Zavírený PC,prosím o pomoc

Zpráva

branisimo · #1 Příspěvek od **branisimo** » 29 čer 2010 22:23

Zdravím,
nemuzu se dostat do C,ani D a notebook jde docela spomalene

tady je log:

Logfile of random's system information tool 1.07 (written by random/random)
Run by Family at 2010-06-29 23:21:29
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 10 GB (16%) free of 65 GB
Total RAM: 2046 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:21:42, on 29.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Family\Desktop\RSIT.exe
C:\Program Files\trend micro\Family.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.live.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.live.com/sphome.aspx
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [dso32] C:\DOCUME~1\Family\LOCALS~1\Temp\dsoqq.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 6837 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-527237240-1177238915-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-73586283-527237240-1177238915-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-08-07 138608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar BHO - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll [2009-12-08 506720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-14 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-14 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{3041d03e-fd4b-44e0-b742-2d9b88305f98} - Foxit Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll [2008-11-18 333192]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]
{8dcb7100-df86-4384-8842-8fa844297b3f} - MSN Toolbar - C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll [2009-12-08 506720]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-01-21 61440]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2008-04-13 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2008-04-13 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-13 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2008-04-13 455168]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"dso32"=C:\DOCUME~1\Family\LOCALS~1\Temp\dsoqq.exe [2010-06-29 117248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-11 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Family\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-07 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-07-17 288080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSN Toolbar]
C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe [2009-12-08 240992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
C:\WINDOWS\PLFSetL.exe [2007-07-05 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [2010-01-26 2633976]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-05-30 126976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"D:\Program Files\Codemasters\DiRT\DiRT.exe"="D:\Program Files\Codemasters\DiRT\DiRT.exe:*:Enabled:DiRT Executable"
"C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"="C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:*:Enabled:Veoh Web Player "
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{703b5822-7a51-11df-988d-001f3b23ae2d}]
shell\AutoRun\command - G:\1gkbvsni.exe
shell\open\command - G:\1gkbvsni.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{703b5823-7a51-11df-988d-001f3b23ae2d}]
shell\AutoRun\command - H:\1gkbvsni.exe
shell\open\command - H:\1gkbvsni.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7759ce96-f0a1-11de-9741-001f3b23ae2d}]
shell\AutoRun\command - G:\09lf.exe
shell\open\command - G:\09lf.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7bb48599-c59f-11de-be11-806d6172696f}]
shell\AutoRun\command - 1j038ki.exe
shell\open\command - 1j038ki.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8e43a6f2-c6de-11de-96d5-806d6172696f}]
shell\AutoRun\command - 1j038ki.exe
shell\open\command - 1j038ki.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d451a9f4-c6d0-11de-90b0-001f3b23ae2d}]
shell\AutoRun\command - G:\09lf.exe
shell\open\command - G:\09lf.exe

======List of files/folders created in the last 1 months======

2010-06-29 23:21:30 ----D---- C:\Program Files\trend micro
2010-06-29 23:21:29 ----D---- C:\rsit
2010-06-29 00:07:51 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-06-29 00:07:45 ----D---- C:\Program Files\Alwil Software
2010-06-29 00:07:45 ----D---- C:\Documents and Settings\All Users\Application Data\Alwil Software
2010-06-27 07:28:30 ----RSH---- C:\vi8f.exe
2010-06-24 07:59:21 ----RSH---- C:\eyruu.exe
2010-06-20 13:51:16 ----D---- C:\Program Files\ICQ6Toolbar
2010-06-20 13:51:13 ----D---- C:\Documents and Settings\All Users\Application Data\ICQ
2010-06-20 13:50:39 ----D---- C:\Documents and Settings\Family\Application Data\ICQ
2010-06-20 13:50:29 ----D---- C:\Program Files\ICQ7.2
2010-06-18 17:19:40 ----RSH---- C:\09lf.exe
2010-06-17 23:18:45 ----D---- C:\Program Files\Avanquest update
2010-06-17 23:16:55 ----D---- C:\Program Files\Sony Ericsson
2010-06-17 23:04:07 ----D---- C:\Documents and Settings\All Users\Application Data\BVRP Software
2010-06-17 23:02:28 ----D---- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2010-06-17 22:43:38 ----RSH---- C:\1gkbvsni.exe
2010-06-16 23:38:42 ----RSH---- C:\xcr.exe
2010-06-16 12:26:15 ----RSH---- C:\krwyrv0d.exe
2010-06-16 12:25:32 ----RSH---- C:\2bbi1ax.exe

======List of files/folders modified in the last 1 months======

2010-06-29 23:21:35 ----D---- C:\WINDOWS\Prefetch
2010-06-29 23:21:30 ----RD---- C:\Program Files
2010-06-29 22:21:11 ----D---- C:\WINDOWS\Temp
2010-06-29 22:20:16 ----D---- C:\Program Files\Mozilla Firefox
2010-06-29 21:54:28 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-29 17:10:35 ----D---- C:\Documents and Settings\Family\Application Data\Skype
2010-06-29 17:05:18 ----D---- C:\Documents and Settings\Family\Application Data\skypePM
2010-06-29 17:00:19 ----D---- C:\WINDOWS
2010-06-29 00:08:06 ----D---- C:\WINDOWS\system32\drivers
2010-06-29 00:07:59 ----SHD---- C:\WINDOWS\Installer
2010-06-29 00:07:59 ----D---- C:\WINDOWS\WinSxS
2010-06-29 00:07:52 ----D---- C:\WINDOWS\system32
2010-06-28 23:54:51 ----RD---- C:\Program Files\Skype
2010-06-28 06:01:38 ----D---- C:\Program Files\ESET
2010-06-27 13:31:33 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-20 15:23:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-06-20 13:51:14 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-17 23:23:43 ----HD---- C:\WINDOWS\inf
2010-06-17 23:18:30 ----DC---- C:\WINDOWS\system32\DRVSTORE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-05-06 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-05-06 46672]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-05-06 100432]
R2 irda;IrDA Protocol; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-14 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-05-06 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-05-30 2880512]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2007-03-23 539072]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2007-03-23 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-03-31 876384]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-12-22 988800]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-12-22 209664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-05-30 4424192]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-04-30 2206976]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-14 28672]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2007-10-01 1769984]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-05-01 290816]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-12-22 730112]
S3 aql1krhj;aql1krhj; C:\WINDOWS\system32\drivers\aql1krhj.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2007-03-23 149123]
S3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2007-03-31 55352]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-03-23 67960]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 s117bus;Sony Ericsson Device 117 driver (WDM); C:\WINDOWS\system32\DRIVERS\s117bus.sys [2007-06-25 82984]
S3 s117mdfl;Sony Ericsson Device 117 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s117mdfl.sys [2007-06-25 14888]
S3 s117mdm;Sony Ericsson Device 117 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s117mdm.sys [2007-06-25 108456]
S3 s117mgmt;Sony Ericsson Device 117 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s117mgmt.sys [2007-06-25 100264]
S3 s117nd5;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS); C:\WINDOWS\system32\DRIVERS\s117nd5.sys [2007-06-25 22952]
S3 s117obex;Sony Ericsson Device 117 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s117obex.sys [2007-06-25 98344]
S3 s117unic;Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM); C:\WINDOWS\system32\DRIVERS\s117unic.sys [2007-06-25 98856]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS [2006-06-09 6909]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-08-23 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-05-30 536576]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-04-01 273256]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 Irmon;Infrared Monitor; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-14 153376]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-08-07 242048]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------

#2 Příspěvek od **motji** » 29 čer 2010 23:28

Dobré ranko

Zapojte do pc všechny usb klíče, flashky...co používáte

Použijte USB fix
http://www.viry.cz/forum/viewtopic.php?f=24&t=102308

Před stažením vypněte rezidentní štít antiviru, má na Usbfix falešnou detekci
-spusťte
-klikněte na volbu deletion , potvrdte enter
- po skenu sem vložte log , pokud na Vás nevyskočí, najdete ho C:\UsbFix.txt

-----------
edit//
Vidím, že už jste tu jeden pc čistil, stejná nákaza na disku G. To bude patrně fleška. Máte ještě nějaký počítač, kde tato fleška byla? Patrně si přes flešku taháte do pc potvůrky

branisimo · #3 Příspěvek od **branisimo** » 30 čer 2010 10:53

############################## | UsbFix 7.014 | [Deletion]

User: Family (Administrator) # COMPUTER_1 [ ]
Updated 24/06/10 by El Desaparecido / C_XX
Started at 11:51:16 | 30/06/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: Intel(R) Core(TM)2 Duo CPU T5470 @ 1.60GHz
CPU 2: Intel(R) Core(TM)2 Duo CPU T5470 @ 1.60GHz
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 6.0.2900.5512

Windows Firewall: Enabled
Antivirus: avast! Antivirus 5.0.83886625 [(!) Disabled | Updated]
RAM -> 2046 Mb
C:\ (%systemdrive%) -> Fixed drive # 64 Gb (10 Mb free - 16%) [] # NTFS
D:\ -> Fixed drive # 234 Gb (190 Mb free - 81%) [] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> Removable drive # 2 Gb (1 Mb free - 59%) [] # FAT32
H:\ -> Removable drive # 4 Gb (3 Mb free - 71%) [KINGSTON] # FAT32

################## | Files # Infected Folders |

Deleted ! C:\DOCUME~1\Family\LOCALS~1\Temp\am.exe
Deleted ! C:\DOCUME~1\Family\LOCALS~1\Temp\dsoqq.exe
Deleted ! C:\mk28sp.exe
Deleted ! C:\Autorun.inf
Deleted ! D:\Autorun.inf
Deleted ! G:\Autorun.inf
Deleted ! H:\Autorun.inf
Deleted ! C:\09lf.exe
Deleted ! C:\1gkbvsni.exe
Deleted ! C:\2bbi1ax.exe
Deleted ! C:\eyruu.exe
Deleted ! C:\krwyrv0d.exe
Deleted ! C:\xcr.exe
Deleted ! D:\09lf.exe
Deleted ! D:\1gkbvsni.exe
Deleted ! D:\2bbi1ax.exe
Deleted ! D:\eyruu.exe
Deleted ! D:\krwyrv0d.exe
Deleted ! D:\xcr.exe
Deleted ! G:\09lf.exe
Deleted ! G:\xcr.exe
Deleted ! H:\09lf.exe
Deleted ! H:\2bbi1ax.exe
Deleted ! H:\krwyrv0d.exe
Deleted ! D:\mk28sp.exe
Deleted ! G:\mk28sp.exe
Deleted ! H:\mk28sp.exe

