Win32/Olmarik.TDL4.trojan - prosim pomoc o odstranenie SURNE

[Vulgi]

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-13 21:53:05
Windows 6.1.7601 Service Pack 1
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x3C 0xC6 0x24 0xBC ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x8F 0xEF 0x4A 0x79 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x48 0xD0 0x64 0x91 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x3C 0xC6 0x24 0xBC ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x8F 0xEF 0x4A 0x79 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x48 0xD0 0x64 0x91 ...

---- EOF - GMER 1.0.15 ----

[vyosek]

PC vypada ciste, nejake problemy

[Vulgi]

no uz vlastne asi ani nie len ati tray tools mi furt vypisuje nejaku chybu kvoli UAC co som mal aj vypnute aby mi to furt nevypisovalo a mozno aj kvoli tomu sa mi dostal do pc ten virus....
ale aj tak to asi vymazem pretoze fps a teplotu grafiky mi v hre zobrazi ale teplotu cpu mi to nevie zobrazit tak musim najst nieco ine nevies o niecom?
typek co tu na fore mal tiez toho olmarika mi poradit na tie veci co mi zmizli toto

Ahoj, mas pravdu on ich asi iba skryl, ale nemohol som ich nijak dohladat.. skusal som vsetky mozne programy a nic.
Az nakoniec som nasiel toto: GetDataBack for FAT and NTFS v4.0.0.1 Portable (stiahol som to z torrentu)
Instalacia jednoducha a vsetko je tam lahko zrozumitelne.. jedine so potrebujes vediet aky mas hardisk (FAT alebo NTFS, to zistis ked kliknes pravym na C:/ a potom vlastnosti).
potom si len oznacis co chce obnovit a ide to.. trvalo to sice trosku dlhsie, ale vsetko to zachranilo.
Malo by ti to fungovat.
Problem mam stale s tym pojebanym Olmarikom, nemozem ho nijak odstranit.. skusal som vsetko mozne, nepomohli mi ani tunajsi experti.. chystam sa preinstalovat Windows, tak uvidime.

Keby si nieco potreboval, tak skusim pomoct.

vola sa imprezion tak keby si mu chcel pomoct tak mu mozes skusit napisat ked mne si to dokazal odstranit.....

este som sa ta chcel spytat mam ESET NOD32 Antivirus Business Edition a to mi asi nestaci ked som chytil hentaky virus cize by som potreboval asi este nejaky firewall ktory by si mi odporucil?

[vyosek]

Stahovat programy z torrentu je krajne nezodpovedne, jelikoz je tam spousta haveti

Imprezion se kolegovi do threadu uz neozval takze jaksi neni mozne dale pomahat

Obycejny reinstal Olmarika, spravne tedy TDL rootkita, neodstrani, jelikoz pri obycejnem formatu disku neni dotcen mbr sektor, kde se tyto rootkity ukryvaji

zadny antivir ci FW zatim neumi chrani proti teto haveti 100%, dulezitejsi je rozum uzivatele - neklikat na kdejakou kravvinu, castym zdrojem jsou cracky\keygeny a porno stranky

Ale muzes kouknout do nasi sekce s FW, tam je par typu a rad

UAC doporucuji mit zapnute. ati zkus preinstalovat

[Vulgi]

no ja z torrentu dost stahujem a nikdy sa mi nestalo ze by som tam nejaky vir stiahol vsetko vzdy predtym nez rozbalim a nainstalujem da pozret nod-om a vacsinou vsetko stahujem z torrentleech.org to je iba na pozvanky a pochybujem ze by tam niekomu tolerovali keby tam daval viry a to je pravda ze parkrat mi uz nod hlasil ze nejaky keygen alebo crack je virus.
ja som tu jeho temu nejak nesledoval celu mne islo hlavne o to ako si znovu obnovim vsetky data ale ved ja mu napisem nech mu tam odpise a ten reinstal je zbytocny.
a normalne tak jak je to predvolene alebo az uplne hore ze vzdy hlasit je dobre mat to uac zapnute?
ja som si ohladom tych firewallov nieco cital ale som myslel ze ked ty sa do toho viac rozumies tak budes vediet lepsie poradit...
mozem sa ta este spytat prosim ta nahodou s instalaciou osx na normlane pc nemas?
cital som si aj o tej vasej skolke ale to pre mna ako uplneho laika je asi blbost aby som sa do toho pustal ne?

