257; D:\Windows\System32\drivers\vwifibus.sys []
S3 WacomPen;Wacom Serial Pen HID Driver; D:\Windows\system32\DRIVERS\wacompen.sys []
S3 Wd;Wd; D:\Windows\system32\DRIVERS\wd.sys []
S3 WIMMount;WIMMount; D:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S3 WinUsb;WinUsb; D:\Windows\system32\DRIVERS\WinUsb.sys []
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; D:\Windows\system32\DRIVERS\wmiacpi.sys []
S3 WUDFRd;WUDFRd; D:\Windows\system32\DRIVERS\WUDFRd.sys []
S4 crcdisk;Crcdisk Filter Driver; D:\Windows\system32\DRIVERS\crcdisk.sys []
S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; D:\Windows\system32\drivers\ws2ifsl.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; D:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DPS;@%systemroot%\system32\dps.dll,-500; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-02-26 810120]
R2 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 fsssvc;Služba Bezpečnosť rodiny v službe Windows Live; D:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
R2 gpsvc;@gpapi.dll,-112; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HFGService;Handsfree Headset Service; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NMSAccessU;NMSAccessU; D:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-07-14 71096]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 TeamViewer5;TeamViewer 5; D:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; D:\Program Files (x86)\Windows Media Player\wmpnetwk.exe []
R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; D:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; D:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; D:\Windows\system32\sppsvc.exe []
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; D:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; D:\Windows\System32\lsass.exe []
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; D:\Windows\ehome\ehRecvr.exe [2009-07-14 696832]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; D:\Windows\ehome\ehsched.exe [2009-07-14 127488]
S3 EhttpSrv;ESET HTTP Server; D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-02-26 42336]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; D:\Windows\system32\fxssvc.exe []
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gusvc;Google Updater Service; D:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; D:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [2009-06-10 856384]
S3 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 KeyIso;@keyiso.dll,-100; D:\Windows\system32\lsass.exe []
S3 KtmRm;@comres.dll,-2946; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 ose;Office Source Engine; D:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; D:\Windows\SysWow64\perfhost.exe [2009-07-14 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; D:\Windows\servicing\TrustedInstaller.exe [2009-07-14 194048]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; D:\Windows\system32\UI0Detect.exe []
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; D:\Windows\system32\lsass.exe []
S3 vds;@%SystemRoot%\system32\vds.exe,-100; D:\Windows\System32\vds.exe []
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; D:\Windows\system32\wbengine.exe []
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; D:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]
S4 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; D:\Windows\System32\snmptrap.exe []
S4 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; D:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; D:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; D:\Windows\system32\SearchIndexer.exe [2009-07-14 428032]
-----------------EOF-----------------
Vdaka za pomoc...
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problém s prihlasovaním
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
Rudy
- Site Admin
- Příspěvky: 118322
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s prihlasovaním
Nevidím nic nebezpečného. Pro všechny případy proveďte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte. problém ale spíš vypadá na systémový.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s prihlasovaním
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verzia databázy: 4664
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
21. 9. 2010 17:28:42
mbam-log-2010-09-21 (17-28-42).txt
Typ kontroly: Úplná kontrola (D:\|E:\|)
Objektov kontrolovaných: 297707
Uplynulý čas: 1 hod, 0 min, 23 sek
Infikované služby pamäte: 0
Infikované moduly pamäte: 2
Infikované registračné kľúče: 21
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 5
Infikované služby pamäte:
(Škodlivé položky neboli zistené)
Infikované moduly pamäte:
E:\Program Files\POLKLG\POL.007 (PUP.ArdamaxKeyLogger) -> No action taken.
E:\Program Files\POLKLG\POL.006 (PUP.ArdamaxKeyLogger) -> No action taken.
Infikované registračné kľúče:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)
Infikované položky registračných dát:
(Škodlivé položky neboli zistené)
Infikované priečinky:
(Škodlivé položky neboli zistené)
Infikované súbory:
E:\Program Files\POLKLG\POL.007 (PUP.ArdamaxKeyLogger) -> No action taken.
E:\Program Files\POLKLG\POL.006 (PUP.ArdamaxKeyLogger) -> No action taken.
D:\Users\Martin\Desktop\Brutus\Brutus\BrutusA2.exe (HackTool.Brutus) -> No action taken.
D:\_OTL\MovedFiles\08032010_160007\D_Program Files (x86)\Uninstall Fun Web Products.dll (Adware.MyWebSearch) -> No action taken.
E:\Program Files\POLKLG\AKV.exe (PUP.ArdamaxKeyLogger) -> No action taken.
ardamax si prosím nevšímajte
ak by šlo o systémový problém, neviete niečo poradiť?
www.malwarebytes.org
Verzia databázy: 4664
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
21. 9. 2010 17:28:42
mbam-log-2010-09-21 (17-28-42).txt
Typ kontroly: Úplná kontrola (D:\|E:\|)
Objektov kontrolovaných: 297707
Uplynulý čas: 1 hod, 0 min, 23 sek
Infikované služby pamäte: 0
Infikované moduly pamäte: 2
Infikované registračné kľúče: 21
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 5
Infikované služby pamäte:
(Škodlivé položky neboli zistené)
Infikované moduly pamäte:
E:\Program Files\POLKLG\POL.007 (PUP.ArdamaxKeyLogger) -> No action taken.
E:\Program Files\POLKLG\POL.006 (PUP.ArdamaxKeyLogger) -> No action taken.
Infikované registračné kľúče:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)
Infikované položky registračných dát:
(Škodlivé položky neboli zistené)
Infikované priečinky:
(Škodlivé položky neboli zistené)
Infikované súbory:
E:\Program Files\POLKLG\POL.007 (PUP.ArdamaxKeyLogger) -> No action taken.
E:\Program Files\POLKLG\POL.006 (PUP.ArdamaxKeyLogger) -> No action taken.
D:\Users\Martin\Desktop\Brutus\Brutus\BrutusA2.exe (HackTool.Brutus) -> No action taken.
D:\_OTL\MovedFiles\08032010_160007\D_Program Files (x86)\Uninstall Fun Web Products.dll (Adware.MyWebSearch) -> No action taken.
E:\Program Files\POLKLG\AKV.exe (PUP.ArdamaxKeyLogger) -> No action taken.
ardamax si prosím nevšímajte
ak by šlo o systémový problém, neviete niečo poradiť?
-
Rudy
- Site Admin
- Příspěvky: 118322
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s prihlasovaním
Vše smažte. Smazal bych i Ardamax. Pěkné svinstvo.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s prihlasovaním
ardamaxa tu mam narokom
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verzia databázy: 4664
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
23. 9. 2010 16:08:46
mbam-log-2010-09-23 (16-08-46).txt
Typ kontroly: Úplná kontrola (D:\|E:\|)
Objektov kontrolovaných: 298413
Uplynulý čas: 1 hod, 2 min, 4 sek
Infikované služby pamäte: 0
Infikované moduly pamäte: 2
Infikované registračné kľúče: 21
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 1
Infikované súbory: 7
Infikované služby pamäte:
(Škodlivé položky neboli zistené)
Infikované moduly pamäte:
E:\Program Files\POLKLG\POL.007 (PUP.ArdamaxKeyLogger) -> Not selected for removal.
E:\Program Files\POLKLG\POL.006 (PUP.ArdamaxKeyLogger) -> Not selected for removal.
Infikované registračné kľúče:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)
Infikované položky registračných dát:
(Škodlivé položky neboli zistené)
Infikované priečinky:
D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ardamax Keylogger (PUP.ArdamaxKeyLogger) -> Not selected for removal.
Infikované súbory:
E:\Program Files\POLKLG\POL.007 (PUP.ArdamaxKeyLogger) -> Not selected for removal.
E:\Program Files\POLKLG\POL.006 (PUP.ArdamaxKeyLogger) -> Not selected for removal.
D:\Users\Martin\Desktop\Brutus\Brutus\BrutusA2.exe (HackTool.Brutus) -> Not selected for removal.
D:\_OTL\MovedFiles\08032010_160007\D_Program Files (x86)\Uninstall Fun Web Products.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
E:\Program Files\POLKLG\AKV.exe (PUP.ArdamaxKeyLogger) -> Not selected for removal.
D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ardamax Keylogger\Ardamax Keylogger.lnk (PUP.ArdamaxKeyLogger) -> Not selected for removal.
