VIRY.CZ

zdravim nevim proc ale asi uz mesic mi notas kdyz ho zapnu najizdi tak 20 minut pred tim jsem byl ve windousu tak do 3 minut

Logfile of random's system information tool 1.08 (written by random/random)
Run by JURA at 2011-01-25 08:42:18
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 99 GB (65%) free of 153 GB
Total RAM: 3036 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:42:33, on 25.1.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18999)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program files\P4G\BatteryLife.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\TrustPort\Antivirus\bin\avcom.exe
C:\Program Files\Common Files\TrustPort\bin\tptray.exe
C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
C:\Users\JURA\Program Files\DNA\btdna.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\JURA\Downloads\RSIT.exe
C:\Program Files\trend micro\JURA.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=wbst&s={searchTerms}&f=4
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AntivirusCommunicatorAgent] "C:\Program Files\TrustPort\Antivirus\bin\avcom.exe"
O4 - HKLM\..\Run: [TrustPortTray] "C:\Program Files\Common Files\TrustPort\Bin\tptray.exe"
O4 - HKCU\..\Run: [SRS Premium Sound] "C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" /hideme
O4 - HKCU\..\Run: [Seznam Postak] "C:\Users\JURA\AppData\Local\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\JURA\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\SideBar.exe /autoRun
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Scan link by Dr.Web - http://www.drweb.com/online/drweb-online-en.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Users\JURA\AppData\Local\Seznam.cz\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Users\JURA\AppData\Local\Seznam.cz\listicka.dll (HKCU)
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Users\JURA\AppData\Local\Seznam.cz\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Users\JURA\AppData\Local\Seznam.cz\listicka.dll (HKCU)
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... 10.115.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc ... oscan8.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2AB2B1E8-3755-4CF2-B1C3-CA23498F81B2}: NameServer = 195.146.100.100,195.146.100.5
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: McAfee Application Installer Cleanup (0316791295626281) (0316791295626281mcinstcleanup) - Unknown owner - C:\Users\JURA\AppData\Local\Temp\031679~1.EXE (file missing)
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AHZ - Unknown owner - C:\Users\JURA\AppData\Local\Temp\AHZ.exe (file missing)
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: TrustPort Antivirus On-Access Scanner Agent (avas_service) - TrustPort, a.s. - C:\Program Files\TrustPort\Antivirus\bin\avas.exe
O23 - Service: TrustPort Antivirus Service Scanner Provider (avss_service) - TrustPort, a.s. - C:\Program Files\TrustPort\Antivirus\bin\avss.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: TrustPort Personal GTW (gozer) - TrustPort, a.s. - C:\Program Files\TrustPort\Antivirus\bin\gozer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: @C:\Program Files\Microsoft Security Essentials\MpAsDesc.dll,-241 (MsMpSvc) - Unknown owner - C:\Program Files\Microsoft Security Essentials\MsMpEng.exe (file missing)
O23 - Service: Rising Vista Scanner (RsVScanner) - Unknown owner - C:\Program Files\Rising\Rav\scannerd.exe (file missing)
O23 - Service: Rx2Agent - Unknown owner - C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe (file missing)
O23 - Service: Rx2Engine - Unknown owner - C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe (file missing)
O23 - Service: TrustPort Core Service (tpmgma_service) - TrustPort, a.s. - C:\Program Files\Common Files\TrustPort\bin\tpmgma.exe

--
End of file - 10460 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{C4B3BD68-4DD4-44A6-AC7E-6762731A80AF}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
{D4027C7F-154A-4066-A1AD-4243D8127440} - PandoraTV Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-03-04 8392704]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2009-02-07 1593344]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-03-06 424352]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-10-15 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-10-15 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-10-15 170520]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"AntivirusCommunicatorAgent"=C:\Program Files\TrustPort\Antivirus\bin\avcom.exe [2011-01-14 772664]
"TrustPortTray"=C:\Program Files\Common Files\TrustPort\Bin\tptray.exe [2011-01-14 703032]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SRS Premium Sound"=C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe [2009-03-20 3261688]
"Seznam Postak"=C:\Users\JURA\AppData\Local\Seznam.cz\postak.exe [2010-10-07 488728]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"BitTorrent DNA"=C:\Users\JURA\Program Files\DNA\btdna.exe [2010-12-21 323392]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-01-03 15028104]
"Sidebar"=C:\Program Files\Windows Sidebar\SideBar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-10-15 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpmgma_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-01-25 08:42:18 ----D---- C:\rsit
2011-01-25 08:42:18 ----D---- C:\Program Files\trend micro
2011-01-25 08:03:37 ----A---- C:\Users\JURA\AppData\Roaming\pcouffin.sys
2011-01-25 08:03:37 ----A---- C:\Users\JURA\AppData\Roaming\inst.exe
2011-01-22 10:39:05 ----D---- C:\Program Files\Common Files\Skype
2011-01-22 10:39:04 ----RD---- C:\Program Files\Skype
2011-01-22 10:38:55 ----D---- C:\ProgramData\Skype
2011-01-22 07:35:53 ----A---- C:\Windows\system32\drivers\tdifw.sys
2011-01-22 07:35:20 ----A---- C:\Windows\system32\drivers\avasdmft.sys
2011-01-22 07:35:19 ----D---- C:\Program Files\TrustPort
2011-01-22 07:35:19 ----A---- C:\Windows\system32\drivers\tpsec.sys
2011-01-21 17:52:03 ----D---- C:\Program Files\Common Files\TrustPort
2011-01-21 12:11:59 ----D---- C:\ProgramData\Malwarebytes
2011-01-21 11:08:02 ----D---- C:\ProgramData\F-Secure
2011-01-21 10:56:23 ----D---- C:\Program Files\CCleaner
2011-01-17 12:03:31 ----A---- C:\Windows\system32\javaws.exe
2011-01-17 12:03:31 ----A---- C:\Windows\system32\javaw.exe
2011-01-17 12:03:31 ----A---- C:\Windows\system32\java.exe
2011-01-12 07:25:38 ----A---- C:\Windows\system32\odbc32.dll
2011-01-12 07:25:33 ----A---- C:\Windows\system32\sdclt.exe
2011-01-11 08:16:59 ----D---- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2011-01-07 18:39:22 ----D---- C:\Users\JURA\AppData\Roaming\runic games
2011-01-07 18:34:27 ----D---- C:\Program Files\Runic Games
2011-01-07 18:33:56 ----D---- C:\Users\JURA\AppData\Roaming\InstallShield
2011-01-03 16:22:39 ----D---- C:\Program Files\Samsung
2010-12-31 10:21:18 ----D---- C:\ProgramData\Norton
2010-12-31 10:21:14 ----D---- C:\ProgramData\NortonInstaller
2010-12-30 16:48:56 ----D---- C:\ProgramData\ICQ

