Fssm32.exe hodně zatěžuje paměť, prosím o kontrolu logu

[pajinho]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:24:54, on 20.11.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\DAEMON Tools\daemon.exe
D:\Program Files\F-Secure\Common\FSM32.EXE
D:\Program Files\HP\HP Software Update\HPWuSchd.exe
D:\Program Files\HP\hpcoretech\hpcmpmgr.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
D:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
D:\Program Files\F-Secure\Common\FSMA32.EXE
D:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\F-Secure\Common\FSMB32.EXE
D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\F-Secure\Common\FCH32.EXE
D:\Program Files\F-Secure\Common\FAMEH32.EXE
D:\Program Files\F-Secure\Anti-Virus\fsqh.exe
D:\Program Files\F-Secure\FSGUI\fsguidll.exe
D:\Program Files\F-Secure\Anti-Virus\fssm32.exe
D:\Program Files\F-Secure\FSAUA\program\fsaua.exe
D:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
D:\Program Files\F-Secure\FSAUA\program\fsus.exe
D:\Program Files\F-Secure\Anti-Virus\fsav32.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Documents and Settings\baver\Dokumenty\Stažené soubory\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - D:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - D:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - D:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] D:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] D:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [F-Secure Manager] "D:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "D:\Program Files\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [HP Software Update] "D:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "D:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "D:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "D:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Winamp Search - D:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - D:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - D:\Program Files\F-Secure\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - D:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - D:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - D:\Program Files\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe

--
End of file - 6695 bytes

[Reklama]

[pitimir]

Dany subor patri k F-Secure...

Stiahni DDS. Uloz na plochu, ukonci vsetky spustene programy a spust ho. Po skonceni scanu sa otvoria vysledky v 2 oknach - DDS.txt a Attach.txt. Obsah oboch by som rad videl.

[pajinho]

DDS. txt


DDS (Ver_09-10-26.01) - NTFSx86
Run by baver at 18:25:13,03 on p  20.11.2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_17
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.723 [GMT 1:00]

AV: F-Secure Profi Antivirus 8.01 *On-access scanning disabled* (Updated) {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
FW: F-Secure Profi Antivirus 8.01 *enabled* {D4747503-0346-49EB-9262-997542F79BF4}

============== Running Processes ===============

D:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\DAEMON Tools\daemon.exe
D:\Program Files\HP\HP Software Update\HPWuSchd.exe
D:\Program Files\HP\hpcoretech\hpcmpmgr.exe
D:\Program Files\Java\jre6\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
svchost.exe
D:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
D:\Program Files\F-Secure\Common\FSMA32.EXE
D:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe -k imgsvc
D:\Program Files\F-Secure\Anti-Virus\fssm32.exe
D:\Program Files\F-Secure\Anti-Virus\fsav32.exe
D:\Documents and Settings\baver\Plocha\dds.scr
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\F-Secure\Common\FSLAUNCH.EXE

============== Pseudo HJT Report ===============

uURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - d:\program files\winamp toolbar\winamptb.dll
mURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - d:\program files\winamp toolbar\winamptb.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - d:\program files\winamp toolbar\winamptb.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - d:\program files\winamp toolbar\winamptb.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [CTFMON.EXE] d:\windows\system32\ctfmon.exe
uRun: [ICQ] "d:\program files\icq6.5\ICQ.exe" silent
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE d:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [SW20] d:\windows\system32\sw20.exe
mRun: [SW24] d:\windows\system32\sw24.exe
mRun: [NvMediaCenter] RUNDLL32.EXE d:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [DAEMON Tools] "d:\program files\daemon tools\daemon.exe" -lang 1033
mRun: [F-Secure Manager] "d:\program files\f-secure\common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "d:\program files\f-secure\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [HP Software Update] "d:\program files\hp\hp software update\HPWuSchd.exe"
mRun: [HP Component Manager] "d:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [Adobe Reader Speed Launcher] "d:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "d:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "d:\program files\java\jre6\bin\jusched.exe"
dRun: [CTFMON.EXE] d:\windows\system32\CTFMON.EXE
StartupFolder: d:\docume~1\alluse~1\nabdka~1\programy\posput~1\hpdigi~1.lnk - d:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: &Winamp Search - d:\documents and settings\all users\data aplikací\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: E&xportovat do aplikace Microsoft Office Excel - d:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - d:\program files\icq6.5\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~2\office11\REFIEBAR.DLL
LSP: d:\program files\f-secure\fsps\program\FSLSP.DLL
DPF: DirectAnimation Java Classes - file://d:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://d:\windows\java\classes\xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - d:\program files\hp\hpcoretech\comp\hpuiprot.dll

