VIRY.CZ

Ahoj potreboval bi som pomôcť odstrániť facebok vírus čo mám robiť?
ďakujem

Dobré odpoledne ,

pro začátek vložte log z RSIT podle návodu zde : http://www.viry.cz/forum/viewtopic.php?f=13&t=105895.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Jozef Plencner at 2011-08-24 12:55:10
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 48 GB (48%) free of 100 GB
Total RAM: 2038 MB (71% free)


======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\Norton Security Scan for Jozef Plencner.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Jozef Plencner\Application Data\Mozilla\Firefox\Profiles\hq6qdqcb.default

prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
npnul32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

C:\Documents and Settings\Jozef Plencner\Application Data\Mozilla\Firefox\Profiles\hq6qdqcb.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-09-22 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B291E6C-9A74-4034-971B-A4B007A0B315}]
RadioBar Toolbar - C:\Program Files\RadioBar\toolbar.ni.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5B291E6C-9A74-4034-971B-A4B007A0B315} - RadioBar Toolbar - C:\Program Files\RadioBar\toolbar.ni.dll []
{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DVDVideoSoftTB Toolbar - C:\Program Files\DVDVideoSoftTB\prxtbDVD0.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072]
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2008-02-13 16857600]
"Alcmtr"=C:\windows\ALCMTR.EXE [2005-05-03 69632]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-01-16 37376]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"wxpdrv"= []
"tray_ico"= []
"tray_ico0"=C:\WINDOWS\update.tray-2-0\svchost.exe []
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"6696650.exe"=C:\DOCUME~1\JOZEFP~1\LOCALS~1\Temp\6696650.exe []
"sysdriver32.exe"=C:\windows\sysdriver32.exe [2011-07-25 261632]
"sysdriver32_.exe"=C:\windows\sysdriver32_.exe rezerv []
"861353.exe"=C:\WINDOWS\TEMP\861353.exe []
"systemup"=C:\windows\systemup.exe stand []
"l1rezerv.exe"=C:\windows\l1rezerv.exe [2011-07-23 235520]
"84657743-loader2.exe"=C:\windows\TEMP\84657743-loader2.exe []
"29860788-loader2.exe"=C:\windows\TEMP\29860788-loader2.exe []
"75547469-loader2.exe"=C:\DOCUME~1\JOZEFP~1\LOCALS~1\Temp\75547469-loader2.exe []
"2251945.exe"=C:\windows\TEMP\2251945.exe []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
"1174109.exe"=C:\windows\TEMP\1174109.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-01-24 2289664]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\daemon.exe [2007-12-29 486856]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-06-15 15141768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2007-12-19 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-07-09 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"EnableSecureUIAPaths"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"I:\NeroExpress\Installation\Setupx.exe"="I:\NeroExpress\Installation\Setupx.exe:*:Enabled:Nero ProductSetup"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\Truck_Racing_By_Renault_Trucks\Bin\RTR.exe"="C:\Program Files\Truck_Racing_By_Renault_Trucks\Bin\RTR.exe:*:Enabled:Truck Racing by Renault Trucks"
"C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2Network.exe"="C:\Program Files\Codemasters\Colin McRae Rally 2\CMR2Network.exe:*:Enabled:Colin McRae Rally 2"
"C:\Program Files\SEGA\SEGA Rally\SEGA Rally.exe"="C:\Program Files\SEGA\SEGA Rally\SEGA Rally.exe:*:Enabled:SEGA Rally"
"C:\Program Files\SEGA\SEGA Rally\SEGA Rally_SSE1.exe"="C:\Program Files\SEGA\SEGA Rally\SEGA Rally_SSE1.exe:*:Enabled:SEGA Rally"
"D:\Iné\VegSrv90.exe"="D:\Iné\VegSrv90.exe:*:Enabled:Sony Vegas Network Render Service Control"
"C:\Program Files\Valve\hltv.exe"="C:\Program Files\Valve\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Program Files\Counter-Strike 1.6\cstrike.exe"="C:\Program Files\Counter-Strike 1.6\cstrike.exe:*:Enabled:Counter-Strike Launcher"
"D:\New GAME\Activision Value\Snowboarding Championship 2004\Snowboard.exe"="D:\New GAME\Activision Value\Snowboarding Championship 2004\Snowboard.exe:*:Enabled:Snowboard"
"C:\Program Files\Buka\Codemasters\Colin McRae Rally 2.0\CMR2.exe"="C:\Program Files\Buka\Codemasters\Colin McRae Rally 2.0\CMR2.exe:*:Enabled:Colin McRae Rally 2"
"C:\Program Files\Colin McRae Rally 4 v1.1\cmr4.exe"="C:\Program Files\Colin McRae Rally 4 v1.1\cmr4.exe:*:Enabled:Colin McRae Rally 04 Application"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe"="C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"C:\Program Files\TDK\World Racing\WR_Multiplayer_Lounge.exe"="C:\Program Files\TDK\World Racing\WR_Multiplayer_Lounge.exe:*:Enabled:WR_Multiplayer_Lounge"
"C:\Program Files\Counter-Strike 1.6\hlds.exe"="C:\Program Files\Counter-Strike 1.6\hlds.exe:*:Enabled:HLDS Launcher"
"C:\Program Files\Counter-Strike Source\hl2.exe"="C:\Program Files\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Downloads\Flash-Player.exe"="D:\Downloads\Flash-Player.exe:*:Enabled:D:\Downloads\Flash-Player.exe"
"C:\WINDOWS\update.1\svchost.exe"="C:\WINDOWS\update.1\svchost.exe:*:Enabled:C:\WINDOWS\update.1\svchost.exe"
"C:\WINDOWS\services32.exe"="C:\WINDOWS\services32.exe:*:Enabled:C:\WINDOWS\services32.exe"
"C:\WINDOWS\update.tray-2-0\svchost.exe"="C:\WINDOWS\update.tray-2-0\svchost.exe:*:Enabled:C:\WINDOWS\update.tray-2-0\svchost.exe"
"C:\WINDOWS\update.2\svchost.exe"="C:\windows\update.2\svchost.exe:*:Enabled:C:\windows\update.2\svchost.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe"="C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Windows Explorer"
"C:\WINDOWS\systemup.exe"="C:\WINDOWS\systemup.exe:*:Enabled:systemup"
"C:\WINDOWS\l1rezerv.exe"="C:\WINDOWS\l1rezerv.exe:*:Enabled:l1rezerv"
"C:\WINDOWS\update.tray-2-0-lnk\svchost.exe"="C:\WINDOWS\update.tray-2-0-lnk\svchost.exe:*:Disabled:svchost"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Google\Update\GoogleUpdate.exe"="C:\Program Files\Google\Update\GoogleUpdate.exe:*:Disabled:Inštalačný program Google"
"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe:*:Enabled:Malwarebytes' Anti-Malware"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll

======List of files/folders created in the last 1 month======

2011-08-24 12:55:11 ----D---- C:\Program Files\trend micro
2011-08-24 12:55:10 ----D---- C:\rsit
2011-08-24 00:51:55 ----HDC---- C:\windows\$NtUninstallKB2570791$
2011-08-22 14:04:25 ----D---- C:\Program Files\ESET
2011-08-22 14:04:25 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2011-08-21 11:46:16 ----D---- C:\Documents and Settings\Jozef Plencner\Application Data\Malwarebytes
2011-08-21 11:46:11 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2011-08-21 10:45:45 ----D---- C:\Documents and Settings\Jozef Plencner\Application Data\Help
2011-08-19 13:17:24 ----HD---- C:\windows\update.7.1
2011-08-11 15:02:23 ----HDC---- C:\windows\$NtUninstallKB2567680$
2011-08-11 15:01:42 ----HDC---- C:\windows\$NtUninstallKB2536276-v2$
2011-08-11 15:01:23 ----HDC---- C:\windows\$NtUninstallKB2570222$
2011-08-11 15:00:54 ----HDC---- C:\windows\$NtUninstallKB2566454$
2011-08-11 15:00:50 ----HDC---- C:\windows\$NtUninstallKB2562937$
2011-07-26 01:23:53 ----D---- C:\windows\RegisteredPackages
2011-07-26 01:23:24 ----A---- C:\windows\system32\psisdecd.dll
2011-07-26 01:23:24 ----A---- C:\windows\system32\drivers\wstcodec.sys
2011-07-26 01:23:24 ----A---- C:\windows\system32\drivers\streamip.sys
2011-07-26 01:23:24 ----A---- C:\windows\system32\drivers\slip.sys
2011-07-26 01:23:24 ----A---- C:\windows\system32\drivers\ndisip.sys
2011-07-26 01:23:24 ----A---- C:\windows\system32\drivers\nabtsfec.sys
2011-07-26 01:23:24 ----A---- C:\windows\system32\drivers\msdv.sys
2011-07-26 01:23:24 ----A---- C:\windows\system32\drivers\mpe.sys
2011-07-26 01:23:24 ----A---- C:\windows\system32\drivers\ccdecode.sys
2011-07-26 01:23:24 ----A---- C:\windows\system32\drivers\bdasup.sys
2011-07-26 01:23:23 ----A---- C:\windows\system32\drivers\mstee.sys
2011-07-26 01:23:19 ----A---- C:\windows\system32\dxdllreg.exe
2011-07-26 01:15:49 ----A---- C:\windows\CoDUO.INI
2011-07-25 23:06:44 ----A---- C:\windows\nsreg.dat
2011-07-25 23:06:40 ----D---- C:\Documents and Settings\Jozef Plencner\Application Data\Mozilla
2011-07-25 00:14:16 ----D---- C:\Program Files\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2011-08-24 12:55:18 ----D---- C:\windows\Prefetch
2011-08-24 12:55:16 ----D---- C:\windows\Temp
2011-08-24 12:55:11 ----RD---- C:\Program Files
2011-08-24 12:54:50 ----D---- C:\Documents and Settings\Jozef Plencner\Application Data\Skype
2011-08-24 12:54:17 ----A---- C:\windows\NeroDigital.ini
2011-08-24 12:50:13 ----D---- C:\Documents and Settings\Jozef Plencner\Application Data\PriceGong
2011-08-24 12:45:14 ----A---- C:\windows\iplist.txt