======List of files/folders modified in the last 1 months======

2011-01-25 08:42:30 ----D---- C:\Windows\temp
2011-01-25 08:42:30 ----D---- C:\Users\JURA\AppData\Roaming\BitTorrent
2011-01-25 08:42:18 ----RD---- C:\Program Files
2011-01-25 08:38:01 ----D---- C:\Users\JURA\AppData\Roaming\Skype
2011-01-25 08:36:19 ----D---- C:\Users\JURA\AppData\Roaming\DNA
2011-01-25 08:11:07 ----SHD---- C:\Windows\Installer
2011-01-25 08:11:02 ----SHD---- C:\System Volume Information
2011-01-25 08:06:34 ----D---- C:\Users\JURA\AppData\Roaming\skypePM
2011-01-25 08:04:09 ----D---- C:\Windows\System32
2011-01-25 08:04:09 ----D---- C:\Program Files\VSO
2011-01-25 08:03:37 ----D---- C:\Users\JURA\AppData\Roaming\Vso
2011-01-25 07:17:51 ----A---- C:\Windows\system32\agremove.exe
2011-01-25 07:14:51 ----A---- C:\Windows\system32\acovcnt.exe
2011-01-24 15:01:30 ----D---- C:\Windows
2011-01-24 15:00:02 ----D---- C:\ProgramData
2011-01-24 12:23:39 ----D---- C:\Windows\Prefetch
2011-01-24 10:56:39 ----D---- C:\Program Files\VS Revo Group
2011-01-24 10:54:18 ----D---- C:\Windows\system32\drivers
2011-01-23 09:09:33 ----D---- C:\Windows\system32\Tasks
2011-01-22 10:58:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-01-22 10:58:01 ----D---- C:\Windows\inf
2011-01-22 10:39:05 ----D---- C:\Program Files\Common Files
2011-01-21 17:52:46 ----D---- C:\Windows\system32\config
2011-01-21 17:26:25 ----D---- C:\Program Files\Common Files\Mcafee
2011-01-21 17:25:23 ----DC---- C:\Windows\system32\DRVSTORE
2011-01-21 12:21:53 ----AD---- C:\Windows\VDLL.DLL
2011-01-21 12:07:29 ----SD---- C:\Windows\Downloaded Program Files
2011-01-21 10:58:50 ----D---- C:\Users\JURA\AppData\Roaming\Media Player Classic
2011-01-21 10:58:41 ----D---- C:\Windows\Debug
2011-01-21 10:58:41 ----D---- C:\Users\JURA\AppData\Roaming\Azureus
2011-01-21 10:50:53 ----D---- C:\Windows\BDOSCAN8
2011-01-21 10:39:55 ----D---- C:\Program Files\Deep Silver
2011-01-21 06:07:37 ----D---- C:\Windows\system32\catroot2
2011-01-17 12:03:29 ----D---- C:\Program Files\Java
2011-01-15 09:37:33 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-13 08:30:51 ----A---- C:\Windows\system32\mrt.exe
2011-01-13 08:30:44 ----D---- C:\Windows\winsxs
2011-01-13 08:30:08 ----D---- C:\ProgramData\Microsoft Help
2011-01-12 07:25:12 ----D---- C:\Windows\system32\catroot
2011-01-11 08:16:56 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-01-07 18:37:41 ----RSD---- C:\Windows\assembly
2011-01-06 13:32:19 ----D---- C:\temp
2010-12-31 10:30:10 ----D---- C:\Windows\Tasks
2010-12-31 10:26:36 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-12-31 10:07:39 ----D---- C:\Program Files\Stardock
2010-12-30 16:59:43 ----D---- C:\Program Files\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-07-27 30264]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-02-11 329752]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2008-05-29 15416]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\Windows\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\Windows\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-21 691696]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2009-06-18 142832]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 tdimapper;TrustPort TDI port to process mapper; \??\C:\Program Files\TrustPort\PersonalFirewall\bin\tdimapper.sys [2011-01-14 16952]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-09-26 279712]
R2 DefragFS;DefragFS; C:\Windows\system32\drivers\DefragFS.sys [2009-08-21 73232]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-09-26 25888]
R2 RMCAST;Ovladač protokolu RMCAST (Pgm); C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-11 113664]
R2 tdifw;TrustPort PGTW driver; C:\Windows\system32\drivers\tdifw.sys [2011-01-14 38456]
R2 tpsec;TrustPort Security Filter; C:\Windows\system32\drivers\tpsec.sys [2011-01-14 33632]
R3 AmdLLD;AMD Low Level Device Driver; C:\Windows\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 avasdmft;TrustPort Antivirus On-Access Scanner (W2K/XP) MF; C:\Windows\System32\DRIVERS\avasdmft.sys [2011-01-14 35896]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-03-13 140800]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-10-15 9030144]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2009-08-05 48640]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2008-12-24 14392]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\Windows\system32\drivers\srs_PremiumSound_i386.sys [2009-01-14 230952]
