"XP anti-virus 2011" - nefungují automatické aktualizace

[TomPerys]

Ahoj,

dneska ráno mi do systému vletěl XP anti-virus 2011. Přes Nod32, Spybota i Adaware nebyl ničím detekován a to ani potom, co se začal projevovat a spouštět.

Na netu jsem narazil prakticky jen na jeden typ návodu, jak se ho zbavit - smazat soubory které jsou převážně v dokumententech ve složce aktivního uživatele a tam v "Application Data" a podobně... Následně i nějaké ty údaje v registru (nešly ani spouštět exe soubory...)

Po úpravě a smazání se to ale projevilo katastroficky. Při načítání byla buď BSOD s chybou 0x0000007B nebo se systém po načtení doslova "kousl" - nezobrazil po přihlášení nic, než čistou plochu bez ikon a panelu. Atl-Ctrl-Del sice fungovalo a tedyx jsem chtěl sustit správce úloh, ten ale nenaběhl.

Spustit systém se mi povedlo jen v nouzovém režimu (jednou ovšem taky hned při spouštění proběhl zničeho nic restart). Tam jsem si vypálil rescue CD od AVG ale po 4 hodinách našlo jen nějaké tracking cookie. Nicméně teď se mi povedlo systém nahodit v normálním režimu. Ovšem zase způsobem, že naběhla prázdná plocha bez lišt jen se šipkou. Správce se mi ale povedlo tentokrát nahodit. Proces "explorer.exe" jsem musel ale vypnout a znovu nahodit asi 2x než se to projevilo a konečně se mi ukázaly ikonky i lišta s nabídkou start.

Kvůli tomu divnému chování mám pořád špatný pocit, že něco není OK. Buď tady pořád něco mám ale nic mi to bohužel nedetekuje (NOD, SPYBOT), a nebo jsem něco postarl při úpravě v registru

[TomPerys]

Omlouvám se, tady je log z RSIT

Logfile of random's system information tool 1.08 (written by random/random)
Run by Tomi at 2011-04-06 15:14:59
Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (6%) free of 114 GB
Total RAM: 2046 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:15:14, on 6.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\xampp\mysql\bin\mysqld-nt.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\atwtusb.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\atwtusb.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\msdtc.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\DellTPad\Apoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\I8kfanGUI\I8kfanGUI.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\WIP Miranda IM 1.7.12\miranda32.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\OpenVPN\bin\openvpn-gui.exe
C:\Program Files\OpenVPN\bin\openvpn.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\whoiiiis\WhoIs.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\totalcmd\TOTALCMD.EXE
c:\__RESCUE\RSIT.exe
C:\Program Files\trend micro\Tomi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [i8kfangui] C:\Program Files\I8kfanGUI\I8kfanGUI.exe /startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: ESET HTTP Server (EHttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments, Inc. - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\WINDOWS\system32\OOD2000.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: NTRU TSS v1.2.1.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
O23 - Service: WaveEnrollmentService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: WTService - Unknown owner - C:\WINDOWS\system32\atwtusb.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe

--
End of file - 11498 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2010-01-22 567248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-26 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-26 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2010-01-22 567248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-09-19 159744]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-02-22 13508608]
"nwiz"=nwiz.exe /install []
"NVHotkey"=nvHotkey.dll,Start []
"Broadcom Wireless Manager UI"=C:\WINDOWS\system32\WLTRAY.exe [2007-10-09 2183168]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-02-22 86016]
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\Quickset.exe [2007-07-20 1228800]
"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 169984]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"i8kfangui"=C:\Program Files\I8kfanGUI\I8kfanGUI.exe [2006-09-08 835584]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe [2005-09-08 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2008-06-11 640376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2008-06-12 37232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
C:\Documents and Settings\All Users\Application Data\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2010-03-17 300992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\boincmgr]
C:\Program Files\BOINC\boincmgr.exe [2010-07-01 4862720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\boinctray]
C:\Program Files\BOINC\boinctray.exe [2010-07-01 58112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\combofix]
C:\WINDOWS\system32\kmd.exe [2004-08-04 388608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-08-16 167368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
C:\Program Files\DellSupport\DSAgnt.exe [2007-03-15 460784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\f430d990]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-09-13 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
C:\Program Files\Spyware Doctor\pctsTray.exe [2011-04-06 1287120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-04-13 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MacrokeyManager]
C:\WINDOWS\system32\WTMKM.exe [2009-08-11 5586664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
C:\WINDOWS\system32\oodtray.exe [2009-04-08 2553088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\openvpn-gui]
C:\Program Files\OpenVPN\bin\openvpn-gui.exe [2005-08-18 99328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OSSelectorReinstall]
C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe [2007-03-15 2225208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2006-10-20 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegKillElbyCheck]
C:\Program Files\Elaborate Bytes\DVD Region Killer\ElbyCheck.exe [2001-12-06 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegKillTray]
C:\Program Files\Elaborate Bytes\DVD Region Killer\RegKillTray.exe [2002-04-13 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2006-08-17 1116920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
C:\WINDOWS\stsystra.exe [2007-02-19 303104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartPatrol]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Valve\Steam\steam.exe [2011-04-04 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-09-19 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup 2.5]
C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe [2004-11-12 245760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WavXMgr]
C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe [2007-09-10 92160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yodm3D]
C:\Program Files\yodm3DII\Yodm3D.exe [2007-06-26 2058752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
C:\PROGRA~1\DIGITA~1\DLG.exe [2006-11-03 50688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^VideoCam Suite 2.0.lnk]
C:\PROGRA~1\PANASO~1\VIDEOC~1\VIDEOC~2.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tomi^Start Menu^Programs^Startup^setup_9.0.0.722_15.03.2011_11-34.lnk]
C:\DOCUME~1\Tomi\Desktop\INSTAL~1\VIRUSR~1\SETUP_~1.201\startup.exe [2009-10-01 72208]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\Program Files\DVDIdle Pro\DVDShell.dll [2004-10-09 49152]
"{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
wvauth
C:\WINDOWS\system32\awtqnkhe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSecurityTab"=1
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoSecurityTab"=1
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\games\RedFaction\PF.exe"="C:\games\RedFaction\PF.exe:*:Enabled:PF"
"C:\xampp\apache\bin\apache.exe"="C:\xampp\apache\bin\apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Disabled:µTorrent"
"C:\games\RedFaction\rf.exe"="C:\games\RedFaction\rf.exe:*:Disabled:Red Faction"
"C:\games\RedFaction\RedFaction.exe"="C:\games\RedFaction\RedFaction.exe:*:Disabled:Red Faction Launcher"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\games\RedFaction\rf.exe"="C:\games\RedFaction\rf.exe:*:Disabled:Red Faction"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\_Download\Xilisoft.AVI.To.DVD.Converter.v3.0.34.Build.0124\Xilisoft.AVI.To.DVD.Converter.v3.0.34.Build.0124\Xilisoft.AVI.To.DVD.Converter.v3.0.34.Build.0124.exe"="C:\_Download\Xilisoft.AVI.To.DVD.Converter.v3.0.34.Build.0124\Xilisoft.AVI.To.DVD.Converter.v3.0.34.Build.0124\Xilisoft.AVI.To.DVD.Converter.v3.0.34.Build.0124.exe:*:Enabled:C:\_Download\Xilisoft.AVI.To.DVD.Converter.v3.0.34.Build.0124\Xilisoft.AVI.To.DVD.Converter.v3.0.34.Build.0124\Xilisoft.AVI.To.DVD.Converter.v3.0.34.Build.0124.exe"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"