aha no problem som nasiel stale mi nejde nainstalovat malwarebytes pise mi ze pristup bol odmietnuty

[vyosek]

osx nemam

no tak pro laika a pokud nemas zajem dale nam pomahat je to opravdu tezke a slozite - nehlede na to, ze nyni ani nesplnujes podminky pro pripadne prijeti

cracky\keygeny v 99% obsahuji dalsi bonus v podobe haveti

UAC je dobre mit na tretim (vychozi)

[Vulgi]

no ok ale asi tu este nieco mam ked mi to nejde nainstalovat nie?
to viem ze este nesplnam poziadavky na pripadne prijatie len som nadtym tak uvazoval neviem este porozmyslam nadtym...
ale zas az tak tazko to nevyzera sak ved len povies nech ti posle logy z programov a ty to kuknes a iba povies ok je to v pohode alebo ze este tam nieco mas....

[vyosek]

Co ti momentalne nejde nainstalovat

sak ved len povies nech ti posle logy z programov a ty to kuknes a iba povies ok je to v pohode alebo ze este tam nieco mas....

Ale musis vedet z jakych programu, dale musis umet tu havet najit, dale umet pouzit spravny nastroj na smazani, dale vedet co pripadne pouzit kdyz to timhle nejde..

[Vulgi]

no ved to malwarebytes' anti-malware som to chcel nainstalovat lebo neviem ci som to mal alebo ne....
a este musim henten program vyskusat co mi poradil imprezion tak snad mi to vsetko obnovi lebo napr ked teraz kliknem na tento pocitac a otvorim C alebo D tak mi vypise priecinok prazdny
a nikde sa ani nedostanem iba na plochu kde tiez nic nemam v starte mam iba vypnut uspat a restartovat proste nikde nic nemam a nikam sa nedostanem
a ked som chcel teraz otvorit catalyst tak mi vypisal ze program prestal pracovat.....

[vyosek]

Jeste zkusime tedy tohle - to nam mrkne po dalsi haveti - ale je mozne, ze je neboreny i system

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

[Vulgi]

No ok tak to skúsim ale dúfam že mi to nevymaze nic! Či to maze iba ak ho nepouzijes podľa návodu?

[vyosek]

CF maze jen havet, kterou ma v databazi, na jejimz vyvoji se podileji radci na celem svete...Aplikuj CF dle navodu a melo by byt vse OK

[Vulgi]

Aha takze o veci co mam v pc sa nemusím báť ok teda super

[vyosek]

Ano, navic CF vytvari zalohu vseho co maze

[Vulgi]

Hm uz to scanuje teraz je na stage 8 ale je zaujímavé že to mam po anglicky a jedine co mi vyhodilo bolo okno aby som mal vypnuty antivirus a licencne podmienky to som dal že súhlasím a ani nepisalo nic s tou konzolou


Uz mi to maze nejaké súbory a zložky

Dpc on sa má nepytal na žiadnu konzolu pre zotavenie a ja neviem či to mam tak teraz som v riti ne?
To som si všimol az potom ked som dosiel na koniec návodu že sa to dá aj ručne nainstalovat.... Az uplne dole to bolo napísané...
Ach do pecka

