VIRY.CZ

Zdravim, mam problem s virom luhe.gen.d.. AVG mi sem tam hadze hlasenia, ze sa nasla tato hrozba a "odstrani" ju, avsak stale sa to opakuje.
Nasiel som uz aj v registroch, ze skodlivy subor, ktory mi avgcko pravidelne odstranuje je:

wokgffs"=regsvr32.exe D:\Documents and Settings\All Users\Application Data\wokgffs.dat

No neviem ako ho mam odstranit, kedze v zlozke nic take nevidim. Dalej prikladam log z RSITu pre kompletny prehlad:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Peter at 2014-07-09 20:57:23
Microsoft Windows XP Home Edition Service Pack 2
System drive D: has 753 MB (12%) free of 6 GB
Total RAM: 1023 MB (8% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:57:36, on 9. 7. 2014
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
c:\Avenger\avgrsx.exe
C:\Avenger\avgcsrvx.exe
D:\WINDOWS\system32\csrss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\RTHDCPL.EXE
C:\Avenger\avgui.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\EXPERTool\TBPanel.exe
C:\Avenger\avgfws.exe
C:\Avenger\avgidsagent.exe
C:\Avenger\avgwdsvc.exe
D:\WINDOWS\System32\alg.exe
C:\Avenger\avgnsx.exe
C:\Avenger\avgemcx.exe
C:\Avenger\avgcsrvx.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Downloads\RSIT.exe
D:\WINDOWS\system32\wbem\wmiprvse.exe
D:\Program Files\trend micro\Peter.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AVG_UI] "C:\Avenger\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GAINWARD] D:\Program Files\EXPERTool\TBPanel.exe /A
O4 - HKCU\..\Run: [wokgffs] regsvr32.exe "D:\Documents and Settings\All Users\Application Data\wokgffs.dat"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {F0320816-41D9-49DD-B2F3-8E7B0AE32796} (AFCStarter Control) -
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Avenger\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Avenger\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Avenger\avgwdsvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe

--
End of file - 3684 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2010-03-16 110696]
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2010-03-16 13670504]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2013-10-04 20145368]
"IMJPMIG8.1"=D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-02-28 208952]
"MSPY2002"=D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2006-02-28 59392]
"PHIME2002ASync"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"PHIME2002A"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"AVG_UI"=C:\Avenger\avgui.exe [2014-06-17 5179408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2006-02-28 15360]
"GAINWARD"=D:\Program Files\EXPERTool\TBPanel.exe [2010-03-12 2181744]
"wokgffs"=regsvr32.exe D:\Documents and Settings\All Users\Application Data\wokgffs.dat []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Games\thrones.exe"="C:\Program Files\Microsoft Games\thrones.exe:*:Enabled:Rise of Nations"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe"="C:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Disabled:Opera Internet Browser"
"C:\Program Files\Activision\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe"="C:\Program Files\Activision\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer"
"C:\Avenger\avgmfapx.exe"="C:\Avenger\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"
"C:\Avenger\avgnsx.exe"="C:\Avenger\avgnsx.exe:*:Enabled:Webový štít"
"C:\Avenger\avgdiagex.exe"="C:\Avenger\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Avenger\avgemcx.exe"="C:\Avenger\avgemcx.exe:*:Enabled:Všeobecná kontrola pošty"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-07-09 20:57:24 ----D---- D:\Program Files\trend micro
2014-07-09 20:57:23 ----D---- D:\rsit
2014-07-08 14:35:16 ----N---- D:\WINDOWS\system32\spmsgXP_2k3.dll
2014-07-08 14:35:12 ----HDC---- D:\WINDOWS\$NtUninstallWdf01007$
2014-07-08 14:35:04 ----A---- D:\WINDOWS\system32\WdfCoInstaller01007.dll
2014-07-08 14:35:04 ----A---- D:\WINDOWS\system32\drivers\ANDROIDUSB.sys
2014-07-08 14:34:48 ----D---- D:\Program Files\Spirent Communications
2014-07-08 14:34:48 ----D---- D:\Program Files\HTC
2014-07-08 14:20:10 ----A---- D:\WINDOWS\system32\drivers\usbccgp.sys
2014-06-28 20:08:18 ----D---- D:\WINDOWS\system32\LogFiles
2014-06-27 19:11:15 ----D---- D:\Documents and Settings\Peter\Application Data\AVG
2014-06-27 19:01:30 ----SHD---- D:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-27 19:01:26 ----D---- D:\Documents and Settings\All Users\Application Data\AVG
2014-06-27 18:46:30 ----D---- D:\Documents and Settings\Peter\Application Data\AVG2014
2014-06-27 18:45:03 ----D---- D:\Documents and Settings\Peter\Application Data\TuneUp Software
2014-06-27 18:44:16 ----HD---- D:\$AVG
2014-06-27 18:44:15 ----D---- D:\Documents and Settings\All Users\Application Data\AVG2014
2014-06-27 18:40:31 ----HD---- D:\Documents and Settings\All Users\Application Data\Common Files
2014-06-27 18:40:31 ----D---- D:\Documents and Settings\All Users\Application Data\MFAData
2014-06-18 13:31:45 ----D---- D:\Documents and Settings\Peter\Application Data\Nero
2014-06-18 13:30:19 ----D---- D:\Documents and Settings\All Users\Application Data\Nero
2014-06-17 16:22:02 ----A---- D:\WINDOWS\system32\drivers\avgldx86.sys
2014-06-17 16:21:22 ----A---- D:\WINDOWS\system32\drivers\avgtdix.sys
2014-06-17 16:18:00 ----A---- D:\WINDOWS\system32\drivers\avglogx.sys
2014-06-17 16:17:58 ----A---- D:\WINDOWS\system32\drivers\avgidshx.sys
2014-06-17 16:17:56 ----A---- D:\WINDOWS\system32\drivers\avgidsdriverlx.sys
2014-06-17 16:06:38 ----A---- D:\WINDOWS\system32\drivers\avgdiskx.sys
2014-06-17 16:06:24 ----A---- D:\WINDOWS\system32\drivers\avgmfx86.sys
2014-06-17 16:06:22 ----A---- D:\WINDOWS\system32\drivers\avgrkx86.sys
2014-06-17 16:06:20 ----A---- D:\WINDOWS\system32\drivers\avgidsshimx.sys