======List of files/folders created in the last 1 months======

2011-04-06 15:14:59 ----D---- C:\rsit
2011-04-06 15:14:59 ----D---- C:\Program Files\trend micro
2011-04-06 15:05:32 ----D---- C:\WINDOWS\LastGood
2011-04-06 13:44:52 ----ASH---- C:\hiberfil.sys
2011-04-06 10:58:49 ----A---- C:\WINDOWS\zip.exe
2011-04-06 10:58:49 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-04-06 10:58:49 ----A---- C:\WINDOWS\SWSC.exe
2011-04-06 10:58:49 ----A---- C:\WINDOWS\SWREG.exe
2011-04-06 10:58:49 ----A---- C:\WINDOWS\sed.exe
2011-04-06 10:58:49 ----A---- C:\WINDOWS\PEV.exe
2011-04-06 10:58:49 ----A---- C:\WINDOWS\MBR.exe
2011-04-06 10:58:49 ----A---- C:\WINDOWS\grep.exe
2011-04-06 10:58:42 ----SD---- C:\ComboFix
2011-04-06 10:14:58 ----D---- C:\Qoobox
2011-04-06 09:10:57 ----D---- C:\Avenger
2011-04-06 09:10:56 ----A---- C:\avenger.txt
2011-04-06 07:02:08 ----D---- C:\Documents and Settings\Tomi\Application Data\Safer Networking
2011-04-06 06:28:49 ----D---- C:\__RESCUE
2011-04-06 06:02:59 ----A---- C:\WINDOWS\BDTSupport.dll
2011-04-06 06:02:58 ----A---- C:\WINDOWS\SGDetectionTool.dll
2011-04-06 06:02:57 ----A---- C:\WINDOWS\PCTBDCore.dll
2011-04-06 06:02:56 ----A---- C:\WINDOWS\PCTBDRes.dll
2011-04-06 05:58:57 ----A---- C:\WINDOWS\system32\drivers\pctgntdi.sys
2011-04-06 05:58:41 ----A---- C:\WINDOWS\system32\drivers\PCTCore.sys
2011-04-06 05:58:41 ----A---- C:\WINDOWS\system32\drivers\PCTAppEvent.sys
2011-04-06 05:58:31 ----A---- C:\WINDOWS\system32\drivers\pctplsg.sys
2011-04-06 05:57:48 ----D---- C:\Program Files\Common Files\PC Tools
2011-04-06 05:57:46 ----D---- C:\Program Files\Spyware Doctor
2011-04-06 05:57:46 ----D---- C:\Documents and Settings\Tomi\Application Data\PC Tools
2011-04-06 05:57:46 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2011-04-04 12:07:38 ----D---- C:\Program Files\Valve
2011-03-31 09:53:04 ----D---- C:\Program Files\DHD Lost Way
2011-03-28 14:39:51 ----D---- C:\Program Files\AISNSIM
2011-03-16 13:51:19 ----D---- C:\Program Files\WinPcap
2011-03-16 13:49:46 ----D---- C:\Program Files\Nmap
2011-03-16 13:46:52 ----A---- C:\nmap-5.51-setup.exe
2011-03-16 12:51:58 ----A---- C:\0001.txt
2011-03-16 12:44:45 ----D---- C:\Program Files\UUDeview
2011-03-16 11:14:01 ----A---- C:\WINDOWS\system32\drivers\83587732.sys
2011-03-16 11:14:01 ----A---- C:\WINDOWS\system32\drivers\83587731.sys
2011-03-16 11:14:00 ----A---- C:\WINDOWS\system32\drivers\8358773.sys
2011-03-13 08:41:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-03-13 08:38:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-03-13 08:37:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$