tu je ten log



ComboFix 11-11-13.03 - Vulgi . 11. 2011 23:31:40.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4095.2699 [GMT 1:00]
Running from: c:\users\Vulgi\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\HDD Regenerator\HDD Regenerator.exe
c:\users\Vulgi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore
c:\users\Vulgi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore\System Restore.lnk
c:\users\Vulgi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Restore\Uninstall System Restore.lnk
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\cc32100mt.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-10-13 to 2011-11-13 )))))))))))))))))))))))))))))))
.
.
2011-11-13 22:41 . 2011-11-13 22:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-13 21:40 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-10 16:20 . 2011-11-10 16:20 -------- d-----w- C:\rsit
2011-11-10 16:20 . 2011-11-10 16:20 -------- d-----w- c:\program files\trend micro
2011-11-09 14:22 . 2011-11-09 15:48 -------- d-----w- c:\users\Vulgi\DoctorWeb
2011-11-08 22:02 . 2010-07-16 13:53 816016 ----a-w- c:\windows\system32\drivers\pctEFA64.sys
2011-11-08 22:02 . 2010-06-29 09:35 452872 ----a-w- c:\windows\system32\drivers\pctDS64.sys
2011-11-08 22:02 . 2011-01-17 08:09 334976 ----a-w- c:\windows\system32\drivers\pctgntdi64.sys
2011-11-08 22:02 . 2010-12-16 07:43 137704 ----a-w- c:\windows\system32\drivers\pctwfpfilter64.sys
2011-11-08 22:02 . 2010-12-10 12:24 257232 ----a-w- c:\windows\system32\drivers\PCTCore64.sys
2011-11-08 22:02 . 2010-12-16 07:46 92896 ----a-w- c:\windows\system32\drivers\pctplsg64.sys
2011-11-08 22:02 . 2011-11-09 13:57 -------- d-----w- c:\program files (x86)\PC Tools Security
2011-11-08 22:02 . 2011-11-08 22:09 -------- d-----w- c:\program files (x86)\Common Files\PC Tools
2011-11-08 22:02 . 2011-11-08 22:02 -------- d-----w- c:\users\Vulgi\AppData\Roaming\PC Tools
2011-11-08 21:57 . 2011-11-08 22:02 -------- d-----w- c:\programdata\PC Tools
2011-11-04 10:46 . 2011-05-12 16:13 465408 ------w- c:\windows\system32\cmasiopx.dll
2011-11-04 10:35 . 2011-10-07 04:16 8570192 ---ha-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EB55D8B9-EA07-42E3-A1E1-40B9BCADA15E}\mpengine.dll
2011-10-30 19:53 . 2011-10-30 19:53 -------- d--h--w- c:\users\Vulgi\AppData\Roaming\ASUS
2011-10-30 19:53 . 2011-11-04 10:46 -------- d--h--w- c:\program files\ASUS Xonar DX Audio
2011-10-30 19:52 . 2009-08-19 15:00 359424 ------w- c:\windows\system32\CmiInstallResAll64.dll
2011-10-30 19:52 . 2006-10-06 04:45 524768 ---ha-w- c:\windows\difxapi.dll
2011-10-30 19:08 . 2011-03-10 14:44 2725376 ----a-w- c:\windows\system32\drivers\cmudaxp.sys
2011-10-30 19:08 . 2007-04-19 14:12 32768 ----a-w- c:\windows\system32\cmudaxp.dll
2011-10-30 19:08 . 2004-04-14 10:28 315392 ---ha-w- c:\windows\SysWow64\CmiFltr.dll
2011-10-30 19:08 . 2004-04-14 10:28 315392 ---ha-w- c:\windows\system\CmiFltr.dll
2011-10-25 17:22 . 2011-10-25 17:22 -------- d--h--w- c:\users\Vulgi\AppData\Local\IsolatedStorage
2011-10-25 17:22 . 2011-10-25 17:22 -------- d--h--w- c:\users\Vulgi\AppData\Local\Futuremark_Corporation
2011-10-25 17:07 . 2011-10-25 17:07 -------- d--h--w- c:\program files (x86)\Futuremark
2011-10-25 17:06 . 2011-10-25 17:06 -------- d--h--w- c:\program files\Futuremark
2011-10-25 15:59 . 2011-10-25 15:59 -------- d--h--w- c:\program files (x86)\FinalWire
2011-10-24 13:29 . 2011-10-24 13:29 94208 ---ha-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ---ha-w- c:\windows\SysWow64\QuickTime.qts
2011-10-22 19:16 . 2011-10-25 18:39 -------- d--h--w- c:\programdata\Tunngle
2011-10-22 19:16 . 2011-10-25 18:39 -------- d--h--w- c:\users\Vulgi\AppData\Roaming\Tunngle
2011-10-22 19:15 . 2011-10-22 19:17 -------- d--h--w- c:\program files (x86)\Tunngle
