Jak obnovit soubory co smazal Combofix?

[anetka.com]

Ahoj, projizdel jsem PC Combofixem, ale on najednou zacal mazat soubory z programu Účto. Myslíte si, ze by jen tak mazal ciste soubory, nebo ty soubory muzou byt napadene. Jsem to pro jistotu hned restartoval, ale pokud uz neco smazal, co bylo ok, da se to nejak obnovit?

diky

[Rudy]

Vše, co CF smazal je uloženo v C:\Quoobox. Odtud lze vše obnovit.

[anetka.com]

diky moc, jeste blba otazka, jak to obnovim, normalne to vyjmu a vlozim zpet?

mohl by combofix mazat nenapadene soubory? moc se mi to nezda. vidim to poprve

[Rudy]

...jak to obnovim, normalne to vyjmu a vlozim zpet?

Ano. CF obvykle maže jen napadené soubory. DOSové Účto je jedna z vyjímek, které maže, aniž má důvod. Proto zde na fóru nedoporučujeme laikům používat ComboFix.

[motji]

Rudy omlouvám se za vstup
Zrovna učto má strašně moc souborů, takže by bylo lepší použít skript na vrácení souborů kam patří.
Jestli chcete, vložte zde log z combofixu, co jste dělal a já Vám složku obnovím.

[anetka.com]

soubory jsem nasel, ale on mi prepsal pripony na .vir, ale pred tim tam byly cisla. da se to nejak uvest do puvodniho stavu?

edit: jen smazu koncovky. uf

[motji]

Ano, smažete koncovky. Ale jak už jsem psala, pokud sem vložíte log z combofixu, můžu Vám soubory přes skript vrátit do původního stavu.

[anetka.com]

log nebyl, jsem to za chodu restartoval .

no neveril jsem tomu, ze by Combofix smazal neco duleziteho, ale uz verim. koncovky jsem prepsal, tak to snad bude ok

tak dam jen k nakouknuti rsit log:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Borská Květoslava at 2010-07-18 13:57:55
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 47 GB (47%) free of 100 GB
Total RAM: 511 MB (27% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\TRANSLAT\WEBIE.DLL [2008-07-15 360448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-06-29 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-06-17 848376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-03-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-03-09 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\TRANSLAT\WEBIE.DLL [2008-07-15 360448]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-06-17 848376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RaidTool"=C:\Program Files\VIA\RAID\raid_tool.exe [2005-04-26 589824]
"SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2004-04-01 1368064]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2004-03-26 794624]
"pdfSaver3"= []
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"RemoteControl"=C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe [2004-11-02 32768]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\point32.exe [2004-06-03 204800]
"razer"=C:\Program Files\Razer\razerhid.exe [2005-05-17 147456]
"SSBkgdUpdate"=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
"OpwareSE4"=C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
"UVS11 Preload"=C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe [2007-03-03 341488]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"pdfSaver3"=C:\Program Files\PDF\pdfSaver\pdfSaver3.exe [2004-05-19 385024]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-08-10 68856]
"WEBTRAN"= []
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-02-24 385928]
""= []
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

