VIRY.CZ

Zdravím,už mě to nebaví můj bratr (7 let) si zase hrál s počítačem uvažuji o zaheslování učtu zde je log z DDS protože mám 64bit.



DDS (Ver_09-12-01.01) - NTFSX64
Run by Lisacek at 12:16:26,59 on ne 03.01.2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.4095.2773 [GMT 1:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\Explorer.EXE
C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\ProgramData\Wyeke\wyeke129.exe
C:\Program Files (x86)\Xobni\XobniService.exe
C:\Program Files (x86)\Wyeke\wyeke.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Lisacek\Desktop\dds.pif
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.seznam.cz/
uLocal Page =
uDefault_Page_URL = hxxp://asus.msn.com
mLocal Page =
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files (x86)\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO: Pomocná služba pro přihlášení ke službě Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files (x86)\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files (x86)\windows live\toolbar\wltcore.dll
uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
uRun: [EA Core] "c:\program files (x86)\electronic arts\eadm\Core.exe" -silent
uRun: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
mRun: [MDS_Menu] "c:\program files (x86)\cyberlink\mediashowespresso\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\mediashowespresso" updatewithcreateonce "software\cyberlink\mediashow espresso\5.0"
mRun: [UpdatePDRShortCut] "c:\program files (x86)\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
mRun: [RemoteControl9] "c:\program files (x86)\cyberlink\powerdvd9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\program files (x86)\cyberlink\powerdvd9\language\Language.exe"
mRun: [UpdatePSTShortCut] "c:\program files (x86)\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [UpdateLBPShortCut] "c:\program files (x86)\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
mRun: [UpdateP2GoShortCut] "c:\program files (x86)\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files (x86)\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [HControlUser] c:\program files (x86)\asus\atk hotkey\HControlUser.exe
mRun: [ATKOSD2] c:\program files (x86)\asus\atkosd2\ATKOSD2.exe
mRun: [ATKMEDIA] c:\program files (x86)\asus\atk media\DMedia.exe
mRun: [GrooveMonitor] "c:\program files (x86)\microsoft office\office12\GrooveMonitor.exe"
mRun: [SunJavaUpdateSched] "c:\program files (x86)\java\jre6\bin\jusched.exe"
StartupFolder: c:\users\lisacek\appdata\roaming\micros~1\windows\startm~1\programs\startup\regist~1.lnk - c:\program files (x86)\ea games\need for speed undercover\support\EAregister.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\fancys~1.lnk - c:\windows\installer\{f0df4513-3c4c-4eb8-8012-2c5f70af3988}\_A1DDD39913A1970387B7B3.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\srspre~1.lnk - c:\windows\installer\{d42f84b6-3709-4a50-8502-6719d16ae6c8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~2\micros~1\office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files (x86)\icq6.5\ICQ.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: {830CEDDD-36D9-4C4A-8D80-417361BD6905} = 172.27.12.254,156.154.70.1
TCP: {C8E7A80F-042C-47A7-BEAD-8278147D1B03} = 172.27.12.254,156.154.70.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files (x86)\common files\lightscribe\LSRunOnce.exe"
{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun-x64: [ETDWare] c:\program files\elantech\ETDCtrl.exe
mRun-x64: [AmIcoSinglun64] c:\program files (x86)\amicosinglun\AmIcoSinglun64.exe
mRun-x64: [FortKnoxPersonalFirewall] "c:\program files (x86)\fortknox personal firewall\FortKnoxGUI.exe"
mRun-x64: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm

============= SERVICES / DRIVERS ===============

R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2009-10-20 15928]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 59904]
R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-10-20 359552]
R2 ASMMAP64;ASMMAP64;c:\program files\atkgfnex\ASMMAP64.sys [2009-10-20 14904]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\x86\ekrn.exe [2009-11-16 735960]
R2 epfwwfpr;epfwwfpr;c:\windows\system32\drivers\epfwwfpr.sys [2009-11-16 123200]
R2 FastBootAgent;FastBootAgent;c:\windows\syswow64\fast boot\FastBootAgent.exe [2009-10-20 306232]
R2 Wyeke Service;Wyeke Service;c:\programdata\wyeke\wyeke129.exe [2010-1-3 58712]
R2 XobniService;XobniService;c:\program files (x86)\xobni\XobniService.exe [2009-10-12 46824]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2009-10-20 35104]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2009-7-9 140800]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x64.sys [2009-9-4 62464]
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit;c:\windows\system32\drivers\NETw5s64.sys [2009-9-15 6952960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2009-6-26 83488]
S2 gupdate1ca807ac59d5734;Služba Google Update (gupdate1ca807ac59d5734);c:\program files (x86)\google\update\GoogleUpdate.exe [2009-12-19 133104]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2009-12-16 61280]
S3 fsssvc;Služba Windows Live Zabezpečení rodiny;c:\program files (x86)\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 NETw1v64;Intel(R) Wireless WiFi Link 1000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\drivers\NETw1v64.sys [2009-7-20 7058432]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\drivers\SiSG664.sys [2009-6-10 56832]
S3 StorSvc;Služba úložiště;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]

