VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

jak smazu tenhle vir?

https://forum.viry.cz:443/viewtopic.php?t=96774

Stránka 1 z 1

jak smazu tenhle vir?

Napsal: 25 led 2010 23:19
od maxwell100
Ahoj all, poradili byste mi pls jak odstranit jeden vir?? stahl jsem si keygen a ten byl zavirovany a blokl mi to, ze si nemuzu zmenit tapetu plochy. popis: dam vlastnosti/plocha -> mam tam nazev vsech tapet na pozadi a dole pod tema schematama je soubor .tmp o velikosti 0 kb
skousel jsem ho odstranit nasledovne: najel jsem si do C:\Documents and Settings\maxwell\Local Settings\Temp
a tam je soubor JET91DF.tmp , ktery nesmazu ani kdybych se po...., nevite nekdo nejaky trik, jak tohoto skuce smazat?

Re: jak smazu tenhle vir?

Napsal: 25 led 2010 23:22
od Unlimited_Killer
Bohužel věštit z věštecké koule zatím neumíme. :)
Takže...

~~~

Stáhněte a uložte na Plochu RSIT.
Spusťte, nechte v rolovacím menu '1 month' a klikněte na 'Continue'.
Vyčkejte několik vteřin, než se vygeneruje log se jménem log.txt
(pokud nebude log vygenerován, naleznete jej v C:\rsit\log.txt).
Obsah tohoto logu vložte do svého příspěvku.

Re: jak smazu tenhle vir?

Napsal: 25 led 2010 23:27
od maxwell100
Logfile of random's system information tool 1.06 (written by random/random)
Run by maxwell at 2010-01-25 23:25:28
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 130 GB (43%) free of 305 GB
Total RAM: 2046 MB (66% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
Yahoo! Companion BHO - C:\Program Files\Yahoo!\Companion\Installs\cpn2\ycomp5_6_2_0.dll [2005-04-22 328275]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-11-04 54248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-15 1218000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31c7d459-9cc3-44f2-9dca-fc11795309b4}]
IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2009-10-22 1171760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e8de9422-3b2c-4243-bf6f-235da84d8ef8}]
Brothersoft Toolbar - C:\Program Files\Brothersoft\tbBrot.dll [2009-11-09 2331672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-08-16 962808]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{31c7d459-9cc3-44f2-9dca-fc11795309b4} - IObitCom Toolbar - C:\Program Files\IObitCom\tbIObi.dll [2009-10-01 2166296]
{D5D47440-0750-463D-BAEF-A47D02414806} - Centrum.cz Toolbar - C:\Program Files\CentrumczToolbar\IEToolbar.dll [2009-10-22 1171760]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2009-09-02 1175944]
{e8de9422-3b2c-4243-bf6f-235da84d8ef8} - Brothersoft Toolbar - C:\Program Files\Brothersoft\tbBrot.dll [2009-11-09 2331672]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2009-12-15 1218000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-09-03 16841216]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-11-20 110184]
"egui"=C:\programy\nod32\egui.exe [2009-09-29 2054360]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Explorer Options2"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Advanced SystemCare 3"=C:\programy\Advanced SystemCare 3\AWC.exe [2009-11-20 2335880]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]
"DAEMON Tools Lite"=C:\programy\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"Steam"=C:\programy\steam\Steam.exe [2010-01-07 1217808]
"SpywareTerminatorUpdate"=C:\programy\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-01-08 3037696]

C:\Documents and Settings\maxwell\Nabídka Start\Programy\Po spuštění
GIGABYTE VGA Utility.lnk - C:\Documents and Settings\maxwell\Data aplikací\Microsoft\Installer\{D27BDB5D-3B4C-44F0-A648-BD00B0E79B39}\Utility.exe2_D27BDB5D3B4C44F0A648BD00B0E79B39.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoSetActiveDesktop"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"HonorAutoRunSetting"=
"NoSetActiveDesktop"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\PC hry\Binaries\FFOW.exe"="C:\PC hry\Binaries\FFOW.exe:*:Enabled:Frontlines Game"
"C:\PC hry\football manager 2010\fm.exe"="C:\PC hry\football manager 2010\fm.exe:*:Enabled:Football Manager 2010"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\PC hry\gears of war\Binaries\WarGame-G4WLive.exe"="C:\PC hry\gears of war\Binaries\WarGame-G4WLive.exe:*:Enabled:Gears Of War"
"C:\PC hry\world of warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"="C:\PC hry\world of warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\PC hry\world of warcraft\Launcher.exe"="C:\PC hry\world of warcraft\Launcher.exe:*:Enabled:Launcher.exe"
"C:\programy\uTorrent.exe"="C:\programy\uTorrent.exe:*:Enabled:µTorrent"
"C:\PC hry\lucas arts\GameData\sweaw.exe"="C:\PC hry\lucas arts\GameData\sweaw.exe:*:Enabled:Star Wars: Empire at War"
"C:\PC hry\medal of honor\UnrealEngine3\Binaries\MOHA.exe"="C:\PC hry\medal of honor\UnrealEngine3\Binaries\MOHA.exe:*:Enabled:Medal of Honor Airborne"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8a2f6e4-f148-11de-9575-001a4df8e23e}]
shell\AutoRun\command - F:\autorun.exe


======List of files/folders created in the last 1 months======

2010-01-25 23:25:28 ----D---- C:\rsit
2010-01-25 23:25:28 ----D---- C:\Program Files\trend micro