======List of files/folders modified in the last 1 months======

2011-04-06 15:14:59 ----D---- C:\Program Files
2011-04-06 15:14:55 ----A---- C:\WINDOWS\WINCMD.INI
2011-04-06 15:12:28 ----SHD---- C:\WINDOWS\Installer
2011-04-06 15:12:28 ----SHD---- C:\Config.Msi
2011-04-06 15:10:48 ----D---- C:\WINDOWS\TEMP
2011-04-06 15:07:26 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2011-04-06 15:05:34 ----D---- C:\WINDOWS\system32\drivers
2011-04-06 15:05:32 ----D---- C:\WINDOWS
2011-04-06 13:59:18 ----D---- C:\WINDOWS\system32
2011-04-06 13:57:29 ----SD---- C:\WINDOWS\Tasks
2011-04-06 13:56:33 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-06 13:53:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-06 13:47:23 ----A---- C:\WINDOWS\win.ini
2011-04-06 13:47:06 ----D---- C:\WINDOWS\Registration
2011-04-06 13:46:19 ----A---- C:\WINDOWS\ModemLog_Standard 33600 bps Modem.txt
2011-04-06 13:46:19 ----A---- C:\WINDOWS\ModemLog_LGE Virtual Modem.txt
2011-04-06 13:46:13 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D330 MDC V.92 Modem.txt
2011-04-06 10:58:35 ----A---- C:\WINDOWS\ntbtlog.txt
2011-04-06 10:47:28 ----D---- C:\_Download
2011-04-06 10:31:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-06 10:28:35 ----D---- C:\WINDOWS\security
2011-04-06 10:12:07 ----ASH---- C:\boot.ini
2011-04-06 10:12:07 ----A---- C:\WINDOWS\system.ini
2011-04-06 10:03:30 ----SHD---- C:\WINDOWS\CSC
2011-04-06 09:42:09 ----D---- C:\WINDOWS\Prefetch
2011-04-06 05:58:29 ----D---- C:\WINDOWS\WinSxS
2011-04-06 05:57:48 ----D---- C:\Program Files\Common Files
2011-04-06 05:35:24 ----D---- C:\WINDOWS\pss
2011-04-06 05:10:23 ----D---- C:\Temp
2011-04-05 10:33:01 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-04-05 04:59:09 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2011-04-04 17:04:31 ----D---- C:\_Work
2011-04-04 15:43:52 ----D---- C:\WINDOWS\system32\FxsTmp
2011-04-04 13:52:06 ----D---- C:\games
2011-04-04 13:08:13 ----D---- C:\_Private
2011-04-01 11:30:36 ----D---- C:\Program Files\Mozilla Thunderbird
2011-04-01 07:57:05 ----D---- C:\Documents and Settings\Tomi\Application Data\vlc
2011-03-30 13:41:59 ----D---- C:\Documents and Settings\Tomi\Application Data\Audacity
2011-03-29 11:09:41 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-29 06:54:08 ----RSD---- C:\WINDOWS\Fonts
2011-03-28 13:55:46 ----D---- C:\Documents and Settings\Tomi\Application Data\dvdcss
2011-03-28 10:58:29 ----A---- C:\WINDOWS\DVDIdlePro.INI
2011-03-24 08:22:26 ----D---- C:\Program Files\Mozilla Firefox
2011-03-22 18:43:20 ----D---- C:\Documents and Settings\Tomi\Application Data\FileZilla
2011-03-21 16:43:43 ----D---- C:\Program Files\Opera
2011-03-21 06:32:09 ----D---- C:\THUN_POSTA
2011-03-16 22:30:13 ----HD---- C:\WINDOWS\inf
2011-03-16 12:49:36 ----D---- C:\____VYVOLAT
2011-03-16 11:21:47 ----SHD---- C:\System Volume Information
2011-03-16 10:51:58 ----D---- C:\WINDOWS\system32\CatRoot
2011-03-16 10:41:59 ----D---- C:\WINDOWS\system32\config
2011-03-16 10:41:19 ----D---- C:\WINDOWS\system32\wbem
2011-03-16 10:40:49 ----RSHD---- C:\WINDOWS\system32\dllcache
2011-03-16 10:39:14 ----D---- C:\Program Files\Deep Silver
2011-03-16 10:38:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-03-16 10:38:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2482017$
2011-03-16 10:38:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-03-16 10:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-03-16 10:17:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-03-16 10:17:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-03-16 10:17:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-03-16 10:17:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-03-16 10:17:02 ----D---- C:\Program Files\whoiiiis
2011-03-16 10:12:15 ----D---- C:\WINDOWS\system32\Restore
2011-03-13 08:38:22 ----A---- C:\WINDOWS\system32\MRT.exe
2011-03-13 08:38:09 ----A---- C:\WINDOWS\imsins.BAK
2011-03-09 18:45:15 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 83587732;83587732 Boot Guard Driver; C:\WINDOWS\system32\DRIVERS\83587732.sys [2009-10-22 37392]
R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2006-07-21 99176]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [2010-11-22 64288]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PBADRV;PBADRV; C:\WINDOWS\system32\DRIVERS\PBADRV.sys [2007-09-07 26608]
R0 PCTCore;PCTools KDS; C:\WINDOWS\system32\drivers\PCTCore.sys [2011-04-06 218592]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-06-14 58232]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\WINDOWS\System32\drivers\sfsync04.sys [2006-06-14 59264]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2006-06-14 78184]
R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2010-04-23 114048]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 83587731;83587731; C:\WINDOWS\system32\DRIVERS\83587731.sys [2009-09-25 128016]
R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-08-11 12920]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2006-08-11 28184]
R1 fanio;FanIO driver; \??\C:\WINDOWS\system32\drivers\fanio.sys []
R1 InCDRm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2005-09-07 30464]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 setup_9.0.0.722_15.03.2011_11-34drv;setup_9.0.0.722_15.03.2011_11-34drv; C:\WINDOWS\system32\DRIVERS\8358773.sys [2009-10-09 315408]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-04-26 64896]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-09-03 279712]
R2 BASFND;BASFND; \??\C:\Program Files\Broadcom\ASFIPMon\BASFND.sys []
R2 cvintdrv;cvintdrv; C:\WINDOWS\system32\drivers\cvintdrv.sys [2006-07-27 4096]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-08-18 35096]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-08-18 32472]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-08-18 9400]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-08-18 104472]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-08-18 26008]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-08-18 14520]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-08-18 97848]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-08-18 94648]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-08-11 51768]
R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2002-04-04 13300]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-09-03 25888]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2007-12-02 12672]
R2 PDRJNDL;PDRJNDL; \??\C:\Program Files\Dekart\Private Disk Light\PDRJNDL.SYS []
R2 PRVDISK;PRVDISK; \??\C:\Program Files\Dekart\Private Disk Light\PRVDISK.SYS []