================= FIREFOX ===================

FF - ProfilePath - d:\docume~1\baver\dataap~1\mozilla\firefox\profiles\05w0hk65.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/sli ... ie7&query=
FF - prefs.js: browser.search.selectedEngine - Winamp Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/sli ... pab&query=
FF - component: d:\documents and settings\baver\data aplikací\mozilla\firefox\profiles\05w0hk65.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - plugin: d:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: d:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
d:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
d:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.jit.chrome", false);
d:\program files\mozilla firefox\greprefs\all.js - pref("security.checkloaduri", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("bidi.characterset", 1);
d:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
d:\program files\mozilla firefox\defaults\pref\channel-prefs.js - pref("app.update.channel", "release");
d:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");

============= SERVICES / DRIVERS ===============

R0 fsbts;fsbts;d:\windows\system32\drivers\fsbts.sys [2009-10-15 33920]
R0 FSFW;F-Secure Firewall Driver;d:\windows\system32\drivers\fsdfw.sys [2009-10-15 79872]
R1 F-Secure HIPS;F-Secure HIPS Driver;d:\program files\f-secure\hips\drivers\fshs.sys [2009-10-15 67808]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;d:\program files\common files\nero\nero backitup 4\NBService.exe [2009-7-20 935208]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;d:\program files\f-secure\anti-virus\minifilter\fsgk.sys [2009-10-15 101496]
S3 FSORSPClient;F-Secure ORSP Client;d:\program files\f-secure\orsp client\fsorsp.exe [2009-10-15 55904]
S4 F-Secure Filter;F-Secure File System Filter;d:\program files\f-secure\anti-virus\win2k\fsfilter.sys [2009-10-15 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;d:\program files\f-secure\anti-virus\win2k\fsrec.sys [2009-10-15 25184]

=============== Created Last 30 ================

2009-11-18 15:55:54 3428 ----a-w- d:\windows\system32\wbem\Outlook_01ca68679c0d06a0.mof
2009-11-13 09:22:21 110592 ----a-w- d:\windows\system32\tsccvid.dll
2009-11-13 09:22:19 0 d-----w- d:\program files\CDVPlayer
2009-11-13 09:22:18 466944 ------w- d:\windows\Setup1.exe
2009-11-13 09:22:16 73216 ----a-w- d:\windows\ST6UNST.EXE
2009-11-13 09:22:16 1887 ----a-w- d:\windows\ST6UNST.000
2009-11-13 09:22:16 1460798 ------w- d:\windows\CDV.CAB
2009-11-08 08:56:58 1089883 -c----w- d:\windows\system32\dllcache\ntprint.cat
2009-11-07 09:44:18 0 d-----w- d:\windows\system32\XPSViewer
2009-11-07 09:40:51 89088 -c----w- d:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-11-07 09:40:51 597504 -c----w- d:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-11-07 09:40:51 575488 -c----w- d:\windows\system32\dllcache\xpsshhdr.dll
2009-11-07 09:40:51 575488 ------w- d:\windows\system32\xpsshhdr.dll
2009-11-07 09:40:51 117760 ------w- d:\windows\system32\prntvpt.dll
2009-11-07 09:40:50 1676288 -c----w- d:\windows\system32\dllcache\xpssvcs.dll
2009-11-07 09:40:50 1676288 ------w- d:\windows\system32\xpssvcs.dll
2009-11-04 11:04:46 0 d-----w- d:\program files\ICQ6.5
2009-10-31 16:34:34 0 d-----w- d:\docume~1\baver\dataap~1\PSpad
2009-10-31 16:33:54 0 d-----w- d:\program files\PSPad editor
2009-10-29 19:31:07 1846632 ----a-w- d:\windows\system32\D3DCompiler_41.dll
2009-10-29 19:31:06 453456 ----a-w- d:\windows\system32\d3dx10_41.dll
2009-10-29 19:31:04 4178264 ----a-w- d:\windows\system32\D3DX9_41.dll
2009-10-29 19:31:03 69464 ----a-w- d:\windows\system32\XAPOFX1_3.dll
2009-10-29 19:31:03 517448 ----a-w- d:\windows\system32\XAudio2_4.dll
2009-10-29 19:31:02 235352 ----a-w- d:\windows\system32\xactengine3_4.dll
2009-10-29 19:31:02 22360 ----a-w- d:\windows\system32\X3DAudio1_6.dll
2009-10-29 19:31:01 2036576 ----a-w- d:\windows\system32\D3DCompiler_40.dll
2009-10-29 19:31:00 452440 ----a-w- d:\windows\system32\d3dx10_40.dll
2009-10-29 19:29:41 3495784 ----a-w- d:\windows\system32\d3dx9_33.dll
2009-10-29 19:29:20 255848 ----a-w- d:\windows\system32\xactengine2_6.dll
2009-10-29 19:29:18 251672 ----a-w- d:\windows\system32\xactengine2_5.dll
2009-10-29 19:29:13 3426072 ----a-w- d:\windows\system32\d3dx9_32.dll
2009-10-29 19:29:10 15128 ----a-w- d:\windows\system32\x3daudio1_1.dll
2009-10-29 19:29:08 237848 ----a-w- d:\windows\system32\xactengine2_4.dll
2009-10-29 19:29:01 2414360 ----a-w- d:\windows\system32\d3dx9_31.dll
2009-10-27 20:34:15 0 d-----w- d:\program files\Nero
2009-10-27 20:33:42 0 d-----w- d:\docume~1\alluse~1\dataap~1\Nero
2009-10-26 15:03:06 5632 ----a-w- d:\windows\system32\ptpusb.dll
2009-10-26 15:03:05 159232 ----a-w- d:\windows\system32\ptpusd.dll
2009-10-23 07:11:06 221184 ----a-w- d:\windows\system32\wmpns.dll
2009-10-22 14:26:22 178176 ----a-w- d:\windows\system32\unrar.dll
2009-10-22 14:26:06 38 ----a-w- d:\windows\avisplitter.ini
2009-10-22 14:25:32 414 ----a-w- d:\windows\system32\lame_acm.xml
2009-10-22 14:25:29 839680 ----a-w- d:\windows\system32\lameACM.acm
2009-10-22 14:25:23 118784 ----a-w- d:\windows\system32\ac3acm.acm
2009-10-22 14:25:21 217088 ----a-w- d:\windows\system32\yv12vfw.dll
2009-10-22 14:25:16 881664 ----a-w- d:\windows\system32\xvidcore.dll
2009-10-22 14:25:15 205824 ----a-w- d:\windows\system32\xvidvfw.dll
2009-10-22 14:25:12 3596288 ----a-w- d:\windows\system32\qt-dx331.dll
2009-10-22 14:25:11 90112 ----a-w- d:\windows\system32\dpl100.dll
2009-10-22 14:25:05 685056 ----a-w- d:\windows\system32\divx.dll
2009-10-22 14:24:57 547 ----a-w- d:\windows\system32\ff_vfw.dll.manifest
2009-10-22 14:24:55 85504 ----a-w- d:\windows\system32\ff_vfw.dll
2009-10-22 14:24:43 0 d-----w- d:\program files\K-Lite Codec Pack
2009-10-22 14:01:01 0 d-----w- d:\program files\Winamp Toolbar
2009-10-22 14:01:01 0 d-----w- d:\docume~1\alluse~1\dataap~1\Winamp Toolbar
2009-10-22 14:00:09 0 d-----w- d:\windows\RegisteredPackages