2010-01-24 17:58:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-01-24 16:18:43 ----RHD---- C:\Documents and Settings\maxwell\Data aplikací\SecuROM
2010-01-24 16:03:28 ----D---- C:\WINDOWS\system32\AGEIA
2010-01-24 16:03:26 ----D---- C:\Program Files\AGEIA Technologies
2010-01-21 19:07:25 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml25A9.tmp
2010-01-21 19:06:45 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml2562.tmp
2010-01-21 19:06:04 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml24D2.tmp
2010-01-21 19:05:21 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml2491.tmp
2010-01-21 19:03:54 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml248C.tmp
2010-01-21 19:00:01 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml23FD.tmp
2010-01-21 18:59:21 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml23EF.tmp
2010-01-21 18:58:54 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml23EC.tmp
2010-01-21 18:58:35 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml23EB.tmp
2010-01-21 18:58:09 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml23EA.tmp
2010-01-13 20:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 20:58:50 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-10 10:21:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Blizzard Entertainment
2010-01-08 18:24:08 ----D---- C:\Program Files\Crawler
2010-01-08 18:24:02 ----D---- C:\Documents and Settings\maxwell\Data aplikací\Spyware Terminator
2010-01-08 18:24:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-01-08 17:55:03 ----D---- C:\zabava
2010-01-07 18:38:20 ----D---- C:\WINDOWS\system32\appmgmt
2010-01-07 17:44:20 ----A---- C:\WINDOWS\system32\mvastnet.dll
2010-01-02 22:04:12 ----A---- C:\WINDOWS\system32\d3dx9.dll
2010-01-02 22:04:12 ----A---- C:\WINDOWS\system32\D3DX81ab.dll
2010-01-02 22:03:39 ----D---- C:\Program Files\Brothersoft
2009-12-31 18:36:26 ----D---- C:\Documents and Settings\maxwell\Data aplikací\Petroglyph
2009-12-31 12:38:58 ----D---- C:\Program Files\Ask.com
2009-12-31 12:37:44 ----D---- C:\Documents and Settings\maxwell\Data aplikací\uTorrent
2009-12-30 19:22:28 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml39F.tmp
2009-12-30 19:22:28 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml39D.tmp
2009-12-30 19:22:27 ----A---- C:\Documents and Settings\All Users\Data aplikací\xml39B.tmp
2009-12-29 14:51:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-12-28 13:33:01 ----D---- C:\Program Files\Mozilla Firefox
2009-12-28 13:32:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\CentrumczToolbar
2009-12-28 13:32:50 ----D---- C:\Program Files\CentrumczToolbar
2009-12-28 12:14:18 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-28 12:05:22 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-28 12:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-28 11:42:09 ----D---- C:\Documents and Settings\maxwell\Data aplikací\Microsoft Games
2009-12-28 11:41:00 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2009-12-28 11:40:58 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2009-12-28 11:40:56 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2009-12-28 11:40:55 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2009-12-28 11:40:53 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2009-12-28 11:40:51 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2009-12-28 11:40:49 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2009-12-28 11:37:20 ----HD---- C:\WINDOWS\msdownld.tmp
2009-12-28 11:37:00 ----D---- C:\WINDOWS\system32\xlive
2009-12-28 11:24:00 ----D---- C:\WINDOWS\system32\XPSViewer
2009-12-28 11:23:55 ----D---- C:\Program Files\MSBuild
2009-12-28 11:23:53 ----D---- C:\WINDOWS\system32\en-US
2009-12-28 11:23:46 ----D---- C:\Program Files\Reference Assemblies
2009-12-28 11:22:59 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-12-28 11:22:59 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-12-28 11:22:59 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-12-28 11:22:58 ----D---- C:\WINDOWS\b9a6bfc9723a5ea6d56b
2009-12-28 11:09:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-12-28 11:09:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-12-28 11:09:03 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-12-28 11:08:56 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-12-28 11:08:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-12-28 11:08:41 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-12-28 11:08:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-12-28 11:08:29 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-12-28 11:08:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-28 11:08:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-12-28 11:08:08 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-12-28 11:08:02 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-12-28 11:07:57 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-12-28 11:07:17 ----D---- C:\WINDOWS\ie8updates
2009-12-28 11:07:04 ----D---- C:\WINDOWS\WBEM
2009-12-28 11:06:02 ----HDC---- C:\WINDOWS\ie8