R3 TPPFHOOK;TPPFHOOK; \??\C:\Program Files\TrustPort\PersonalFirewall\bin\TPPFHOOK.sys [2011-01-14 27192]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-03-20 984064]
S3 41bF45E;41bF45E; \??\C:\Users\JURA\AppData\Local\Temp\41bF45E.sys []
S3 ax8b4i98;ax8b4i98; C:\Windows\system32\drivers\ax8b4i98.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-04-17 23040]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-17 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-17 30208]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-10-07 45736]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-10-07 86056]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-10-07 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-10-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-10-07 18472]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 dsio;TrustPort Raw IO Driver; \??\C:\Program Files\Common Files\TrustPort\bin\dsio.sys [2011-01-14 14904]
S3 esihdrv;esihdrv; \??\C:\Users\JURA\AppData\Local\Temp\esihdrv.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-04-17 149504]
S3 rkhdrv40;Rootkit Unhooker Driver; C:\Windows\system32\drivers\rkhdrv40.sys [2009-11-13 24448]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 131000]
S3 winusb;Služba WinUSB; C:\Windows\system32\DRIVERS\WinUSB.SYS [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2008-08-14 100920]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-07-15 628000]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 lxbk_device;lxbk_device; C:\Windows\system32\lxbkcoms.exe [2008-02-19 537256]
R2 tpmgma_service;TrustPort Core Service; C:\Program Files\Common Files\TrustPort\bin\tpmgma.exe [2011-01-14 402288]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 avas_service;TrustPort Antivirus On-Access Scanner Agent; C:\Program Files\TrustPort\Antivirus\bin\avas.exe [2011-01-14 494136]
R3 avss_service;TrustPort Antivirus Service Scanner Provider; C:\Program Files\TrustPort\Antivirus\bin\avss.exe [2011-01-14 289336]
R3 gozer;TrustPort Personal GTW; C:\Program Files\TrustPort\Antivirus\bin\gozer.exe [2011-01-14 485944]
S2 0316791295626281mcinstcleanup;McAfee Application Installer Cleanup (0316791295626281); C:\Users\JURA\AppData\Local\Temp\031679~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MsMpSvc;@C:\Program Files\Microsoft Security Essentials\MpAsDesc.dll,-241; C:\Program Files\Microsoft Security Essentials\MsMpEng.exe []
S2 RsVScanner;Rising Vista Scanner; C:\Program Files\Rising\Rav\scannerd.exe []
S2 Rx2Agent;Rx2Agent; C:\Program Files\Raxco\PerfectSpeed20\Rx2Agent.exe []
S3 AHZ;AHZ; C:\Users\JURA\AppData\Local\Temp\AHZ.exe []
S3 AllShare;SAMSUNG AllShare Service; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-04-23 9241088]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-27 156656]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Rx2Engine;Rx2Engine; C:\Program Files\Raxco\PerfectSpeed20\Rx2Engine.exe []
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Zdravim

Stiahnes na plochu TFC
zatvor vsetko co mas otvorene a pravy klik spust ako admin -po skane restart.

PROSIM CITAJTE POZORNE NAVOD!!!,

Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.

ComboFix 11-01-24.02 - JURA 25.01.2011 10:01:07.3.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3036.1837 [GMT 1:00]
Spuštěný z: c:\users\JURA\Desktop\ComboFix.exe
AV: TrustPort Antivirus *Disabled/Updated* {C3AD9610-D79C-79A3-8C7B-CAB50B3AA5DC}
FW: TrustPort Personal Firewall *Enabled* {FB961735-9DF3-78FB-A724-6380F5E9E2A7}
SP: TrustPort Antivirus *Disabled/Updated* {78CC77F4-F1A6-762D-B6CB-F1C770BDEF61}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\JURA\AppData\Roaming\inst.exe
c:\windows\system32\system

Nakažená kopie c:\windows\System32\autochk.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-25 do 2011-01-25 )))))))))))))))))))))))))))))))
.