C:\Documents and Settings\Borská Květoslava\Nabídka Start\Programy\Po spuštění
e-Backup 1.42 Scheduler.lnk - C:\Documents and Settings\Borská Květoslava\Data aplikací\Microsoft\Installer\{CA217BDD-D941-454C-AA7E-C3ADA1648FE3}\_3e121a49.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-08-03 46080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tapivers]
C:\WINDOWS\system32\tapivers.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WINDOW~4\MpShHook.dll [2006-04-03 81616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Steam\SteamApps\speedy_1\counter-strike\hl.exe"="C:\Program Files\Steam\SteamApps\speedy_1\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\SteamApps\speedy_1\rag doll kung fu demo\Rag_Doll_Kung_Fu_Steam.exe"="C:\Program Files\Steam\SteamApps\speedy_1\rag doll kung fu demo\Rag_Doll_Kung_Fu_Steam.exe:*:Enabled:Rag_Doll_Kung_Fu_Steam"
"C:\Program Files\Steam\SteamApps\speedy_1\half-life blue shift\hl.exe"="C:\Program Files\Steam\SteamApps\speedy_1\half-life blue shift\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Steam\SteamApps\enkidu01\counter-strike\hl.exe"="C:\Program Files\Steam\SteamApps\enkidu01\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\SteamApps\enkidu01\half-life\hl.exe"="C:\Program Files\Steam\SteamApps\enkidu01\half-life\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\SteamApps\enkidu01\counter-strike source\hl2.exe"="C:\Program Files\Steam\SteamApps\enkidu01\counter-strike source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\Starcraft\StarCraft.exe"="C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft"
"C:\Program Files\Steam\SteamApps\enkidu01\day of defeat\hl.exe"="C:\Program Files\Steam\SteamApps\enkidu01\day of defeat\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Steam\SteamApps\enkidu01\day of defeat source\hl2.exe"="C:\Program Files\Steam\SteamApps\enkidu01\day of defeat source\hl2.exe:*:Enabled:hl2"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Borská Květoslava\Dokumenty\ICQ Lite\209541781\Katunečka_280380256\Heroes of Might and Magic III Complete\Heroes3.exe"="C:\Documents and Settings\Borská Květoslava\Dokumenty\ICQ Lite\209541781\Katunečka_280380256\Heroes of Might and Magic III Complete\Heroes3.exe:*:Enabled:Heroes of Might and Magic® III"
"D:\Petr\mIRC\mirc.exe"="D:\Petr\mIRC\mirc.exe:*:Enabled:mIRC"
"D:\Petr\World of Warcraft\WoW-1.12.0-enGB-downloader.exe"="D:\Petr\World of Warcraft\WoW-1.12.0-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"D:\Petr\World of Warcraft\WoW-1.12.0.5595-to-1.12.1.5875-enGB-downloader.exe"="D:\Petr\World of Warcraft\WoW-1.12.0.5595-to-1.12.1.5875-enGB-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Xfire\xfire.exe"="C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire"
"D:\Petr\World of Warcraft\WoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe"="D:\Petr\World of Warcraft\WoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Petr\Diablo II\Game_crk.exe"="D:\Petr\Diablo II\Game_crk.exe:*:Enabled:Diablo II"
"D:\Petr\TrackMania Nations ESWC\TmNationsESWC.exe"="D:\Petr\TrackMania Nations ESWC\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"D:\NEMAZAT!!!\WARIII\Warcraft III.exe"="D:\NEMAZAT!!!\WARIII\Warcraft III.exe:*:Enabled:Warcraft III"
"D:\NEMAZAT!!!\WARIII\War3.exe"="D:\NEMAZAT!!!\WARIII\War3.exe:*:Enabled:Warcraft III"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-07-18 13:57:55 ----D---- C:\rsit
2010-07-18 13:22:40 ----D---- C:\Program Files\Inachis
2010-07-18 12:20:39 ----A---- C:\WINDOWS\zip.exe
2010-07-18 12:20:39 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-07-18 12:20:39 ----A---- C:\WINDOWS\SWSC.exe
2010-07-18 12:20:39 ----A---- C:\WINDOWS\SWREG.exe
2010-07-18 12:20:39 ----A---- C:\WINDOWS\sed.exe
2010-07-18 12:20:39 ----A---- C:\WINDOWS\PEV.exe
2010-07-18 12:20:39 ----A---- C:\WINDOWS\NIRCMD.exe
2010-07-18 12:20:39 ----A---- C:\WINDOWS\MBR.exe
2010-07-18 12:20:39 ----A---- C:\WINDOWS\grep.exe
2010-07-18 12:20:32 ----SD---- C:\ComboFix
2010-07-18 12:19:31 ----A---- C:\WINDOWS\system32\CF23432.exe
2010-07-18 12:18:32 ----D---- C:\WINDOWS\ERDNT
2010-07-18 12:18:25 ----D---- C:\Qoobox
2010-07-14 18:01:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-06-24 18:52:20 ----D---- C:\Documents and Settings\Borská Květoslava\Data aplikací\GCI Demo
2010-06-24 18:51:31 ----D---- C:\Program Files\GCI Demo
2010-06-20 14:51:55 ----D---- C:\Documents and Settings\Borská Květoslava\Data aplikací\Inbox Toolbar
2010-06-20 14:51:52 ----D---- C:\Program Files\Inbox Toolbar