=============== Created Last 30 ================

2010-01-03 10:51:05 0 d-----w- c:\program files (x86)\RKCutterBanker
2010-01-03 10:42:41 0 d-----w- c:\programdata\Wyeke
2010-01-03 10:42:41 0 d-----w- c:\program files (x86)\Wyeke
2010-01-03 10:26:00 0 d-----w- c:\programdata\Winferno
2010-01-03 10:21:17 0 d-----w- c:\program files (x86)\Free Offers from Freeze.com
2010-01-03 10:21:13 516832 ----a-w- c:\windows\syswow64\CapiCom.dll
2010-01-02 11:56:16 411368 ----a-w- c:\windows\syswow64\deploytk.dll
2010-01-02 11:08:27 34064 ----a-w- c:\windows\syswow64\lhacm.acm
2010-01-02 11:07:39 0 d-----w- c:\program files (x86)\Teamspeak2_RC2
2010-01-02 10:05:13 0 d-----w- c:\users\lisacek\MBAM
2010-01-02 08:05:33 56 ---ha-w- c:\programdata\ezsidmv.dat
2010-01-01 17:57:25 0 d-----w- C:\Games
2010-01-01 17:33:31 0 d-----w- C:\_OTL
2010-01-01 15:06:26 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-01-01 08:41:20 0 d-----w- c:\users\lisacek\HIJACKTHIS
2010-01-01 08:35:51 77976 ----a-w- c:\windows\system32\drivers\pctNdis64.sys
2009-12-31 15:37:23 0 d-----w- c:\users\lisacek\SHAUN WHITE SNOWBOARDING
2009-12-31 14:28:41 199 ----a-w- C:\DARE.INI
2009-12-31 09:13:51 69 ----a-w- c:\users\lisacek\jagex_runescape_preferences2.dat
2009-12-31 09:12:58 39 ----a-w- c:\users\lisacek\jagex_runescape_preferences.dat
2009-12-31 09:12:49 0 d-----w- C:\.jagex_cache_32
2009-12-29 10:18:15 0 d-----w- c:\program files (x86)\common files\Steam
2009-12-29 10:18:14 0 d-----w- c:\program files (x86)\Steam
2009-12-28 22:43:01 0 d-----w- c:\program files\ESET
2009-12-28 22:16:29 0 d-----w- c:\users\lisacek\appdata\roaming\ESET
2009-12-28 13:48:26 0 d-----w- C:\Xobni
2009-12-28 12:58:50 293 ----a-w- c:\windows\game.ini
2009-12-27 21:36:00 0 d-----w- c:\users\lisacek\ADVANCED SYSTEMCARE 3
2009-12-27 21:34:31 0 d-----w- c:\users\lisacek\UTORRENT
2009-12-27 21:33:38 0 d-----w- c:\users\lisacek\ADOBE READER 9
2009-12-27 21:33:00 0 d-----w- c:\users\lisacek\PikPick
2009-12-27 20:22:19 226688 ------w- c:\windows\system32\MpSigStub.exe
2009-12-27 20:00:56 0 d-----r- c:\program files (x86)\Skype
2009-12-27 19:55:05 0 d-----w- c:\program files (x86)\ICQ6.5
2009-12-27 18:51:50 1471654 ----a-w- c:\windows\syswow64\PerfStringBackup.INI
2009-12-27 18:51:32 0 d-----w- c:\program files (x86)\Xobni
2009-12-27 18:50:49 0 d-----w- c:\users\lisacek\appdata\roaming\Trillian
2009-12-27 17:19:40 0 d-----w- c:\users\lisacek\PICPICK
2009-12-27 14:29:00 0 d-----w- c:\users\lisacek\PASSWORDS
2009-12-27 13:07:57 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2009-12-27 13:07:57 467984 ----a-w- c:\windows\syswow64\d3dx10_39.dll
2009-12-27 13:07:57 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2009-12-27 13:07:57 1493528 ----a-w- c:\windows\syswow64\D3DCompiler_39.dll
2009-12-27 13:07:55 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-12-27 13:07:55 3851784 ----a-w- c:\windows\syswow64\D3DX9_39.dll
2009-12-25 13:23:08 0 d-----w- c:\program files (x86)\IObit
2009-12-25 07:22:57 0 d-----w- c:\users\lisacek\appdata\roaming\IObit
2009-12-24 19:56:56 0 d-----w- c:\users\lisacek\COD MW2 MP
2009-12-24 08:14:41 0 d-----w- c:\users\lisacek\FRAPS
2009-12-24 08:09:22 0 d-----w- c:\programdata\Lavasoft
2009-12-23 19:03:15 0 ----a-w- c:\windows\syswow64\SM.lock
2009-12-23 18:53:07 0 d-----w- c:\programdata\Spybot - Search & Destroy
2009-12-23 18:32:16 0 d-----w- c:\users\lisacek\appdata\roaming\Malwarebytes