2011-10-22 19:15 . 2009-09-16 06:02 31232 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2011-10-19 15:56 . 2011-10-19 15:56 -------- d--h--w- c:\program files\iPod
2011-10-19 15:55 . 2011-10-19 15:57 -------- d--h--w- c:\program files\iTunes
2011-10-19 15:55 . 2011-10-19 15:57 -------- d--h--w- c:\program files (x86)\iTunes
2011-10-19 15:42 . 2011-10-19 15:42 -------- d--h--w- c:\program files\Bonjour
2011-10-19 15:42 . 2011-10-19 15:42 -------- d--h--w- c:\program files (x86)\Bonjour
2011-10-19 14:39 . 2011-10-19 14:39 200836 ---ha-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2011-10-19 14:39 . 2011-10-19 14:39 331908 ---ha-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-14 18:02 . 2011-05-24 19:44 414368 ---ha-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-10 15:06 . 2011-10-10 15:06 27176 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2011-10-10 15:06 . 2011-10-10 15:06 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2011-10-10 15:06 . 2011-10-10 15:06 13352 ----a-w- c:\windows\system32\drivers\ggflt.sys
2011-09-29 22:25 . 2010-12-24 11:08 48648 ---ha-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-09-23 18:09 . 2011-09-23 18:09 178800 ---ha-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2011-09-14 09:47 . 2011-09-14 09:47 60416 ----a-w- c:\windows\system32\OVDecode64.dll
2011-09-14 09:47 . 2011-09-14 09:47 53760 ---ha-w- c:\windows\SysWow64\OVDecode.dll
2011-09-14 09:47 . 2011-09-14 09:47 16652288 ----a-w- c:\windows\system32\amdocl64.dll
2011-09-14 09:38 . 2011-09-14 09:38 44032 ----a-w- c:\windows\system32\amdoclcl64.dll
2011-09-14 09:38 . 2011-09-14 09:38 37376 ---ha-w- c:\windows\SysWow64\amdoclcl.dll
2011-09-08 18:27 . 2011-10-12 21:35 10203648 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-09-08 17:59 . 2011-10-12 21:35 24229376 ----a-w- c:\windows\system32\atio6axx.dll
2011-09-08 17:39 . 2011-10-12 21:35 18534912 ---ha-w- c:\windows\SysWow64\atioglxx.dll
2011-09-08 17:34 . 2011-10-12 21:35 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-09-08 17:34 . 2011-09-19 11:11 732672 ---ha-w- c:\windows\SysWow64\aticfx32.dll
2011-09-08 17:32 . 2010-09-29 01:54 862720 ----a-w- c:\windows\system32\aticfx64.dll
2011-09-08 17:30 . 2011-10-12 21:35 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-09-08 17:30 . 2011-10-12 21:35 486912 ----a-w- c:\windows\system32\atieclxx.exe
2011-09-08 17:29 . 2011-10-12 21:35 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-09-08 17:28 . 2011-10-12 21:35 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-09-08 17:28 . 2011-10-12 21:35 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-09-08 17:28 . 2011-09-19 11:11 356352 ---ha-w- c:\windows\SysWow64\atipdlxx.dll
2011-09-08 17:28 . 2011-10-12 21:35 278528 ---ha-w- c:\windows\SysWow64\Oemdspif.dll
2011-09-08 17:28 . 2011-10-12 21:35 21504 ----a-w- c:\windows\system32\atimuixx.dll
2011-09-08 17:28 . 2011-10-12 21:35 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-09-08 17:28 . 2011-10-12 21:35 43520 ---ha-w- c:\windows\SysWow64\ati2edxx.dll
2011-09-08 17:24 . 2011-10-12 21:35 4204032 ---ha-w- c:\windows\SysWow64\atidxx32.dll
2011-09-08 17:18 . 2011-10-12 21:35 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-09-08 17:18 . 2011-10-12 21:35 1828864 ---ha-w- c:\windows\SysWow64\atiumdmv.dll
2011-09-08 17:18 . 2010-11-26 02:29 3888640 ----a-w- c:\windows\system32\atiumd6a.dll
2011-09-08 17:16 . 2010-09-29 01:37 4944896 ----a-w- c:\windows\system32\atidxx64.dll
2011-09-08 17:09 . 2011-10-12 21:35 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-09-08 17:09 . 2011-10-12 21:35 46080 ---ha-w- c:\windows\SysWow64\aticalrt.dll
2011-09-08 17:09 . 2011-10-12 21:35 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-09-08 17:09 . 2011-10-12 21:35 44032 ---ha-w- c:\windows\SysWow64\aticalcl.dll
