Kontrola logu

[ASAP]

Nneií free, ale umožnuje po určitou dobu plnou funkci k vyzkoušení a o to mi šlo. zkus tedy http://www.viry.cz/forum/viewtopic.php?f=29&t=58179


Tvorba flash, po vašem usb klúč, by byla úprava flashdisku na jeden nástroj, ale to teď zatím neřešme.

[SoundChaosDebug]

ok uz to mam nainstalovane ten kaspersky mam si to dat skenovat aj ked mam USB kluce v kompe ci bez?

[ASAP]

S usb klíči

[SoundChaosDebug]

no takze ten kaspersky mi nasiel 520 infikovanych suborov a vytazenie CPU mam teraz v klude 0-5%

prikladam novy log z combofixu

ComboFix 11-08-27.01 - Tomas . 08. 2011 14:54:37.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.4000.2721 [GMT 2:00]
Running from: c:\users\Tomas\Desktop\ComboFix.exe
Command switches used :: c:\users\Tomas\Desktop\CFScript.txt.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
D:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2011-07-27 to 2011-08-27 )))))))))))))))))))))))))))))))
.
.
2011-08-27 12:57 . 2011-08-27 12:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-27 10:12 . 2011-08-27 10:12 -------- d-----w- c:\programdata\Kaspersky Lab
2011-08-27 09:35 . 2011-08-27 11:04 29412 --sh--r- C:\wgikco.exe
2011-08-27 07:45 . 2011-08-27 08:17 -------- d-----w- C:\RFT
2011-08-27 06:10 . 2011-08-27 06:10 -------- d-----w- C:\rsit
2011-08-27 06:10 . 2011-08-27 06:10 -------- d-----w- c:\program files\trend micro
2011-08-26 14:39 . 2011-08-26 14:39 -------- d-----w- c:\program files (x86)\directx
2011-08-26 14:30 . 2011-08-26 14:35 -------- d-----w- C:\UT2003
2011-08-26 13:40 . 2010-05-26 00:26 4218880 ----a-w- c:\windows\SysWow64\CDINTF400.DLL
2011-08-26 13:38 . 2011-08-26 13:38 -------- d-----w- c:\program files\National Instruments
2011-08-26 13:38 . 2011-08-26 13:39 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2011-08-26 13:37 . 2011-08-26 13:39 -------- d-----w- c:\program files (x86)\National Instruments
2011-08-26 13:37 . 2011-08-26 17:30 -------- d-----w- c:\programdata\National Instruments
2011-08-26 01:46 . 2011-08-25 15:54 -------- d-----w- c:\windows\Panther
2011-08-26 01:45 . 2011-08-26 01:45 -------- d-----w- c:\windows\system32\OEM
2011-08-25 18:42 . 2011-08-25 18:42 -------- d-----w- c:\programdata\Solidshield
2011-08-25 18:38 . 2011-08-25 18:38 -------- d-----w- c:\programdata\Electronic Arts
2011-08-25 18:38 . 2011-08-25 18:38 -------- d-----w- c:\programdata\EA Core
2011-08-25 17:22 . 2011-08-25 18:25 272448 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-08-25 17:22 . 2011-08-25 17:22 -------- d-----w- c:\program files (x86)\DAEMON Tools Pro
2011-08-25 17:21 . 2011-08-25 17:22 -------- d-----w- c:\programdata\DAEMON Tools Pro
2011-08-25 17:06 . 2011-08-16 06:48 8862544 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D94F9BA7-8748-4789-837A-0152A5AF5ACA}\mpengine.dll
2011-08-25 17:06 . 2011-05-24 17:14 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-08-25 17:03 . 2011-08-25 17:03 -------- d-----w- c:\program files (x86)\BitTorrent
2011-08-25 16:57 . 2011-08-25 17:02 -------- d-----w- c:\program files (x86)\Google
2011-08-25 16:57 . 2011-08-25 16:57 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-25 16:57 . 2011-08-25 16:57 -------- d-----w- c:\windows\SysWow64\Macromed
2011-08-25 16:55 . 2011-08-25 17:01 -------- d-----w- C:\totalcmd
2011-08-25 16:55 . 2010-12-17 05:56 545 ----a-w- c:\windows\UC.PIF
2011-08-25 16:55 . 2010-12-17 05:56 545 ----a-w- c:\windows\RAR.PIF
2011-08-25 16:55 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-08-25 16:55 . 2010-12-17 05:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-08-25 16:55 . 2010-12-17 05:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-08-25 16:55 . 2010-12-17 05:56 545 ----a-w- c:\windows\LHA.PIF
2011-08-25 16:55 . 2010-12-17 05:56 545 ----a-w- c:\windows\ARJ.PIF
2011-08-25 16:52 . 2011-08-25 16:52 -------- d-----w- c:\program files (x86)\Opera
2011-08-25 16:37 . 2010-08-03 13:30 196224 ----a-w- c:\program files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll
2011-08-25 16:37 . 2011-08-25 16:48 -------- d-----w- c:\program files\P4G
2011-08-25 16:37 . 2011-08-25 16:37 -------- d-----w- c:\programdata\P4G
2011-08-25 16:37 . 2009-07-20 09:29 15416 ----a-w- c:\windows\system32\drivers\kbfiltr.sys