R2 WavxDMgr;WavxDMgr; C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys [2007-09-10 161280]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2007-09-19 155136]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-03-13 160256]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2007-10-09 1123328]
R3 DXEC01;DXEC01; C:\WINDOWS\system32\drivers\dxec01.sys [2006-11-02 97536]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2004-04-19 6656]
R3 guardian2;guardian2; C:\WINDOWS\System32\Drivers\oz776.sys [2007-11-28 62208]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-12-02 989952]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-12-02 211200]
R3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 moufiltr;Tablet Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\moufiltr.sys [2009-03-08 6144]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2008-11-11 27136]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-02-22 6658592]
R3 OOTextMode;OOTextMode; C:\WINDOWS\System32\drivers\oobctm.sys [2009-04-07 37896]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-11-18 47360]
R3 RegKill;RegKill; C:\WINDOWS\System32\Drivers\RegKill.sys [2002-03-10 6144]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-02-19 1228296]
R3 StillCam;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-08-17 6784]
R3 tap0801;TAP-Win32 Adapter V8; C:\WINDOWS\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2007-04-26 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-26 113920]
R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2007-04-26 36480]
R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-04-26 73600]
R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2007-04-26 18612]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-04-26 41856]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 vhidmini;Generic Virtual HID Driver; C:\WINDOWS\system32\DRIVERS\walvhid.sys [2009-04-16 6144]
R3 WaveFDE;Wave System Power Monitor Device Driver; C:\WINDOWS\system32\DRIVERS\WaveFDE.sys [2007-09-06 18176]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-12-02 731136]
R4 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys []
R4 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys []
R4 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys []
S0 qhcend;qhcend; C:\WINDOWS\system32\drivers\bdbgq.sys []
S1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys []
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 cpuz132;cpuz132; \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys []
S3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 esihdrv;esihdrv; \??\C:\DOCUME~1\Tomi\LOCALS~1\Temp\esihdrv.sys []
S3 FlashUSB;FlashUSB; C:\WINDOWS\system32\DRIVERS\FlashUSB.sys [2009-05-12 16896]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys []
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2009-03-19 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2009-03-19 8320]
S3 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2011-02-11 35088]
S3 npkcrypt;npkcrypt; C:\WINDOWS\system32\drivers\npkcrypt.sys []
S3 NSNDIS5;NSNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\NSNDIS5.SYS []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-19 13056]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-19 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-19 24832]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-14 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-14 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-14 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 InCDFs;InCD File System; C:\WINDOWS\system32\drivers\InCDFs.sys [2005-09-07 101760]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-14 40960]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-02-23 685816]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-14 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-02-06 727720]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-26 153376]
R2 LkCitadelServer;Lookout Citadel Server; C:\WINDOWS\system32\lkcitdl.exe [2006-06-19 688190]
R2 lkClassAds;National Instruments PSP Server Locator; C:\WINDOWS\system32\lkads.exe [2006-07-25 45056]
R2 lkTimeSync;National Instruments Time Synchronization; C:\WINDOWS\system32\lktsrv.exe [2006-07-25 57344]
R2 mysql;mysql; C:\xampp\mysql\bin\mysqld-nt.exe [2007-12-21 4653056]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe [2007-07-20 475136]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [2006-07-25 200704]
R2 niSvcLoc;NI Service Locator; C:\WINDOWS\system32\nisvcloc.exe [2006-02-06 49152]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-02-22 155716]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2009-04-08 1377536]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-12-24 69632]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-06-30 75064]
R2 STacSV;SigmaTel Audio Service; C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe [2007-02-19 90112]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 tcsd_win32.exe;NTRU TSS v1.2.1.25 TCS; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [2007-11-09 1552384]
R2 TdmService;TdmService; C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe [2007-09-07 737280]
R2 Wave UCSPlus;Wave UCSPlus; C:\WINDOWS\system32\dllhost.exe [2008-04-14 5120]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\WINDOWS\System32\WLTRYSVC.EXE [2007-10-09 24064]
R2 WTService;WTService; C:\WINDOWS\system32\atwtusb.exe [2009-08-06 397032]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-03-08 1405384]
S2 OOD2000;O&O Defrag 2000; C:\WINDOWS\system32\OOD2000.exe [2001-04-06 238080]
S2 r_server;Remote Administrator Service; C:\WINDOWS\system32\r_server.exe /service []
S2 XAMPP;XAMPP Service; C:\xampp\service.exe [2007-12-21 60928]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-19 70656]
S3 EHttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-16 651720]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NILM License Manager;NILM License Manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2006-06-27 1007616]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2006-10-01 16384]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2010-03-15 1142224]
S3 SecureStorageService;SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [2007-08-31 486400]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WaveEnrollmentService;WaveEnrollmentService; C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe [2007-09-13 192512]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 Apache2.2;Apache2.2; c:\xampp\apache\bin\apache.exe [2007-12-21 17920]
S4 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor; C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [2006-12-19 79432]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]