D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ardamax Keylogger\Log Viewer.lnk (PUP.ArdamaxKeyLogger) -> Not selected for removal.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verzia databázy: 4664
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
23. 9. 2010 16:08:46
mbam-log-2010-09-23 (16-08-46).txt
Typ kontroly: Úplná kontrola (D:\|E:\|)
Objektov kontrolovaných: 298413
Uplynulý čas: 1 hod, 2 min, 4 sek
Infikované služby pamäte: 0
Infikované moduly pamäte: 2
Infikované registračné kľúče: 21
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 1
Infikované súbory: 7
Infikované služby pamäte:
(Škodlivé položky neboli zistené)
Infikované moduly pamäte:
E:\Program Files\POLKLG\POL.007 (PUP.ArdamaxKeyLogger) -> Not selected for removal.
E:\Program Files\POLKLG\POL.006 (PUP.ArdamaxKeyLogger) -> Not selected for removal.
Infikované registračné kľúče:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)
Infikované položky registračných dát:
(Škodlivé položky neboli zistené)
Infikované priečinky:
D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ardamax Keylogger (PUP.ArdamaxKeyLogger) -> Not selected for removal.
Infikované súbory:
E:\Program Files\POLKLG\POL.007 (PUP.ArdamaxKeyLogger) -> Not selected for removal.
E:\Program Files\POLKLG\POL.006 (PUP.ArdamaxKeyLogger) -> Not selected for removal.
D:\Users\Martin\Desktop\Brutus\Brutus\BrutusA2.exe (HackTool.Brutus) -> Not selected for removal.
D:\_OTL\MovedFiles\08032010_160007\D_Program Files (x86)\Uninstall Fun Web Products.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
E:\Program Files\POLKLG\AKV.exe (PUP.ArdamaxKeyLogger) -> Not selected for removal.
D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ardamax Keylogger\Ardamax Keylogger.lnk (PUP.ArdamaxKeyLogger) -> Not selected for removal.
D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ardamax Keylogger\Log Viewer.lnk (PUP.ArdamaxKeyLogger) -> Not selected for removal.
-
Rudy
- Site Admin
- Příspěvky: 118322
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s prihlasovaním
Nastala po smazání nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s prihlasovaním
bohužial nie, všetci používatelia musia byť správcovia inak sa neprihlásia 
ak to nie je vírus tak v čom to môže byť? takéto systémové chyby... o takých som nepočul...
ak to nie je vírus tak v čom to môže byť? takéto systémové chyby... o takých som nepočul...
-
Rudy
- Site Admin
- Příspěvky: 118322
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s prihlasovaním
Zkuste obnovu systému k datu, kdy korektně fungoval. Může to způsobovat i ten keylogger.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s prihlasovaním
neviem kedy presne to mohlo prestat fungovat lebo sem som napisal az par dni nato, to je po prve, po druhe nechcem zasahovat do dat (myslim ze to zmeni vsetko co sa odvtedy stalo ze?) a po tretie body obnovenia pravidelne nerobim taze by som sa musel vratit dost daleko
a keylogger tam mam uz pol roka taze tym to asi nebude( do slakaco to moze byt...
a keylogger tam mam uz pol roka taze tym to asi nebude
( do slakaco to moze byt... -
Rudy
- Site Admin
- Příspěvky: 118322
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s prihlasovaním
Ještě zkusíme toto:
Stáhněte OTL: http://oldtimer.geekstogo.com/OTL.exe . Uložte na plochu, klikněte prvým myšítkem a zadejte "spustit jako správce". Zaškrtněte "pro 64b systém", "pro všechny uživatele", "kontrola na havěť LOP" a "PURITY". Do spodního okna vložte:
Klikněte na "Prohledat" a vložte logy OTL.txt. a Extras.txt.
Stáhněte OTL: http://oldtimer.geekstogo.com/OTL.exe . Uložte na plochu, klikněte prvým myšítkem a zadejte "spustit jako správce". Zaškrtněte "pro 64b systém", "pro všechny uživatele", "kontrola na havěť LOP" a "PURITY". Do spodního okna vložte:
netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
autochk.exe
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
Klikněte na "Prohledat" a vložte logy OTL.txt. a Extras.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s prihlasovaním
Pri "Manual File Scan - Looking at file D:\Windows\System32\fldr.dll..." vyhodí chybu "Cannot create file 'D:\Users\Martin\Desktop\cmd.bat'". Po stisnutí OK už scan nepokračuje... Skúšal som 2x
-
Rudy
- Site Admin
- Příspěvky: 118322
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s prihlasovaním
Zkuste to bez vložení toho skriptu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Problém s prihlasovaním
tak to ide pekne
OTL logfile created on: 24. 9. 2010 19:06:58 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = D:\Users\Martin\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 30,27 Gb Total Space | 10,86 Gb Free Space | 35,89% Space Free | Partition Type: NTFS
Drive D: | 50,78 Gb Total Space | 8,03 Gb Free Space | 15,81% Space Free | Partition Type: NTFS
Drive E: | 30,73 Gb Total Space | 13,54 Gb Free Space | 44,08% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 465,64 Gb Total Space | 12,16 Gb Free Space | 2,61% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Computer Name: DELUX
Current User Name: Martin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/09/24 14:43:51 | 001,248,992 | ---- | M] (GameRanger Technologies) -- D:\Users\Martin\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
PRC - [2010/09/23 17:35:36 | 000,237,056 | ---- | M] (Alexander Roshal) -- D:\Windows\Thugeb.exe
PRC - [2010/09/07 02:10:44 | 000,836,464 | ---- | M] (Opera Software) -- D:\Program Files (x86)\Opera\opera.exe
PRC - [2010/08/03 13:47:19 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Users\Martin\Desktop\OTL.exe
PRC - [2010/03/18 11:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) -- D:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- D:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/02/26 06:41:12 | 000,810,120 | ---- | M] (ESET) -- D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2009/07/14 00:18:12 | 000,071,096 | ---- | M] () -- D:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2002/12/12 20:18:16 | 000,101,376 | ---- | M] (Invention Pilot, Inc) -- E:\Program Files\Speed Typing [Windows 7]\STyping.exe
========== Modules (SafeList) ==========
MOD - [2010/08/03 13:47:19 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Users\Martin\Desktop\OTL.exe
MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWOW64\normaliz.dll
MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- D:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2008/08/02 17:30:32 | 000,005,632 | ---- | M] () -- E:\Program Files\POLKLG\POL.007
MOD - [2008/08/02 17:30:08 | 000,008,192 | ---- | M] () -- E:\Program Files\POLKLG\POL.006
MOD - [2002/12/12 19:59:48 | 000,005,120 | ---- | M] () -- E:\Program Files\Speed Typing [Windows 7]\Kbdhk.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/02/26 06:42:36 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010/02/26 06:41:12 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/12/21 11:44:06 | 000,535,552 | ---- | M] (CSR, plc) [Auto | Running] -- D:\Windows\SysNative\HFGService.dll -- (HFGService)
SRV:64bit: - [2009/07/14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- D:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/14 00:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- D:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2010/03/18 11:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- D:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- D:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010/08/10 13:05:52 | 000,335,288 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- D:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010/03/02 20:02:42 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/02/26 06:42:00 | 000,124,760 | ---- | M] (ESET) [Kernel | Auto | Running] -- D:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010/02/26 06:41:10 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- D:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/02/26 06:39:32 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- D:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/02/03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009/12/21 11:43:36 | 000,052,224 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\BthAudioHF.sys -- (BthAudioHF)
DRV:64bit: - [2009/12/21 11:43:00 | 000,078,848 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\bthav.sys -- (csr_a2dp)