======List of files/folders modified in the last 1 month======

2014-07-09 20:57:24 ----RD---- D:\Program Files
2014-07-09 20:56:40 ----D---- D:\WINDOWS\Prefetch
2014-07-09 20:54:06 ----D---- D:\WINDOWS\Temp
2014-07-09 09:38:11 ----D---- D:\WINDOWS\system32
2014-07-09 09:38:11 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2014-07-09 09:34:17 ----D---- D:\WINDOWS
2014-07-09 09:34:14 ----D---- D:\WINDOWS\system32\CatRoot2
2014-07-09 01:17:49 ----A---- D:\WINDOWS\SchedLgU.Txt
2014-07-08 14:40:25 ----HD---- D:\WINDOWS\inf
2014-07-08 14:35:22 ----D---- D:\WINDOWS\system32\drivers
2014-07-08 14:35:21 ----SHD---- D:\WINDOWS\Installer
2014-07-08 14:35:07 ----DC---- D:\WINDOWS\system32\DRVSTORE
2014-07-08 14:20:26 ----RSHDC---- D:\WINDOWS\system32\dllcache
2014-07-03 23:50:02 ----D---- D:\Documents and Settings\Peter\Application Data\uTorrent
2014-06-28 07:30:43 ----SD---- D:\Documents and Settings\Peter\Application Data\Microsoft
2014-06-27 21:13:42 ----D---- D:\Program Files\MyPC Backup
2014-06-27 19:39:09 ----D---- D:\WINDOWS\SoftwareDistribution
2014-06-27 19:35:27 ----SD---- D:\WINDOWS\Tasks
2014-06-27 19:11:37 ----D---- D:\WINDOWS\system32\config
2014-06-27 19:07:42 ----D---- D:\Program Files\Common Files
2014-06-19 14:32:28 ----D---- D:\Program Files\Mozilla Maintenance Service
2014-06-18 13:30:16 ----D---- D:\WINDOWS\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; D:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; D:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; D:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-06-17 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; D:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R0 SiSide;SiSide; D:\WINDOWS\system32\DRIVERS\siside.sys [2003-03-25 4096]
R0 sisidex;sisidex; D:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; D:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R1 Avgdiskx;AVG Disk Driver; D:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-17 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; D:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-06-17 190232]
R1 AVGIDSShim;AVGIDSShim; D:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; D:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; D:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; D:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-01-26 243128]
R1 intelppm;Intel Processor Driver; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-02-28 36096]
R2 TBPanel;TBPanel; D:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 Avgfwdx;Avgfwdx; D:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-02-28 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2013-11-05 5589720]
R3 mouhid;Mouse HID Driver; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-03-29 10232352]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; D:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2006-12-20 41600]
R3 usbstor;USB Mass Storage Driver; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-02-28 26496]
S3 Ambfilt;Ambfilt; D:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Avgfwfd;AVG network filter service; D:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
S3 Cardex;Cardex; \??\D:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 FXDrv32;FXDrv32; \??\J:\FXDrv32.sys []
S3 HTCAND32;HTC Device Driver; D:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 Monfilt;Monfilt; D:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 usbaudio;USB Audio Driver (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 Wdf01000;Kernel Mode Driver Frameworks service; D:\WINDOWS\System32\Drivers\wdf01000.sys [2008-01-19 503144]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avgfws;AVG Firewall; C:\Avenger\avgfws.exe [2014-06-17 1417160]
R2 AVGIDSAgent;AVGIDSAgent; C:\Avenger\avgidsagent.exe [2014-06-27 3241488]
R2 avgwd;AVG WatchDog; C:\Avenger\avgwdsvc.exe [2014-06-17 289328]
R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2010-03-16 154216]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-18 119408]