-----------------EOF-----------------

[motji]

Hezké odpoledne
Zkuste obnovu systému k datu, než se pc zaviroval.

[TomPerys]

Zdravim,

to jsem nezkoušel, možná vyzkouším. Systém se zdá být už ok. Spouští se celkem normálně bez nutnosti znovu spouštět proces explorer. Bohužel ale stálle trvá BSOD (modrá smrt). Stává se to po restartu nebo obnovení z hibernace a to jen někdy - náhodně. Chyba je pořád stejná (0x0000007B).

Netuším co s tím. Začlo to po zavirování - respektive po tom co jsem vir smazal, smazal dle návodu něco v registrech a pak jsem pokračoval v plánovaném restartu. Pak mi ale došla baterka a po úspěšném vypnutí a znovu zapnutí (obrazovka před biosem) se počítač úplně vypl a už tedy nemohl v restartu pokračovat. Když jsem ho pak zapl, tak nastala poprvé ta BSOD

Bojím se aby to nebylo HW

[motji]

Zkuste první tu obnovu systému. V minidumpu stále nic není?

[TomPerys]

Tak přináším nové informace

1) minidump sem nenašel, popravdě jsem ho ani nehledal stejně bych z něj nic nevyčetl a díky bohu BSOD zmizelo a už se neobjevilo (zatím)

2) je tu ale jiný problém, zjistil jsem, že nefungují aktualizace. Web microsoftu (w i n d o w s u p d a t e .microsoft.com) mi v jakémkoliv prohlížeši hlásí nedostupnost (IE "Internet Explorer cannot display the webpage", Opera "Připojení bylo ukončeno vzdáleným serverem"). Zajímavé je, že když napíšu "w i n d o w s u p d a t e.microsoft.com" přímo do hlédání na http://google.cz tak mi to taky místo výsledků vyhodí "Připojení bylo ukončeno vzdáleným serverem". Dokonce i když se ten název snažím dát tady na fórum (proto obsahuje mezery). Jako kdyby to něco blokovalo!

Nefungují ani když mi v tray bliká dostupná aktualizace. Když ji dám instalovat, tak se instaluje ale nakonec to napíše že update nemůže být nainstalován. Už tam není ale proč.

Takže zřejmě stále něco v mém PC vězí. A situace je úplně stejná i po obnovení systému ze dne, kdy byl naprosto v pořádku (před nákazou)


EDIT:
zkoušel jsem postup na obnovu aktualizací viz. níže ale taky bez úspěchu

cd /d %SystemRoot%\system32
regsvr32 comcat.dll /s
regsvr32 shdoc401.dll /s
regsvr32 shdoc401.dll /i /s
regsvr32 asctrls.ocx /s
regsvr32 oleaut32.dll /s
regsvr32 shdocvw.dll /I /s
regsvr32 shdocvw.dll /s
regsvr32 browseui.dll /s
regsvr32 browseui.dll /I /s
regsvr32 msrating.dll /s
regsvr32 mlang.dll /s
regsvr32 hlink.dll /s
regsvr32 mshtmled.dll /s
regsvr32 urlmon.dll /s
regsvr32 plugin.ocx /s
regsvr32 sendmail.dll /s
regsvr32 scrobj.dll /s
regsvr32 mmefxe.ocx /s
regsvr32 corpol.dll /s
regsvr32 jscript.dll /s
regsvr32 msxml.dll /s
regsvr32 imgutil.dll /s
regsvr32 thumbvw.dll /s
regsvr32 cryptext.dll /s
regsvr32 rsabase.dll /s
regsvr32 inseng.dll /s
regsvr32 iesetup.dll /i /s
regsvr32 cryptdlg.dll /s
regsvr32 actxprxy.dll /s
regsvr32 dispex.dll /s
regsvr32 occache.dll /s
regsvr32 occache.dll /i /s
regsvr32 iepeers.dll /s
regsvr32 urlmon.dll /i /s
regsvr32 cdfview.dll /s
regsvr32 webcheck.dll /s
regsvr32 mobsync.dll /s
regsvr32 pngfilt.dll /s
regsvr32 licmgr10.dll /s
regsvr32 icmfilter.dll /s
regsvr32 hhctrl.ocx /s
regsvr32 inetcfg.dll /s
regsvr32 tdc.ocx /s
regsvr32 MSR2C.DLL /s
regsvr32 msident.dll /s
regsvr32 msieftp.dll /s
regsvr32 xmsconf.ocx /s
regsvr32 ils.dll /s
regsvr32 msoeacct.dll /s
regsvr32 inetcomm.dll /s
regsvr32 msdxm.ocx /s
regsvr32 dxmasf.dll /s
regsvr32 l3codecx.ax /s
regsvr32 acelpdec.ax /s
regsvr32 mpg4ds32.ax /s
regsvr32 voxmsdec.ax /s
regsvr32 danim.dll /s
regsvr32 Daxctle.ocx /s
regsvr32 lmrt.dll /s
regsvr32 datime.dll /s
regsvr32 dxtrans.dll /s
regsvr32 dxtmsft.dll /s
regsvr32 WEBPOST.DLL /s
regsvr32 WPWIZDLL.DLL /s
regsvr32 POSTWPP.DLL /s
regsvr32 CRSWPP.DLL /s
regsvr32 FTPWPP.DLL /s
regsvr32 FPWPP.DLL /s
regsvr32 WUAPI.DLL /s
regsvr32 WUAUENG.DLL /s
regsvr32 ATL.DLL /s
regsvr32 WUCLTUI.DLL /s
regsvr32 WUPS.DLL /s
regsvr32 WUWEB.DLL /s
regsvr32 wshom.ocx /s
regsvr32 wshext.dll /s
regsvr32 vbscript.dll /s
regsvr32 scrrun.dll mstinit.exe /setup /s
regsvr32 msnsspc.dll /SspcCreateSspiReg /s
regsvr32 msapsspc.dll /SspcCreateSspiReg /s
exit