DRV:64bit: - [2009/10/26 02:43:18 | 000,038,944 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV:64bit: - [2009/10/26 02:43:16 | 000,117,152 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV:64bit: - [2009/10/05 15:22:20 | 000,044,320 | ---- | M] (Realtek) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV:64bit: - [2009/08/13 09:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV:64bit: - [2009/08/06 00:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- D:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- D:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009/07/14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009/07/14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- D:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2009/07/14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009/07/14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009/07/14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- D:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009/07/13 23:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- D:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/01/03 18:56:04 | 000,047,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\stusb2ir.sys -- (stus2x64)
DRV:64bit: - [2007/06/28 11:47:14 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\nmwcdx64.sys -- (nmwcdx64)
DRV:64bit: - [2006/04/13 04:52:24 | 000,468,992 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\cxavsvid.sys -- (CX88VID)
DRV:64bit: - [2005/10/20 16:30:00 | 000,017,920 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Stopped] -- D:\Windows\SysNative\drivers\EIO64.sys -- (EIO)
DRV:64bit: - [2005/03/29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- D:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/26 04:43:18 | 000,038,944 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Running] -- D:\Windows\SysWOW64\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV - [2009/10/26 04:43:16 | 000,117,152 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Running] -- D:\Windows\SysWOW64\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV - [2009/10/05 15:22:20 | 000,044,320 | R--- | M] (Realtek) [Kernel | On_Demand | Running] -- D:\Windows\SysWOW64\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV - [2007/02/07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- D:\Windows\SysWOW64\speedfan.sys -- (speedfan)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010/09/17 15:37:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010/09/17 15:37:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b5\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox 4.0 Beta 5\components [2010/09/17 14:25:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b5\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox 4.0 Beta 5\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2010/09/17 14:25:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/03/30 16:42:54 | 000,000,000 | ---D | M]
[2010/03/02 19:36:51 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\mozilla\Extensions
[2010/09/24 19:04:03 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\qzyu1y9h.default\extensions
[2010/06/09 16:10:10 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\qzyu1y9h.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/02/04 16:45:40 | 000,002,254 | ---- | M] () -- D:\Users\Martin\AppData\Roaming\Mozilla\FireFox\Profiles\qzyu1y9h.default\searchplugins\askcom.xml
O1 HOSTS File: ([2010/08/03 16:00:15 | 000,000,098 | ---- | M]) - D:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (GigagetIEHelper Class) - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - D:\Windows\SysWOW64\gigagetbho_v10.dll (Giganology Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKU\S-1-5-21-39410807-938470477-3063820386-1000\..\Toolbar\WebBrowser: (no name) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [D:\Windows\system32\wltrysvc.exe] Reg Error: Value error. File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-39410807-938470477-3063820386-1000..\Run: [Speed Typing] E:\Program Files\Speed Typing [Windows 7]\STyping.exe (Invention Pilot, Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: UseOEMBackground = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisplayLastLogonInfo = 0
O7 - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: &Download All by Gigaget - D:\Program Files\Gigaget\getAllurl.htm ()
O8:64bit: - Extra context menu item: &Download by Gigaget - D:\Program Files\Gigaget\geturl.htm ()
O8:64bit: - Extra context menu item: E&xportovať do programu Microsoft Excel - D:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: &Download All by Gigaget - D:\Program Files\Gigaget\getAllurl.htm ()
O8 - Extra context menu item: &Download by Gigaget - D:\Program Files\Gigaget\geturl.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - D:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.5.18.5 10.5.18.2 195.80.171.4
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - D:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (D:\Program Files\Soluto\soluto.exe /userinit) - D:\Program Files\Soluto\soluto.exe File not found
O20:64bit: - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - D:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - D:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/09/23 15:18:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/08/03 13:43:05 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/03/20 17:42:25 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/08/03 13:43:05 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/08/03 13:43:05 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/02/09 14:59:36 | 000,000,000 | RH-D | M] - H:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2010/08/03 13:43:06 | 000,000,000 | RHSD | M] - H:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{756cd53a-26cb-11df-a9b1-001060ec31ac}\Shell - "" = AutoRun
O33 - MountPoints2\{756cd53a-26cb-11df-a9b1-001060ec31ac}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O33 - MountPoints2\{756cd53a-26cb-11df-a9b1-001060ec31ac}\Shell\setup\command - "" = G:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/09/23 17:50:49 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Local\GHISLER
[2010/09/23 17:36:03 | 000,237,056 | ---- | C] (Alexander Roshal) -- D:\Windows\Thugeb.exe
[2010/09/23 17:35:39 | 000,237,056 | ---- | C] (Alexander Roshal) -- D:\Windows\Thugea.exe
[2010/09/21 16:26:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/09/21 16:26:28 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/09/17 14:25:09 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\QuickTime
[2010/09/17 14:25:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Apple Computer
[2010/09/17 14:23:06 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Apple
[2010/09/17 14:22:53 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Apple Software Update
[2010/09/17 11:03:33 | 000,000,000 | ---D | C] -- D:\Program Files\Audacity
[2010/09/16 16:46:03 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\YouTube Downloader
[2010/09/15 12:03:41 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\Brutus
[2010/09/15 11:50:17 | 002,441,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysNative\iertutil.dll
[2010/09/12 21:52:26 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\virus_generator
[2010/09/12 16:06:26 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\czech
[2010/09/12 13:09:25 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\Desmod 2010 Vitajte na konci sveta
[2010/09/12 12:56:42 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Skype
[2010/09/12 12:47:48 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Firefox 4.0 Beta 5
[2010/09/12 12:01:59 | 000,000,000 | ---D | C] -- D:\Windows\pss
[2010/09/12 10:59:17 | 000,000,000 | ---D | C] -- D:\ProgramData\Soluto
[2010/09/12 10:24:21 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\AoE_3-Warchiefs_CZ
[2010/09/11 20:51:49 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\AOE III cz
[2010/09/11 20:33:01 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\aoe3w_sk_naetoo
[2010/09/10 15:26:21 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\TeamViewer
[2010/09/10 15:23:25 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\AOE
[2010/09/08 11:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- D:\Windows\SysWow64\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- D:\Windows\SysWow64\QuickTime.qts
[2010/09/07 16:22:57 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Roaming\FUEL Demo
[2010/09/07 15:17:14 | 003,851,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DX9_39.dll