################## | Registry |

Deleted ! HKLM\Software\Classes\CLSID\MADOWN
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Run|dso32

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{703b5822-7a51-11df-988d-001f3b23ae2d}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{7759ce95-f0a1-11de-9741-001f3b23ae2d}

################## | Listing |

[01/11/2009 - 00:11:22 | A | 0] C:\AUTOEXEC.BAT
[01/11/2009 - 00:05:34 | SH | 211] C:\boot.ini
[01/11/2009 - 00:11:22 | A | 0] C:\CONFIG.SYS
[01/11/2009 - 00:17:25 | D ] C:\Documents and Settings
[15/01/2010 - 12:34:20 | A | 1120] C:\INSTALL.LOG
[01/11/2009 - 11:40:54 | D ] C:\Intel
[01/11/2009 - 00:11:22 | RASH | 0] C:\IO.SYS
[01/11/2009 - 11:39:43 | A | 7] C:\ISACER.id
[01/11/2009 - 00:11:22 | RASH | 0] C:\MSDOS.SYS
[13/04/2008 - 23:13:04 | RASH | 47564] C:\NTDETECT.COM
[14/04/2008 - 01:01:44 | RASH | 250048] C:\ntldr
[30/06/2010 - 11:20:47 | ASH | 2145386496] C:\pagefile.sys
[29/06/2010 - 23:21:30 | RD ] C:\Program Files
[30/06/2010 - 11:52:36 | SHD ] C:\RECYCLER
[29/06/2010 - 23:21:44 | D ] C:\rsit
[01/11/2009 - 00:15:27 | SHD ] C:\System Volume Information
[01/11/2009 - 12:31:42 | D ] C:\temp
[23/01/2009 - 15:59:16 | RA | 62578047] C:\testy 1-35.pdf
[24/05/2001 - 13:59:30 | A | 162304] C:\UNWISE.EXE
[30/06/2010 - 11:52:36 | D ] C:\UsbFix
[30/06/2010 - 11:52:40 | A | 1830] C:\UsbFix.txt
[27/06/2010 - 07:28:02 | RSH | 116736] C:\vi8f.exe
[29/06/2010 - 17:00:19 | D ] C:\WINDOWS
[19/06/2010 - 13:40:11 | D ] D:\Filmy
[07/03/2010 - 14:47:12 | D ] D:\Google Earth Pro 5.0.1337 Cracked
[20/11/2009 - 00:07:34 | RD ] D:\Hudba
[17/11/2009 - 12:13:42 | RHD ] D:\MSOCache
[30/01/2010 - 00:01:35 | D ] D:\Program Files
[30/06/2010 - 11:52:36 | SHD ] D:\RECYCLER
[01/11/2009 - 14:17:26 | SHD ] D:\System Volume Information
[03/02/2010 - 00:00:53 | D ] D:\the Sims3
[27/06/2010 - 07:28:02 | RSH | 116736] D:\vi8f.exe
[25/06/2010 - 22:39:01 | D ] D:\všetko
[16/09/2009 - 11:42:12 | A | 210479] G:\autorun.ico
[12/04/2010 - 20:57:58 | A | 7750167] G:\02 - JUDEA.mp3
[12/04/2010 - 21:01:26 | A | 8271872] G:\01 - THE COLORS.mp3
[25/04/2010 - 13:19:14 | A | 5843530] G:\01 liquid.mp3
[04/04/2010 - 15:39:18 | A | 11270996] G:\exist trace - VANGUARD .mp3
[10/11/2007 - 08:21:16 | A | 6240384] G:\Hai no Yuki.mp3
[12/04/2010 - 21:54:56 | A | 5874102] G:\01 - Anecdote.mp3
[12/04/2010 - 21:07:06 | A | 6875297] G:\03 - Marchen.mp3
[14/04/2010 - 20:12:36 | A | 7860392] G:\03 Halt.mp3
[16/04/2010 - 18:54:40 | A | 3774592] G:\baptism.mp3
[12/04/2010 - 21:54:56 | A | 12003328] G:\02 - Kiba.mp3
[12/04/2010 - 21:34:44 | A | 3596416] G:\SACRIFICE BABY.mp3
[12/04/2010 - 21:46:30 | A | 4253824] G:\water.mp3
[12/04/2010 - 21:54:56 | A | 7133862] G:\01 - Anna Tsuchiya - Change Your Life.mp3
[14/04/2010 - 20:23:28 | A | 5707402] G:\04 - Anna Tsuchiya - Lovin' you.mp3
[07/11/2009 - 21:10:50 | A | 4437336] G:\Anna Tsuchiya - BUBBLE TRIP.mp3
[12/04/2010 - 21:54:56 | A | 5046370] G:\15 - Anna Tsuchiya - SLAP THAT NAUGHTY BODY.mp3
[12/04/2010 - 21:53:44 | A | 5359000] G:\03 - Anna Tsuchiya - Crazy World.mp3
[13/11/2008 - 23:08:08 | A | 4284785] G:\10 - Anna Tsuchiya - Bubble Trip.mp3
[05/11/2009 - 14:54:14 | A | 4862151] G:\anna tsuchiya - kuroi namida.mp3
[13/04/2010 - 15:17:48 | A | 2636980] G:\ANNA TSUCHIYA Queen of the rock !.mp3
[05/11/2009 - 14:57:22 | A | 3249664] G:\anna tsuchiya -lucy.mp3
[20/12/2009 - 10:55:10 | A | 4550366] G:\HIZAKI grace project - Race wish guitar solo - [HXCMusic.com].mp3
[08/07/2008 - 22:58:58 | A | 12196945] G:\02. Aristocrat's Symphony.mp3
[08/07/2008 - 22:58:58 | A | 11243648] G:\03. Antique In the Future.mp3
[08/07/2008 - 22:58:58 | A | 6197376] G:\04. Second Fear - Another Descendant.mp3
[08/07/2008 - 22:58:58 | A | 7598208] G:\05. zombie.mp3
[08/07/2008 - 22:58:58 | A | 9543808] G:\06. After Cloudia.mp3
[08/07/2008 - 22:59:14 | A | 6269056] G:\12. Episode.mp3
[09/12/2008 - 17:39:30 | A | 13105380] G:\01 PRINCE.mp3
[09/12/2008 - 17:39:30 | A | 20187876] G:\02 PRINCESS.mp3
[09/12/2008 - 17:39:30 | A | 14411424] G:\03 SILENT KNIGHT (instrumental).mp3
[19/01/2010 - 23:16:58 | A | 11165937] G:\Ascendead Master (Album Remaster).MP3
[19/01/2010 - 23:16:28 | A | 20167238] G:\God Palace -Method of Inheritance-.MP3
[27/10/2007 - 12:57:32 | A | 20359881] G:\2 The Love From A Dead Orchestra.mp3
[19/01/2010 - 23:12:38 | A | 9447530] G:\aito Kanashimino Nocturne.MP3
[27/10/2007 - 12:57:38 | A | 10555604] G:\6 The Red Carpet Day.mp3
[27/10/2007 - 13:03:20 | A | 14726836] G:\7 Sympathia.mp3
[13/04/2008 - 23:43:14 | A | 8377215] G:\01.The Revenant Choir.mp3
[05/04/2010 - 17:03:34 | A | 4030830] G:\gazette - filth in the beauty.mp3
[05/04/2010 - 17:03:34 | A | 9392128] G:\preview.mp3
[05/04/2010 - 17:04:26 | A | 3797608] G:\the gazette - silly god disco.mp3
[05/04/2010 - 16:53:00 | A | 3953506] G:\the gazette - toguro.mp3
[05/04/2010 - 17:01:30 | A | 4104391] G:\the gazette - shadow vi ii i.mp3
[05/04/2010 - 17:03:04 | A | 5983336] G:\preview(2).mp3
[05/04/2010 - 16:51:28 | A | 3235036] G:\the gazette - sxdxr.mp3
[05/04/2010 - 17:02:30 | A | 4313787] G:\the gazette - carry.mp3
[05/04/2010 - 17:04:12 | A | 5163917] G:\the gazette - ito.mp3
[05/04/2010 - 16:56:24 | A | 4280769] G:\the gazette - burial applicant.mp3
[05/04/2010 - 16:52:44 | A | 4252347] G:\the gazette - regret.mp3
[05/04/2010 - 17:01:02 | A | 4465507] G:\the gazette - machibouke no kouen de.mp3
[06/04/2010 - 19:35:36 | A | 6570318] G:\The Gazette - Anata No Tame No Kono Inochi.mp3
[06/04/2010 - 19:35:46 | A | 5590204] G:\The Gazette - Zetsu.mp3
[24/04/2010 - 13:18:26 | A | 5653465] G:\Vampires Everywhere_ - _Immortal Love_.mp3
[02/04/2010 - 15:48:44 | A | 1599783] G:\Death Note OP 2 ă€ŚWhat_s Up People__ă€Ť [High Quality].mp3
[02/04/2010 - 15:49:04 | A | 3850493] G:\Deluhi - Revolver Blast.mp3
[02/04/2010 - 15:29:50 | A | 6694706] G:\Deluhi - Yomi no Yuzuriha (with lyrics).mp3
[02/04/2010 - 18:29:14 | A | 4788767] G:\Dir en grey Hageshisa Hageshisa to_ kono mune no naka de karamitsuita shakunetsu no yami.mp3
[02/04/2010 - 21:09:32 | A | 4860910] G:\Nightwish Wish I had An Angel - Official Music Video.mp3
[02/04/2010 - 21:13:34 | A | 4854640] G:\NIGHTWISH - Nemo.mp3
[02/04/2010 - 19:11:20 | A | 4678531] G:\Nightwish - Amaranth.mp3
[02/04/2010 - 18:27:04 | A | 3757976] G:\My Favorite Drug- Porcelain And The Tramps.mp3
[24/04/2010 - 18:35:34 | A | 1833318] G:\Tell Me Why - Joe Jonas (Jonas Brothers) - With Onscreen Lyrics - HQ.mp3
[06/04/2010 - 11:14:14 | A | 4845759] G:\FicTive Marry - S dazdom o preteky.mp3
[26/05/2010 - 22:02:52 | A | 7103739] G:\Winter Sleep- OLIVIA inspi_ REIRA (TRAPNEST).mp3
[20/12/2009 - 14:14:30 | A | 6359168] G:\Kalafina - Fairytale.mp3
[29/11/2009 - 12:56:14 | A | 3577807] G:\resonance-t.m.revolution-soul eater-opening.mp3
[02/04/2010 - 19:19:52 | A | 6477322] G:\Rise - Origa.mp3
[02/04/2010 - 21:15:12 | A | 4510346] G:\[ShiNyuKi] Jrock_VK - Yoko Kanno - Kiseki no umi.mp3
[03/04/2010 - 15:20:06 | A | 4994612] G:\Doubt and Trust - Access.mp3
[03/04/2010 - 15:20:28 | A | 5052082] G:\D_ Gray-Man _ Snow Kiss.mp3
[02/04/2010 - 18:34:18 | A | 5875984] G:\2EN1 I Don_t Care MV.mp3
[04/04/2010 - 15:04:22 | A | 4745404] G:\2NE1 - FIRE (Space).mp3
[02/04/2010 - 20:18:48 | A | 3875049] G:\Big Bang-Lollipop.mp3
[02/04/2010 - 18:28:46 | A | 4921992] G:\Brown Eyed Girls - Sign_avi.mp3
[04/04/2010 - 15:28:32 | A | 5267898] G:\4Minute - Muzik.mp3
[04/04/2010 - 14:57:20 | A | 4287216] G:\4Minute HOT ISSUE MV [OFFICIAL].mp3
[04/04/2010 - 15:00:26 | A | 4476865] G:\4Minute_ Muzik.mp3
[02/04/2010 - 20:18:48 | A | 7073326] G:\lady-gaga-telephone.mp3
[02/04/2010 - 20:18:48 | A | 5015555] G:\Rihanna - Hard ft_ Jeezy.mp3
[05/04/2010 - 20:15:22 | A | 5475832] G:\Christina Aguilera_ Lil_ Kim_ Mya_ Pink - Lady Marmalade.mp3
[26/05/2010 - 22:01:22 | A | 7400490] G:\Olivia - Shadow Of Love.mp3
[26/05/2010 - 22:02:00 | A | 6554645] G:\Olivia Lufkin - A Little Pain.mp3
[26/05/2010 - 22:02:16 | A | 5416229] G:\Olivia Lufkin - Nothing_s Gonna Take My Love.mp3
[26/05/2010 - 21:58:08 | A | 4493584] G:\Olivia Lufkin - Wish.mp3
[11/06/2010 - 19:18:24 | A | 3607178] G:\VdhKZkh8.mp3
[23/10/2008 - 23:57:00 | A | 4672183] G:\01 - Anna Tsuchiya - Virgin Cat.mp3
[02/05/2010 - 19:01:14 | A | 10372180] G:\Hide Forever Love.mp3
[03/05/2010 - 21:10:28 | A | 6652343] G:\The Distillers - The Hunger Live @ Reading (High definition).mp3
[03/05/2010 - 22:47:06 | A | 4378624] G:\Jungle.mp3
[04/05/2010 - 18:59:38 | A | 5846727] G:\existâ€ trace -ćµ·ă®é›«.mp3
[04/05/2010 - 19:07:04 | A | 5558857] G:\existâ€ trace - Lost in Helix.mp3
[03/05/2010 - 19:09:58 | A | 9676825] G:\01 dress (iHoneyJoo.com).mp3
[04/05/2010 - 20:28:30 | A | 6073992] G:\Exist Trace Resonance Full new PV.mp3
[08/05/2010 - 20:30:12 | A | 4572518] G:\[HD][MV] fx - NU ABO_HD.mp3
[11/05/2010 - 19:15:46 | A | 3734988] G:\Christina Aguilera - Not Myself Tonight.mp3
[12/05/2010 - 20:03:34 | A | 5214563] G:\SINCREA - Garasu No Namida.mp3
[16/05/2010 - 14:13:12 | A | 6032240] G:\Blue Foundation - Eyes On Fire.mp3
[18/05/2010 - 17:01:36 | A | 4712534] G:\[MV HD ENG SUB]MBLAQ (ě— ë¸”ëž™) - Y (Why _ ě™ś) [2nd Mini Album]_HD.mp3
[18/05/2010 - 18:58:16 | A | 3684355] G:\Wonder Girls - So Hot ě›ëŤ”ę±¸ěŠ¤.mp3
[18/05/2010 - 20:29:14 | A | 4940278] G:\BIGBANG - Tell Me Goodbye [Official Music Video] HQ_HD.mp3
[26/05/2010 - 21:59:50 | A | 5136718] G:\Olivia Lufkin - Starless night.mp3
[01/06/2010 - 19:37:04 | A | 6554645] G:\the GazettE ~ DISTRESS AND COMA [PV].mp3
[20/05/2010 - 19:11:20 | A | 5082428] G:\[MV HD ENG SUB]4 Minute (íŹ¬ëŻ¸ë‹›) - HuH (í•) _ Hit Your Heart [feat Beast]_HD.mp3
[20/05/2010 - 18:30:36 | A | 5554722] G:\Angelo - SISTER.mp3
[20/05/2010 - 18:34:26 | A | 4619016] G:\G-DRAGON - Heartbreaker (OFFICIAL MV) HQ.mp3
[20/05/2010 - 18:38:44 | A | 5164453] G:\B2ST _ BEAST - SHOCK MV.mp3
[20/05/2010 - 18:42:22 | A | 4356746] G:\BEAST_B2ST - Bad Girl MV.mp3
[23/05/2010 - 19:05:56 | A | 6491429] G:\ç©şă®ĺ˘ç•Ś ARIA(Kalafina).mp3
[23/05/2010 - 18:59:42 | A | 6114743] G:\Kalafina- Sprinter_HD.mp3
[23/05/2010 - 19:02:52 | A | 5441306] G:\Kizuato - kalafina -yuki kajura (traducida).mp3
[23/05/2010 - 19:04:32 | A | 5192620] G:\ç©şă®ĺ˘ç•Śă€€äżŻçž°é˘¨ć™ŻďĽĄďĽ¤.mp3
[15/03/2010 - 20:11:20 | A | 16011056] G:\01 - red moon.mp3
[15/03/2010 - 20:11:46 | A | 14955709] G:\02 - Hikari no Senritsu.mp3
[15/03/2010 - 20:12:00 | A | 11686224] G:\03 - Te to Te to Me to Me.mp3
[04/06/2010 - 21:38:14 | A | 6641821] G:\the gazette- miseinen.mp3
[06/06/2010 - 21:41:22 | A | 5072980] G:\D - Birth (Actual First Upload).mp3
[06/06/2010 - 21:42:22 | A | 6941780] G:\D - Sleeper PV.mp3
[06/06/2010 - 22:06:54 | A | 6349322] G:\D - 7th Rose PV HQ.mp3
[08/06/2010 - 22:51:04 | A | 5218743] G:\Ed _ Winry-Yui _Love and truth__.mp3
[08/06/2010 - 22:03:10 | A | 4072490] G:\BoA - Energetic [MV].mp3
[08/06/2010 - 22:10:32 | A | 3825894] G:\[MV] Eat You Up - BoA.mp3
[11/06/2010 - 19:22:08 | A | 3366274] G:\02 pussycat dolls - bottle pop (ft. snoop dogg).mp3
[12/06/2010 - 21:09:40 | A | 4397425] G:\lady gaga - alejandro .mp3
[23/05/2010 - 20:14:58 | A | 8000261] G:\Kalafina - Red Moon_HD.mp3
[12/06/2010 - 20:29:18 | A | 10986160] G:\[FyneFantasy]Ayumi Hamasaki - Microphone.mp3
[26/05/2010 - 20:54:28 | A | 5724474] G:\Existâ€ trace - Re-prologue.mp3
[26/05/2010 - 20:57:04 | A | 6212963] G:\Existâ€ trace - Lilin.mp3
[13/06/2010 - 11:32:40 | A | 6357682] G:\ćµśĺ´Žă‚ă‚†ăż _ Mirrorcle World.mp3
[13/06/2010 - 21:35:16 | A | 6090188] G:\ă€MUSICă€‘Existâ€ Trace - KNIFE ă€ŽHDă€Ź_HD.mp3
[17/06/2010 - 14:58:58 | A | 4146678] G:\Cascada - Pyromania (Official Video)_HD.mp3
[17/06/2010 - 21:36:12 | A | 5714025] G:\ćµśĺ´Žă‚ă‚†ăż _ Sparkle.mp3
[18/06/2010 - 20:20:26 | A | 2221956] G:\cherrybomb.mp3
[18/06/2010 - 20:21:24 | A | 3417339] G:\Joan Jett - Cherry bomb.mp3
[18/06/2010 - 20:21:32 | A | 3927771] G:\Crimson and Clover- Joan Jett version.mp3
[21/06/2010 - 22:26:58 | A | 4246465] G:\Alesana - The last three letters.mp3
[27/06/2010 - 13:06:50 | A | 3714657] G:\The GazettE In the middle of chaos lyrics.mp3
[27/06/2010 - 13:03:44 | A | 4382869] G:\High and Mighty Color~ Ichirin no Hana.mp3
[24/06/2010 - 16:07:18 | RD ] H:\ŠKOLA
[19/06/2010 - 19:08:32 | HD ] H:\Nový priečinok

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
D:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
G:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
H:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_COMPUTER_1.zip
http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution.

################## | E.O.F |

#4 Příspěvek od **motji** » 30 čer 2010 11:53

To je bince. Máte ještě doma nějaký počítač, kde byli ty flešky?

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

branisimo · #5 Příspěvek od **branisimo** » 30 čer 2010 14:40

jj...dost binec...toto neni muj PC,cize s tim nic neudelam hehe...a jo,ti flashy byli davneji na mojem PC

tady je log a diky moc za tvoji ochotu !!

ComboFix 10-06-29.04 - Family 30.06.2010 15:28:36.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2046.1692 [GMT 2:00]
Running from: c:\documents and settings\Family\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system\BisonC27.dll
c:\windows\system32\Desktop_.ini

.
((((((((((((((((((((((((( Files Created from 2010-05-28 to 2010-06-30 )))))))))))))))))))))))))))))))
.

2010-06-30 09:52 . 2010-06-30 09:52 2427014 ----a-w- C:\UsbFix_Upload_Me_COMPUTER_1.zip
2010-06-30 09:47 . 2010-06-30 09:52 -------- d-----w- C:\UsbFix
2010-06-29 21:21 . 2010-06-29 21:21 -------- d-----w- c:\program files\trend micro
2010-06-29 21:21 . 2010-06-29 21:21 -------- d-----w- C:\rsit
2010-06-28 22:08 . 2010-05-06 20:39 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 22:08 . 2010-05-06 20:33 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 22:08 . 2010-05-06 20:34 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 22:08 . 2010-05-06 20:39 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 22:08 . 2010-05-06 20:33 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 22:08 . 2010-05-06 20:33 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 22:08 . 2010-05-06 20:33 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-28 22:07 . 2010-05-06 20:59 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-06-28 22:07 . 2010-05-06 20:59 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 22:07 . 2010-06-28 22:07 -------- d-----w- c:\program files\Alwil Software
2010-06-28 22:07 . 2010-06-28 22:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-06-27 05:28 . 2010-06-27 05:28 116736 --sh--r- C:\vi8f.exe
2010-06-20 11:51 . 2010-06-20 11:51 -------- d-----w- c:\program files\ICQ6Toolbar
2010-06-20 11:51 . 2010-06-20 11:51 -------- d-----w- c:\documents and settings\All Users\Application Data\ICQ
2010-06-20 11:50 . 2010-06-23 13:30 -------- d-----w- c:\documents and settings\Family\Application Data\ICQ
2010-06-20 11:50 . 2010-06-20 11:50 -------- d-----w- c:\documents and settings\Family\Local Settings\Application Data\AOL
2010-06-20 11:50 . 2010-06-20 13:27 -------- d-----w- c:\program files\ICQ7.2
2010-06-17 21:18 . 2010-06-17 21:18 -------- d-----w- c:\program files\Avanquest update
2010-06-17 21:17 . 2007-06-25 09:43 10792 ----a-w- c:\windows\system32\drivers\s117cr.sys
2010-06-17 21:17 . 2007-06-25 09:43 98856 ----a-w- c:\windows\system32\drivers\s117unic.sys
2010-06-17 21:17 . 2007-06-25 09:43 100264 ----a-w- c:\windows\system32\drivers\s117mgmt.sys
2010-06-17 21:17 . 2007-06-25 09:43 98344 ----a-w- c:\windows\system32\drivers\s117obex.sys
2010-06-17 21:17 . 2007-06-25 09:43 22952 ----a-w- c:\windows\system32\drivers\s117nd5.sys
2010-06-17 21:17 . 2007-06-25 09:43 108456 ----a-w- c:\windows\system32\drivers\s117mdm.sys
2010-06-17 21:17 . 2007-06-25 09:43 14888 ----a-w- c:\windows\system32\drivers\s117mdfl.sys
2010-06-17 21:17 . 2007-06-25 09:43 12200 ----a-w- c:\windows\system32\drivers\s117cmnt.sys
2010-06-17 21:17 . 2007-06-25 09:43 12200 ----a-w- c:\windows\system32\drivers\s117cm.sys
2010-06-17 21:17 . 2007-06-25 09:43 12200 ----a-w- c:\windows\system32\drivers\s117whnt.sys
2010-06-17 21:17 . 2007-06-25 09:43 12200 ----a-w- c:\windows\system32\drivers\s117wh.sys
2010-06-17 21:17 . 2007-06-25 09:43 82984 ----a-w- c:\windows\system32\drivers\s117bus.sys
2010-06-17 21:16 . 2010-06-17 21:16 -------- d-----w- c:\program files\Sony Ericsson
2010-06-17 21:04 . 2010-06-17 21:04 -------- d-----w- c:\documents and settings\All Users\Application Data\BVRP Software
2010-06-17 21:04 . 2010-06-17 21:04 -------- d-----w- c:\documents and settings\Family\Local Settings\Application Data\Sony Ericsson
2010-06-17 21:02 . 2010-06-17 21:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Ericsson
2010-06-06 17:15 . 2010-06-06 17:15 664 ----a-w- c:\windows\system32\d3d9caps.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-29 15:10 . 2009-12-31 13:07 -------- d-----w- c:\documents and settings\Family\Application Data\Skype
2010-06-29 15:05 . 2009-12-31 13:11 -------- d-----w- c:\documents and settings\Family\Application Data\skypePM
2010-06-28 21:54 . 2009-12-31 13:07 -------- d-----r- c:\program files\Skype
2010-06-28 04:01 . 2009-11-01 10:43 -------- d-----w- c:\program files\ESET
2010-06-20 11:51 . 2009-11-01 09:43 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-23 15:57 . 2010-05-23 15:57 503808 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-715f1a13-n\msvcp71.dll
2010-05-23 15:57 . 2010-05-23 15:57 499712 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-715f1a13-n\jmc.dll
2010-05-23 15:57 . 2010-05-23 15:57 348160 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-715f1a13-n\msvcr71.dll
2010-05-23 15:57 . 2010-05-23 15:57 61440 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5f986f49-n\decora-sse.dll
2010-05-23 15:57 . 2010-05-23 15:57 12800 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5f986f49-n\decora-d3d.dll
2010-05-14 07:07 . 2010-05-14 07:07 -------- d-----w- c:\program files\Common Files\Java
2010-05-14 07:07 . 2010-05-14 07:07 503808 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-62eaf337-n\msvcp71.dll
2010-05-14 07:07 . 2010-05-14 07:07 499712 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-62eaf337-n\jmc.dll
2010-05-14 07:07 . 2010-05-14 07:07 348160 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-62eaf337-n\msvcr71.dll
2010-05-14 07:07 . 2010-05-14 07:07 61440 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2dd804be-n\decora-sse.dll
2010-05-14 07:07 . 2010-05-14 07:07 12800 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2dd804be-n\decora-d3d.dll
2010-05-14 07:07 . 2010-05-14 07:07 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-14 07:07 . 2010-05-14 07:07 -------- d-----w- c:\program files\Java
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-18 11:58 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-13 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-13 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2005-06-11 11:51 53248 ------w- c:\program files\Realtek\InstallShield\AzMixerSel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-07 12:47 133104 ----atw- c:\documents and settings\Family\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
2009-07-17 10:12 288080 ----a-w- c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 04:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSN Toolbar]
2009-12-08 20:29 240992 ----a-w- c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
2007-07-05 11:35 94208 ----a-w- c:\windows\PLFSetL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
2010-01-26 17:46 2633976 ----a-w- c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Codemasters\\DiRT\\DiRT.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [29.6.2010 0:08 164048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29.6.2010 0:08 19024]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [20.6.2010 13:51 246520]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.1.2010 23:43 691696]
.
Contents of the 'Scheduled Tasks' folder

2010-06-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-527237240-1177238915-1003Core.job
- c:\documents and settings\Family\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-07 12:47]

2010-06-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-527237240-1177238915-1003UA.job
- c:\documents and settings\Family\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-07 12:47]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\ICQ7.2\ICQ.exe
FF - ProfilePath - c:\documents and settings\Family\Application Data\Mozilla\Firefox\Profiles\t692vymv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=DMDTDF&PC=VEOH&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=DMDTDF&PC=VEOH&q=
FF - plugin: c:\documents and settings\Family\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-30 15:33
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

c:\docume~1\Family\LOCALS~1\Temp\RGI8.tmp 7075 bytes

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(952)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-06-30 15:35:55
ComboFix-quarantined-files.txt 2010-06-30 13:35

Pre-Run: 10 781 949 952 bytes free
Post-Run: 10 adresárov, 10 744 569 856 voľných bajtov

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 9566D5E4ADDD36AECCBC870082AC3815

#6 Příspěvek od **motji** » 30 čer 2010 15:00

A vaše pc se čistilo ted někdy s kolegou Černohousem, ne? Pokud byli flešky ve styku ještě s dalším pc, tak ho také musíte zkontrolovat.

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Collect::
C:\vi8f.exe
c:\docume~1\Family\LOCALS~1\Temp\RGI8.tmp

Folder::
c:\program files\AskBarDis

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"=-
[-HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[-HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"=-

Firefox::
FF - ProfilePath - c:\documents and settings\Family\Application Data\Mozilla\Firefox\Profiles\t692vymv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=DMDTDF&PC=VEOH&q=
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=DMDTDF&PC=VEOH&q=

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

branisimo · #7 Příspěvek od **branisimo** » 01 črc 2010 09:50

ComboFix 10-06-29.04 - Family 30.06.2010 16:28:25.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.421.1033.18.2046.1494 [GMT 2:00]
Running from: c:\documents and settings\Family\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Family\Desktop\CFScript.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

file zipped: C:\vi8f.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\AskBarDis
c:\program files\AskBarDis\bar\bin\askBar.dll
c:\program files\AskBarDis\bar\bin\askPopStp.dll
c:\program files\AskBarDis\bar\bin\psvince.dll
c:\program files\AskBarDis\bar\Cache\000C21F5
c:\program files\AskBarDis\bar\Cache\000C2502
c:\program files\AskBarDis\bar\Cache\000C2669.bin
c:\program files\AskBarDis\bar\Cache\000C28F9.bin
c:\program files\AskBarDis\bar\Cache\000C2B3C.bin
c:\program files\AskBarDis\bar\Cache\000C2C74.bin
c:\program files\AskBarDis\bar\Cache\000C2DAD.bin
c:\program files\AskBarDis\bar\Cache\000C2EF5.bin
c:\program files\AskBarDis\bar\Cache\000C302D.bin
c:\program files\AskBarDis\bar\Cache\000C3166.bin
c:\program files\AskBarDis\bar\Cache\000C32AE.bin
c:\program files\AskBarDis\bar\Cache\000C3415.bin
c:\program files\AskBarDis\bar\Cache\files.ini
c:\program files\AskBarDis\bar\History\search
c:\program files\AskBarDis\bar\Settings\config.dat
c:\program files\AskBarDis\bar\Settings\config.dat.bak
c:\program files\AskBarDis\bar\Settings\prevcfg.htm
c:\program files\AskBarDis\unins000.dat
c:\program files\AskBarDis\unins000.exe
C:\vi8f.exe

.
((((((((((((((((((((((((( Files Created from 2010-05-28 to 2010-06-30 )))))))))))))))))))))))))))))))
.

2010-06-30 09:52 . 2010-06-30 09:52 2427014 ----a-w- C:\UsbFix_Upload_Me_COMPUTER_1.zip
2010-06-30 09:47 . 2010-06-30 09:52 -------- d-----w- C:\UsbFix
2010-06-29 21:21 . 2010-06-29 21:21 -------- d-----w- c:\program files\trend micro
2010-06-29 21:21 . 2010-06-29 21:21 -------- d-----w- C:\rsit
2010-06-28 22:08 . 2010-05-06 20:39 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-06-28 22:08 . 2010-05-06 20:33 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-06-28 22:08 . 2010-05-06 20:34 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-06-28 22:08 . 2010-05-06 20:39 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-06-28 22:08 . 2010-05-06 20:33 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-06-28 22:08 . 2010-05-06 20:33 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-06-28 22:08 . 2010-05-06 20:33 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-06-28 22:07 . 2010-05-06 20:59 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-06-28 22:07 . 2010-05-06 20:59 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-06-28 22:07 . 2010-06-28 22:07 -------- d-----w- c:\program files\Alwil Software
2010-06-28 22:07 . 2010-06-28 22:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-06-20 11:51 . 2010-06-20 11:51 -------- d-----w- c:\program files\ICQ6Toolbar
2010-06-20 11:51 . 2010-06-20 11:51 -------- d-----w- c:\documents and settings\All Users\Application Data\ICQ
2010-06-20 11:50 . 2010-06-23 13:30 -------- d-----w- c:\documents and settings\Family\Application Data\ICQ
2010-06-20 11:50 . 2010-06-20 11:50 -------- d-----w- c:\documents and settings\Family\Local Settings\Application Data\AOL
2010-06-20 11:50 . 2010-06-20 13:27 -------- d-----w- c:\program files\ICQ7.2
2010-06-17 21:18 . 2010-06-17 21:18 -------- d-----w- c:\program files\Avanquest update
2010-06-17 21:17 . 2007-06-25 09:43 10792 ----a-w- c:\windows\system32\drivers\s117cr.sys
2010-06-17 21:17 . 2007-06-25 09:43 98856 ----a-w- c:\windows\system32\drivers\s117unic.sys
2010-06-17 21:17 . 2007-06-25 09:43 100264 ----a-w- c:\windows\system32\drivers\s117mgmt.sys
2010-06-17 21:17 . 2007-06-25 09:43 98344 ----a-w- c:\windows\system32\drivers\s117obex.sys
2010-06-17 21:17 . 2007-06-25 09:43 22952 ----a-w- c:\windows\system32\drivers\s117nd5.sys
2010-06-17 21:17 . 2007-06-25 09:43 108456 ----a-w- c:\windows\system32\drivers\s117mdm.sys
2010-06-17 21:17 . 2007-06-25 09:43 14888 ----a-w- c:\windows\system32\drivers\s117mdfl.sys
2010-06-17 21:17 . 2007-06-25 09:43 12200 ----a-w- c:\windows\system32\drivers\s117cmnt.sys
2010-06-17 21:17 . 2007-06-25 09:43 12200 ----a-w- c:\windows\system32\drivers\s117cm.sys
2010-06-17 21:17 . 2007-06-25 09:43 12200 ----a-w- c:\windows\system32\drivers\s117whnt.sys
2010-06-17 21:17 . 2007-06-25 09:43 12200 ----a-w- c:\windows\system32\drivers\s117wh.sys
2010-06-17 21:17 . 2007-06-25 09:43 82984 ----a-w- c:\windows\system32\drivers\s117bus.sys
2010-06-17 21:16 . 2010-06-17 21:16 -------- d-----w- c:\program files\Sony Ericsson
2010-06-17 21:04 . 2010-06-17 21:04 -------- d-----w- c:\documents and settings\All Users\Application Data\BVRP Software
2010-06-17 21:04 . 2010-06-17 21:04 -------- d-----w- c:\documents and settings\Family\Local Settings\Application Data\Sony Ericsson
2010-06-17 21:02 . 2010-06-17 21:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony Ericsson
2010-06-06 17:15 . 2010-06-06 17:15 664 ----a-w- c:\windows\system32\d3d9caps.dat

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-29 15:10 . 2009-12-31 13:07 -------- d-----w- c:\documents and settings\Family\Application Data\Skype
2010-06-29 15:05 . 2009-12-31 13:11 -------- d-----w- c:\documents and settings\Family\Application Data\skypePM
2010-06-28 21:54 . 2009-12-31 13:07 -------- d-----r- c:\program files\Skype
2010-06-28 04:01 . 2009-11-01 10:43 -------- d-----w- c:\program files\ESET
2010-06-20 11:51 . 2009-11-01 09:43 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-23 15:57 . 2010-05-23 15:57 503808 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-715f1a13-n\msvcp71.dll
2010-05-23 15:57 . 2010-05-23 15:57 499712 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-715f1a13-n\jmc.dll
2010-05-23 15:57 . 2010-05-23 15:57 348160 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-715f1a13-n\msvcr71.dll
2010-05-23 15:57 . 2010-05-23 15:57 61440 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5f986f49-n\decora-sse.dll
2010-05-23 15:57 . 2010-05-23 15:57 12800 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-5f986f49-n\decora-d3d.dll
2010-05-14 07:07 . 2010-05-14 07:07 -------- d-----w- c:\program files\Common Files\Java
2010-05-14 07:07 . 2010-05-14 07:07 503808 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-62eaf337-n\msvcp71.dll
2010-05-14 07:07 . 2010-05-14 07:07 499712 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-62eaf337-n\jmc.dll
2010-05-14 07:07 . 2010-05-14 07:07 348160 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-62eaf337-n\msvcr71.dll
2010-05-14 07:07 . 2010-05-14 07:07 61440 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2dd804be-n\decora-sse.dll
2010-05-14 07:07 . 2010-05-14 07:07 12800 ----a-w- c:\documents and settings\Family\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-2dd804be-n\decora-d3d.dll
2010-05-14 07:07 . 2010-05-14 07:07 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-14 07:07 . 2010-05-14 07:07 -------- d-----w- c:\program files\Java
2009-09-25 16:41 . 2009-09-25 16:41 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-09-25 16:41 . 2009-09-25 16:41 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-13 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-13 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-13 455168]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]
2005-06-11 11:51 53248 ------w- c:\program files\Realtek\InstallShield\AzMixerSel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-03-07 12:47 133104 ----atw- c:\documents and settings\Family\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]
2009-07-17 10:12 288080 ----a-w- c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 04:42 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSN Toolbar]
2009-12-08 20:29 240992 ----a-w- c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
2007-07-05 11:35 94208 ----a-w- c:\windows\PLFSetL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeohPlugin]
2010-01-26 17:46 2633976 ----a-w- c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Codemasters\\DiRT\\DiRT.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [29.6.2010 0:08 164048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [29.6.2010 0:08 19024]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [20.6.2010 13:51 246520]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.1.2010 23:43 691696]
.
Contents of the 'Scheduled Tasks' folder

2010-06-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-527237240-1177238915-1003Core.job
- c:\documents and settings\Family\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-07 12:47]

2010-06-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-73586283-527237240-1177238915-1003UA.job
- c:\documents and settings\Family\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-03-07 12:47]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: {{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\ICQ7.2\ICQ.exe
FF - ProfilePath - c:\documents and settings\Family\Application Data\Mozilla\Firefox\Profiles\t692vymv.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
FF - plugin: c:\documents and settings\Family\Local Settings\Application Data\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.
- - - - ORPHANS REMOVED - - - -

AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-30 16:38
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(952)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-06-30 16:44:43
ComboFix-quarantined-files.txt 2010-06-30 14:44
ComboFix2.txt 2010-06-30 13:36

Pre-Run: 10 744 377 344 bytes free
Post-Run: 10 729 132 032 bytes free

- - End Of File - - 4185B17E838BF2299ADE6759635084D4
Upload was successful

_____________________________________________________________

Autoscan: completed 44 minutes ago (events: 282, objects: 108106, time: 00:23:20)
1.7.2010 9:40:54 Task started
1.7.2010 9:45:25 Detected: Trojan-GameThief.Win32.Magania.dkqp C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/09lf.exe.vir
1.7.2010 9:45:35 Deleted: Trojan-GameThief.Win32.Magania.dkqp C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/09lf.exe.vir
1.7.2010 9:45:35 Detected: Trojan-GameThief.Win32.Magania.dkee C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/1gkbvsni.exe.vir
1.7.2010 9:45:35 Deleted: Trojan-GameThief.Win32.Magania.dkee C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/1gkbvsni.exe.vir
1.7.2010 9:45:36 Detected: Trojan-GameThief.Win32.Magania.djqt C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/2bbi1ax.exe.vir
1.7.2010 9:45:36 Deleted: Trojan-GameThief.Win32.Magania.djqt C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/2bbi1ax.exe.vir
1.7.2010 9:45:36 Detected: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/DOCUME~1/Family/LOCALS~1/Temp/am.exe.vir
1.7.2010 9:45:36 Deleted: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/DOCUME~1/Family/LOCALS~1/Temp/am.exe.vir
1.7.2010 9:45:36 Detected: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/DOCUME~1/Family/LOCALS~1/Temp/dsoqq.exe.vir
1.7.2010 9:45:36 Deleted: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/DOCUME~1/Family/LOCALS~1/Temp/dsoqq.exe.vir
1.7.2010 9:45:36 Detected: Trojan-GameThief.Win32.Magania.dkti C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/eyruu.exe.vir
1.7.2010 9:45:36 Deleted: Trojan-GameThief.Win32.Magania.dkti C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/eyruu.exe.vir
1.7.2010 9:45:36 Detected: Trojan-GameThief.Win32.Magania.dkcg C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/krwyrv0d.exe.vir
1.7.2010 9:45:36 Deleted: Trojan-GameThief.Win32.Magania.dkcg C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/krwyrv0d.exe.vir
1.7.2010 9:45:36 Detected: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/mk28sp.exe.vir
1.7.2010 9:45:36 Deleted: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/mk28sp.exe.vir
1.7.2010 9:45:37 Detected: Trojan-GameThief.Win32.Magania.dkcd C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/xcr.exe.vir
1.7.2010 9:45:37 Deleted: Trojan-GameThief.Win32.Magania.dkcd C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/C/xcr.exe.vir
1.7.2010 9:45:37 Detected: Trojan-GameThief.Win32.Magania.dkqp C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/09lf.exe.vir
1.7.2010 9:45:37 Deleted: Trojan-GameThief.Win32.Magania.dkqp C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/09lf.exe.vir
1.7.2010 9:45:37 Detected: Trojan-GameThief.Win32.Magania.dkee C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/1gkbvsni.exe.vir
1.7.2010 9:45:37 Deleted: Trojan-GameThief.Win32.Magania.dkee C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/1gkbvsni.exe.vir
1.7.2010 9:45:37 Detected: Trojan-GameThief.Win32.Magania.djqt C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/2bbi1ax.exe.vir
1.7.2010 9:45:37 Deleted: Trojan-GameThief.Win32.Magania.djqt C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/2bbi1ax.exe.vir
1.7.2010 9:45:37 Detected: Trojan-GameThief.Win32.Magania.dkti C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/eyruu.exe.vir
1.7.2010 9:45:37 Deleted: Trojan-GameThief.Win32.Magania.dkti C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/eyruu.exe.vir
1.7.2010 9:45:37 Detected: Trojan-GameThief.Win32.Magania.dkcg C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/krwyrv0d.exe.vir
1.7.2010 9:45:37 Deleted: Trojan-GameThief.Win32.Magania.dkcg C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/krwyrv0d.exe.vir
1.7.2010 9:45:37 Detected: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/mk28sp.exe.vir
1.7.2010 9:45:37 Deleted: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/mk28sp.exe.vir
1.7.2010 9:45:38 Detected: Trojan-GameThief.Win32.Magania.dkcd C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/xcr.exe.vir
1.7.2010 9:45:38 Deleted: Trojan-GameThief.Win32.Magania.dkcd C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/D/xcr.exe.vir
1.7.2010 9:45:38 Detected: Trojan-GameThief.Win32.Magania.dkkh C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/G/09lf.exe.vir
1.7.2010 9:45:38 Deleted: Trojan-GameThief.Win32.Magania.dkkh C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/G/09lf.exe.vir
1.7.2010 9:45:38 Detected: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/G/mk28sp.exe.vir
1.7.2010 9:45:38 Deleted: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/G/mk28sp.exe.vir
1.7.2010 9:45:38 Detected: Trojan-GameThief.Win32.Magania.dkcd C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/G/xcr.exe.vir
1.7.2010 9:45:38 Deleted: Trojan-GameThief.Win32.Magania.dkcd C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/G/xcr.exe.vir
1.7.2010 9:45:38 Detected: Trojan-GameThief.Win32.Magania.dknk C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/H/09lf.exe.vir
1.7.2010 9:45:38 Deleted: Trojan-GameThief.Win32.Magania.dknk C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/H/09lf.exe.vir
1.7.2010 9:45:38 Detected: Trojan-GameThief.Win32.Magania.djqt C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/H/2bbi1ax.exe.vir
1.7.2010 9:45:38 Deleted: Trojan-GameThief.Win32.Magania.djqt C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/H/2bbi1ax.exe.vir
1.7.2010 9:45:39 Detected: Trojan-GameThief.Win32.Magania.dkcg C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/H/krwyrv0d.exe.vir
1.7.2010 9:45:39 Deleted: Trojan-GameThief.Win32.Magania.dkcg C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/H/krwyrv0d.exe.vir
1.7.2010 9:45:39 Detected: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/H/mk28sp.exe.vir
1.7.2010 9:45:39 Deleted: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix_Upload_Me_COMPUTER_1.zip/UsbFix_Upload_Me/H/mk28sp.exe.vir
1.7.2010 9:50:59 Detected: Trojan-GameThief.Win32.Magania.dkvn C:\Qoobox\Quarantine\[4]-Submit_2010-06-30_16.28.22.zip/vi8f.exe
1.7.2010 9:51:00 Deleted: Trojan-GameThief.Win32.Magania.dkvn C:\Qoobox\Quarantine\[4]-Submit_2010-06-30_16.28.22.zip/vi8f.exe
1.7.2010 9:51:57 Detected: Trojan-GameThief.Win32.Magania.dkcg C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013885.exe
1.7.2010 9:51:58 Detected: Trojan-GameThief.Win32.Magania.dkcg C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013957.exe
1.7.2010 9:51:59 Detected: Trojan-GameThief.Win32.Magania.dkcd C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013969.exe
1.7.2010 9:52:08 Deleted: Trojan-GameThief.Win32.Magania.dkcg C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013885.exe
1.7.2010 9:52:08 Detected: Trojan.Win32.AutoRun.akr C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013970.inf
1.7.2010 9:52:08 Deleted: Trojan-GameThief.Win32.Magania.dkcd C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013969.exe
1.7.2010 9:52:09 Deleted: Trojan-GameThief.Win32.Magania.dkcg C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013957.exe
1.7.2010 9:52:09 Deleted: Trojan.Win32.AutoRun.akr C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013970.inf
1.7.2010 9:52:09 Detected: Trojan-GameThief.Win32.Magania.dkcd C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013975.exe
1.7.2010 9:52:09 Detected: Trojan.Win32.AutoRun.akr C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013976.inf
1.7.2010 9:52:09 Detected: Trojan-GameThief.Win32.Magania.dkcd C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013993.exe
1.7.2010 9:52:09 Deleted: Trojan.Win32.AutoRun.akr C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013976.inf
1.7.2010 9:52:09 Detected: Trojan.Win32.AutoRun.akr C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013994.inf
1.7.2010 9:52:10 Deleted: Trojan-GameThief.Win32.Magania.dkcd C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013975.exe
1.7.2010 9:52:10 Deleted: Trojan-GameThief.Win32.Magania.dkcd C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013993.exe
1.7.2010 9:52:10 Deleted: Trojan.Win32.AutoRun.akr C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013994.inf
1.7.2010 9:52:11 Detected: Trojan-GameThief.Win32.Magania.dkee C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014328.exe
1.7.2010 9:52:11 Detected: Trojan-GameThief.Win32.Magania.dkee C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014339.exe
1.7.2010 9:52:11 Detected: Trojan-GameThief.Win32.Magania.dkfy C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014354.exe
1.7.2010 9:52:11 Deleted: Trojan-GameThief.Win32.Magania.dkee C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014328.exe
1.7.2010 9:52:12 Deleted: Trojan-GameThief.Win32.Magania.dkee C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014339.exe
1.7.2010 9:52:12 Detected: Trojan-GameThief.Win32.Magania.dkfy C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014367.exe
1.7.2010 9:52:12 Deleted: Trojan-GameThief.Win32.Magania.dkfy C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014354.exe
1.7.2010 9:52:12 Deleted: Trojan-GameThief.Win32.Magania.dkfy C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014367.exe
1.7.2010 9:52:13 Detected: Trojan-GameThief.Win32.Magania.dkfy C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014371.exe
1.7.2010 9:52:13 Detected: Trojan-GameThief.Win32.Magania.dkfy C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014383.exe
1.7.2010 9:52:13 Deleted: Trojan-GameThief.Win32.Magania.dkfy C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014371.exe
1.7.2010 9:52:13 Deleted: Trojan-GameThief.Win32.Magania.dkfy C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014383.exe
1.7.2010 9:52:14 Detected: Trojan-GameThief.Win32.Magania.dkfy C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014482.exe
1.7.2010 9:52:14 Detected: Trojan-GameThief.Win32.Magania.dkiq C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014508.exe
1.7.2010 9:52:14 Deleted: Trojan-GameThief.Win32.Magania.dkfy C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014482.exe
1.7.2010 9:52:14 Detected: Trojan-GameThief.Win32.Magania.dkkh C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014519.exe
1.7.2010 9:52:14 Deleted: Trojan-GameThief.Win32.Magania.dkiq C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014508.exe
1.7.2010 9:52:15 Deleted: Trojan-GameThief.Win32.Magania.dkkh C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014519.exe
1.7.2010 9:52:15 Detected: Trojan-GameThief.Win32.Magania.dkkh C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014536.exe
1.7.2010 9:52:15 Detected: Trojan-GameThief.Win32.Magania.dknk C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014548.exe
1.7.2010 9:52:15 Deleted: Trojan-GameThief.Win32.Magania.dkkh C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014536.exe
1.7.2010 9:52:16 Deleted: Trojan-GameThief.Win32.Magania.dknk C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014548.exe
1.7.2010 9:52:16 Detected: Trojan-GameThief.Win32.Magania.dknk C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP171\A0014554.exe
1.7.2010 9:52:16 Detected: Trojan-GameThief.Win32.Magania.dknk C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP171\A0014571.exe
1.7.2010 9:52:17 Deleted: Trojan-GameThief.Win32.Magania.dknk C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP171\A0014554.exe