2011-08-24 10:44:39 ----D---- C:\WINDOWS
2011-08-24 00:59:06 ----A---- C:\windows\SchedLgU.Txt
2011-08-24 00:58:59 ----SHD---- C:\Config.Msi
2011-08-24 00:58:57 ----SHD---- C:\windows\Installer
2011-08-24 00:57:25 ----RSD---- C:\windows\assembly
2011-08-24 00:51:57 ----D---- C:\windows\system32
2011-08-24 00:51:55 ----HD---- C:\windows\inf
2011-08-23 20:09:42 ----D---- C:\windows\system32\CatRoot2
2011-08-23 20:06:15 ----HD---- C:\windows\update.2
2011-08-23 19:44:07 ----D---- C:\windows\system32\drivers
2011-08-22 13:25:50 ----HD---- C:\windows\update.tray-2-0
2011-08-22 13:24:35 ----HD---- C:\windows\update.1
2011-08-22 13:10:01 ----A---- C:\windows\iecheck_iplist.txt
2011-08-22 00:53:41 ----A---- C:\windows\ddh_iplist.txt
2011-08-20 13:38:02 ----A---- C:\windows\system.ini
2011-08-20 12:13:38 ----A---- C:\windows\winlog-ids.txt
2011-08-20 12:13:38 ----A---- C:\windows\winlog-dirs.txt
2011-08-11 15:07:11 ----D---- C:\windows\Microsoft.NET
2011-08-11 15:03:40 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-08-11 15:03:31 ----D---- C:\windows\WinSxS
2011-08-11 15:02:25 ----RSHDC---- C:\windows\system32\dllcache
2011-08-11 15:02:18 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2011-08-11 15:01:41 ----HD---- C:\windows\$hf_mig$
2011-08-11 15:01:16 ----N---- C:\windows\system32\MRT.exe
2011-08-11 15:01:09 ----D---- C:\Program Files\Internet Explorer
2011-08-07 17:07:15 ----D---- C:\Documents and Settings\All Users\Application Data\Sony
2011-08-07 17:05:39 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-28 15:48:54 ----D---- C:\Program Files\Common Files\Adobe
2011-07-28 15:42:50 ----D---- C:\Program Files\Managed DirectX (0900)
2011-07-28 13:47:26 ----A---- C:\windows\system32\OggDSuninst.exe
2011-07-27 11:53:15 ----D---- C:\windows\system32\drivers\etc
2011-07-27 10:17:33 ----D---- C:\Program Files\Call of Duty
2011-07-26 16:07:57 ----A---- C:\windows\Translator 2005.INI
2011-07-26 13:31:49 ----HD---- C:\windows\update.5.0
2011-07-26 01:57:36 ----D---- C:\Documents and Settings\Jozef Plencner\Application Data\Adobe
2011-07-26 01:57:35 ----D---- C:\windows\system32\Macromed
2011-07-26 01:57:35 ----D---- C:\Documents and Settings\Jozef Plencner\Application Data\Macromedia
2011-07-26 01:23:17 ----D---- C:\windows\system32\DirectX
2011-07-25 23:14:51 ----D---- C:\Program Files\Adobe
2011-07-25 20:42:26 ----A---- C:\windows\btc_client_iplist.txt
2011-07-25 17:17:44 ----A---- C:\windows\system32\mshtml.dll
2011-07-25 16:21:21 ----A---- C:\windows\sysdriver32.exe
2011-07-25 12:30:57 ----D---- C:\windows\av_ico
2011-07-25 00:10:24 ----D---- C:\Documents and Settings\Jozef Plencner\Application Data\go