2011-01-25 09:08 . 2011-01-25 09:21 -------- d-----w- c:\users\JURA\AppData\Local\temp
2011-01-25 09:08 . 2011-01-25 09:08 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-01-25 09:08 . 2011-01-25 09:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-25 08:29 . 2011-01-20 09:39 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34CF78D6-D6F5-4F63-9D66-D0A977126FCA}\mpengine.dll
2011-01-25 07:42 . 2011-01-25 07:42 -------- d-----w- C:\rsit
2011-01-25 07:42 . 2011-01-25 07:42 -------- d-----w- c:\program files\trend micro
2011-01-25 07:03 . 2011-01-25 07:03 47360 ----a-w- c:\users\JURA\AppData\Roaming\pcouffin.sys
2011-01-22 09:39 . 2011-01-22 09:39 -------- d-----w- c:\program files\Common Files\Skype
2011-01-22 09:39 . 2011-01-22 09:39 -------- d-----r- c:\program files\Skype
2011-01-22 09:38 . 2011-01-22 09:39 -------- d-----w- c:\programdata\Skype
2011-01-22 06:35 . 2011-01-14 07:11 38456 ----a-w- c:\windows\system32\drivers\tdifw.sys
2011-01-22 06:35 . 2011-01-14 07:11 35896 ----a-w- c:\windows\system32\drivers\avasdmft.sys
2011-01-22 06:35 . 2011-01-23 08:08 -------- d-----w- c:\program files\TrustPort
2011-01-22 06:35 . 2011-01-14 07:13 33632 ----a-w- c:\windows\system32\drivers\tpsec.sys
2011-01-21 16:52 . 2011-01-22 06:35 -------- d-----w- c:\program files\Common Files\TrustPort
2011-01-21 11:11 . 2011-01-21 11:11 -------- d-----w- c:\programdata\Malwarebytes
2011-01-21 10:08 . 2011-01-21 10:08 -------- d-----w- c:\programdata\F-Secure
2011-01-21 09:56 . 2011-01-21 09:56 -------- d-----w- c:\program files\CCleaner
2011-01-12 06:25 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 06:25 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 06:25 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 06:25 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 06:25 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2011-01-12 06:25 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 06:25 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-01-07 17:39 . 2011-01-07 17:39 -------- d-----w- c:\users\JURA\AppData\Roaming\runic games
2011-01-07 17:34 . 2011-01-07 17:34 -------- d-----w- c:\program files\Runic Games
2011-01-07 17:33 . 2011-01-07 17:33 -------- d-----w- c:\users\JURA\AppData\Roaming\InstallShield
2011-01-03 15:22 . 2011-01-03 15:22 -------- d-----w- c:\program files\Samsung
2010-12-31 20:23 . 2010-12-31 20:23 1 ----a-w- c:\windows\system32\SI.bin
2010-12-31 09:21 . 2010-12-31 09:30 -------- d-----w- c:\programdata\Norton
2010-12-30 15:48 . 2010-12-30 15:49 -------- d-----w- c:\programdata\ICQ
2010-12-30 15:48 . 2010-12-30 15:48 -------- d-----w- c:\users\JURA\AppData\Local\AOL

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-25 09:20 . 2010-02-27 11:48 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-01-25 08:55 . 2010-08-10 14:40 44544 ----a-w- c:\windows\system32\agremove.exe
2010-11-12 17:53 . 2010-10-14 08:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-04 18:56 . 2010-12-16 06:29 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55 . 2010-12-16 06:29 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55 . 2010-12-16 06:29 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55 . 2010-12-16 06:29 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34 . 2010-12-16 06:29 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01 . 2010-12-16 06:29 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57 . 2010-12-16 06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57 . 2010-12-16 06:29 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57 . 2010-12-16 06:29 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57 . 2010-12-16 06:29 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01 . 2010-12-16 06:29 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26 . 2010-12-16 06:29 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24 . 2010-12-16 06:29 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:44 . 2010-12-16 06:29 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:27 . 2010-12-16 06:29 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 13:20 . 2010-12-16 06:29 2048 ----a-w- c:\windows\system32\tzres.dll
2008-12-23 20:36 . 2008-12-23 20:36 106496 ----a-w- c:\program files\Common Files\CPInstallAction.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 14:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-03-20 3261688]
"Seznam Postak"="c:\users\JURA\AppData\Local\Seznam.cz\postak.exe" [2010-10-07 488728]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"BitTorrent DNA"="c:\users\JURA\Program Files\DNA\btdna.exe" [2010-12-21 323392]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]
"Sidebar"="c:\program files\Windows Sidebar\SideBar.exe" [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-03-04 8392704]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-03-06 424352]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-15 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-15 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-15 170520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"AntivirusCommunicatorAgent"="c:\program files\TrustPort\Antivirus\bin\avcom.exe" [2011-01-14 772664]
"TrustPortTray"="c:\program files\Common Files\TrustPort\Bin\tptray.exe" [2011-01-14 703032]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ehTray.exe"=c:\windows\ehome\ehTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"ASUS Camera ScreenSaver"=c:\windows\AsScrProlog.exe
"ATKMEDIA"=c:\program files\ASUS\ATK Media\DMedia.exe
"IgfxTray"=c:\windows\system32\igfxtray.exe
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe"
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\program files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