[2010/09/07 15:11:44 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Roaming\InstallShield Installation Information
[2010/09/07 14:35:44 | 000,086,016 | ---- | C] (Giganology Inc.) -- D:\Windows\SysWow64\gigagetbho_v10.dll
[2010/09/07 14:35:39 | 000,000,000 | ---D | C] -- D:\Program Files\Gigaget
[2010/09/03 13:29:43 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Roaming\Jumping Bytes
[2010/09/02 17:45:34 | 000,000,000 | ---D | C] -- D:\Users\Martin\Documents\Royal Envoy
[2010/09/02 17:44:54 | 000,000,000 | ---D | C] -- D:\ProgramData\Playrix Entertainment
[2010/08/31 17:12:22 | 000,000,000 | ---D | C] -- D:\Users\Martin\Documents\FIFA 10 - Demo
[2010/08/31 10:28:43 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Orban
[2010/08/30 19:56:58 | 001,949,696 | ---- | C] (Bart Ubing) -- D:\Users\Martin\Desktop\Windows 7 Account Screen Editor.exe
[2010/08/28 19:44:51 | 000,000,000 | ---D | C] -- D:\Users\Martin\Documents\Need for Speed World
[2010/08/28 18:16:43 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Roaming\Need for Speed World
[2010/08/28 17:59:14 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Local\Electronic_Arts_Inc
[2010/08/26 21:59:29 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Roaming\vlc
[2010/08/26 18:47:19 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Roaming\IrfanView
[2010/04/10 21:09:06 | 000,053,248 | ---- | C] ( ) -- D:\Windows\vsnpstd3.dll
========== Files - Modified Within 30 Days ==========
[2010/09/24 19:08:20 | 003,670,016 | -HS- | M] () -- D:\Users\Martin\NTUSER.DAT
[2010/09/24 18:39:08 | 000,000,290 | -H-- | M] () -- D:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/09/24 18:25:05 | 000,000,248 | -H-- | M] () -- D:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/09/24 18:17:51 | 000,000,366 | ---- | M] () -- D:\Windows\tasks\AWC Update.job
[2010/09/24 16:44:51 | 000,028,598 | ---- | M] () -- D:\Users\Martin\Desktop\nie.jpg
[2010/09/24 13:13:19 | 000,014,016 | -H-- | M] () -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/24 13:13:19 | 000,014,016 | -H-- | M] () -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/24 13:10:00 | 000,614,314 | ---- | M] () -- D:\Windows\SysNative\perfh005.dat
[2010/09/24 13:10:00 | 000,606,992 | ---- | M] () -- D:\Windows\SysNative\perfh009.dat
[2010/09/24 13:10:00 | 000,118,486 | ---- | M] () -- D:\Windows\SysNative\perfc005.dat
[2010/09/24 13:10:00 | 000,103,370 | ---- | M] () -- D:\Windows\SysNative\perfc009.dat
[2010/09/24 13:09:59 | 001,445,734 | ---- | M] () -- D:\Windows\SysNative\PerfStringBackup.INI
[2010/09/24 13:05:49 | 000,000,006 | -H-- | M] () -- D:\Windows\tasks\SA.DAT
[2010/09/24 13:05:44 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2010/09/24 13:05:40 | 2817,433,600 | -HS- | M] () -- D:\hiberfil.sys
[2010/09/23 22:33:19 | 002,762,289 | -H-- | M] () -- D:\Users\Martin\AppData\Local\IconCache.db
[2010/09/23 17:53:26 | 000,000,109 | ---- | M] () -- D:\Users\Martin\Desktop\IMPULZ FTP.url
[2010/09/23 17:51:06 | 001,452,138 | -H-- | M] () -- D:\treeinfo.wc
[2010/09/23 17:35:36 | 000,237,056 | ---- | M] (Alexander Roshal) -- D:\Windows\Thugeb.exe
[2010/09/23 17:35:23 | 000,237,056 | ---- | M] (Alexander Roshal) -- D:\Windows\Thugea.exe
[2010/09/21 16:26:34 | 000,001,014 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/18 20:26:08 | 000,000,664 | RHS- | M] () -- D:\Users\Martin\ntuser.pol
[2010/09/17 11:03:35 | 000,000,769 | ---- | M] () -- D:\Users\Martin\Desktop\Audacity.lnk
[2010/09/16 16:58:38 | 000,000,881 | ---- | M] () -- D:\Users\Martin\Desktop\Format Factory.lnk
[2010/09/16 16:48:55 | 000,672,208 | ---- | M] () -- D:\Users\Martin\Desktop\Odsúdené.mp3
[2010/09/16 16:47:34 | 011,152,817 | ---- | M] () -- D:\Users\Martin\Desktop\YouTube - TV JOJ, TV Barrandov Odsudene II. Intro.mp4
[2010/09/16 16:46:05 | 000,001,127 | ---- | M] () -- D:\Users\Martin\Desktop\YouTube Downloader.lnk
[2010/09/16 16:22:22 | 004,742,397 | ---- | M] () -- D:\Users\Martin\Desktop\just like a pill - pink .mp3
[2010/09/16 16:20:23 | 002,767,428 | ---- | M] () -- D:\Users\Martin\Desktop\lena_meyer-landrut_-_satellite.mp3
[2010/09/15 11:49:33 | 034,985,015 | ---- | M] () -- D:\Users\Martin\Desktop\Brutus.rar
[2010/09/12 21:52:18 | 000,006,074 | ---- | M] () -- D:\Users\Martin\Desktop\virus_generator.rar
[2010/09/12 21:39:33 | 024,701,583 | ---- | M] () -- D:\Users\Martin\Desktop\lockpicking.rar
[2010/09/12 16:12:19 | 000,524,288 | -HS- | M] () -- D:\Users\Martin\NTUSER.DAT{bf580db9-be51-11df-98f6-0017318752a2}.TMContainer00000000000000000002.regtrans-ms
[2010/09/12 16:12:19 | 000,065,536 | -HS- | M] () -- D:\Users\Martin\NTUSER.DAT{bf580db9-be51-11df-98f6-0017318752a2}.TM.blf
[2010/09/12 16:12:18 | 000,524,288 | -HS- | M] () -- D:\Users\Martin\NTUSER.DAT{bf580db9-be51-11df-98f6-0017318752a2}.TMContainer00000000000000000001.regtrans-ms
[2010/09/12 15:33:12 | 028,246,037 | ---- | M] () -- D:\Users\Martin\Desktop\czech.rar
[2010/09/12 14:59:08 | 010,660,834 | ---- | M] () -- D:\Users\Martin\Desktop\Video228.mp4
[2010/09/12 12:03:01 | 000,000,694 | ---- | M] () -- D:\Users\Martin\Desktop\CCleaner.lnk
[2010/09/12 11:54:30 | 000,000,193 | ---- | M] () -- D:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010/09/12 10:24:09 | 056,659,896 | ---- | M] () -- D:\Users\Martin\Desktop\AoE_3-Warchiefs_CZ -pss Meldatrix.rar
[2010/09/11 20:49:59 | 110,889,176 | ---- | M] () -- D:\Users\Martin\Desktop\AOE III cz.RAR
[2010/09/11 20:32:56 | 002,122,707 | ---- | M] () -- D:\Users\Martin\Desktop\aoe3w_sk_naetoo.rar
[2010/09/11 18:33:47 | 061,317,895 | ---- | M] () -- D:\Users\Martin\Desktop\Desmod_2010_Vitajte_na_konci_sveta.rar
[2010/09/08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- D:\Windows\SysWow64\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- D:\Windows\SysWow64\QuickTime.qts
[2010/09/05 13:13:33 | 000,002,221 | ---- | M] () -- D:\Users\Martin\Desktop\Google Earth.lnk
[2010/09/05 13:08:17 | 000,000,045 | ---- | M] () -- D:\Windows\SysWow64\initdebug.nfo
[2010/09/02 12:02:35 | 003,460,224 | ---- | M] () -- D:\Users\Martin\Desktop\cs ma tal.mp3
[2010/08/31 16:39:17 | 000,000,102 | ---- | M] () -- D:\Windows\tv_viewer.ini
[2010/08/31 07:19:12 | 002,441,216 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysNative\iertutil.dll
[2010/08/28 17:56:49 | 000,000,979 | ---- | M] () -- D:\Users\Martin\Desktop\Need For Speed World.lnk
[2010/08/27 11:41:24 | 000,007,619 | ---- | M] () -- D:\Users\Martin\AppData\Local\resmon.resmoncfg
========== Files Created - No Company Name ==========
[2010/09/24 16:35:37 | 000,028,598 | ---- | C] () -- D:\Users\Martin\Desktop\nie.jpg
[2010/09/23 17:53:15 | 000,000,109 | ---- | C] () -- D:\Users\Martin\Desktop\IMPULZ FTP.url
[2010/09/23 17:36:01 | 000,000,290 | -H-- | C] () -- D:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/09/23 17:35:25 | 000,000,248 | -H-- | C] () -- D:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/09/21 16:26:34 | 000,001,014 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/17 11:03:35 | 000,000,769 | ---- | C] () -- D:\Users\Martin\Desktop\Audacity.lnk
[2010/09/16 16:58:38 | 000,000,881 | ---- | C] () -- D:\Users\Martin\Desktop\Format Factory.lnk
[2010/09/16 16:48:50 | 000,672,208 | ---- | C] () -- D:\Users\Martin\Desktop\Odsúdené.mp3
[2010/09/16 16:47:21 | 011,152,817 | ---- | C] () -- D:\Users\Martin\Desktop\YouTube - TV JOJ, TV Barrandov Odsudene II. Intro.mp4
[2010/09/16 16:46:05 | 000,001,127 | ---- | C] () -- D:\Users\Martin\Desktop\YouTube Downloader.lnk
[2010/09/16 16:20:17 | 002,767,428 | ---- | C] () -- D:\Users\Martin\Desktop\lena_meyer-landrut_-_satellite.mp3
[2010/09/16 16:15:55 | 004,742,397 | ---- | C] () -- D:\Users\Martin\Desktop\just like a pill - pink .mp3
[2010/09/15 11:44:48 | 034,985,015 | ---- | C] () -- D:\Users\Martin\Desktop\Brutus.rar
[2010/09/12 21:52:18 | 000,006,074 | ---- | C] () -- D:\Users\Martin\Desktop\virus_generator.rar
[2010/09/12 21:28:27 | 024,701,583 | ---- | C] () -- D:\Users\Martin\Desktop\lockpicking.rar
[2010/09/12 15:27:28 | 028,246,037 | ---- | C] () -- D:\Users\Martin\Desktop\czech.rar
[2010/09/12 14:57:28 | 010,660,834 | ---- | C] () -- D:\Users\Martin\Desktop\Video228.mp4
[2010/09/12 11:41:15 | 000,524,288 | -HS- | C] () -- D:\Users\Martin\NTUSER.DAT{bf580db9-be51-11df-98f6-0017318752a2}.TMContainer00000000000000000002.regtrans-ms
[2010/09/12 11:41:14 | 000,524,288 | -HS- | C] () -- D:\Users\Martin\NTUSER.DAT{bf580db9-be51-11df-98f6-0017318752a2}.TMContainer00000000000000000001.regtrans-ms