-----------------EOF-----------------

Dakujem za pomoc.

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

EDIT1: Teraz, po restarte mi vyskocilo okno s textom:

RegSvr32
LoadLibrary("D:\Documents and Settings\All Users\Application Data\wokgffs.dat")failed - The specified module could not be found.

# AdwCleaner v3.215 - Report created 09/07/2014 at 21:29:40
# Updated 09/07/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Peter - ADMIN-33171B7F7
# Running from : D:\Documents and Settings\Peter\Desktop\adwcleaner_3.215.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : D:\Program Files\MyPC Backup
Folder Deleted : D:\DOCUME~1\Peter\LOCALS~1\Temp\OCS
File Deleted : D:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\ciqdd1bm.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\OCS

***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.2180

-\\ Mozilla Firefox v30.0 (sk)

[ File : D:\Documents and Settings\Peter\Application Data\Mozilla\Firefox\Profiles\ciqdd1bm.default\prefs.js ]

-\\ Google Chrome v

[ File : D:\Documents and Settings\Peter\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1543 octets] - [09/07/2014 21:28:12]
AdwCleaner[S0].txt - [1467 octets] - [09/07/2014 21:29:40]

########## EOF - D:\AdwCleaner\AdwCleaner[S0].txt - [1527 octets] ##########

Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Peter at 2014-07-09 22:16:50
Microsoft Windows XP Home Edition Service Pack 2
System drive D: has 754 MB (12%) free of 6 GB
Total RAM: 1023 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:17:04, on 9. 7. 2014
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
c:\Avenger\avgrsx.exe
C:\Avenger\avgcsrvx.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\RTHDCPL.EXE
C:\Avenger\avgui.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\EXPERTool\TBPanel.exe
C:\Avenger\avgfws.exe
C:\Avenger\avgidsagent.exe
C:\Avenger\avgwdsvc.exe
C:\Avenger\avgnsx.exe
C:\Avenger\avgemcx.exe
C:\Avenger\avgcsrvx.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wuauclt.exe
C:\Downloads\RSIT.exe
D:\Program Files\trend micro\Peter.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AVG_UI] "C:\Avenger\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GAINWARD] D:\Program Files\EXPERTool\TBPanel.exe /A
O4 - HKCU\..\Run: [wokgffs] regsvr32.exe "D:\Documents and Settings\All Users\Application Data\wokgffs.dat"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {F0320816-41D9-49DD-B2F3-8E7B0AE32796} (AFCStarter Control) -
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Avenger\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Avenger\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Avenger\avgwdsvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe

--
End of file - 3385 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2010-03-16 110696]
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2010-03-16 13670504]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2013-10-04 20145368]
"IMJPMIG8.1"=D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-02-28 208952]
"MSPY2002"=D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2006-02-28 59392]
"PHIME2002ASync"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"PHIME2002A"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"AVG_UI"=C:\Avenger\avgui.exe [2014-06-17 5179408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2006-02-28 15360]
"GAINWARD"=D:\Program Files\EXPERTool\TBPanel.exe [2010-03-12 2181744]
"wokgffs"=regsvr32.exe D:\Documents and Settings\All Users\Application Data\wokgffs.dat []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Games\thrones.exe"="C:\Program Files\Microsoft Games\thrones.exe:*:Enabled:Rise of Nations"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe"="C:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Disabled:Opera Internet Browser"
"C:\Program Files\Activision\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe"="C:\Program Files\Activision\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer"
"C:\Avenger\avgmfapx.exe"="C:\Avenger\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"
"C:\Avenger\avgnsx.exe"="C:\Avenger\avgnsx.exe:*:Enabled:Webový štít"
"C:\Avenger\avgdiagex.exe"="C:\Avenger\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Avenger\avgemcx.exe"="C:\Avenger\avgemcx.exe:*:Enabled:Všeobecná kontrola pošty"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-07-09 21:33:19 ----D---- D:\WINDOWS\pss
2014-07-09 21:28:37 ----A---- D:\WINDOWS\system32\sqlite3.dll
2014-07-09 21:28:09 ----D---- D:\AdwCleaner
2014-07-09 20:57:24 ----D---- D:\Program Files\trend micro
2014-07-09 20:57:23 ----D---- D:\rsit
2014-07-08 14:35:16 ----N---- D:\WINDOWS\system32\spmsgXP_2k3.dll
2014-07-08 14:35:12 ----HDC---- D:\WINDOWS\$NtUninstallWdf01007$
2014-07-08 14:35:04 ----A---- D:\WINDOWS\system32\WdfCoInstaller01007.dll
2014-07-08 14:35:04 ----A---- D:\WINDOWS\system32\drivers\ANDROIDUSB.sys
2014-07-08 14:34:48 ----D---- D:\Program Files\Spirent Communications
2014-07-08 14:34:48 ----D---- D:\Program Files\HTC
2014-07-08 14:20:10 ----A---- D:\WINDOWS\system32\drivers\usbccgp.sys
2014-06-28 20:08:18 ----D---- D:\WINDOWS\system32\LogFiles
2014-06-27 19:11:15 ----D---- D:\Documents and Settings\Peter\Application Data\AVG
2014-06-27 19:01:30 ----SHD---- D:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-27 19:01:26 ----D---- D:\Documents and Settings\All Users\Application Data\AVG
2014-06-27 18:46:30 ----D---- D:\Documents and Settings\Peter\Application Data\AVG2014
2014-06-27 18:45:03 ----D---- D:\Documents and Settings\Peter\Application Data\TuneUp Software
2014-06-27 18:44:16 ----HD---- D:\$AVG
2014-06-27 18:44:15 ----D---- D:\Documents and Settings\All Users\Application Data\AVG2014
2014-06-27 18:40:31 ----HD---- D:\Documents and Settings\All Users\Application Data\Common Files
2014-06-27 18:40:31 ----D---- D:\Documents and Settings\All Users\Application Data\MFAData
2014-06-18 13:31:45 ----D---- D:\Documents and Settings\Peter\Application Data\Nero
2014-06-18 13:30:19 ----D---- D:\Documents and Settings\All Users\Application Data\Nero
2014-06-17 16:22:02 ----A---- D:\WINDOWS\system32\drivers\avgldx86.sys
2014-06-17 16:21:22 ----A---- D:\WINDOWS\system32\drivers\avgtdix.sys
2014-06-17 16:18:00 ----A---- D:\WINDOWS\system32\drivers\avglogx.sys
2014-06-17 16:17:58 ----A---- D:\WINDOWS\system32\drivers\avgidshx.sys
2014-06-17 16:17:56 ----A---- D:\WINDOWS\system32\drivers\avgidsdriverlx.sys
2014-06-17 16:06:38 ----A---- D:\WINDOWS\system32\drivers\avgdiskx.sys
2014-06-17 16:06:24 ----A---- D:\WINDOWS\system32\drivers\avgmfx86.sys
2014-06-17 16:06:22 ----A---- D:\WINDOWS\system32\drivers\avgrkx86.sys
2014-06-17 16:06:20 ----A---- D:\WINDOWS\system32\drivers\avgidsshimx.sys