Ďakujem za skorú odpoveď

Stáhněte MBAM a vložte sem jeho log podle návodu zde, při výběru skenu zvolte Úplný sken.

Zatím nic nemažte, MBAM může mít falešné detekce!

Je tu problém po nainštalovaní MBAM sa aktualizuje a potom sa zobrazí program, dám úplnú kontrolu vyberiem moje pevné disky (t.j. C,D,) a potom sa asi vypočítava kontrola 1,3,6 sek a potom sa okno z ničoho nič zavrie. Neviem čo mám robiť potom kliknem na ikonku na ploche ktorá nejde a tak isto ani na mojom paneli úloh sa nenachádza. ďakujem

Stáhněte a spusťte OTM, do okna vlevo vložte následující skript a klikněte na tlačítko MoveIt! Po restartu se otevře log, ten sem prosím vložte.

Po restartu sa žiaden log neotvoril čo mám robiť alebo kde ho mám hľadať ? ďakujem

Zkuste se podívat do složky C:\_OTM\MovedFiles, měl by tam být soubor s koncovkou .log

C:\_OTM\MovedFiles\08242011_144339 priečinok je prázdny .....našiel som ale v tom priečinku sa nenachádza žiaden súbor s koncovkou log. Ako mám ďalej pokračovať som zúfalý

Zkuste OTM ještě jednou se stejným skriptem.

Nejde to !!! kliknem na Movelt a okno zmizne a ďalej sa už nič nedeje a súbor kde má byť ten log. tak tam nič nieje. Čo mám s tým robiť ako to odinštalujem alebo vymažem z môjho PC ?? Pretože to nejde vraj sa program používa

Restartujte PC do nouzového režimu (při startu mačkejte F8 a z nabídky vyberte Režim nouze s prací v síti) a zkuste aplikovat OTM tam.

Robí to to isté čo v normálnom režime tak aj v núdzovom !! preste to nejde

Pozor! Tato utilita má velkou schopnost mazat a její použití je určeno výhradně členům týmu tohoto fóra. Svévolné použití může vést ke zboření a reinstalaci systému

Stáhněte ComboFix a uložte jej na Plochu.

Vypněte všechny rezidentní štíty antivirů a všechny programy běžící na pozadí.
Spusťte ComboFix s administrátorským oprávněním.
Potvrďte licenční podmínky a případně i instalaci konzoly pro zotavení
Během skenu nechte počítač naprosto v klidu.
Sken trvá zhruba 15 minut, ale doba se může lišit v závislosti na stavu systému
Po dokončení skenu se zobrazí log (pokud by se neotevřel, lze jej nalézt na systémovém disku jako ComboFix.txt), obsah logu vložte sem
ComboFixu si do dalšího pokynu nevšímejte