2011-09-08 17:09 . 2011-10-12 21:35 8723456 ----a-w- c:\windows\system32\aticaldd64.dll
2011-09-08 17:08 . 2011-09-19 11:11 4064768 ---ha-w- c:\windows\SysWow64\atiumdva.dll
2011-09-08 17:05 . 2011-10-12 21:35 7331840 ---ha-w- c:\windows\SysWow64\aticaldd.dll
2011-09-08 17:05 . 2011-09-19 11:11 4289024 ---ha-w- c:\windows\SysWow64\atiumdag.dll
2011-09-08 17:00 . 2010-11-26 02:24 5428736 ----a-w- c:\windows\system32\atiumd64.dll
2011-09-08 16:59 . 2010-09-29 01:23 58880 ----a-w- c:\windows\system32\coinst.dll
2011-09-08 16:53 . 2011-10-12 21:35 381952 ----a-w- c:\windows\system32\atiadlxx.dll
2011-09-08 16:53 . 2011-10-12 21:35 270336 ---ha-w- c:\windows\SysWow64\atiadlxy.dll
2011-09-08 16:52 . 2011-10-12 21:35 15360 ----a-w- c:\windows\system32\atig6pxx.dll
2011-09-08 16:52 . 2011-10-12 21:35 13312 ---ha-w- c:\windows\SysWow64\atiglpxx.dll
2011-09-08 16:52 . 2011-10-12 21:35 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-09-08 16:52 . 2011-10-12 21:35 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-09-08 16:52 . 2011-10-12 21:35 32768 ---ha-w- c:\windows\SysWow64\atigktxx.dll
2011-09-08 16:52 . 2011-10-12 21:35 310784 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-09-08 16:52 . 2010-09-29 01:14 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-09-08 16:51 . 2011-09-19 11:11 31744 ---ha-w- c:\windows\SysWow64\atiuxpag.dll
2011-09-08 16:51 . 2010-11-26 02:15 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-09-08 16:51 . 2011-09-19 11:11 29184 ---ha-w- c:\windows\SysWow64\atiu9pag.dll
2011-09-08 16:51 . 2011-10-12 21:35 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-09-08 16:51 . 2011-10-12 21:35 54784 ----a-w- c:\windows\system32\atimpc64.dll
2011-09-08 16:51 . 2011-10-12 21:35 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2011-09-08 16:50 . 2011-10-12 21:35 53760 ---ha-w- c:\windows\SysWow64\atimpc32.dll
2011-09-08 16:50 . 2011-10-12 21:35 53760 ---ha-w- c:\windows\SysWow64\amdpcom32.dll
2011-09-06 03:03 . 2011-10-12 20:24 3138048 ----a-w- c:\windows\system32\win32k.sys
2011-09-01 05:24 . 2011-10-12 20:45 2309120 ----a-w- c:\windows\system32\jscript9.dll
2011-09-01 05:17 . 2011-10-12 20:45 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-09-01 05:12 . 2011-10-12 20:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-09-01 02:35 . 2011-10-12 20:45 1798144 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-09-01 02:28 . 2011-10-12 20:45 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-09-01 02:22 . 2011-10-12 20:45 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-08-30 21:05 . 2011-08-30 21:05 96104 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-30 21:05 . 2011-08-30 21:05 85864 ----a-w- c:\windows\system32\dnssd.dll
2011-08-30 21:05 . 2011-08-30 21:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-30 21:05 . 2011-08-30 21:05 212840 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-30 21:05 . 2011-08-30 21:05 83816 ---ha-w- c:\windows\SysWow64\dns-sd.exe
2011-08-30 21:05 . 2011-08-30 21:05 73064 ---ha-w- c:\windows\SysWow64\dnssd.dll
2011-08-30 21:05 . 2011-08-30 21:05 50536 ---ha-w- c:\windows\SysWow64\jdns_sd.dll
2011-08-30 21:05 . 2011-08-30 21:05 178536 ---ha-w- c:\windows\SysWow64\dnssdX.dll
2011-08-27 05:37 . 2011-10-12 20:23 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-27 05:37 . 2011-10-12 20:23 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-08-27 04:26 . 2011-10-12 20:23 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-08-27 04:26 . 2011-10-12 20:23 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-08-24 18:19 . 2011-08-24 18:19 56320 ---ha-w- c:\windows\SysWow64\OpenVideo.dll
2011-08-24 18:18 . 2011-08-24 18:18 13601280 ---ha-w- c:\windows\SysWow64\amdocl.dll