======List of files/folders modified in the last 1 month======

2014-07-09 22:12:37 ----D---- D:\WINDOWS\Temp
2014-07-09 21:36:48 ----D---- D:\WINDOWS\system32
2014-07-09 21:36:48 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2014-07-09 21:33:29 ----D---- D:\WINDOWS\Prefetch
2014-07-09 21:33:19 ----D---- D:\WINDOWS
2014-07-09 21:32:54 ----D---- D:\WINDOWS\system32\CatRoot2
2014-07-09 21:30:39 ----A---- D:\WINDOWS\SchedLgU.Txt
2014-07-09 21:29:43 ----RD---- D:\Program Files
2014-07-08 14:40:25 ----HD---- D:\WINDOWS\inf
2014-07-08 14:35:22 ----D---- D:\WINDOWS\system32\drivers
2014-07-08 14:35:21 ----SHD---- D:\WINDOWS\Installer
2014-07-08 14:35:07 ----DC---- D:\WINDOWS\system32\DRVSTORE
2014-07-08 14:20:26 ----RSHDC---- D:\WINDOWS\system32\dllcache
2014-07-03 23:50:02 ----D---- D:\Documents and Settings\Peter\Application Data\uTorrent
2014-06-28 07:30:43 ----SD---- D:\Documents and Settings\Peter\Application Data\Microsoft
2014-06-27 19:39:09 ----D---- D:\WINDOWS\SoftwareDistribution
2014-06-27 19:35:27 ----SD---- D:\WINDOWS\Tasks
2014-06-27 19:11:37 ----D---- D:\WINDOWS\system32\config
2014-06-27 19:07:42 ----D---- D:\Program Files\Common Files
2014-06-19 14:32:28 ----D---- D:\Program Files\Mozilla Maintenance Service
2014-06-18 13:30:16 ----D---- D:\WINDOWS\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; D:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; D:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; D:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-06-17 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; D:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R0 SiSide;SiSide; D:\WINDOWS\system32\DRIVERS\siside.sys [2003-03-25 4096]
R0 sisidex;sisidex; D:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; D:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R1 Avgdiskx;AVG Disk Driver; D:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-17 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; D:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-06-17 190232]
R1 AVGIDSShim;AVGIDSShim; D:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; D:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; D:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; D:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-01-26 243128]
R1 intelppm;Intel Processor Driver; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-02-28 36096]
R2 TBPanel;TBPanel; D:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 Avgfwdx;Avgfwdx; D:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-02-28 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2013-11-05 5589720]
R3 mouhid;Mouse HID Driver; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-03-29 10232352]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; D:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2006-12-20 41600]
R3 usbstor;USB Mass Storage Driver; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-02-28 26496]
S3 Ambfilt;Ambfilt; D:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Avgfwfd;AVG network filter service; D:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
S3 Cardex;Cardex; \??\D:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 FXDrv32;FXDrv32; \??\J:\FXDrv32.sys []
S3 HTCAND32;HTC Device Driver; D:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 Monfilt;Monfilt; D:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 usbaudio;USB Audio Driver (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 Wdf01000;Kernel Mode Driver Frameworks service; D:\WINDOWS\System32\Drivers\wdf01000.sys [2008-01-19 503144]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avgfws;AVG Firewall; C:\Avenger\avgfws.exe [2014-06-17 1417160]
R2 AVGIDSAgent;AVGIDSAgent; C:\Avenger\avgidsagent.exe [2014-06-27 3241488]
R2 avgwd;AVG WatchDog; C:\Avenger\avgwdsvc.exe [2014-06-17 289328]
R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2010-03-16 154216]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-18 119408]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
D:\Documents and Settings\All Users\Application Data\wokgffs.dat
J:\FXDrv32.sys

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"wokgffs"=-

:services
FXDrv32

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Peter at 2014-07-09 22:59:09
Microsoft Windows XP Home Edition Service Pack 2
System drive D: has 1 GB (23%) free of 6 GB
Total RAM: 1023 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:59:15, on 9. 7. 2014
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
c:\Avenger\avgrsx.exe
C:\Avenger\avgcsrvx.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
C:\Avenger\avgfws.exe
C:\Avenger\avgidsagent.exe
C:\Avenger\avgwdsvc.exe
C:\Avenger\avgnsx.exe
C:\Avenger\avgemcx.exe
C:\Avenger\avgcsrvx.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\RTHDCPL.EXE
C:\Avenger\avgui.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\EXPERTool\TBPanel.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\wuauclt.exe
C:\Downloads\RSIT.exe
D:\Program Files\trend micro\Peter.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [AVG_UI] "C:\Avenger\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GAINWARD] D:\Program Files\EXPERTool\TBPanel.exe /A
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {F0320816-41D9-49DD-B2F3-8E7B0AE32796} (AFCStarter Control) -
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Avenger\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Avenger\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Avenger\avgwdsvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe

--
End of file - 3309 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"=D:\WINDOWS\system32\NvMcTray.dll [2010-03-16 110696]
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2010-03-16 13670504]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2013-10-04 20145368]
"IMJPMIG8.1"=D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2006-02-28 208952]
"MSPY2002"=D:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2006-02-28 59392]
"PHIME2002ASync"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"PHIME2002A"=D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2006-02-28 455168]
"AVG_UI"=C:\Avenger\avgui.exe [2014-06-17 5179408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=D:\WINDOWS\system32\ctfmon.exe [2006-02-28 15360]
"GAINWARD"=D:\Program Files\EXPERTool\TBPanel.exe [2010-03-12 2181744]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Games\thrones.exe"="C:\Program Files\Microsoft Games\thrones.exe:*:Enabled:Rise of Nations"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe"="C:\Program Files\Steam\steamapps\common\dota 2 beta\dota.exe:*:Enabled:Dota 2"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Disabled:Opera Internet Browser"
"C:\Program Files\Activision\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe"="C:\Program Files\Activision\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer"
"C:\Avenger\avgmfapx.exe"="C:\Avenger\avgmfapx.exe:*:Enabled:Inštalátor produktu AVG"
"C:\Avenger\avgnsx.exe"="C:\Avenger\avgnsx.exe:*:Enabled:Webový štít"
"C:\Avenger\avgdiagex.exe"="C:\Avenger\avgdiagex.exe:*:Enabled:AVG Diagnostika 2014"
"C:\Avenger\avgemcx.exe"="C:\Avenger\avgemcx.exe:*:Enabled:Všeobecná kontrola pošty"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2014-07-09 22:54:33 ----D---- D:\_OTM
2014-07-09 21:33:19 ----D---- D:\WINDOWS\pss
2014-07-09 21:28:37 ----A---- D:\WINDOWS\system32\sqlite3.dll
2014-07-09 21:28:09 ----D---- D:\AdwCleaner
2014-07-09 20:57:24 ----D---- D:\Program Files\trend micro
2014-07-09 20:57:23 ----D---- D:\rsit
2014-07-08 14:35:16 ----N---- D:\WINDOWS\system32\spmsgXP_2k3.dll
2014-07-08 14:35:12 ----HDC---- D:\WINDOWS\$NtUninstallWdf01007$
2014-07-08 14:35:04 ----A---- D:\WINDOWS\system32\WdfCoInstaller01007.dll
2014-07-08 14:35:04 ----A---- D:\WINDOWS\system32\drivers\ANDROIDUSB.sys
2014-07-08 14:34:48 ----D---- D:\Program Files\Spirent Communications
2014-07-08 14:34:48 ----D---- D:\Program Files\HTC
2014-07-08 14:20:10 ----A---- D:\WINDOWS\system32\drivers\usbccgp.sys
2014-06-28 20:08:18 ----D---- D:\WINDOWS\system32\LogFiles
2014-06-27 19:11:15 ----D---- D:\Documents and Settings\Peter\Application Data\AVG
2014-06-27 19:01:30 ----SHD---- D:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-06-27 19:01:26 ----D---- D:\Documents and Settings\All Users\Application Data\AVG
2014-06-27 18:46:30 ----D---- D:\Documents and Settings\Peter\Application Data\AVG2014
2014-06-27 18:45:03 ----D---- D:\Documents and Settings\Peter\Application Data\TuneUp Software
2014-06-27 18:44:16 ----HD---- D:\$AVG
2014-06-27 18:44:15 ----D---- D:\Documents and Settings\All Users\Application Data\AVG2014
2014-06-27 18:40:31 ----HD---- D:\Documents and Settings\All Users\Application Data\Common Files
2014-06-27 18:40:31 ----D---- D:\Documents and Settings\All Users\Application Data\MFAData
2014-06-18 13:31:45 ----D---- D:\Documents and Settings\Peter\Application Data\Nero
2014-06-18 13:30:19 ----D---- D:\Documents and Settings\All Users\Application Data\Nero
2014-06-17 16:22:02 ----A---- D:\WINDOWS\system32\drivers\avgldx86.sys
2014-06-17 16:21:22 ----A---- D:\WINDOWS\system32\drivers\avgtdix.sys
2014-06-17 16:18:00 ----A---- D:\WINDOWS\system32\drivers\avglogx.sys
2014-06-17 16:17:58 ----A---- D:\WINDOWS\system32\drivers\avgidshx.sys
2014-06-17 16:17:56 ----A---- D:\WINDOWS\system32\drivers\avgidsdriverlx.sys
2014-06-17 16:06:38 ----A---- D:\WINDOWS\system32\drivers\avgdiskx.sys
2014-06-17 16:06:24 ----A---- D:\WINDOWS\system32\drivers\avgmfx86.sys
2014-06-17 16:06:22 ----A---- D:\WINDOWS\system32\drivers\avgrkx86.sys
2014-06-17 16:06:20 ----A---- D:\WINDOWS\system32\drivers\avgidsshimx.sys