2009-12-28 10:59:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-12-28 10:59:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-12-28 10:59:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-12-28 10:59:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-12-28 10:59:02 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-12-28 10:58:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-12-28 10:58:49 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-12-28 10:58:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-12-28 10:58:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-12-28 10:58:22 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-12-28 10:58:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-12-28 10:58:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-12-28 10:58:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-12-28 10:57:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-12-28 10:57:45 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-12-28 10:57:33 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-28 10:57:26 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-12-28 10:57:19 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-28 10:57:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-12-28 10:57:04 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-12-28 10:56:57 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-28 10:56:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-12-28 10:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-12-28 10:56:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-28 10:56:30 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-12-28 10:56:23 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-12-28 10:56:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-12-28 10:56:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-28 10:56:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2009-12-28 10:55:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-12-28 10:55:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-12-28 10:55:42 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-12-28 10:55:34 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-12-28 10:55:28 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-28 10:55:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-12-28 10:55:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-12-28 10:54:18 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-28 10:54:08 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-12-28 10:54:01 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-12-28 10:53:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-12-28 10:53:47 ----D---- C:\Program Files\MSXML 4.0
2009-12-28 10:53:37 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-12-28 10:53:30 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-12-28 10:53:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-12-28 10:53:15 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-12-28 10:53:09 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-28 10:32:39 ----D---- C:\WINDOWS\system32\PreInstall
2009-12-28 10:32:38 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-12-28 10:32:38 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-12-28 10:32:37 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-12-28 10:32:37 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-28 10:22:03 ----A---- C:\WINDOWS\system32\wups2.dll
2009-12-28 10:22:03 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-12-28 10:22:02 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-12-28 10:21:59 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-12-28 10:21:59 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-12-28 09:01:43 ----D---- C:\WINDOWS\Minidump
2009-12-27 21:09:39 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2009-12-27 20:47:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-27 20:41:38 ----D---- C:\Documents and Settings\maxwell\Data aplikací\AVG8
2009-12-27 20:04:55 ----A---- C:\WINDOWS\MBR.exe
2009-12-27 20:04:54 ----A---- C:\WINDOWS\NIRCMD.exe
2009-12-27 20:04:52 ----A---- C:\WINDOWS\zip.exe
2009-12-27 20:04:52 ----A---- C:\WINDOWS\SWREG.exe
2009-12-27 20:04:52 ----A---- C:\WINDOWS\PEV.exe
2009-12-27 20:04:51 ----A---- C:\WINDOWS\SWXCACLS.exe
2009-12-27 20:04:51 ----A---- C:\WINDOWS\SWSC.exe
2009-12-27 20:04:51 ----A---- C:\WINDOWS\sed.exe
2009-12-27 20:04:51 ----A---- C:\WINDOWS\grep.exe
2009-12-27 20:04:44 ----D---- C:\WINDOWS\ERDNT
2009-12-27 20:03:13 ----SD---- C:\ComboFix
2009-12-27 20:01:55 ----D---- C:\Qoobox
2009-12-27 19:36:01 ----RHD---- C:\AHCache
2009-12-27 10:19:30 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2009-12-27 10:19:28 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2009-12-27 10:19:27 ----A---- C:\WINDOWS\system32\pbsvc.exe
2009-12-27 10:19:26 ----D---- C:\WINDOWS\system32\LogFiles
2009-12-26 22:33:59 ----D---- C:\Program Files\Conduit
2009-12-26 22:33:54 ----D---- C:\Program Files\IObitCom
2009-12-26 22:33:26 ----D---- C:\Documents and Settings\maxwell\Data aplikací\IObit
2009-12-26 21:40:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2009-12-26 19:14:40 ----D---- C:\Documents and Settings\maxwell\Data aplikací\Nero