[2010/09/12 11:41:13 | 000,065,536 | -HS- | C] () -- D:\Users\Martin\NTUSER.DAT{bf580db9-be51-11df-98f6-0017318752a2}.TM.blf
[2010/09/12 11:02:57 | 000,000,193 | ---- | C] () -- D:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010/09/12 10:20:09 | 056,659,896 | ---- | C] () -- D:\Users\Martin\Desktop\AoE_3-Warchiefs_CZ -pss Meldatrix.rar
[2010/09/11 20:35:07 | 110,889,176 | ---- | C] () -- D:\Users\Martin\Desktop\AOE III cz.RAR
[2010/09/11 20:32:53 | 002,122,707 | ---- | C] () -- D:\Users\Martin\Desktop\aoe3w_sk_naetoo.rar
[2010/09/11 18:25:58 | 061,317,895 | ---- | C] () -- D:\Users\Martin\Desktop\Desmod_2010_Vitajte_na_konci_sveta.rar
[2010/09/05 13:13:33 | 000,002,221 | ---- | C] () -- D:\Users\Martin\Desktop\Google Earth.lnk
[2010/09/02 12:02:24 | 003,460,224 | ---- | C] () -- D:\Users\Martin\Desktop\cs ma tal.mp3
[2010/08/30 09:16:25 | 000,000,102 | ---- | C] () -- D:\Windows\tv_viewer.ini
[2010/08/28 17:56:49 | 000,000,979 | ---- | C] () -- D:\Users\Martin\Desktop\Need For Speed World.lnk
[2010/08/07 16:58:55 | 000,073,832 | R--- | C] () -- D:\Windows\SysWow64\SuperFrameSplitter.dll
[2010/08/07 16:58:55 | 000,053,248 | R--- | C] () -- D:\Windows\SysWow64\RTKDABMWare.dll
[2010/05/09 19:16:19 | 000,197,120 | ---- | C] () -- D:\Windows\patchw32.dll
[2010/05/04 21:46:58 | 001,463,836 | ---- | C] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2010/04/15 19:16:11 | 000,001,156 | ---- | C] () -- D:\Windows\disney.ini
[2010/04/15 19:15:53 | 000,000,200 | ---- | C] () -- D:\Windows\disneysy.ini
[2010/03/27 18:52:54 | 000,000,571 | ---- | C] () -- D:\Windows\SysWow64\FeMakro.ini
[2010/03/27 18:52:54 | 000,000,497 | ---- | C] () -- D:\Windows\SysWow64\FeAnim.ini
[2010/03/02 20:19:41 | 000,007,168 | ---- | C] () -- D:\Windows\SysWow64\drivers\StarOpen.sys
[2010/03/01 20:08:54 | 000,000,376 | ---- | C] () -- D:\Windows\ODBC.INI
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2007/01/26 02:04:12 | 000,138,752 | ---- | C] () -- D:\Windows\SysWow64\mase32.dll
[2007/01/26 02:04:12 | 000,027,648 | ---- | C] () -- D:\Windows\SysWow64\ma32.dll
[2004/04/27 09:26:48 | 000,005,824 | ---- | C] () -- D:\Windows\SysWow64\drivers\ASUSHWIO.SYS
========== LOP Check ==========
[2010/03/01 20:21:14 | 000,000,000 | ---D | M] -- D:\Users\Daniel\AppData\Roaming\Opera
[2010/05/24 17:26:58 | 000,000,000 | ---D | M] -- D:\Users\Daniel\AppData\Roaming\PC Suite
[2010/05/16 13:10:01 | 000,000,000 | ---D | M] -- D:\Users\Guest\AppData\Roaming\Bump Technologies, Inc
[2010/09/11 17:49:38 | 000,000,000 | ---D | M] -- D:\Users\Guest\AppData\Roaming\Opera
[2010/03/26 23:19:00 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Azureus
[2010/05/09 19:19:35 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Bump Technologies, Inc
[2010/03/30 19:21:30 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Canneverbe Limited
[2010/03/03 16:29:46 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
[2010/04/23 19:20:40 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Disney Interactive Studios
[2010/08/16 10:40:01 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Eyes Relax
[2010/03/02 19:52:38 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Foxit Software
[2010/09/07 16:22:59 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\FUEL Demo
[2010/03/26 18:33:22 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\GameRanger
[2010/04/10 20:28:42 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\GetRightToGo
[2010/05/19 21:55:34 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\GHISLER
[2010/08/10 13:41:16 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Hide IP NG
[2010/08/17 22:03:14 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\IObit
[2010/08/26 18:47:19 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\IrfanView
[2010/06/26 14:17:52 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Jasc
[2010/09/03 13:29:43 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Jumping Bytes
[2010/03/05 18:56:12 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Leadertech
[2010/04/05 16:32:30 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Luxand
[2010/08/28 18:16:43 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Need for Speed World
[2010/05/04 21:54:48 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Nokia
[2010/06/30 22:06:10 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Opera
[2010/05/24 16:31:33 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\PC Suite
[2010/05/03 11:31:38 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\PDFCreator
[2010/03/27 18:53:04 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\pdfMachine
[2010/08/10 13:49:35 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\ProtectDisc
[2010/09/10 15:27:15 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\TeamViewer
[2010/03/01 22:47:17 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Thunderbird
[2010/06/28 15:32:45 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\TS3Client
[2010/05/29 13:01:56 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\uTorrent
[2010/03/02 16:51:25 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Windows SideBar
[2010/09/24 18:17:51 | 000,000,366 | ---- | M] () -- D:\Windows\Tasks\AWC Update.job
[2010/06/11 13:48:05 | 000,032,626 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
[2010/09/24 18:39:08 | 000,000,290 | -H-- | M] () -- D:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/09/24 18:25:05 | 000,000,248 | -H-- | M] () -- D:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 216 bytes -> D:\Users\Martin\Víta vás Skenovanie.jpg:3or4kl4x13tuuug3Byamue2s4b
< End of report >
OTL logfile created on: 24. 9. 2010 19:06:58 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = D:\Users\Martin\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Slovensko | Language: SKY | Date Format: d. M. yyyy
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 57,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 78,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 30,27 Gb Total Space | 10,86 Gb Free Space | 35,89% Space Free | Partition Type: NTFS
Drive D: | 50,78 Gb Total Space | 8,03 Gb Free Space | 15,81% Space Free | Partition Type: NTFS
Drive E: | 30,73 Gb Total Space | 13,54 Gb Free Space | 44,08% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
Drive H: | 465,64 Gb Total Space | 12,16 Gb Free Space | 2,61% Space Free | Partition Type: FAT32
I: Drive not present or media not loaded
Computer Name: DELUX
Current User Name: Martin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/09/24 14:43:51 | 001,248,992 | ---- | M] (GameRanger Technologies) -- D:\Users\Martin\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
PRC - [2010/09/23 17:35:36 | 000,237,056 | ---- | M] (Alexander Roshal) -- D:\Windows\Thugeb.exe
PRC - [2010/09/07 02:10:44 | 000,836,464 | ---- | M] (Opera Software) -- D:\Program Files (x86)\Opera\opera.exe
PRC - [2010/08/03 13:47:19 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Users\Martin\Desktop\OTL.exe
PRC - [2010/03/18 11:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) -- D:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- D:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/02/26 06:41:12 | 000,810,120 | ---- | M] (ESET) -- D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2009/07/14 00:18:12 | 000,071,096 | ---- | M] () -- D:\Program Files\CDBurnerXP\NMSAccessU.exe
PRC - [2002/12/12 20:18:16 | 000,101,376 | ---- | M] (Invention Pilot, Inc) -- E:\Program Files\Speed Typing [Windows 7]\STyping.exe
========== Modules (SafeList) ==========
MOD - [2010/08/03 13:47:19 | 000,574,976 | ---- | M] (OldTimer Tools) -- D:\Users\Martin\Desktop\OTL.exe
MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWOW64\normaliz.dll
MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- D:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2008/08/02 17:30:32 | 000,005,632 | ---- | M] () -- E:\Program Files\POLKLG\POL.007
MOD - [2008/08/02 17:30:08 | 000,008,192 | ---- | M] () -- E:\Program Files\POLKLG\POL.006
MOD - [2002/12/12 19:59:48 | 000,005,120 | ---- | M] () -- E:\Program Files\Speed Typing [Windows 7]\Kbdhk.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/02/26 06:42:36 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010/02/26 06:41:12 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/12/21 11:44:06 | 000,535,552 | ---- | M] (CSR, plc) [Auto | Running] -- D:\Windows\SysNative\HFGService.dll -- (HFGService)