[motji]

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[TomPerys]

Tady je jeste lok z HijackThis, postnu jeste log z RSIT pozdeji
jinak mam i log z kasperskeho AVP tool kdybyste chteli

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:53:00, on 7.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG10\avgfws.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lkcitdl.exe
C:\WINDOWS\system32\lkads.exe
C:\WINDOWS\system32\lktsrv.exe
C:\xampp\mysql\bin\mysqld-nt.exe
C:\Program Files\AVG\AVG10\avgam.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
C:\WINDOWS\system32\nisvcloc.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\atwtusb.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\DellTPad\Apoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\I8kfanGUI\I8kfanGUI.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\WIP Miranda IM 1.7.12\miranda32.exe
C:\Program Files\OpenVPN\bin\openvpn-gui.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\Program Files\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Documents and Settings\Tomi\Desktop\Virus Removal Tool\AVPtool_setup_9.0.0.722_07.04.2011_16-46\AVPtool_setup_9.0.0.722_07.04.2011_16-46.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ECCenter.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\OpenVPN\bin\openvpn.exe
C:\WINDOWS\system32\atwtusb.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
c:\__RESCUE\HijackThis_executable.exe
C:\Program Files\CodePad\CodePad.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [i8kfangui] C:\Program Files\I8kfanGUI\I8kfanGUI.exe /startup
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: AVPtool_setup_9.0.0.722_07.04.2011_16-46.lnk = C:\Documents and Settings\Tomi\Desktop\Virus Removal Tool\AVPtool_setup_9.0.0.722_07.04.2011_16-46\startup.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IJOGH - Sysinternals - www.sysinternals.com - C:\DOCUME~1\Tomi\LOCALS~1\Temp\IJOGH.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\WINDOWS\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments, Inc. - C:\WINDOWS\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments, Inc. - C:\WINDOWS\system32\lktsrv.exe
O23 - Service: mysql - Unknown owner - C:\xampp\mysql\bin\mysqld-nt.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: NILM License Manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corp. - C:\WINDOWS\system32\nisvcloc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag 2000 (OOD2000) - O&O Software GmbH - C:\WINDOWS\system32\OOD2000.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: NTRU TSS v1.2.1.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
O23 - Service: WaveEnrollmentService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: WTService - Unknown owner - C:\WINDOWS\system32\atwtusb.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe

--
End of file - 12016 bytes

[motji]

Můžete i avptool a přes combofixem odinstalujte AVG.

[TomPerys]

Z AVPtools prikladam log jako prilohu. Hodil sem to i primo na jejich stranky a poslali mi tenhle skript pro manualni spusteni, budu si ale muset asi prekontrolovat ty sobory, ktere oni chteji dat do karanteny, protoze minimalne jeden z nich neni zadny vir ale soubor s hesly do keepasu.... tak nevim

Jo a proc bych mel odinstalovat AVG ????