2009-12-23 18:32:09 0 d-----w- c:\programdata\Malwarebytes
2009-12-23 18:32:08 22104 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-23 10:52:43 0 d-----w- C:\Fraps
2009-12-20 20:52:00 0 d-----w- c:\programdata\FLEXnet
2009-12-20 20:45:54 0 d-----w- c:\program files (x86)\Bonjour
2009-12-20 20:43:09 0 d-----w- c:\windows\syswow64\spool
2009-12-20 20:40:40 0 d-----w- c:\program files (x86)\common files\Macrovision Shared
2009-12-20 20:36:20 0 d-----w- c:\users\lisacek\Adobe Photoshop CS3
2009-12-20 20:16:57 0 d-----w- c:\windows\syswow64\Nexus Radio
2009-12-20 20:16:57 0 d-----w- c:\program files (x86)\Nexus Radio
2009-12-20 20:16:57 0 d-----w- C:\My Saved Files
2009-12-20 20:16:57 0 d-----w- C:\My Recorded Files
2009-12-20 16:52:21 0 d-----w- c:\users\lisacek\appdata\roaming\Ubisoft
2009-12-20 16:52:21 0 d-----w- c:\programdata\Ubisoft
2009-12-17 14:49:35 178800 ----a-w- c:\windows\syswow64\CmdLineExt_x64.dll
2009-12-17 14:08:32 0 d-----w- c:\program files (x86)\Rockstar Games
2009-12-17 12:11:11 0 d-----w- c:\windows\syswow64\AGEIA
2009-12-17 12:10:50 0 d-----w- c:\program files (x86)\common files\Wise Installation Wizard
2009-12-16 19:38:07 0 d-----w- c:\users\lisacek\GTA IV
2009-12-16 19:02:14 61280 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2009-12-13 19:55:25 0 d-----w- c:\programdata\Nero
2009-12-13 10:09:22 0 d-----w- c:\users\lisacek\appdata\roaming\Allstar
2009-12-12 19:53:16 0 d-----w- c:\program files (x86)\Microsoft WSE
2009-12-12 08:49:48 0 d-----w- c:\users\lisacek\ATUBE CATCHER
2009-12-12 08:49:30 0 d-----w- c:\users\lisacek\CCLEANER
2009-12-12 08:49:08 0 d-----w- c:\users\lisacek\COD2 SP A MP
2009-12-12 08:48:12 0 d-----w- c:\users\lisacek\EA DOWNLOAD MANAGER
2009-12-12 08:47:56 0 d-----w- c:\users\lisacek\GAMEPARK
2009-12-12 08:41:00 0 d-----w- c:\program files (x86)\Lavalys
2009-12-11 13:46:43 0 dc-h--w- c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2009-12-11 13:22:45 0 d-----w- c:\programdata\Electronic Arts
2009-12-11 13:21:00 662 ----a-w- c:\windows\syswow64\ealregsnapshot1.reg
2009-12-10 06:25:15 5958656 ----a-w- c:\windows\syswow64\mshtml.dll
2009-12-10 06:25:14 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll
2009-12-06 10:16:41 214520 ----a-w- c:\windows\syswow64\PnkBstrB.xtr
2009-12-05 18:12:58 0 d-----w- c:\program files (x86)\GamePark
2009-12-05 15:28:19 839680 ----a-w- c:\windows\syswow64\mkl_vml_p4.dll
2009-12-05 15:28:19 532480 ----a-w- c:\windows\syswow64\mkl_vml_p3.dll
2009-12-05 15:28:19 512000 ----a-w- c:\windows\syswow64\mkl_vml_def.dll
2009-12-05 15:28:18 872448 ----a-w- c:\windows\syswow64\rapture3d_oal.dll
2009-12-05 15:28:18 3485696 ----a-w- c:\windows\syswow64\mkl_p4.dll
2009-12-05 15:28:18 2793472 ----a-w- c:\windows\syswow64\mkl_p3.dll
2009-12-05 15:28:18 2441216 ----a-w- c:\windows\syswow64\mkl_def.dll
2009-12-05 15:28:18 2174976 ----a-w- c:\windows\syswow64\mkl_lapack32.dll
2009-12-05 15:28:18 2125824 ----a-w- c:\windows\syswow64\mkl_lapack64.dll
2009-12-05 15:28:18 184320 ----a-w- c:\windows\syswow64\libguide40.dll
2009-12-05 15:28:16 0 d-----w- c:\program files (x86)\BRS
2009-12-05 15:27:51 0 d-----w- c:\program files (x86)\OpenAL
2009-12-05 12:29:26 0 d-sh--w- c:\windows\ftpcache
2009-12-05 09:45:14 73728 ----a-w- c:\windows\syswow64\vbzlib1.dll
2009-12-05 09:45:14 124688 ----a-w- c:\windows\syswow64\MSWINSCK.OCX
2009-12-05 09:36:15 0 d-----w- c:\windows\syswow64\Adobe