==================== Find3M ====================

2009-11-18 15:55:54 86806 ----a-w- d:\windows\system32\perfc005.dat
2009-11-18 15:55:54 447940 ----a-w- d:\windows\system32\perfh005.dat
2009-11-16 08:54:44 98304 ----a-w- d:\windows\DUMP6040.tmp
2009-10-19 23:53:34 3091968 ----a-w- d:\windows\system32\SET279.tmp
2009-10-17 19:11:56 737280 ----a-w- d:\windows\iun6002.exe
2009-10-16 13:49:52 40508 ----a-w- d:\windows\fonts\fmthin.ttf
2009-10-16 13:49:51 58748 ----a-w- d:\windows\fonts\verabd.ttf
2009-10-15 11:51:58 29362 ----a-w- d:\windows\hpoins03.dat
2009-10-15 11:44:55 33920 ----a-w- d:\windows\system32\drivers\fsbts.sys
2009-10-15 11:05:25 639224 ----a-w- d:\windows\system32\drivers\sptd.sys
2009-10-15 10:31:44 21812 ----a-w- d:\windows\system32\emptyregdb.dat
2009-10-11 03:17:27 411368 ----a-w- d:\windows\system32\deploytk.dll
2009-09-25 05:37:33 668160 ----a-w- d:\windows\system32\wininet.dll
2009-09-25 05:37:30 81920 ------w- d:\windows\system32\ieencode.dll
2009-09-11 14:19:35 136192 ----a-w- d:\windows\system32\msv1_0.dll
2009-09-04 21:05:18 58880 ----a-w- d:\windows\system32\msasn1.dll
2009-09-04 15:44:40 515416 ----a-w- d:\windows\system32\XAudio2_5.dll
2009-09-04 15:44:40 238936 ----a-w- d:\windows\system32\xactengine3_5.dll
2009-09-04 15:29:34 453456 ----a-w- d:\windows\system32\d3dx10_42.dll
2009-09-04 15:29:34 235344 ----a-w- d:\windows\system32\d3dx11_42.dll
2009-09-04 15:29:32 5501792 ----a-w- d:\windows\system32\d3dcsx_42.dll
2009-09-04 15:29:32 1974616 ----a-w- d:\windows\system32\D3DCompiler_42.dll
2009-09-04 15:29:30 1892184 ----a-w- d:\windows\system32\D3DX9_42.dll
2009-08-26 08:02:12 247326 ----a-w- d:\windows\system32\strmdll.dll

============= FINISH: 18:25:41,65 ===============

[pitimir]

Chyba attach.txt, ale to nevadi. Co je dolezitejsie - nic v tom logu nevidim.

1) Stiahni MbAM. Uloz na plochu, otvor "mbam-setup.exe" a nainstaluj. Updatuj. Potom spravis kompletny scan - co program najde, zmaz. Nasledny log vloz sem.


2) Stiahni GMER, rozbal ho na plochu a spust. Program automaticky zacne scan (po jeho skonceni vloz log c. 1) - pokial pri scanovani nieco najde (=vyskoci nejake upozornenie), klik na "NO" a vpravo zafajknes vsetky polozky OKREM:

• Sections
• IAT/EAT
• Registry
• nesystemovych diskov a particii (system je zvycajne na "C:\" - takze nezaskrtnute nechas "D:\", "E:\"...atd.)
• Show All

Klik na "Scan". Po scane klik na "Save" a log c. 2 vloz sem.

Ak nic nenajde (=nevyskoci nic), zaskrtaj vpravo vsetko a spusti scan. Po jeho ukonceni klik na "Copy" a vloz log c. 2.