R2 0316791295626281mcinstcleanup;McAfee Application Installer Cleanup (0316791295626281);c:\users\JURA\AppData\Local\Temp\031679~1.EXE [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 41bF45E;41bF45E;c:\users\JURA\AppData\Local\Temp\41bF45E.sys [x]
R3 AHZ;AHZ;c:\users\JURA\AppData\Local\Temp\AHZ.exe [x]
R3 AllShare;SAMSUNG AllShare Service;c:\program files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-04-23 9241088]
R3 avas_service;TrustPort Antivirus On-Access Scanner Agent;c:\program files\TrustPort\Antivirus\bin\avas.exe [2011-01-14 494136]
R3 avasdmft;TrustPort Antivirus On-Access Scanner (W2K/XP) MF;c:\windows\system32\DRIVERS\avasdmft.sys [2011-01-14 35896]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-10-07 45736]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-10-07 29472]
R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
R3 dsio;TrustPort Raw IO Driver;c:\program files\Common Files\TrustPort\bin\dsio.sys [2011-01-14 14904]
R3 esihdrv;esihdrv;c:\users\JURA\AppData\Local\Temp\esihdrv.sys [x]
R3 gozer;TrustPort Personal GTW;c:\program files\TrustPort\Antivirus\bin\gozer.exe [2011-01-14 485944]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2008-05-29 15416]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
S3 avss_service;TrustPort Antivirus Service Scanner Provider;c:\program files\TrustPort\Antivirus\bin\avss.exe [2011-01-14 289336]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-03-13 140800]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
ipripsvc REG_MULTI_SZ iprip

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2011-01-25 c:\windows\Tasks\User_Feed_Synchronization-{C4B3BD68-4DD4-44A6-AC7E-6762731A80AF}.job
- c:\windows\system32\msfeedssync.exe [2010-12-16 04:25]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Scan link by Dr.Web - http://www.drweb.com/online/drweb-online-en.html
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: {2AB2B1E8-3755-4CF2-B1C3-CA23498F81B2} = 195.146.100.100,195.146.100.5
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
Toolbar-{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - (no file)
WebBrowser-{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-25 10:21
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

C:\ADSM_PData_0150

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1737227816-726752648-1595867434-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:73,8d,91,49,d4,51,27,6f,51,07,ea,e0,ab,42,10,db,5c,df,76,7e,85,c2,bb,
64,1c,a3,f3,3c,60,f2,d8,85,27,7d,18,8c,98,87,69,8e,87,14,bf,c6,21,6c,67,f7,\
"??"=hex:5a,19,37,3d,bd,77,c7,c8,a2,70,27,10,d8,e7,b6,c1

[HKEY_USERS\S-1-5-21-1737227816-726752648-1595867434-1000\Software\SecuROM\License information*]
"datasecu"=hex:2a,5f,34,cb,ad,a2,32,50,aa,fb,a9,31,c0,bc,96,74,70,d9,17,cb,0c,
86,9a,97,cb,4f,02,7b,0b,42,0f,21,83,15,aa,66,4e,dd,31,78,f7,1f,60,53,72,71,\
"rkeysecu"=hex:1e,4a,ca,32,6e,cd,25,ae,90,e5,aa,00,3e,31,05,6e

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(2960)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\AUDIODG.EXE
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\windows\system32\WLANExt.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\TrustPort\bin\tpmgma.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\windows\system32\conime.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\TrustPort\bin\tpupdate.exe
.
**************************************************************************
.
Celkový čas: 2011-01-25 10:23:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-25 09:23

Před spuštěním: Volných bajtů: 103 517 839 360
Po spuštění: Volných bajtů: 103 474 696 192

- - End Of File - - 7D5999026AA944C3C40ACA7FA15627CB

tak jsem vse udelal podle navodu antivir nic nehlasil a stejne tam asi neco je

jo jeste mi pritom combofixu vyskakovalo dole v pravo naliste zluty trouhelnik s upozornenim na poskozeni PEV.cfxxe tak nevim

No,PEV.cfxxe-patri combofixu,uvidime ci bude robit problem.
Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"=-
"SunJavaUpdateSched"=-
Rootkit::
c:\users\JURA\AppData\Local\Temp\031679~1.EXE
c:\users\JURA\AppData\Local\Temp\41bF45E.sys
c:\users\JURA\AppData\Local\Temp\AHZ.exe
c:\users\JURA\AppData\Local\Temp\esihdrv.sys
Driver::
0316791295626281mcinstcleanup
41bF45E
AHZ
esihdrv
Folder::
c:\program files\Ask.com
RegLock:: 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí

ComboFix 11-01-24.02 - JURA 25.01.2011 11:28:04.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3036.1962 [GMT 1:00]
Spuštěný z: c:\users\JURA\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\JURA\Desktop\CFScript.txt
AV: TrustPort Antivirus *Disabled/Updated* {C3AD9610-D79C-79A3-8C7B-CAB50B3AA5DC}
FW: TrustPort Personal Firewall *Enabled* {FB961735-9DF3-78FB-A724-6380F5E9E2A7}
SP: TrustPort Antivirus *Disabled/Updated* {78CC77F4-F1A6-762D-B6CB-F1C770BDEF61}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe

Nakažená kopie c:\windows\System32\autochk.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.0.6001.18000_none_e1f3ed49c1c122ef\autochk.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ESIHDRV
-------\Service_0316791295626281mcinstcleanup
-------\Service_AHZ
-------\Service_esihdrv
-------\Legacy_41bF45E
-------\Service_41bF45E

((((((((((((((((((((((((( Soubory vytvořené od 2010-12-25 do 2011-01-25 )))))))))))))))))))))))))))))))
.

2011-01-25 10:37 . 2011-01-25 10:37 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2011-01-25 10:36 . 2011-01-25 10:36 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2011-01-25 10:34 . 2011-01-25 10:34 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-01-25 10:34 . 2011-01-25 10:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-25 09:23 . 2011-01-25 10:39 -------- d-----w- c:\users\JURA\AppData\Local\temp
2011-01-25 08:29 . 2011-01-20 09:39 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34CF78D6-D6F5-4F63-9D66-D0A977126FCA}\mpengine.dll
2011-01-25 07:42 . 2011-01-25 07:42 -------- d-----w- c:\program files\trend micro
2011-01-25 07:03 . 2011-01-25 07:03 47360 ----a-w- c:\users\JURA\AppData\Roaming\pcouffin.sys
2011-01-22 09:39 . 2011-01-22 09:39 -------- d-----w- c:\program files\Common Files\Skype
2011-01-22 09:39 . 2011-01-22 09:39 -------- d-----r- c:\program files\Skype
2011-01-22 09:38 . 2011-01-22 09:39 -------- d-----w- c:\programdata\Skype
2011-01-22 06:35 . 2011-01-14 07:11 38456 ----a-w- c:\windows\system32\drivers\tdifw.sys
2011-01-22 06:35 . 2011-01-14 07:11 35896 ----a-w- c:\windows\system32\drivers\avasdmft.sys
2011-01-22 06:35 . 2011-01-23 08:08 -------- d-----w- c:\program files\TrustPort
2011-01-22 06:35 . 2011-01-14 07:13 33632 ----a-w- c:\windows\system32\drivers\tpsec.sys
2011-01-21 16:52 . 2011-01-22 06:35 -------- d-----w- c:\program files\Common Files\TrustPort
2011-01-21 11:11 . 2011-01-21 11:11 -------- d-----w- c:\programdata\Malwarebytes
2011-01-21 10:08 . 2011-01-21 10:08 -------- d-----w- c:\programdata\F-Secure
2011-01-21 09:56 . 2011-01-21 09:56 -------- d-----w- c:\program files\CCleaner
2011-01-12 06:25 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll
2011-01-12 06:25 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-01-12 06:25 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-01-12 06:25 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-01-12 06:25 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll
2011-01-12 06:25 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-01-12 06:25 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe
2011-01-07 17:39 . 2011-01-07 17:39 -------- d-----w- c:\users\JURA\AppData\Roaming\runic games
2011-01-07 17:34 . 2011-01-07 17:34 -------- d-----w- c:\program files\Runic Games
2011-01-07 17:33 . 2011-01-07 17:33 -------- d-----w- c:\users\JURA\AppData\Roaming\InstallShield
2011-01-03 15:22 . 2011-01-03 15:22 -------- d-----w- c:\program files\Samsung
2010-12-31 20:23 . 2010-12-31 20:23 1 ----a-w- c:\windows\system32\SI.bin
2010-12-31 09:21 . 2010-12-31 09:30 -------- d-----w- c:\programdata\Norton
2010-12-30 15:48 . 2010-12-30 15:49 -------- d-----w- c:\programdata\ICQ
2010-12-30 15:48 . 2010-12-30 15:48 -------- d-----w- c:\users\JURA\AppData\Local\AOL

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-25 10:37 . 2010-02-27 11:48 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-01-25 10:17 . 2010-08-10 14:40 44544 ----a-w- c:\windows\system32\agremove.exe
2010-11-12 17:53 . 2010-10-14 08:46 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-04 18:56 . 2010-12-16 06:29 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-04 18:55 . 2010-12-16 06:29 352768 ----a-w- c:\windows\system32\taskschd.dll
2010-11-04 18:55 . 2010-12-16 06:29 270336 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-04 18:55 . 2010-12-16 06:29 601600 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-04 16:34 . 2010-12-16 06:29 171520 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 06:01 . 2010-12-16 06:29 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-02 05:57 . 2010-12-16 06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-02 05:57 . 2010-12-16 06:29 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-02 05:57 . 2010-12-16 06:29 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-11-02 05:57 . 2010-12-16 06:29 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-11-02 05:01 . 2010-12-16 06:29 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 04:26 . 2010-12-16 06:29 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-11-02 04:24 . 2010-12-16 06:29 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-10-28 15:44 . 2010-12-16 06:29 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-10-28 13:27 . 2010-12-16 06:29 292352 ----a-w- c:\windows\system32\atmfd.dll
2010-10-28 13:20 . 2010-12-16 06:29 2048 ----a-w- c:\windows\system32\tzres.dll
2008-12-23 20:36 . 2008-12-23 20:36 106496 ----a-w- c:\program files\Common Files\CPInstallAction.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-03-20 3261688]
"Seznam Postak"="c:\users\JURA\AppData\Local\Seznam.cz\postak.exe" [2010-10-07 488728]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"BitTorrent DNA"="c:\users\JURA\Program Files\DNA\btdna.exe" [2010-12-21 323392]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-03 15028104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-03-04 8392704]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-03-06 424352]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-10-15 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-10-15 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-10-15 170520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"AntivirusCommunicatorAgent"="c:\program files\TrustPort\Antivirus\bin\avcom.exe" [2011-01-14 772664]
"TrustPortTray"="c:\program files\Common Files\TrustPort\Bin\tptray.exe" [2011-01-14 703032]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ehTray.exe"=c:\windows\ehome\ehTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ASUS Camera ScreenSaver"=c:\windows\AsScrProlog.exe
"ATKMEDIA"=c:\program files\ASUS\ATK Media\DMedia.exe
"IgfxTray"=c:\windows\system32\igfxtray.exe
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe"
"P2Go_Menu"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\program files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 AllShare;SAMSUNG AllShare Service;c:\program files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-04-23 9241088]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-10-07 45736]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-10-07 29472]
R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
R3 dsio;TrustPort Raw IO Driver;c:\program files\Common Files\TrustPort\bin\dsio.sys [2011-01-14 14904]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2009-06-18 42480]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2008-05-29 15416]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
S3 avas_service;TrustPort Antivirus On-Access Scanner Agent;c:\program files\TrustPort\Antivirus\bin\avas.exe [2011-01-14 494136]
S3 avasdmft;TrustPort Antivirus On-Access Scanner (W2K/XP) MF;c:\windows\system32\DRIVERS\avasdmft.sys [2011-01-14 35896]
S3 avss_service;TrustPort Antivirus Service Scanner Provider;c:\program files\TrustPort\Antivirus\bin\avss.exe [2011-01-14 289336]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-03-13 140800]
S3 gozer;TrustPort Personal GTW;c:\program files\TrustPort\Antivirus\bin\gozer.exe [2011-01-14 485944]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
ipripsvc REG_MULTI_SZ iprip

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2011-01-25 c:\windows\Tasks\User_Feed_Synchronization-{C4B3BD68-4DD4-44A6-AC7E-6762731A80AF}.job
- c:\windows\system32\msfeedssync.exe [2010-12-16 04:25]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Scan link by Dr.Web - http://www.drweb.com/online/drweb-online-en.html
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: {2AB2B1E8-3755-4CF2-B1C3-CA23498F81B2} = 195.146.100.100,195.146.100.5
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-25 11:39
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1737227816-726752648-1595867434-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:73,8d,91,49,d4,51,27,6f,51,07,ea,e0,ab,42,10,db,5c,df,76,7e,85,c2,bb,
64,1c,a3,f3,3c,60,f2,d8,85,27,7d,18,8c,98,87,69,8e,87,14,bf,c6,21,6c,67,f7,\
"??"=hex:5a,19,37,3d,bd,77,c7,c8,a2,70,27,10,d8,e7,b6,c1

[HKEY_USERS\S-1-5-21-1737227816-726752648-1595867434-1000\Software\SecuROM\License information*]
"datasecu"=hex:2a,5f,34,cb,ad,a2,32,50,aa,fb,a9,31,c0,bc,96,74,70,d9,17,cb,0c,
86,9a,97,cb,4f,02,7b,0b,42,0f,21,83,15,aa,66,4e,dd,31,78,f7,1f,60,53,72,71,\
"rkeysecu"=hex:1e,4a,ca,32,6e,cd,25,ae,90,e5,aa,00,3e,31,05,6e
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(3504)
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
c:\program files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\AUDIODG.EXE
c:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\windows\system32\WLANExt.exe
c:\program files\ASUS\ATK Hotkey\ASLDRSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\ATK Hotkey\MsgTranAgt.exe
c:\program files\ASUS\ATK Hotkey\HControl.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\windows\System32\ACEngSvr.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\System32\rpcnetp.exe
c:\program files\Common Files\TrustPort\bin\tpmgma.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\ASUS\ATK Hotkey\ATKOSD.exe
c:\windows\system32\conime.exe
c:\program files\ASUS\ATK Hotkey\KBFiltr.exe
c:\program files\ASUS\ATK Hotkey\WDC.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Celkový čas: 2011-01-25 11:45:00 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-25 10:44

Před spuštěním: Volných bajtů: 103 498 158 080
Po spuštění: Volných bajtů: 103 322 308 608

- - End Of File - - 8BC0C375B2E4127B99A99E2B42223096

tu je ten log furt se to chova divne

Otestuj na www.virustotal.com
c:\windows\System32\autochk.exe
Reanalyse a link vloz sem.

Antivirus results[/i]
AhnLab-V3 - 2011.01.18.00 - 2011.01.17 - -
AntiVir - 7.11.1.239 - 2011.01.25 - -
Antiy-AVL - 2.0.3.7 - 2011.01.25 - -
Avast - 4.8.1351.0 - 2011.01.25 - -
Avast5 - 5.0.677.0 - 2011.01.25 - -
AVG - 10.0.0.1190 - 2011.01.25 - -
BitDefender - 7.2 - 2011.01.25 - -
CAT-QuickHeal - 11.00 - 2011.01.25 - -
ClamAV - 0.96.4.0 - 2011.01.25 - -
Commtouch - 5.2.11.5 - 2011.01.25 - -
Comodo - 7493 - 2011.01.25 - -
DrWeb - 5.0.2.03300 - 2011.01.25 - -
Emsisoft - 5.1.0.1 - 2011.01.25 - -
eSafe - 7.0.17.0 - 2011.01.24 - -
eTrust-Vet - 36.1.8117 - 2011.01.24 - -
F-Prot - 4.6.2.117 - 2011.01.24 - -
F-Secure - 9.0.16160.0 - 2011.01.25 - -
Fortinet - 4.2.254.0 - 2011.01.24 - -
GData - 21 - 2011.01.25 - -
Ikarus - T3.1.1.97.0 - 2011.01.25 - -
Jiangmin - 13.0.900 - 2011.01.24 - -
K7AntiVirus - 9.78.3635 - 2011.01.24 - -
Kaspersky - 7.0.0.125 - 2011.01.25 - -
McAfee - 5.400.0.1158 - 2011.01.25 - -
McAfee-GW-Edition - 2010.1C - 2011.01.25 - -
Microsoft - 1.6502 - 2011.01.25 - -
NOD32 - 5815 - 2011.01.25 - -
Norman - 6.06.12 - 2011.01.25 - -
nProtect - 2011-01-18.01 - 2011.01.18 - -
Panda - 10.0.2.7 - 2011.01.24 - -
PCTools - 7.0.3.5 - 2011.01.25 - -
Prevx - 3.0 - 2011.01.25 - -
Rising - 23.42.00.06 - 2011.01.24 - -
Sophos - 4.61.0 - 2011.01.25 - -
SUPERAntiSpyware - 4.40.0.1006 - 2011.01.25 - -
Symantec - 20101.3.0.103 - 2011.01.25 - -
TheHacker - 6.7.0.1.119 - 2011.01.24 - -
TrendMicro - 9.120.0.1004 - 2011.01.25 - -
TrendMicro-HouseCall - 9.120.0.1004 - 2011.01.25 - -
VBA32 - 3.12.14.3 - 2011.01.24 - -
VIPRE - 8189 - 2011.01.25 - -
ViRobot - 2011.1.25.4274 - 2011.01.25 - -
VirusBuster - 13.6.162.0 - 2011.01.24 - -
File info:
MD5: 303af2ea4fd7a8b2ecfdbed0010557e6
SHA1: ff35b59cfd896c756d8d795635ad59b545b2056c
SHA256: 72a547d4bc60b1164b1837bdf404a60bb31dbfdde6b784c66e05b5b43dd53641
File size: 642560 bytes
Scan date: 2011-01-25 10:52:33 (UTC)

Ok,
0:vypnut,system volume information/restore (Obnova systému):po restarte ,zapnut.
http://www.viry.cz/forum/viewtopic.php?f=11&t=47040
1:premenuj ikonu combofixu na uninstall
spust>.combofix sa odinstaluje.
2:CCleaner stiahneme nainštalujeme.
a)Download from Piriform.com CCleaner
Download from FileHippo.com CCleaner
b)Všetky spustené programy,prehliadač zatvoríme.
c)Spustíme CCleaner,nastavenie necháme tak ako je.Stlačte gombík Analyzovať a po analýze stlačte Gombík Spustiť Cleaner.
d)Kliknite na záložku Aplikácie a stlačte gombík Analyzovať a po analýze stlačte Gombík Spustiť Cleaner.
e)Kliknite na Register,stlačte Hľadaj problémy, po dokončení skenování kliknite na Opraviť vybrané problémy, zvoľte ANO pre vytvorenie zálohy, uložte súbor a kliknite na Opraviť všetky problémy.

3:Odskusaj a napis ako sa chova pc.

tak jsem to udelal vse podle navodu notebook kdyz najede se chova celkem dobre ale furt se to dlouho najizdi uz si tu pripadam jak u486

Stiahnes>>OTMoveIt3 by OldTimer >.podla navodu vloz text a klik-Moveit>>log po restarte vloz sem

Kód: Vybrat vše

:processes
explorer.exe

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
ipconfig /flushdns /c 
:Commands 
[purity] 
[resethosts] 
[CreateRestorePoint] 
[emptytemp] 
[start explorer]
[Reboot]

log vloz sem.

do prikazoveho riadku zadaj prikaz chkdsk /f/r [enter]
suhlasis>>restart a nechaj aby chkdsk skontroloval hd.

Sprav defrag-pouzi program defraggler:
http://www.piriform.com/defraggler

a potom uvidime,napis.

ok jdu na to dekuji ze se mi venujes

All processes killed
Error: Unable to interpret <[emptytemp] > in the current context!
Error: Unable to interpret <[start explorer]> in the current context!
Error: Unable to interpret <[Reboot]> in the current context!

OTM by OldTimer - Version 3.1.17.2 log created on 01252011_130941

:Commands
Nespravne si skopiroval script,vsimni si pred Commands je dvoj bodka,skus to este raz.

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\ServiceProfiles\LocalService\AppData\Local\Temp\RAC389.tmp moved successfully.
C:\WINDOWS\temp\Cab8120.tmp moved successfully.
C:\WINDOWS\temp\Tar8131.tmp moved successfully.
< ipconfig /flushdns /c >
Konfigurace protokolu IP syst‚mu Windows
MezipamŘś pýekl d nˇ DNS byla ŁspŘçnŘ vypr zdnŘna.
C:\Users\JURA\Desktop\cmd.bat deleted successfully.
C:\Users\JURA\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTM Restore Point

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User

User: JURA
->Temp folder emptied: 578106 bytes
->Temporary Internet Files folder emptied: 7656491 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 289184 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 8,00 mb

OTM by OldTimer - Version 3.1.17.2 log created on 01252011_134953

Files moved on Reboot...

Registry entries deleted on Reboot...

VIRY.CZ

prosim o kontrolu logu.

prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.

Re: prosim o kontrolu logu.