======List of files/folders modified in the last 1 months======

2010-07-18 13:58:03 ----D---- C:\WINDOWS\Prefetch
2010-07-18 13:55:07 ----AC---- C:\WINDOWS\wincmd.ini
2010-07-18 13:36:05 ----D---- C:\WINDOWS\Temp
2010-07-18 13:22:42 ----SHD---- C:\WINDOWS\Installer
2010-07-18 13:22:41 ----D---- C:\WINDOWS\system32
2010-07-18 13:22:40 ----RD---- C:\Program Files
2010-07-18 13:20:40 ----D---- C:\Program Files\totalcmd
2010-07-18 12:34:06 ----D---- C:\UCTO2009
2010-07-18 12:33:50 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-18 12:33:39 ----D---- C:\WINDOWS
2010-07-18 12:33:20 ----SD---- C:\WINDOWS\Tasks
2010-07-18 12:32:41 ----A---- C:\WINDOWS\TRNCOM.INI
2010-07-18 12:28:36 ----D---- C:\WINDOWS\system32\drivers
2010-07-18 12:28:36 ----AC---- C:\WINDOWS\ntbtlog.txt
2010-07-18 12:28:08 ----D---- C:\WINDOWS\AppPatch
2010-07-18 12:28:07 ----D---- C:\Program Files\Common Files
2010-07-18 12:14:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-18 12:10:25 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-07-18 12:08:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-07-18 11:59:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google Updater
2010-07-18 11:58:51 ----HD---- C:\WINDOWS\inf
2010-07-14 18:01:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-14 18:01:38 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-14 01:07:08 ----D---- C:\Program Files\IrfanView
2010-07-14 01:04:19 ----D---- C:\Program Files\Google
2010-07-14 01:01:20 ----D---- C:\Program Files\VideoLAN
2010-07-13 08:46:38 ----D---- C:\UCTO2010
2010-07-09 09:55:08 ----A---- C:\WINDOWS\TextSpy.ini
2010-07-02 21:39:05 ----A---- C:\WINDOWS\system32\MRT.exe
2010-06-28 20:38:38 ----D---- C:\Program Files\Mozilla Firefox
2010-06-24 18:40:54 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-24 18:40:50 ----RSD---- C:\WINDOWS\assembly
2010-06-23 23:09:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-23 23:08:32 ----D---- C:\WINDOWS\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-04-07 116176]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-08-03 1273344]
R3 block_reader;MPR DRV; \??\F:\Multi_Password_Recovery\Multi Password Recovery 1.1.9\Multi Password Recovery 1.1.9 Portable\block_reader.sys []
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 E1000;Intel(R) PRO/1000 Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2004-11-22 176128]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2004-06-03 20352]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-04-26 381056]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-06-07 266880]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2005-01-20 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2005-01-20 11392]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-09 36496]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2006-07-04 10345]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-20 235100]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pnicml;pnicml; \??\C:\DOCUME~1\BORSKK~1\LOCALS~1\Temp\pnicml.sys []
S3 Razerlow;Razerlow USB Filter Driver; C:\WINDOWS\System32\Drivers\Razerlow.sys [2005-04-24 13225]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\DRIVERS\usbser.sys [2008-04-13 26112]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-08-03 380928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-03-09 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2007-03-03 67056]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-05-25 613888]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2005-08-05 516096]
S2 gupdate1ca2d2ced083c12;Služba Google Update (gupdate1ca2d2ced083c12); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-04 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-25 183280]
S2 PEVSystemStart;PEVSystemStart; C:\ComboFix\PEV.cfxxe [2010-04-26 256512]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WinDefend;Windows Defender Service; C:\Program Files\Windows Defender\MsMpEng.exe [2006-04-03 14032]

-----------------EOF-----------------

[motji]

Já Vám musím nadat . Když už tedy ten combofix spustíte na vlastní pěst, tak ho musíte nechat doběhnout, a ne ho přerušit . Tím si můžete také poškodit systém. To smazané se dá obnovit, vytahnout z karantény přes speciální příkaz, ale poškozený systém už budeme horko těžko napravovat. Combofix je sice výborný detekční a mazací program, ale při běhu je se systémem tak propojený, že ho může i poškodit, pokud se s ním zachází jinak, než má.
Ve Vašem případě ale kvůli učtu doporučuji combofix nepoužívat.


Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.