======List of files/folders modified in the last 1 month======

2014-07-09 22:59:09 ----D---- D:\WINDOWS\system32\CatRoot2
2014-07-09 22:58:45 ----D---- D:\WINDOWS\Prefetch
2014-07-09 22:58:40 ----D---- D:\WINDOWS\Temp
2014-07-09 22:55:49 ----A---- D:\WINDOWS\SchedLgU.Txt
2014-07-09 22:55:32 ----D---- D:\WINDOWS\system32
2014-07-09 22:55:32 ----D---- D:\WINDOWS
2014-07-09 21:36:48 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2014-07-09 21:29:43 ----RD---- D:\Program Files
2014-07-08 14:40:25 ----HD---- D:\WINDOWS\inf
2014-07-08 14:35:22 ----D---- D:\WINDOWS\system32\drivers
2014-07-08 14:35:21 ----SHD---- D:\WINDOWS\Installer
2014-07-08 14:35:07 ----DC---- D:\WINDOWS\system32\DRVSTORE
2014-07-08 14:20:26 ----RSHDC---- D:\WINDOWS\system32\dllcache
2014-07-03 23:50:02 ----D---- D:\Documents and Settings\Peter\Application Data\uTorrent
2014-06-28 07:30:43 ----SD---- D:\Documents and Settings\Peter\Application Data\Microsoft
2014-06-27 19:39:09 ----D---- D:\WINDOWS\SoftwareDistribution
2014-06-27 19:35:27 ----SD---- D:\WINDOWS\Tasks
2014-06-27 19:11:37 ----D---- D:\WINDOWS\system32\config
2014-06-27 19:07:42 ----D---- D:\Program Files\Common Files
2014-06-19 14:32:28 ----D---- D:\Program Files\Mozilla Maintenance Service
2014-06-18 13:30:16 ----D---- D:\WINDOWS\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; D:\WINDOWS\system32\DRIVERS\avgidshx.sys [2014-06-17 147736]
R0 Avglogx;AVG Logging Driver; D:\WINDOWS\system32\DRIVERS\avglogx.sys [2014-06-17 241944]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; D:\WINDOWS\system32\DRIVERS\avgmfx86.sys [2014-06-17 98584]
R0 Avgrkx86;AVG Anti-Rootkit Driver; D:\WINDOWS\system32\DRIVERS\avgrkx86.sys [2014-06-17 27416]
R0 SiSide;SiSide; D:\WINDOWS\system32\DRIVERS\siside.sys [2003-03-25 4096]
R0 sisidex;sisidex; D:\WINDOWS\system32\drivers\sisidex.sys [2002-10-17 49024]
R0 sisperf;Add Performance Filter Driver; D:\WINDOWS\system32\drivers\sisperf.sys [2002-08-20 9472]
R1 Avgdiskx;AVG Disk Driver; D:\WINDOWS\system32\DRIVERS\avgdiskx.sys [2014-06-17 121624]
R1 AVGIDSDriverl;AVGIDSDriverl; D:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys [2014-06-17 190232]
R1 AVGIDSShim;AVGIDSShim; D:\WINDOWS\system32\DRIVERS\avgidsshimx.sys [2014-06-17 21272]
R1 Avgldx86;AVG AVI Loader Driver; D:\WINDOWS\system32\DRIVERS\avgldx86.sys [2014-06-17 188696]
R1 Avgtdix;AVG TDI Driver; D:\WINDOWS\system32\DRIVERS\avgtdix.sys [2014-06-17 197400]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; D:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2014-01-26 243128]
R1 intelppm;Intel Processor Driver; D:\WINDOWS\system32\DRIVERS\intelppm.sys [2006-02-28 36096]
R2 TBPanel;TBPanel; D:\WINDOWS\system32\drivers\TBPanel.sys [2007-03-16 12256]
R3 Avgfwdx;Avgfwdx; D:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-02-28 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2013-11-05 5589720]
R3 mouhid;Mouse HID Driver; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-03-29 10232352]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; D:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2006-12-20 41600]
R3 usbstor;USB Mass Storage Driver; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2006-02-28 26496]
S3 Ambfilt;Ambfilt; D:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Avgfwfd;AVG network filter service; D:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2012-01-12 30944]
S3 Cardex;Cardex; \??\D:\WINDOWS\system32\drivers\TBPANEL.SYS []
S3 HTCAND32;HTC Device Driver; D:\WINDOWS\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 Monfilt;Monfilt; D:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 usbaudio;USB Audio Driver (WDM); D:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 Wdf01000;Kernel Mode Driver Frameworks service; D:\WINDOWS\System32\Drivers\wdf01000.sys [2008-01-19 503144]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avgfws;AVG Firewall; C:\Avenger\avgfws.exe [2014-06-17 1417160]
R2 AVGIDSAgent;AVGIDSAgent; C:\Avenger\avgidsagent.exe [2014-06-27 3241488]
R2 avgwd;AVG WatchDog; C:\Avenger\avgwdsvc.exe [2014-06-17 289328]
R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2010-03-16 154216]
S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-18 119408]

-----------------EOF-----------------

Dvouklikem na soubor D:\Program Files\trend micro\Peter.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O16 - DPF: {F0320816-41D9-49DD-B2F3-8E7B0AE32796} (AFCStarter Control) -

Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Protože na diku je stále málo volného místa, přesuňte některá vaše data na jiné úložiště, příp. odinstalujte nepoužívané programy.

Myslite uvolnit viac miesta na D:? Ja som vytvoril tu particiu len na windows a nic ine tam ani nie je, cize neviem ako ju mam viac uvolnit, kedze vsetky program instalujem na C: , kde mam este 7GB+ miesta.

Predtym som ju skusal zvacsit no dopadlo to tak, ze som musel formatovat disk.

System drive D: has 1 GB (23%) free of 6 GB

To je zatraceně málo, XP na swapování potřebuje alespoň 3GB. Navíc systému chybí SP3.

A ako by som ju mohol zvacsit? Formatovat velmi nechcem, kedze nemam ziadny externy hdd na zalohu.

slovak125 píše:A ako by som ju mohol zvacsit? Formatovat velmi nechcem, kedze nemam ziadny externy hdd na zalohu.

Pak si ho budete muset buď pořídit, nebo data vypálit na opt. disk. 6GB je pro WinXP nesmyslně malý.

Okej, skusim to nejak poriesit. Mozem pokladat vsetko ostatne v logu v poriadku, ano?

Inak, dakujem za pomoc s tym virom, dufam, ze uz nic podobne nechytim.

Log je v pořádku, takže lze předpokládat, že PC je čistý. Nemáte zač!

VIRY.CZ

Odstranenie Luhe.Gen.d

Odstranenie Luhe.Gen.d

Re: Odstranenie Luhe.Gen.d

Re: Odstranenie Luhe.Gen.d

Re: Odstranenie Luhe.Gen.d

Re: Odstranenie Luhe.Gen.d

Re: Odstranenie Luhe.Gen.d

Re: Odstranenie Luhe.Gen.d

Re: Odstranenie Luhe.Gen.d

Re: Odstranenie Luhe.Gen.d

Re: Odstranenie Luhe.Gen.d

Re: Odstranenie Luhe.Gen.d

Re: Odstranenie Luhe.Gen.d

Re: Odstranenie Luhe.Gen.d

Re: Odstranenie Luhe.Gen.d