2011-08-25 16:28 . 2011-08-25 16:28 -------- d-----w- c:\users\Public\Roaming
2011-08-25 16:28 . 2011-08-25 16:28 -------- d-----w- c:\users\Default\Roaming
2011-08-25 16:27 . 2011-08-25 16:36 -------- d-----w- c:\program files\Intel
2011-08-25 16:27 . 2011-08-25 16:27 -------- d-----w- c:\program files (x86)\Cisco
2011-08-25 16:26 . 2011-08-25 16:26 -------- d-----w- c:\program files\Synaptics
2011-08-25 16:26 . 2011-05-05 12:32 1439792 ----a-w- c:\windows\system32\drivers\SynTP.sys
2011-08-25 16:26 . 2011-05-05 12:30 66856 ----a-w- c:\windows\SysWow64\SynTPEnhPS.dll
2011-08-25 16:26 . 2011-05-05 12:30 107816 ----a-w- c:\windows\SysWow64\SynTPCOM.dll
2011-08-25 16:26 . 2011-05-05 12:30 226088 ----a-w- c:\windows\system32\SynTPAPI.dll
2011-08-25 16:26 . 2011-05-05 12:30 148264 ----a-w- c:\windows\system32\SynTPCo9.dll
2011-08-25 16:26 . 2011-05-05 12:30 276264 ----a-w- c:\windows\system32\SynCtrl.dll
2011-08-25 16:26 . 2011-05-05 12:30 222504 ----a-w- c:\windows\SysWow64\SynCtrl.dll
2011-08-25 16:26 . 2011-05-05 12:30 177448 ----a-w- c:\windows\SysWow64\SynCOM.dll
2011-08-25 16:26 . 2009-08-07 02:49 1721576 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2011-08-25 16:24 . 2011-08-25 16:24 -------- d-----w- c:\program files (x86)\ASM104xUSB3
2011-08-25 16:24 . 2011-08-25 16:24 -------- d-----w- c:\programdata\AmUStor
2011-08-25 16:24 . 2011-08-25 16:24 -------- d-----w- c:\program files (x86)\AmIcoSingLun
2011-08-25 16:23 . 2010-08-24 09:55 76912 ----a-w- c:\windows\system32\drivers\L1C62x64.sys
2011-08-25 16:21 . 2011-05-31 01:42 491112 ----a-w- c:\windows\system32\DTSNeoPCDLL64.dll
2011-08-25 16:18 . 2011-08-25 16:28 -------- d-----w- c:\users\UpdatusUser
2011-08-25 16:17 . 2011-08-27 12:58 -------- d-----w- c:\programdata\NVIDIA
2011-08-25 16:15 . 2011-08-26 13:40 -------- d-sh--w- c:\windows\Installer
2011-08-25 16:14 . 2011-08-25 16:14 -------- d-----w- c:\programdata\NVIDIA Corporation
2011-08-25 16:14 . 2011-08-25 16:18 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-08-25 16:14 . 2011-06-09 03:24 1617512 ----a-w- c:\windows\system32\nvdispco6420120.dll
2011-08-25 16:14 . 2011-06-09 03:24 1359976 ----a-w- c:\windows\system32\nvgenco642040.dll
2011-08-25 16:10 . 2011-08-25 16:16 -------- d-----w- C:\NvidiaLogs
2011-08-25 16:09 . 2011-08-25 16:16 -------- d-----w- c:\program files\NVIDIA Corporation
2011-08-25 16:09 . 2011-08-25 16:27 -------- d-----w- c:\programdata\Intel
2011-08-25 16:04 . 2010-10-05 18:50 8192 ----a-w- c:\windows\SysWow64\drivers\IntelMEFWVer.dll
2011-08-25 16:04 . 2010-10-05 18:50 8192 ----a-w- c:\windows\system32\drivers\IntelMEFWVer.dll
2011-08-25 16:04 . 2011-08-25 16:04 -------- d-----w- c:\program files (x86)\Common Files\postureAgent
2011-08-25 16:04 . 2010-09-21 07:59 56344 ----a-w- c:\windows\system32\drivers\HECIx64.sys
2011-08-25 16:04 . 2011-08-25 16:24 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2011-08-25 16:01 . 2010-10-04 05:02 53248 ----a-r- c:\windows\SysWow64\CSVer.dll
2011-08-25 16:01 . 2011-08-25 16:32 -------- d-----w- c:\program files (x86)\Intel
2011-08-25 16:00 . 2011-08-25 16:06 -------- d-----w- C:\Intel
2011-08-25 15:56 . 2011-08-25 19:16 -------- d-----w- c:\users\Tomas
2011-08-25 15:53 . 2011-08-25 15:53 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-02 08:32 . 2011-06-02 08:32 401896 ----a-w- c:\windows\system32\drivers\asmtxhci.sys
2011-06-02 08:32 . 2011-06-02 08:32 128488 ----a-w- c:\windows\system32\drivers\asmthub3.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-08-27_09.34.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-26 17:34 . 2011-08-27 09:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-08-26 17:34 . 2011-08-27 08:30 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 04:54 . 2011-08-27 08:30 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-08-27 09:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-08-27 08:30 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-08-27 09:34 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-08-27 08:30 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-08-27 09:34 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-25 16:07 . 