begin
QuarantineFile('npkcrypt.sys', 'CHQ=N');
QuarantineFile('C:\_Private\INSTALACE\Atlantis_Xtreme_V0.9.1\Zpm_Room.exe', 'CHQ=N');
QuarantineFile('SDEvents.dll', 'CHQ=N');
QuarantineFile('tcgcsp.dll', 'CHQ=N');
QuarantineFile('C:\WINDOWS\Installer\{505AFDC0-5E72-4928-8368-5DEA385E3647}\NewShortcut2.exe', 'CHQ=S');
QuarantineFile('C:\WINDOWS\PCTBDCore.dll', 'CHQ=N');
QuarantineFile('C:\WINDOWS\system32\awtqnkhe', 'CHQ=S');
QuarantineFile('C:\WINDOWS\system32\KB905474\wgasetup.exe', 'CHQ=N');
QuarantineFile('C:\WINDOWS\system32\NVRSCS.DLL', 'CHQ=S');
QuarantineFile('C:\WINDOWS\system32\r_server.exe', 'CHQ=S');
QuarantineFile('C:\WINDOWS\system32\drivers\bdbgq.sys', 'CHQ=S');
QuarantineFile('C:\WINDOWS\system32\drivers\etc\hosts', 'CHQ=S');
QuarantineFile('C:\WINDOWS\system32\drivers\fanio.sys', 'CHQ=S');
QuarantineFile('C:\WINDOWS\System32\Drivers\hiber_WMILIB.SYS', 'CHQ=S');
QuarantineFile('C:\WINDOWS\system32\drivers\InCDPass.sys', 'CHQ=N');
QuarantineFile('C:\WINDOWS\system32\Drivers\usbaapl.sys', 'CHQ=S');
QuarantineFile('C:\Documents and Settings\Tomi\Desktop\TomiPass-sl-002.kdb', 'CHQ=N');
BC_QrFile('C:\WINDOWS\PCTBDCore.dll');
BC_QrFile('C:\WINDOWS\system32\awtqnkhe');
BC_QrFile('C:\WINDOWS\system32\KB905474\wgasetup.exe');
BC_QrFile('C:\WINDOWS\system32\r_server.exe');
BC_QrFile('C:\WINDOWS\system32\drivers\bdbgq.sys');
BC_QrFile('C:\WINDOWS\System32\Drivers\hiber_WMILIB.SYS');
BC_QrFile('C:\WINDOWS\system32\drivers\InCDPass.sys');
BC_QrFile('C:\WINDOWS\system32\Drivers\usbaapl.sys');
BC_Activate;
RebootWindows(true);
end.

[motji]

AVG musíte odinstalovat před spuštěním combofixu, spolu se nesnesou.
To máte skript do AVZ, ne?

[TomPerys]

to je skript do AVPtools primo z jejich stranek (poslal sem tam log a tohle prislo zpatky).... zatim sem koukal ze ten NewShortcut2.exe je napriklad z Corel Draw a kdyz sem to pro jistotu poslal na virustotal.com dostal 0/43 (zadne skore). Ty ostatni DLL a SYS si asi taky radeji pak zjistim nez to tam narvu a spustim, protoze mi pripada ze je to naprosta blbost co mi poslali


EDIT:
mam pak ten combofix radeji spustit ze safe modu nebo muzu i normalne?

[motji]

Všechno ne. Nic s avptool nedělejte a spustte ten combofix

[TomPerys]

Tak a sem v ..... pomooc

Když jsem spustil ten combofix tak mi oznímil že našel rootkit a chtěl restart, po restartu spustil znovu test a pak mazání. Bohužel jsem tam zřetelně rozpoznal třeba soubory od bluetooth a podobne.... ted mi nefunguje počítač už vůbec

Nenajede ani obyčejný nouzový systém pokaždé už se objevuje BSOD
0x0000007B (0xBA4CB524, 0xC0000034, 0x00000000, 0x00000000)

Co mam delat ??? Je to problem protoze tam mam dulezity veci a je to i pracovni notebook a potrebuju aby bezel a reinstalovat to nijak rozumne nemuzu protoze je to dell a nedostal jsem k nemu primo CD se systemem

[motji]

Ono to vypadá, že combofix má nějaký bug a zas mazal co nemá .
Měl jste zapnutou obnovu systému? Pokud ano, zkusíme něco udělat.
Jinak Vám uplně stačí jakékoliv instalační cd se stejným systémem jaký jste měl, tedy
XP Professional Service Pack 3

Pokud ho seženete, stačí nabootovat do recovery conzole a zkusit spustit obnovu systému - rstrui.

Pak by jste mohl udělat opravu systému,ale pokud budete mít instalační cd s jiným servicpackem, tak je možné že pak systém nebude správně fungovat a budete ho muset reinstalovat.

Další možnost je, alespon nabootovat z nějakého live cd, linux, hirensboot, vytáhnout data,co potřebujete.
Potom by jste mi poslal složku qoobox a já bych zkusila vrátit soubory, které smazal, ale tohle by byl asi poněkud zdlouhavější postup a není zaručeno, že pc by byl zcela v pořádku. Nejlepší by bylo spustit tu obnovu systému.

Já se moc omlouvám, vypadá to že večer vyšla nová verze combofixu a má nějaký bug .