1.7.2010 9:52:17 Deleted: Trojan-GameThief.Win32.Magania.dknk C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP171\A0014571.exe
1.7.2010 9:52:17 Detected: Trojan-GameThief.Win32.Magania.dkqp C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014583.exe
1.7.2010 9:52:18 Deleted: Trojan-GameThief.Win32.Magania.dkqp C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014583.exe
1.7.2010 9:52:18 Detected: Trojan-GameThief.Win32.Magania.dkqp C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014627.exe
1.7.2010 9:52:18 Detected: Trojan-GameThief.Win32.Magania.dkqv C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014647.exe
1.7.2010 9:52:19 Deleted: Trojan-GameThief.Win32.Magania.dkqp C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014627.exe
1.7.2010 9:52:19 Detected: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014659.exe
1.7.2010 9:52:19 Deleted: Trojan-GameThief.Win32.Magania.dkqv C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014647.exe
1.7.2010 9:52:20 Deleted: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014659.exe
1.7.2010 9:52:20 Detected: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP173\A0014664.exe
1.7.2010 9:52:20 Detected: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP173\A0014677.exe
1.7.2010 9:52:20 Deleted: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP173\A0014664.exe
1.7.2010 9:52:21 Deleted: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP173\A0014677.exe
1.7.2010 9:52:21 Detected: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP173\A0014693.exe
1.7.2010 9:52:21 Deleted: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP173\A0014693.exe
1.7.2010 9:52:21 Detected: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP174\A0014700.exe
1.7.2010 9:52:22 Deleted: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP174\A0014700.exe
1.7.2010 9:52:22 Detected: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP174\A0014770.exe
1.7.2010 9:52:23 Deleted: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP174\A0014770.exe
1.7.2010 9:52:23 Detected: Trojan-GameThief.Win32.Magania.dkvn C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014775.exe
1.7.2010 9:52:23 Detected: Trojan-GameThief.Win32.Magania.dkvn C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014795.exe
1.7.2010 9:52:24 Deleted: Trojan-GameThief.Win32.Magania.dkvn C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014775.exe
1.7.2010 9:52:24 Deleted: Trojan-GameThief.Win32.Magania.dkvn C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014795.exe
1.7.2010 9:52:26 Detected: Trojan-GameThief.Win32.Magania.dkxb C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014882.exe
1.7.2010 9:52:26 Deleted: Trojan-GameThief.Win32.Magania.dkxb C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014882.exe
1.7.2010 9:52:27 Detected: Trojan-GameThief.Win32.Magania.dkxb C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014893.exe
1.7.2010 9:52:27 Deleted: Trojan-GameThief.Win32.Magania.dkxb C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014893.exe
1.7.2010 9:52:28 Detected: Trojan-GameThief.Win32.Magania.dkxb C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP176\A0014898.exe
1.7.2010 9:52:29 Deleted: Trojan-GameThief.Win32.Magania.dkxb C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP176\A0014898.exe
1.7.2010 9:52:29 Detected: Trojan-GameThief.Win32.Magania.dkxb C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP176\A0014910.exe
1.7.2010 9:52:29 Deleted: Trojan-GameThief.Win32.Magania.dkxb C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP176\A0014910.exe
1.7.2010 9:52:35 Detected: Trojan-GameThief.Win32.Magania.dkzc C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP177\A0014939.exe
1.7.2010 9:52:35 Deleted: Trojan-GameThief.Win32.Magania.dkzc C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP177\A0014939.exe
1.7.2010 9:52:38 Detected: Trojan-GameThief.Win32.Magania.dkzc C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP178\A0015087.exe
1.7.2010 9:52:40 Deleted: Trojan-GameThief.Win32.Magania.dkzc C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP178\A0015087.exe
1.7.2010 9:52:43 Detected: Trojan-GameThief.Win32.Magania.dkzc C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP178\A0015119.exe
1.7.2010 9:52:44 Deleted: Trojan-GameThief.Win32.Magania.dkzc C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP178\A0015119.exe
1.7.2010 9:52:47 Detected: Trojan-GameThief.Win32.Magania.dkqp C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015210.exe
1.7.2010 9:52:47 Detected: Trojan-GameThief.Win32.Magania.dkee C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015211.exe
1.7.2010 9:52:48 Detected: Trojan-GameThief.Win32.Magania.djqt C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015212.exe
1.7.2010 9:52:49 Deleted: Trojan-GameThief.Win32.Magania.dkqp C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015210.exe
1.7.2010 9:52:49 Detected: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015213.exe
1.7.2010 9:52:49 Deleted: Trojan-GameThief.Win32.Magania.dkee C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015211.exe
1.7.2010 9:52:49 Detected: Trojan-GameThief.Win32.Magania.dkcg C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015214.exe
1.7.2010 9:52:49 Deleted: Trojan-GameThief.Win32.Magania.djqt C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015212.exe
1.7.2010 9:52:49 Detected: Trojan-GameThief.Win32.Magania.dkcd C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015215.exe
1.7.2010 9:52:49 Deleted: Trojan-GameThief.Win32.Magania.dkti C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015213.exe
1.7.2010 9:52:50 Deleted: Trojan-GameThief.Win32.Magania.dkcg C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015214.exe
1.7.2010 9:52:50 Deleted: Trojan-GameThief.Win32.Magania.dkcd C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015215.exe
1.7.2010 9:52:51 Detected: Trojan-GameThief.Win32.Magania.dkvn C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015365.exe
1.7.2010 9:52:51 Deleted: Trojan-GameThief.Win32.Magania.dkvn C:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015365.exe
1.7.2010 9:52:54 Detected: Trojan-GameThief.Win32.Magania.dkee C:\UsbFix\Quarantine\C\1gkbvsni.exe.vir
1.7.2010 9:52:54 Detected: Trojan-GameThief.Win32.Magania.dkqp C:\UsbFix\Quarantine\C\09lf.exe.vir
1.7.2010 9:52:54 Deleted: Trojan-GameThief.Win32.Magania.dkee C:\UsbFix\Quarantine\C\1gkbvsni.exe.vir
1.7.2010 9:52:54 Detected: Trojan-GameThief.Win32.Magania.djqt C:\UsbFix\Quarantine\C\2bbi1ax.exe.vir
1.7.2010 9:52:54 Deleted: Trojan-GameThief.Win32.Magania.dkqp C:\UsbFix\Quarantine\C\09lf.exe.vir
1.7.2010 9:52:54 Detected: Trojan-GameThief.Win32.Magania.dkti C:\UsbFix\Quarantine\C\eyruu.exe.vir
1.7.2010 9:52:54 Deleted: Trojan-GameThief.Win32.Magania.djqt C:\UsbFix\Quarantine\C\2bbi1ax.exe.vir
1.7.2010 9:52:54 Detected: Trojan-GameThief.Win32.Magania.dkcg C:\UsbFix\Quarantine\C\krwyrv0d.exe.vir
1.7.2010 9:52:55 Deleted: Trojan-GameThief.Win32.Magania.dkti C:\UsbFix\Quarantine\C\eyruu.exe.vir
1.7.2010 9:52:55 Detected: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix\Quarantine\C\mk28sp.exe.vir
1.7.2010 9:52:55 Deleted: Trojan-GameThief.Win32.Magania.dkcg C:\UsbFix\Quarantine\C\krwyrv0d.exe.vir
1.7.2010 9:52:55 Detected: Trojan-GameThief.Win32.Magania.dkcd C:\UsbFix\Quarantine\C\xcr.exe.vir
1.7.2010 9:52:55 Deleted: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix\Quarantine\C\mk28sp.exe.vir
1.7.2010 9:52:55 Detected: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix\Quarantine\C\DOCUME~1\Family\LOCALS~1\Temp\am.exe.vir
1.7.2010 9:52:56 Deleted: Trojan-GameThief.Win32.Magania.dkcd C:\UsbFix\Quarantine\C\xcr.exe.vir
1.7.2010 9:52:56 Detected: Trojan-GameThief.Win32.Magania.dkqp C:\UsbFix\Quarantine\D\09lf.exe.vir
1.7.2010 9:52:56 Detected: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix\Quarantine\C\DOCUME~1\Family\LOCALS~1\Temp\dsoqq.exe.vir
1.7.2010 9:52:56 Deleted: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix\Quarantine\C\DOCUME~1\Family\LOCALS~1\Temp\am.exe.vir
1.7.2010 9:52:56 Detected: Trojan-GameThief.Win32.Magania.dkee C:\UsbFix\Quarantine\D\1gkbvsni.exe.vir
1.7.2010 9:52:57 Deleted: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix\Quarantine\C\DOCUME~1\Family\LOCALS~1\Temp\dsoqq.exe.vir
1.7.2010 9:52:57 Detected: Trojan-GameThief.Win32.Magania.djqt C:\UsbFix\Quarantine\D\2bbi1ax.exe.vir
1.7.2010 9:52:57 Deleted: Trojan-GameThief.Win32.Magania.dkqp C:\UsbFix\Quarantine\D\09lf.exe.vir
1.7.2010 9:52:57 Detected: Trojan-GameThief.Win32.Magania.dkti C:\UsbFix\Quarantine\D\eyruu.exe.vir
1.7.2010 9:52:58 Deleted: Trojan-GameThief.Win32.Magania.dkee C:\UsbFix\Quarantine\D\1gkbvsni.exe.vir
1.7.2010 9:52:58 Detected: Trojan-GameThief.Win32.Magania.dkcg C:\UsbFix\Quarantine\D\krwyrv0d.exe.vir
1.7.2010 9:52:58 Deleted: Trojan-GameThief.Win32.Magania.djqt C:\UsbFix\Quarantine\D\2bbi1ax.exe.vir
1.7.2010 9:52:58 Detected: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix\Quarantine\D\mk28sp.exe.vir
1.7.2010 9:52:59 Deleted: Trojan-GameThief.Win32.Magania.dkti C:\UsbFix\Quarantine\D\eyruu.exe.vir
1.7.2010 9:52:59 Detected: Trojan-GameThief.Win32.Magania.dkcd C:\UsbFix\Quarantine\D\xcr.exe.vir
1.7.2010 9:52:59 Deleted: Trojan-GameThief.Win32.Magania.dkcg C:\UsbFix\Quarantine\D\krwyrv0d.exe.vir
1.7.2010 9:52:59 Detected: Trojan-GameThief.Win32.Magania.dkkh C:\UsbFix\Quarantine\G\09lf.exe.vir
1.7.2010 9:52:59 Deleted: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix\Quarantine\D\mk28sp.exe.vir
1.7.2010 9:53:00 Detected: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix\Quarantine\G\mk28sp.exe.vir
1.7.2010 9:53:00 Deleted: Trojan-GameThief.Win32.Magania.dkkh C:\UsbFix\Quarantine\G\09lf.exe.vir
1.7.2010 9:53:00 Detected: Trojan-GameThief.Win32.Magania.dkcd C:\UsbFix\Quarantine\G\xcr.exe.vir
1.7.2010 9:53:00 Deleted: Trojan-GameThief.Win32.Magania.dkcd C:\UsbFix\Quarantine\D\xcr.exe.vir
1.7.2010 9:53:00 Detected: Trojan-GameThief.Win32.Magania.dknk C:\UsbFix\Quarantine\H\09lf.exe.vir
1.7.2010 9:53:00 Deleted: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix\Quarantine\G\mk28sp.exe.vir
1.7.2010 9:53:00 Detected: Trojan-GameThief.Win32.Magania.djqt C:\UsbFix\Quarantine\H\2bbi1ax.exe.vir
1.7.2010 9:53:00 Deleted: Trojan-GameThief.Win32.Magania.dkcd C:\UsbFix\Quarantine\G\xcr.exe.vir
1.7.2010 9:53:00 Detected: Trojan-GameThief.Win32.Magania.dkcg C:\UsbFix\Quarantine\H\krwyrv0d.exe.vir
1.7.2010 9:53:00 Deleted: Trojan-GameThief.Win32.Magania.djqt C:\UsbFix\Quarantine\H\2bbi1ax.exe.vir
1.7.2010 9:53:00 Detected: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix\Quarantine\H\mk28sp.exe.vir
1.7.2010 9:53:01 Deleted: Trojan-GameThief.Win32.Magania.dknk C:\UsbFix\Quarantine\H\09lf.exe.vir
1.7.2010 9:53:01 Deleted: Trojan-GameThief.Win32.Magania.dlaw C:\UsbFix\Quarantine\H\mk28sp.exe.vir
1.7.2010 9:53:02 Deleted: Trojan-GameThief.Win32.Magania.dkcg C:\UsbFix\Quarantine\H\krwyrv0d.exe.vir
1.7.2010 9:56:49 Detected: Trojan-GameThief.Win32.Magania.dkvn D:\vi8f.exe
1.7.2010 9:57:08 Deleted: Trojan-GameThief.Win32.Magania.dkvn D:\vi8f.exe
1.7.2010 10:00:31 Detected: Trojan-GameThief.Win32.Magania.dkcg D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013887.exe
1.7.2010 10:00:31 Detected: Trojan-GameThief.Win32.Magania.dkcg D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013959.exe
1.7.2010 10:00:31 Detected: Trojan-GameThief.Win32.Magania.dkcd D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013971.exe