SRV:64bit: - [2009/07/14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- D:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- D:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/14 00:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- D:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2010/03/18 11:26:08 | 000,172,328 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- D:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- D:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/08/05 23:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010/08/10 13:05:52 | 000,335,288 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- D:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010/03/02 20:02:42 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/02/26 06:42:00 | 000,124,760 | ---- | M] (ESET) [Kernel | Auto | Running] -- D:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010/02/26 06:41:10 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- D:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/02/26 06:39:32 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- D:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010/02/03 15:56:56 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009/12/21 11:43:36 | 000,052,224 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\BthAudioHF.sys -- (BthAudioHF)
DRV:64bit: - [2009/12/21 11:43:00 | 000,078,848 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\bthav.sys -- (csr_a2dp)
DRV:64bit: - [2009/10/26 02:43:18 | 000,038,944 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV:64bit: - [2009/10/26 02:43:16 | 000,117,152 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV:64bit: - [2009/10/05 15:22:20 | 000,044,320 | ---- | M] (Realtek) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV:64bit: - [2009/08/13 09:38:24 | 000,029,184 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV:64bit: - [2009/08/06 00:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- D:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- D:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009/07/14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- D:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009/07/14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:09:02 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- D:\Windows\SysNative\drivers\irda.sys -- (irda)
DRV:64bit: - [2009/07/14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009/07/14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009/07/14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- D:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009/07/13 23:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- D:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/01/03 18:56:04 | 000,047,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\stusb2ir.sys -- (stus2x64)
DRV:64bit: - [2007/06/28 11:47:14 | 000,173,056 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\nmwcdx64.sys -- (nmwcdx64)
DRV:64bit: - [2006/04/13 04:52:24 | 000,468,992 | ---- | M] (Leadtek Research Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\SysNative\drivers\cxavsvid.sys -- (CX88VID)
DRV:64bit: - [2005/10/20 16:30:00 | 000,017,920 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | Auto | Stopped] -- D:\Windows\SysNative\drivers\EIO64.sys -- (EIO)
DRV:64bit: - [2005/03/29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- D:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009/11/12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- D:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/26 04:43:18 | 000,038,944 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Running] -- D:\Windows\SysWOW64\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV - [2009/10/26 04:43:16 | 000,117,152 | R--- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Running] -- D:\Windows\SysWOW64\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV - [2009/10/05 15:22:20 | 000,044,320 | R--- | M] (Realtek) [Kernel | On_Demand | Running] -- D:\Windows\SysWOW64\drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)
DRV - [2007/02/07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- D:\Windows\SysWOW64\speedfan.sys -- (speedfan)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-39410807-938470477-3063820386-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = socks=
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2010/09/17 15:37:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2010/09/17 15:37:58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b5\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox 4.0 Beta 5\components [2010/09/17 14:25:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b5\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox 4.0 Beta 5\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2010/09/17 14:25:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: D:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/03/30 16:42:54 | 000,000,000 | ---D | M]
[2010/03/02 19:36:51 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\mozilla\Extensions
[2010/09/24 19:04:03 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\qzyu1y9h.default\extensions
[2010/06/09 16:10:10 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\Martin\AppData\Roaming\mozilla\Firefox\Profiles\qzyu1y9h.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/02/04 16:45:40 | 000,002,254 | ---- | M] () -- D:\Users\Martin\AppData\Roaming\Mozilla\FireFox\Profiles\qzyu1y9h.default\searchplugins\askcom.xml
O1 HOSTS File: ([2010/08/03 16:00:15 | 000,000,098 | ---- | M]) - D:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (GigagetIEHelper Class) - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - D:\Windows\SysWOW64\gigagetbho_v10.dll (Giganology Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKU\S-1-5-21-39410807-938470477-3063820386-1000\..\Toolbar\WebBrowser: (no name) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [D:\Windows\system32\wltrysvc.exe] Reg Error: Value error. File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-39410807-938470477-3063820386-1000..\Run: [Speed Typing] E:\Program Files\Speed Typing [Windows 7]\STyping.exe (Invention Pilot, Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: UseOEMBackground = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisplayLastLogonInfo = 0
O7 - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-39410807-938470477-3063820386-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: &Download All by Gigaget - D:\Program Files\Gigaget\getAllurl.htm ()
O8:64bit: - Extra context menu item: &Download by Gigaget - D:\Program Files\Gigaget\geturl.htm ()
O8:64bit: - Extra context menu item: E&xportovať do programu Microsoft Excel - D:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: &Download All by Gigaget - D:\Program Files\Gigaget\getAllurl.htm ()
O8 - Extra context menu item: &Download by Gigaget - D:\Program Files\Gigaget\geturl.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - D:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - D:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Zdroje informácií - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.5.18.5 10.5.18.2 195.80.171.4
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - H:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - D:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (D:\Program Files\Soluto\soluto.exe /userinit) - D:\Program Files\Soluto\soluto.exe File not found
O20:64bit: - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - D:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - D:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/09/23 15:18:31 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/08/03 13:43:05 | 000,000,000 | RHSD | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2009/03/20 17:42:25 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/08/03 13:43:05 | 000,000,000 | RHSD | M] - D:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/08/03 13:43:05 | 000,000,000 | RHSD | M] - E:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2006/02/09 14:59:36 | 000,000,000 | RH-D | M] - H:\autorun -- [ FAT32 ]
O32 - AutoRun File - [2010/08/03 13:43:06 | 000,000,000 | RHSD | M] - H:\Autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{756cd53a-26cb-11df-a9b1-001060ec31ac}\Shell - "" = AutoRun
O33 - MountPoints2\{756cd53a-26cb-11df-a9b1-001060ec31ac}\Shell\AutoRun\command - "" = G:\autorun.exe -- File not found
O33 - MountPoints2\{756cd53a-26cb-11df-a9b1-001060ec31ac}\Shell\setup\command - "" = G:\setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/09/23 17:50:49 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Local\GHISLER