2011-08-27 12:47 28392 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-08-27 12:47 23794 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-08-25 16:59 . 2011-08-27 09:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-25 16:59 . 2011-08-27 12:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-08-25 16:59 . 2011-08-27 12:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-08-25 16:59 . 2011-08-27 09:20 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-08-27 12:45 . 2011-08-27 12:45 1680 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2011-08-25 15:57 . 2011-08-27 12:47 2412 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3439894422-2558652369-815483910-1000_UserData.bin
+ 2011-08-27 12:57 . 2011-08-27 12:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-27 09:33 . 2011-08-27 09:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-27 09:33 . 2011-08-27 09:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-27 12:57 . 2011-08-27 12:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2011-08-27 08:35 607190 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-08-27 12:50 607190 c:\windows\system32\perfh009.dat
+ 2009-07-26 18:41 . 2011-08-27 12:50 614512 c:\windows\system32\perfh005.dat
- 2009-07-26 18:41 . 2011-08-27 08:35 614512 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2011-08-27 08:35 103568 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-08-27 12:50 103568 c:\windows\system32\perfc009.dat
+ 2009-07-26 18:41 . 2011-08-27 12:50 118684 c:\windows\system32\perfc005.dat
- 2009-07-26 18:41 . 2011-08-27 08:35 118684 c:\windows\system32\perfc005.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2011-08-27 842048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-09 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"DataFinder"="c:\program files (x86)\National Instruments\Shared\DataFinderDesktop\bin\DataFinder.exe" [2011-08-27 2921568]
"NI Background Service"="c:\program files (x86)\National Instruments\Shared\Update Service\niupdate.exe" [2011-08-27 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiVirusDisableNotify"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
"UacDisableNotify"=dword:00000001
.
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-27 1997416]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-25 17536]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-05-27 378472]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-06-01 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-06-01 391960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-06-01 419096]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-09 11860072]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-06-03 2226280]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"SynAsusAcpi"="c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe" [BU]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.3.20
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\windows\SysWOW64\lkcitdl.exe
c:\windows\SysWOW64\lkads.exe
c:\windows\SysWOW64\lktsrv.exe
c:\program files (x86)\National Instruments\Shared\Security\nidmsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\windows\SysWOW64\nisvcloc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2011-08-27 15:00:20 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-27 13:00
ComboFix2.txt 2011-08-27 09:38
.
Pre-Run: 74 232 602 624 bytes free
Post-Run: 74 131 111 936 bytes free
.
- - End Of File - - 278371A82CCBA4B362F08349B8B02457


ale zas mi tam zmazalo ten autorun.inf takze to asi nebude v 100percentnom poriadku ?

[ASAP]

Nemám nikde poruce kompl s Kasperskym, můžeš prosím nějak log z kaspeskeho uložit a zaslat - třeba v příloze?

Už musím od pc utíkat na akci. Zatim hoj, dořešíme zítra případně si tě převezme některý zdejší rádce.

[SoundChaosDebug]

hmmm zaujimave ten kaspersky jak keby si sa sam odinstaloval po restarte ja ho neviem najst .... a ani ten log

[ASAP]

Vymaž pokud se nachází C:\wgikco.exe

autorun.inf takze to asi nebude v 100percentnom poriadku ?

Dle logu z Cf havěť nevidím.


Který program od Kasperskeho si přesně použil? Mrkni do složky c:\programdata\Kaspersky Lab , jest-li se nenachází log zde. Zkus nainstalovat opět a přeběhnout kontrolou oba dva disky..nepamatuješ si jaké soubory nacházel infikované?