==================== Find3M ====================

2010-01-03 09:52:18 214520 ----a-w- c:\windows\syswow64\PnkBstrB.exe
2010-01-02 11:56:07 149280 ----a-w- c:\windows\syswow64\javaws.exe
2010-01-02 11:56:06 145184 ----a-w- c:\windows\syswow64\javaw.exe
2010-01-02 11:56:06 145184 ----a-w- c:\windows\syswow64\java.exe
2009-12-27 18:51:51 625914 ----a-w- c:\windows\system32\perfh005.dat
2009-12-27 18:51:51 120000 ----a-w- c:\windows\system32\perfc005.dat
2009-12-19 08:21:51 75064 ----a-w- c:\windows\syswow64\PnkBstrA.exe
2009-12-11 17:11:31 2250024 ----a-w- c:\windows\syswow64\pbsvc.exe
2009-12-09 16:33:32 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2009-12-09 16:33:32 445016 ----a-w- c:\windows\syswow64\wrap_oal.dll
2009-12-09 16:33:32 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2009-12-09 16:33:32 109144 ----a-w- c:\windows\syswow64\OpenAL32.dll
2009-12-01 12:39:32 868848 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-30 17:02:40 171144 ----a-w- c:\windows\syswow64\xliveinstall.dll
2009-11-30 17:02:38 72840 ----a-w- c:\windows\syswow64\xliveinstallhost.exe
2009-11-28 20:23:08 737280 ----a-w- c:\windows\iun6002.exe
2009-11-16 08:07:10 123200 ----a-w- c:\windows\system32\drivers\epfwwfpr.sys
2009-11-16 08:03:42 136584 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56:16 145336 ----a-w- c:\windows\system32\drivers\eamon.sys
2009-11-07 22:25:36 86016 ----a-w- c:\windows\syswow64\frapsvid.dll
2009-11-07 22:25:34 84992 ----a-w- c:\windows\system32\frapsv64.dll
2009-11-06 09:59:54 15406728 ----a-w- c:\windows\syswow64\xlive.dll
2009-11-06 09:59:54 13642888 ----a-w- c:\windows\syswow64\xlivefnt.dll
2009-10-29 07:48:16 2048 ----a-w- c:\windows\system32\tzres.dll
2009-10-29 07:22:37 2048 ----a-w- c:\windows\syswow64\tzres.dll
2009-10-20 16:51:07 520192 ----a-w- c:\windows\syswow64\Asus_Camera_ScreenSaver.scr
2009-10-20 16:51:07 4814371 ----a-w- c:\windows\ASUS Camera ScreenSaver.exe
2009-10-20 16:51:07 47672 ----a-w- c:\windows\AsScrProlog.exe
2009-10-20 16:51:07 281144 ----a-w- c:\windows\ASUS Camera ScreenSaver Uninstaller.exe
2009-10-20 16:51:03 3054136 ----a-w- c:\windows\AsScrPro.exe
2009-10-20 16:25:07 29480 ----a-w- c:\windows\syswow64\msxml3a.dll
2009-10-20 16:25:06 505128 ----a-w- c:\windows\syswow64\msvcp71.dll
2009-10-20 16:25:06 353576 ----a-w- c:\windows\syswow64\msvcr71.dll
2009-08-03 21:13:18 36232 ----a-w- c:\windows\inf\perflib\0405\perfd.dat
2009-08-03 21:13:18 36232 ----a-w- c:\windows\inf\perflib\0405\perfc.dat
2009-08-03 21:13:18 292004 ----a-w- c:\windows\inf\perflib\0405\perfi.dat
2009-08-03 21:13:18 292004 ----a-w- c:\windows\inf\perflib\0405\perfh.dat
2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini
2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-04-08 17:31:56 106496 ----a-w- c:\program files (x86)\common files\CPInstallAction.dll
2008-08-12 04:45:20 155648 ----a-w- c:\program files (x86)\common files\MSIactionall.dll
2008-05-22 15:35:54 51962 ----a-w- c:\program files (x86)\common files\banner.jpg
2007-06-12 16:34:50 35822 ----a-w- c:\program files (x86)\common files\ASPG_icon.ico
2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe

============= FINISH: 12:17:55,37 ===============

Udělejte sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Nevěděl jsem jestli mám udělat kompletní log a nebo projet jen systémáky tak sem dal rychlou kontrolu



Malwarebytes' Anti-Malware 1.43
Verze databáze: 3477
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

3.1.2010 12:48:35
mbam-log-2010-01-03 (12-48-35).txt

Typ kontroly: Rychlá kontrola
Zkontrolované objekty: 98673
Uplynulý čas: 2 minute(s), 54 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

Pokud máte důvodné podezření, že máte v PC vir, proveďte kompletní kontrolu. Předložený log je čistý.

Opět je tam keylogger sakra takže tady je log z kompletního skenu



Malwarebytes' Anti-Malware 1.43
Verze databáze: 3477
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

3.1.2010 14:28:45
mbam-log-2010-01-03 (14-28-40).txt

Typ kontroly: Kompletní kontrola (C:\|E:\|)
Zkontrolované objekty: 269509
Uplynulý čas: 37 minute(s), 7 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wyeke (Adware.Agent) -> No action taken.

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
C:\Program Files (x86)\Wyeke\uninstall.exe (Adware.Agent) -> No action taken.
C:\_OTL\MovedFiles\01012010_183331\C_Windows\SysWow64\28463\AKV.exe (PUP.ArdamaxKeyLogger) -> No action taken.

Položky smažte.

Ok odstranil jsem je ještě něco potřeba?

Pokud se PC chová korektně, mělo by to být vše.

Ted už ano děkuji.

Nemáte zač!