[2010/09/23 17:36:03 | 000,237,056 | ---- | C] (Alexander Roshal) -- D:\Windows\Thugeb.exe
[2010/09/23 17:35:39 | 000,237,056 | ---- | C] (Alexander Roshal) -- D:\Windows\Thugea.exe
[2010/09/21 16:26:31 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/09/21 16:26:28 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/09/17 14:25:09 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\QuickTime
[2010/09/17 14:25:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Apple Computer
[2010/09/17 14:23:06 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Apple
[2010/09/17 14:22:53 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Apple Software Update
[2010/09/17 11:03:33 | 000,000,000 | ---D | C] -- D:\Program Files\Audacity
[2010/09/16 16:46:03 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\YouTube Downloader
[2010/09/15 12:03:41 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\Brutus
[2010/09/15 11:50:17 | 002,441,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysNative\iertutil.dll
[2010/09/12 21:52:26 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\virus_generator
[2010/09/12 16:06:26 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\czech
[2010/09/12 13:09:25 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\Desmod 2010 Vitajte na konci sveta
[2010/09/12 12:56:42 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Skype
[2010/09/12 12:47:48 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Firefox 4.0 Beta 5
[2010/09/12 12:01:59 | 000,000,000 | ---D | C] -- D:\Windows\pss
[2010/09/12 10:59:17 | 000,000,000 | ---D | C] -- D:\ProgramData\Soluto
[2010/09/12 10:24:21 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\AoE_3-Warchiefs_CZ
[2010/09/11 20:51:49 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\AOE III cz
[2010/09/11 20:33:01 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\aoe3w_sk_naetoo
[2010/09/10 15:26:21 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\TeamViewer
[2010/09/10 15:23:25 | 000,000,000 | ---D | C] -- D:\Users\Martin\Desktop\AOE
[2010/09/08 11:17:46 | 000,094,208 | ---- | C] (Apple Inc.) -- D:\Windows\SysWow64\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | C] (Apple Inc.) -- D:\Windows\SysWow64\QuickTime.qts
[2010/09/07 16:22:57 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Roaming\FUEL Demo
[2010/09/07 15:17:14 | 003,851,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DX9_39.dll
[2010/09/07 15:11:44 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Roaming\InstallShield Installation Information
[2010/09/07 14:35:44 | 000,086,016 | ---- | C] (Giganology Inc.) -- D:\Windows\SysWow64\gigagetbho_v10.dll
[2010/09/07 14:35:39 | 000,000,000 | ---D | C] -- D:\Program Files\Gigaget
[2010/09/03 13:29:43 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Roaming\Jumping Bytes
[2010/09/02 17:45:34 | 000,000,000 | ---D | C] -- D:\Users\Martin\Documents\Royal Envoy
[2010/09/02 17:44:54 | 000,000,000 | ---D | C] -- D:\ProgramData\Playrix Entertainment
[2010/08/31 17:12:22 | 000,000,000 | ---D | C] -- D:\Users\Martin\Documents\FIFA 10 - Demo
[2010/08/31 10:28:43 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Orban
[2010/08/30 19:56:58 | 001,949,696 | ---- | C] (Bart Ubing) -- D:\Users\Martin\Desktop\Windows 7 Account Screen Editor.exe
[2010/08/28 19:44:51 | 000,000,000 | ---D | C] -- D:\Users\Martin\Documents\Need for Speed World
[2010/08/28 18:16:43 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Roaming\Need for Speed World
[2010/08/28 17:59:14 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Local\Electronic_Arts_Inc
[2010/08/26 21:59:29 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Roaming\vlc
[2010/08/26 18:47:19 | 000,000,000 | ---D | C] -- D:\Users\Martin\AppData\Roaming\IrfanView
[2010/04/10 21:09:06 | 000,053,248 | ---- | C] ( ) -- D:\Windows\vsnpstd3.dll
========== Files - Modified Within 30 Days ==========
[2010/09/24 19:08:20 | 003,670,016 | -HS- | M] () -- D:\Users\Martin\NTUSER.DAT
[2010/09/24 18:39:08 | 000,000,290 | -H-- | M] () -- D:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/09/24 18:25:05 | 000,000,248 | -H-- | M] () -- D:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/09/24 18:17:51 | 000,000,366 | ---- | M] () -- D:\Windows\tasks\AWC Update.job
[2010/09/24 16:44:51 | 000,028,598 | ---- | M] () -- D:\Users\Martin\Desktop\nie.jpg
[2010/09/24 13:13:19 | 000,014,016 | -H-- | M] () -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/24 13:13:19 | 000,014,016 | -H-- | M] () -- D:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/24 13:10:00 | 000,614,314 | ---- | M] () -- D:\Windows\SysNative\perfh005.dat
[2010/09/24 13:10:00 | 000,606,992 | ---- | M] () -- D:\Windows\SysNative\perfh009.dat
[2010/09/24 13:10:00 | 000,118,486 | ---- | M] () -- D:\Windows\SysNative\perfc005.dat
[2010/09/24 13:10:00 | 000,103,370 | ---- | M] () -- D:\Windows\SysNative\perfc009.dat
[2010/09/24 13:09:59 | 001,445,734 | ---- | M] () -- D:\Windows\SysNative\PerfStringBackup.INI
[2010/09/24 13:05:49 | 000,000,006 | -H-- | M] () -- D:\Windows\tasks\SA.DAT
[2010/09/24 13:05:44 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2010/09/24 13:05:40 | 2817,433,600 | -HS- | M] () -- D:\hiberfil.sys
[2010/09/23 22:33:19 | 002,762,289 | -H-- | M] () -- D:\Users\Martin\AppData\Local\IconCache.db
[2010/09/23 17:53:26 | 000,000,109 | ---- | M] () -- D:\Users\Martin\Desktop\IMPULZ FTP.url
[2010/09/23 17:51:06 | 001,452,138 | -H-- | M] () -- D:\treeinfo.wc
[2010/09/23 17:35:36 | 000,237,056 | ---- | M] (Alexander Roshal) -- D:\Windows\Thugeb.exe
[2010/09/23 17:35:23 | 000,237,056 | ---- | M] (Alexander Roshal) -- D:\Windows\Thugea.exe
[2010/09/21 16:26:34 | 000,001,014 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/18 20:26:08 | 000,000,664 | RHS- | M] () -- D:\Users\Martin\ntuser.pol
[2010/09/17 11:03:35 | 000,000,769 | ---- | M] () -- D:\Users\Martin\Desktop\Audacity.lnk
[2010/09/16 16:58:38 | 000,000,881 | ---- | M] () -- D:\Users\Martin\Desktop\Format Factory.lnk
[2010/09/16 16:48:55 | 000,672,208 | ---- | M] () -- D:\Users\Martin\Desktop\Odsúdené.mp3
[2010/09/16 16:47:34 | 011,152,817 | ---- | M] () -- D:\Users\Martin\Desktop\YouTube - TV JOJ, TV Barrandov Odsudene II. Intro.mp4
[2010/09/16 16:46:05 | 000,001,127 | ---- | M] () -- D:\Users\Martin\Desktop\YouTube Downloader.lnk
[2010/09/16 16:22:22 | 004,742,397 | ---- | M] () -- D:\Users\Martin\Desktop\just like a pill - pink .mp3
[2010/09/16 16:20:23 | 002,767,428 | ---- | M] () -- D:\Users\Martin\Desktop\lena_meyer-landrut_-_satellite.mp3
[2010/09/15 11:49:33 | 034,985,015 | ---- | M] () -- D:\Users\Martin\Desktop\Brutus.rar
[2010/09/12 21:52:18 | 000,006,074 | ---- | M] () -- D:\Users\Martin\Desktop\virus_generator.rar
[2010/09/12 21:39:33 | 024,701,583 | ---- | M] () -- D:\Users\Martin\Desktop\lockpicking.rar
[2010/09/12 16:12:19 | 000,524,288 | -HS- | M] () -- D:\Users\Martin\NTUSER.DAT{bf580db9-be51-11df-98f6-0017318752a2}.TMContainer00000000000000000002.regtrans-ms
[2010/09/12 16:12:19 | 000,065,536 | -HS- | M] () -- D:\Users\Martin\NTUSER.DAT{bf580db9-be51-11df-98f6-0017318752a2}.TM.blf
[2010/09/12 16:12:18 | 000,524,288 | -HS- | M] () -- D:\Users\Martin\NTUSER.DAT{bf580db9-be51-11df-98f6-0017318752a2}.TMContainer00000000000000000001.regtrans-ms
[2010/09/12 15:33:12 | 028,246,037 | ---- | M] () -- D:\Users\Martin\Desktop\czech.rar
[2010/09/12 14:59:08 | 010,660,834 | ---- | M] () -- D:\Users\Martin\Desktop\Video228.mp4
[2010/09/12 12:03:01 | 000,000,694 | ---- | M] () -- D:\Users\Martin\Desktop\CCleaner.lnk
[2010/09/12 11:54:30 | 000,000,193 | ---- | M] () -- D:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010/09/12 10:24:09 | 056,659,896 | ---- | M] () -- D:\Users\Martin\Desktop\AoE_3-Warchiefs_CZ -pss Meldatrix.rar
[2010/09/11 20:49:59 | 110,889,176 | ---- | M] () -- D:\Users\Martin\Desktop\AOE III cz.RAR
[2010/09/11 20:32:56 | 002,122,707 | ---- | M] () -- D:\Users\Martin\Desktop\aoe3w_sk_naetoo.rar
[2010/09/11 18:33:47 | 061,317,895 | ---- | M] () -- D:\Users\Martin\Desktop\Desmod_2010_Vitajte_na_konci_sveta.rar
[2010/09/08 11:17:46 | 000,094,208 | ---- | M] (Apple Inc.) -- D:\Windows\SysWow64\QuickTimeVR.qtx
[2010/09/08 11:17:46 | 000,069,632 | ---- | M] (Apple Inc.) -- D:\Windows\SysWow64\QuickTime.qts
[2010/09/05 13:13:33 | 000,002,221 | ---- | M] () -- D:\Users\Martin\Desktop\Google Earth.lnk
[2010/09/05 13:08:17 | 000,000,045 | ---- | M] () -- D:\Windows\SysWow64\initdebug.nfo