2011-08-17 05:26 . 2011-10-12 20:24 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-08-17 05:25 . 2011-10-12 20:24 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-08-17 04:24 . 2011-10-12 20:24 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-08-17 04:19 . 2011-10-12 20:24 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"AtiTrayTools"="c:\program files (x86)\Ray Adams\ATI Tray Tools\atitray.exe" [2011-03-27 929280]
"Infium"="c:\program files (x86)\QIP 2010\qip.exe" [2011-07-18 6812032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-03-30 113296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 343168]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
.
c:\users\Vulgi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-6-7 1195520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe"
"PWRISOVM.EXE"=c:\program files (x86)\PowerISO\PWRISOVM.EXE
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
.
R1 atitray;atitray;c:\program files (x86)\Ray Adams\ATI Tray Tools\atitray64.sys [2011-03-27 24224]
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-23 136176]
R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-08-15 130976]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-23 136176]
R3 netr28ux;AirLive WN-5000USB Card Driver;c:\windows\system32\DRIVERS\netr28ux.sys [x]
R3 OXSDIDRV_x64;Oxford Semi eSATA Filter (x64);c:\windows\system32\DRIVERS\OXSDIDRV_x64.sys [x]
R3 OXUDIDRV;OXUDIDRV;c:\windows\system32\Drivers\OXUDIDRV_X64.sys [x]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools Security\pctsAuxs.exe [2010-03-15 366840]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [x]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-09-08 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2011-06-24 55424]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-08-12 810144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Ovislink\Common\RaRegistry64.exe [2009-10-06 212256]
S2 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2011-10-14 745832]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AODDriver2;AODDriver2;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [2010-07-01 52352]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 cmudaxp;ASUS Xonar DX Audio Interface;c:\windows\system32\drivers\cmudaxp.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-23 15:26]
.
2011-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-23 15:26]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2916584]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-06 11057768]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2011-05-12 8769536]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.sk/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll
FF - ProfilePath - c:\users\Vulgi\AppData\Roaming\Mozilla\Firefox\Profiles\ma8cwmx7.default\
FF - prefs.js: browser.startup.homepage - http://www.google.sk
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-HDD Regenerator - c:\program files (x86)\HDD Regenerator\HDD Regenerator.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-577622813-1983179613-234765878-1000\Software\SecuROM\License information*]
"datasecu"=hex:f7,29,0f,cb,b3,93,86,93,c5,ea,4e,04,64,d4,26,39,8a,32,fd,ea,8d,
74,dd,57,10,bc,62,89,d4,4a,f6,a4,b5,65,b7,88,b0,c5,06,13,cd,74,70,1c,ed,2f,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-11-13 23:58:04
ComboFix-quarantined-files.txt 2011-11-13 22:58
.
Pre-Run: 12 570 062 848 bytes free
Post-Run: 15 215 202 304 bytes free
.
- - End Of File - - 51CD19C02CD139E4DDB7D7F2C9C289A6


parada uz mi zobrazuje vsetky veci co mam na C aj na D ale na ploche sa mi zatial stale nic nezobrazilo dpc a zo startu mi zmizli vsetky veci co mas napravo ze moje dokumenty hudba atd ale zas objavili sa mi vsetky veci ked si dam ze vsetky programy