1.7.2010 10:00:39 Deleted: Trojan-GameThief.Win32.Magania.dkcg D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013887.exe
1.7.2010 10:00:39 Detected: Trojan.Win32.AutoRun.akr D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013972.inf
1.7.2010 10:00:39 Deleted: Trojan-GameThief.Win32.Magania.dkcg D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013959.exe
1.7.2010 10:00:39 Detected: Trojan-GameThief.Win32.Magania.dkcd D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013977.exe
1.7.2010 10:00:40 Deleted: Trojan-GameThief.Win32.Magania.dkcd D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013971.exe
1.7.2010 10:00:40 Detected: Trojan.Win32.AutoRun.akr D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013978.inf
1.7.2010 10:00:40 Deleted: Trojan.Win32.AutoRun.akr D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP168\A0013972.inf
1.7.2010 10:00:40 Detected: Trojan-GameThief.Win32.Magania.dkcd D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013995.exe
1.7.2010 10:00:40 Deleted: Trojan-GameThief.Win32.Magania.dkcd D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013977.exe
1.7.2010 10:00:40 Detected: Trojan.Win32.AutoRun.akr D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013996.inf
1.7.2010 10:00:40 Deleted: Trojan.Win32.AutoRun.akr D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013978.inf
1.7.2010 10:00:40 Detected: Trojan-GameThief.Win32.Magania.dkee D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014330.exe
1.7.2010 10:00:40 Deleted: Trojan-GameThief.Win32.Magania.dkcd D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013995.exe
1.7.2010 10:00:40 Detected: Trojan-GameThief.Win32.Magania.dkee D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014341.exe
1.7.2010 10:00:40 Deleted: Trojan.Win32.AutoRun.akr D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0013996.inf
1.7.2010 10:00:40 Detected: Trojan-GameThief.Win32.Magania.dkfy D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014356.exe
1.7.2010 10:00:40 Deleted: Trojan-GameThief.Win32.Magania.dkee D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014330.exe
1.7.2010 10:00:40 Detected: Trojan-GameThief.Win32.Magania.dkfy D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014369.exe
1.7.2010 10:00:40 Deleted: Trojan-GameThief.Win32.Magania.dkee D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014341.exe
1.7.2010 10:00:41 Deleted: Trojan-GameThief.Win32.Magania.dkfy D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014356.exe
1.7.2010 10:00:41 Detected: Trojan-GameThief.Win32.Magania.dkfy D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014373.exe
1.7.2010 10:00:41 Detected: Trojan-GameThief.Win32.Magania.dkfy D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014385.exe
1.7.2010 10:00:41 Deleted: Trojan-GameThief.Win32.Magania.dkfy D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP169\A0014369.exe
1.7.2010 10:00:41 Deleted: Trojan-GameThief.Win32.Magania.dkfy D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014373.exe
1.7.2010 10:00:41 Deleted: Trojan-GameThief.Win32.Magania.dkfy D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014385.exe
1.7.2010 10:00:42 Detected: Trojan-GameThief.Win32.Magania.dkfy D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014484.exe
1.7.2010 10:00:42 Detected: Trojan-GameThief.Win32.Magania.dkiq D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014510.exe
1.7.2010 10:00:42 Deleted: Trojan-GameThief.Win32.Magania.dkfy D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014484.exe
1.7.2010 10:00:42 Detected: Trojan-GameThief.Win32.Magania.dkkh D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014521.exe
1.7.2010 10:00:43 Deleted: Trojan-GameThief.Win32.Magania.dkiq D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014510.exe
1.7.2010 10:00:43 Detected: Trojan-GameThief.Win32.Magania.dkkh D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014538.exe
1.7.2010 10:00:43 Deleted: Trojan-GameThief.Win32.Magania.dkkh D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014521.exe
1.7.2010 10:00:43 Detected: Trojan-GameThief.Win32.Magania.dknk D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014550.exe
1.7.2010 10:00:43 Deleted: Trojan-GameThief.Win32.Magania.dkkh D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014538.exe
1.7.2010 10:00:44 Deleted: Trojan-GameThief.Win32.Magania.dknk D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP170\A0014550.exe
1.7.2010 10:00:44 Detected: Trojan-GameThief.Win32.Magania.dknk D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP171\A0014573.exe
1.7.2010 10:00:44 Detected: Trojan-GameThief.Win32.Magania.dknk D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP171\A0014556.exe
1.7.2010 10:00:44 Deleted: Trojan-GameThief.Win32.Magania.dknk D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP171\A0014573.exe
1.7.2010 10:00:44 Deleted: Trojan-GameThief.Win32.Magania.dknk D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP171\A0014556.exe
1.7.2010 10:00:44 Detected: Trojan-GameThief.Win32.Magania.dkqp D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014585.exe
1.7.2010 10:00:44 Detected: Trojan-GameThief.Win32.Magania.dkqp D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014629.exe
1.7.2010 10:00:45 Deleted: Trojan-GameThief.Win32.Magania.dkqp D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014585.exe
1.7.2010 10:00:45 Detected: Trojan-GameThief.Win32.Magania.dkqv D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014649.exe
1.7.2010 10:00:45 Deleted: Trojan-GameThief.Win32.Magania.dkqp D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014629.exe
1.7.2010 10:00:45 Detected: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014661.exe
1.7.2010 10:00:45 Deleted: Trojan-GameThief.Win32.Magania.dkqv D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014649.exe
1.7.2010 10:00:45 Detected: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP173\A0014666.exe
1.7.2010 10:00:45 Deleted: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP172\A0014661.exe
1.7.2010 10:00:45 Detected: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP173\A0014679.exe
1.7.2010 10:00:46 Deleted: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP173\A0014666.exe
1.7.2010 10:00:46 Detected: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP173\A0014695.exe
1.7.2010 10:00:46 Deleted: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP173\A0014679.exe
1.7.2010 10:00:46 Detected: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP174\A0014698.exe
1.7.2010 10:00:46 Deleted: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP173\A0014695.exe
1.7.2010 10:00:46 Detected: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP174\A0014772.exe
1.7.2010 10:00:46 Deleted: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP174\A0014698.exe
1.7.2010 10:00:47 Deleted: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP174\A0014772.exe
1.7.2010 10:00:47 Detected: Trojan-GameThief.Win32.Magania.dkvn D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014777.exe
1.7.2010 10:00:47 Detected: Trojan-GameThief.Win32.Magania.dkvn D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014797.exe
1.7.2010 10:00:47 Deleted: Trojan-GameThief.Win32.Magania.dkvn D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014777.exe
1.7.2010 10:00:47 Detected: Trojan-GameThief.Win32.Magania.dkxb D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014884.exe
1.7.2010 10:00:47 Deleted: Trojan-GameThief.Win32.Magania.dkvn D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014797.exe
1.7.2010 10:00:47 Detected: Trojan-GameThief.Win32.Magania.dkxb D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014895.exe
1.7.2010 10:00:47 Deleted: Trojan-GameThief.Win32.Magania.dkxb D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014884.exe
1.7.2010 10:00:47 Deleted: Trojan-GameThief.Win32.Magania.dkxb D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP175\A0014895.exe
1.7.2010 10:00:47 Detected: Trojan-GameThief.Win32.Magania.dkxb D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP176\A0014900.exe
1.7.2010 10:00:47 Detected: Trojan-GameThief.Win32.Magania.dkxb D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP176\A0014912.exe
1.7.2010 10:00:48 Deleted: Trojan-GameThief.Win32.Magania.dkxb D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP176\A0014900.exe
1.7.2010 10:00:48 Detected: Trojan-GameThief.Win32.Magania.dkzc D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP177\A0014941.exe
1.7.2010 10:00:48 Deleted: Trojan-GameThief.Win32.Magania.dkxb D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP176\A0014912.exe
1.7.2010 10:00:49 Deleted: Trojan-GameThief.Win32.Magania.dkzc D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP177\A0014941.exe
1.7.2010 10:00:49 Detected: Trojan-GameThief.Win32.Magania.dkzc D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP178\A0015089.exe
1.7.2010 10:00:49 Detected: Trojan-GameThief.Win32.Magania.dkzc D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP178\A0015122.exe
1.7.2010 10:00:49 Deleted: Trojan-GameThief.Win32.Magania.dkzc D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP178\A0015089.exe
1.7.2010 10:00:49 Deleted: Trojan-GameThief.Win32.Magania.dkzc D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP178\A0015122.exe
1.7.2010 10:00:49 Detected: Trojan-GameThief.Win32.Magania.dkqp D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015216.exe
1.7.2010 10:00:49 Detected: Trojan-GameThief.Win32.Magania.dkee D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015217.exe
1.7.2010 10:00:50 Deleted: Trojan-GameThief.Win32.Magania.dkqp D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015216.exe
1.7.2010 10:00:50 Detected: Trojan-GameThief.Win32.Magania.djqt D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015218.exe
1.7.2010 10:00:50 Deleted: Trojan-GameThief.Win32.Magania.dkee D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015217.exe
1.7.2010 10:00:50 Detected: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015219.exe
1.7.2010 10:00:50 Deleted: Trojan-GameThief.Win32.Magania.djqt D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015218.exe
1.7.2010 10:00:50 Detected: Trojan-GameThief.Win32.Magania.dkcg D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015220.exe
1.7.2010 10:00:50 Deleted: Trojan-GameThief.Win32.Magania.dkti D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015219.exe
1.7.2010 10:00:50 Detected: Trojan-GameThief.Win32.Magania.dkcd D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015221.exe
1.7.2010 10:00:51 Deleted: Trojan-GameThief.Win32.Magania.dkcg D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015220.exe
1.7.2010 10:00:51 Deleted: Trojan-GameThief.Win32.Magania.dkcd D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015221.exe
1.7.2010 10:00:51 Detected: Trojan-GameThief.Win32.Magania.dkvn D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015499.exe
1.7.2010 10:00:52 Deleted: Trojan-GameThief.Win32.Magania.dkvn D:\System Volume Information\_restore{7DCF10B6-9D7F-473E-84FB-1E4339971FD0}\RP179\A0015499.exe
1.7.2010 10:04:14 Task completed

#8 Příspěvek od **motji** » 01 črc 2010 20:06

Fajn, jak to vypadá s počítačem?

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

VIRY.CZ

Zavírený PC,prosím o pomoc

Zavírený PC,prosím o pomoc

Re: Zavírený PC,prosím o pomoc

Re: Zavírený PC,prosím o pomoc

Re: Zavírený PC,prosím o pomoc

Re: Zavírený PC,prosím o pomoc

Re: Zavírený PC,prosím o pomoc

Re: Zavírený PC,prosím o pomoc

Re: Zavírený PC,prosím o pomoc