[2010/09/02 12:02:35 | 003,460,224 | ---- | M] () -- D:\Users\Martin\Desktop\cs ma tal.mp3
[2010/08/31 16:39:17 | 000,000,102 | ---- | M] () -- D:\Windows\tv_viewer.ini
[2010/08/31 07:19:12 | 002,441,216 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysNative\iertutil.dll
[2010/08/28 17:56:49 | 000,000,979 | ---- | M] () -- D:\Users\Martin\Desktop\Need For Speed World.lnk
[2010/08/27 11:41:24 | 000,007,619 | ---- | M] () -- D:\Users\Martin\AppData\Local\resmon.resmoncfg
========== Files Created - No Company Name ==========
[2010/09/24 16:35:37 | 000,028,598 | ---- | C] () -- D:\Users\Martin\Desktop\nie.jpg
[2010/09/23 17:53:15 | 000,000,109 | ---- | C] () -- D:\Users\Martin\Desktop\IMPULZ FTP.url
[2010/09/23 17:36:01 | 000,000,290 | -H-- | C] () -- D:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/09/23 17:35:25 | 000,000,248 | -H-- | C] () -- D:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
[2010/09/21 16:26:34 | 000,001,014 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/09/17 11:03:35 | 000,000,769 | ---- | C] () -- D:\Users\Martin\Desktop\Audacity.lnk
[2010/09/16 16:58:38 | 000,000,881 | ---- | C] () -- D:\Users\Martin\Desktop\Format Factory.lnk
[2010/09/16 16:48:50 | 000,672,208 | ---- | C] () -- D:\Users\Martin\Desktop\Odsúdené.mp3
[2010/09/16 16:47:21 | 011,152,817 | ---- | C] () -- D:\Users\Martin\Desktop\YouTube - TV JOJ, TV Barrandov Odsudene II. Intro.mp4
[2010/09/16 16:46:05 | 000,001,127 | ---- | C] () -- D:\Users\Martin\Desktop\YouTube Downloader.lnk
[2010/09/16 16:20:17 | 002,767,428 | ---- | C] () -- D:\Users\Martin\Desktop\lena_meyer-landrut_-_satellite.mp3
[2010/09/16 16:15:55 | 004,742,397 | ---- | C] () -- D:\Users\Martin\Desktop\just like a pill - pink .mp3
[2010/09/15 11:44:48 | 034,985,015 | ---- | C] () -- D:\Users\Martin\Desktop\Brutus.rar
[2010/09/12 21:52:18 | 000,006,074 | ---- | C] () -- D:\Users\Martin\Desktop\virus_generator.rar
[2010/09/12 21:28:27 | 024,701,583 | ---- | C] () -- D:\Users\Martin\Desktop\lockpicking.rar
[2010/09/12 15:27:28 | 028,246,037 | ---- | C] () -- D:\Users\Martin\Desktop\czech.rar
[2010/09/12 14:57:28 | 010,660,834 | ---- | C] () -- D:\Users\Martin\Desktop\Video228.mp4
[2010/09/12 11:41:15 | 000,524,288 | -HS- | C] () -- D:\Users\Martin\NTUSER.DAT{bf580db9-be51-11df-98f6-0017318752a2}.TMContainer00000000000000000002.regtrans-ms
[2010/09/12 11:41:14 | 000,524,288 | -HS- | C] () -- D:\Users\Martin\NTUSER.DAT{bf580db9-be51-11df-98f6-0017318752a2}.TMContainer00000000000000000001.regtrans-ms
[2010/09/12 11:41:13 | 000,065,536 | -HS- | C] () -- D:\Users\Martin\NTUSER.DAT{bf580db9-be51-11df-98f6-0017318752a2}.TM.blf
[2010/09/12 11:02:57 | 000,000,193 | ---- | C] () -- D:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2010/09/12 10:20:09 | 056,659,896 | ---- | C] () -- D:\Users\Martin\Desktop\AoE_3-Warchiefs_CZ -pss Meldatrix.rar
[2010/09/11 20:35:07 | 110,889,176 | ---- | C] () -- D:\Users\Martin\Desktop\AOE III cz.RAR
[2010/09/11 20:32:53 | 002,122,707 | ---- | C] () -- D:\Users\Martin\Desktop\aoe3w_sk_naetoo.rar
[2010/09/11 18:25:58 | 061,317,895 | ---- | C] () -- D:\Users\Martin\Desktop\Desmod_2010_Vitajte_na_konci_sveta.rar
[2010/09/05 13:13:33 | 000,002,221 | ---- | C] () -- D:\Users\Martin\Desktop\Google Earth.lnk
[2010/09/02 12:02:24 | 003,460,224 | ---- | C] () -- D:\Users\Martin\Desktop\cs ma tal.mp3
[2010/08/30 09:16:25 | 000,000,102 | ---- | C] () -- D:\Windows\tv_viewer.ini
[2010/08/28 17:56:49 | 000,000,979 | ---- | C] () -- D:\Users\Martin\Desktop\Need For Speed World.lnk
[2010/08/07 16:58:55 | 000,073,832 | R--- | C] () -- D:\Windows\SysWow64\SuperFrameSplitter.dll
[2010/08/07 16:58:55 | 000,053,248 | R--- | C] () -- D:\Windows\SysWow64\RTKDABMWare.dll
[2010/05/09 19:16:19 | 000,197,120 | ---- | C] () -- D:\Windows\patchw32.dll
[2010/05/04 21:46:58 | 001,463,836 | ---- | C] () -- D:\Windows\SysWow64\PerfStringBackup.INI
[2010/04/15 19:16:11 | 000,001,156 | ---- | C] () -- D:\Windows\disney.ini
[2010/04/15 19:15:53 | 000,000,200 | ---- | C] () -- D:\Windows\disneysy.ini
[2010/03/27 18:52:54 | 000,000,571 | ---- | C] () -- D:\Windows\SysWow64\FeMakro.ini
[2010/03/27 18:52:54 | 000,000,497 | ---- | C] () -- D:\Windows\SysWow64\FeAnim.ini
[2010/03/02 20:19:41 | 000,007,168 | ---- | C] () -- D:\Windows\SysWow64\drivers\StarOpen.sys
[2010/03/01 20:08:54 | 000,000,376 | ---- | C] () -- D:\Windows\ODBC.INI
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2007/01/26 02:04:12 | 000,138,752 | ---- | C] () -- D:\Windows\SysWow64\mase32.dll
[2007/01/26 02:04:12 | 000,027,648 | ---- | C] () -- D:\Windows\SysWow64\ma32.dll
[2004/04/27 09:26:48 | 000,005,824 | ---- | C] () -- D:\Windows\SysWow64\drivers\ASUSHWIO.SYS
========== LOP Check ==========
[2010/03/01 20:21:14 | 000,000,000 | ---D | M] -- D:\Users\Daniel\AppData\Roaming\Opera
[2010/05/24 17:26:58 | 000,000,000 | ---D | M] -- D:\Users\Daniel\AppData\Roaming\PC Suite
[2010/05/16 13:10:01 | 000,000,000 | ---D | M] -- D:\Users\Guest\AppData\Roaming\Bump Technologies, Inc
[2010/09/11 17:49:38 | 000,000,000 | ---D | M] -- D:\Users\Guest\AppData\Roaming\Opera
[2010/03/26 23:19:00 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Azureus
[2010/05/09 19:19:35 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Bump Technologies, Inc
[2010/03/30 19:21:30 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Canneverbe Limited
[2010/03/03 16:29:46 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
[2010/04/23 19:20:40 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Disney Interactive Studios
[2010/08/16 10:40:01 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Eyes Relax
[2010/03/02 19:52:38 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Foxit Software
[2010/09/07 16:22:59 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\FUEL Demo
[2010/03/26 18:33:22 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\GameRanger
[2010/04/10 20:28:42 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\GetRightToGo
[2010/05/19 21:55:34 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\GHISLER
[2010/08/10 13:41:16 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Hide IP NG
[2010/08/17 22:03:14 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\IObit
[2010/08/26 18:47:19 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\IrfanView
[2010/06/26 14:17:52 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Jasc
[2010/09/03 13:29:43 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Jumping Bytes
[2010/03/05 18:56:12 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Leadertech
[2010/04/05 16:32:30 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Luxand
[2010/08/28 18:16:43 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Need for Speed World
[2010/05/04 21:54:48 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Nokia
[2010/06/30 22:06:10 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Opera
[2010/05/24 16:31:33 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\PC Suite
[2010/05/03 11:31:38 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\PDFCreator
[2010/03/27 18:53:04 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\pdfMachine
[2010/08/10 13:49:35 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\ProtectDisc
[2010/09/10 15:27:15 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\TeamViewer
[2010/03/01 22:47:17 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Thunderbird
[2010/06/28 15:32:45 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\TS3Client
[2010/05/29 13:01:56 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\uTorrent
[2010/03/02 16:51:25 | 000,000,000 | ---D | M] -- D:\Users\Martin\AppData\Roaming\Windows SideBar
[2010/09/24 18:17:51 | 000,000,366 | ---- | M] () -- D:\Windows\Tasks\AWC Update.job
[2010/06/11 13:48:05 | 000,032,626 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
[2010/09/24 18:39:08 | 000,000,290 | -H-- | M] () -- D:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
[2010/09/24 18:25:05 | 000,000,248 | -H-- | M] () -- D:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 216 bytes -> D:\Users\Martin\Víta vás Skenovanie.jpg:3or4kl4x13tuuug3Byamue2s4b
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 118322
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Problém s prihlasovaním
Nic nebezpečného tam není. Bud máte poškozený systém, nebo to způsobuje ten Ardamax. Zkuste systém opravit bud Win7Managerem: http://www.yamicsoft.com/windows7manager/ , nebo z instal. DVD.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?