2009-12-26 19:02:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2009-12-26 19:02:24 ----D---- C:\Program Files\Common Files\Nero

======List of files/folders modified in the last 1 months======

2010-01-25 23:25:49 ----D---- C:\WINDOWS\Temp
2010-01-25 23:25:28 ----RD---- C:\Program Files
2010-01-25 22:58:53 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-24 22:56:26 ----HD---- C:\WINDOWS\inf
2010-01-24 22:56:26 ----D---- C:\WINDOWS
2010-01-24 18:13:22 ----D---- C:\Documents and Settings\maxwell\Data aplikací\ICQ
2010-01-24 17:51:13 ----D---- C:\programy
2010-01-24 16:20:49 ----A---- C:\WINDOWS\wincmd.ini
2010-01-24 16:16:23 ----SHD---- C:\WINDOWS\Installer
2010-01-24 16:04:37 ----D---- C:\WINDOWS\system32\DirectX
2010-01-24 16:04:09 ----D---- C:\PC hry
2010-01-24 16:03:28 ----D---- C:\WINDOWS\system32
2010-01-24 16:02:35 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-01-22 13:59:57 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-22 13:59:54 ----D---- C:\Program Files\Internet Explorer
2010-01-18 18:03:23 ----D---- C:\WINDOWS\system32\drivers
2010-01-17 16:43:22 ----RSD---- C:\WINDOWS\assembly
2010-01-17 13:50:07 ----D---- C:\WINDOWS\Debug
2010-01-16 11:04:11 ----D---- C:\WINDOWS\Prefetch
2010-01-13 21:22:18 ----D---- C:\WINDOWS\AppPatch
2010-01-08 19:10:00 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-04 18:58:01 ----D---- C:\Program Files\GIGABYTE
2010-01-01 21:02:08 ----D---- C:\WINDOWS\WinSxS
2010-01-01 14:43:35 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-31 14:30:18 ----D---- C:\Program Files\DAEMON Tools Toolbar
2009-12-31 12:39:01 ----SD---- C:\WINDOWS\Tasks
2009-12-30 17:01:37 ----SD---- C:\Documents and Settings\maxwell\Data aplikací\Microsoft
2009-12-29 14:53:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-29 14:51:45 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-29 09:53:11 ----D---- C:\Program Files\ICQ6.5
2009-12-28 13:34:01 ----D---- C:\Documents and Settings\maxwell\Data aplikací\Mozilla
2009-12-28 11:23:51 ----RSD---- C:\WINDOWS\Fonts
2009-12-28 11:23:19 ----D---- C:\WINDOWS\system32\spool
2009-12-28 11:11:16 ----D---- C:\WINDOWS\system32\cs-cz
2009-12-28 11:11:16 ----D---- C:\WINDOWS\Help
2009-12-28 11:11:15 ----D---- C:\WINDOWS\system32\wbem
2009-12-28 11:08:58 ----D---- C:\Program Files\Messenger
2009-12-28 11:06:54 ----D---- C:\WINDOWS\Media
2009-12-28 10:56:47 ----D---- C:\Program Files\Outlook Express
2009-12-28 10:22:07 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-28 10:16:33 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-27 19:46:28 ----D---- C:\Program Files\Common Files\Adobe
2009-12-27 19:46:28 ----D---- C:\Documents and Settings\maxwell\Data aplikací\Adobe
2009-12-27 17:06:47 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2009-12-26 22:19:02 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-26 19:02:24 ----D---- C:\Program Files\Common Files
2009-12-26 19:01:42 ----D---- C:\Program Files\Common Files\Microsoft Shared

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-09-29 108792]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-09-29 96408]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-09-29 116008]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-09-05 4611072]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-11-21 10235968]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2007-06-28 45824]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2007-06-28 20480]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 a1mf5nhg;a1mf5nhg; C:\WINDOWS\system32\drivers\a1mf5nhg.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\WNt500x86\Sandra.sys []
S3 TVICHW32;TVICHW32; C:\WINDOWS\system32\drivers\TVICHW32.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\programy\nod32\ekrn.exe [2009-09-29 735960]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-08-16 222968]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PunkBuster; C:\PC hry\medal of honor\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe [2007-08-15 63040]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2009-12-27 107832]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\programy\Spyware Terminator\sp_rsser.exe [2010-01-08 488960]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\programy\nod32\EHttpSrv.exe [2009-09-29 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP4\RpcAgentSrv.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Re: jak smazu tenhle vir?

Napsal: 25 led 2010 23:29
od Unlimited_Killer
Nestáhl se HijackThis, ale nebudeme se jím zdržovat. Vezmeme tvrdší kalibr - ComboFix.

~~~

Vložte sem log z ComboFix.

Stáhněte a uložte na Plochu ComboFix, poté ho spusťte s administrátorským oprávněním.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'. Budete také dotázán na instalaci konzole pro zotavení, klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat. Váš PC bude pravděpodobně restartován, tak se toho neděste. Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu na Vás vypadne log, který vkopírujete sem.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz