VIRY.CZ

ComboFix by ho nezvládnul?

Zustante tedy v nouzaku

Stahnete si tento prejmenovany RKill http://download.bleepingcomputer.com/gr ... xplore.exe a spustte

Nasledne stahnete tentou reg soubor http://download.bleepingcomputer.com/reg/shell.reg a pridejte informace do registru

Nyni zkuste spustit MBAM

Luxus... Aplikace ho ukončila.. Provádím úplný scan
Uložený v data aplikací \Adobe\plugs\KB404776031.exe

Parada, tak pak sem dejte log

Vse co najde MBAM v rychlem skenu smazte

Pak provedte uplny sken ale pred mazanim mi jiz log dejte

Ja valim na kute, jelikoz velmi brzo rano vstavam...

Stále scan... Už 60tisíc, tak by to nemělo dlouho trvat
ještě dotaz - tahle potvora je schopna se šířit i přes flash disky? Nakažený NTB nepřipojuji na net a tak data přenáším přes flash, tak abych si nenakazil i druhý PC

Oki a zatím díky

Zdravím,

tak rychlý scan našel tři hrozby které jsem vymazal a pomalý už nic.
šlo o \Adobe\plugs\KB404776031.exe
posílám log z RSIT
zdá se to teď v naprostém pořádku




info.txt logfile of random's system information tool 1.08 2011-01-23 00:41:39

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
602PRINT PACK-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7384377E-3E7C-4EB1-9408-028D6DD89745}\setup.exe" -l0x5 -REMOVE -removeonly
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Reader 8 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A81200000003}
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
Aktualizace systému Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB2416400)-->"C:\WINDOWS\ie7updates\KB2416400-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Aktualizace zabezpečení systému Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Balíček ovladače systému Windows - Nokia Modem (03/05/2008 3.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (03/13/2008 6.86.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_28F2EAC406838DA65AFF6C6886FE9FE96AEF5186\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
Battery Care Function-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A23120C-CD83-4CE6-B451-C5C998052522}\setup.exe" -l0x9 -removeonly
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Cisco Systems VPN Client 5.0.00.0340-->MsiExec.exe /X{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}
EC500 Mobile Connect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6A4D348F-AAC6-41ED-8E31-5FD71887563D}\Setup.exe" -l0x9 -removeonly
Free DWG Viewer 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B8B4D43C-EAA0-4EEC-B93E-D4D012316286}\setup.exe" -l0x9 -removeonly
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Intel(R) TV Wizard-->C:\WINDOWS\system32\TVWizudlg.exe -uninstall
K-Lite Codec Pack 2.89 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
Lotus Notes 6.5.4 cs-->MsiExec.exe /I{9E06B564-A3FA-47da-B6F8-8B6448A289B9}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
McAfee Agent-->MsiExec.exe /X{F2969393-2D4D-4977-8166-B1251B08EF12}
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Czech Language Pack-->c:\WINDOWS\Microsoft.NET\Framework\v3.0\Microsoft .NET Framework 3.0 Czech Language Pack\setup.exe
Microsoft .NET Framework 3.0 Czech Language Pack-->MsiExec.exe /X{FB09515C-8E3E-4E0F-A1F2-032F38DEC185}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->c:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Antimalware Service CS-CZ Language Pack-->MsiExec.exe /X{F6197679-051D-4E3E-9757-4D5CDA6D658B}
Microsoft Antimalware-->MsiExec.exe /X{774088D4-0777-4D78-904D-E435B318F5D2}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Office Standard Edition 2003-->MsiExec.exe /I{90120405-6000-11D3-8CFE-0150048383C9}
Microsoft Security Client CS-CZ Language Pack-->MsiExec.exe /I{859B9BCA-5376-4566-9F88-C6C9DAA7A925}
Microsoft Security Client-->MsiExec.exe /I{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
Nero 6 Enterprise Edition-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nokia Connectivity Cable Driver-->MsiExec.exe /X{4F1DCA42-2030-437C-A94E-736692A499C1}
Nokia PC Suite-->C:\Documents and Settings\All Users\Data aplikací\Installations\{9C05FA75-0337-4523-AA57-9D3511018887}\Nokia_PC_Suite_rel_6_86_9_3_cze_web.exe
Nokia PC Suite-->MsiExec.exe /I{9C05FA75-0337-4523-AA57-9D3511018887}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
O2-->"C:\Program Files\O2\O2CZ\Uninstall.exe"
Oprava Hotfix systému Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
PowerArchiver-->C:\Program Files\PowerArchiver\UNINST.EXE
Protector Suite QL 5.6-->MsiExec.exe /I{A2289997-10A3-48F2-AA03-99180D761661}
SAFEQSetup-->MsiExec.exe /X{FC07793E-C4D1-4BED-9579-378FC7CDEA72}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Setting Utility Series-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59452470-A902-477F-9338-9B88101681BD}\setup.exe" -l0x9 UNINSTALL -removeonly
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x5 -remove -removeonly
Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2C06&SUBSYS_104D1700\HXFSETUP.EXE -U -ISnZ17005.inf
Software Intel(R) PROSet/Wireless-->C:\WINDOWS\Installer\iProInst.exe
Sony Utilities DLL-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF3D45BB-2260-4008-88EA-492E7744A9DF}\setup.exe" -l0x9 -removeonly
SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"
Total Commander (Remove or Repair)-->C:\Program Files\totalcmd\tcuninst.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VAIO Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC37C108-821D-4EDE-8F40-D5B497586805}\Setup.exe" -l0x9
VAIO Event Service-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}\setup.exe" -l0x9 -removeonly
VAIO HDD Protection-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C518C7BF-A345-4019-815B-FFDF32EBCAD9}\setup.exe" -l0x9 -removeonly
VAIO Power Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9E319E96-ED8E-4B01-9775-C521A1869A25}\setup.exe" -l0x9 UNINSTALL -removeonly
Vallen JPegger-->"C:\Program Files\jegger\jpegger.exe" -ui -q
VNC Free Edition 4.1.2-->"C:\Program Files\RealVNC\VNC4\unins000.exe"
WIDCOMM Bluetooth Software-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation Language Pack (CSY)-->MsiExec.exe /X{AAB6D0F8-02B3-4E89-B24C-0BB153C21445}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Wireless Switch Setting Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}\setup.exe" -l0x9 -removeonly
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Security center information======

AV: Microsoft Security Essentials

======System event log======

Computer Name: GR00000PHA13507
Event Code: 7036
Message: Stav služby Terminálová služba byl změněn na: Spuštěno

Record Number: 5556
Source Name: Service Control Manager
Time Written: 20110103122938.000000+060
Event Type: Informace
User:

Computer Name: GR00000PHA13507
Event Code: 7036
Message: Stav služby Správce vzdáleného přístupu byl změněn na: Spuštěno

Record Number: 5555
Source Name: Service Control Manager
Time Written: 20110103122938.000000+060
Event Type: Informace
User:

Computer Name: GR00000PHA13507
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Spuštěno

Record Number: 5554
Source Name: Service Control Manager
Time Written: 20110103122938.000000+060
Event Type: Informace
User:

Computer Name: GR00000PHA13507
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Služba rozpoznávání pomocí protokolu SSDP úspěšně odeslán.

Record Number: 5553
Source Name: Service Control Manager
Time Written: 20110103122938.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: GR00000PHA13507
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Služba modelu COM pro zápis na disk CD (IMAPI) úspěšně odeslán.

Record Number: 5552
Source Name: Service Control Manager
Time Written: 20110103122938.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: GR00000PHA13507
Event Code: 5000
Message:
Record Number: 3321
Source Name: McLogEvent
Time Written: 20110120003626.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: GR00000PHA13507
Event Code: 5000
Message:
Record Number: 3320
Source Name: McLogEvent
Time Written: 20110118232719.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: GR00000PHA13507
Event Code: 11728
Message: Produkt: Microsoft Office Standard Edition 2003 - Konfigurace byla úspěšně dokončena.

Record Number: 3319
Source Name: MsiInstaller
Time Written: 20110117132052.000000+060
Event Type: Informace
User: GR00000PHA13507\Zaluda

Computer Name: GR00000PHA13507
Event Code: 1004
Message: Při rozpoznávání produktu {90120405-6000-11D3-8CFE-0150048383C9}, funkce OfficeUserData a součásti {4A31E933-6F67-11D2-AAA2-00A0C90F57B0} došlo k chybě. Prostředek HKEY_CURRENT_USER\Software\ODBC\ODBC.INI\Databáze MS Access\ neexistuje.

Record Number: 3318
Source Name: MsiInstaller
Time Written: 20110117132028.000000+060
Event Type: Upozornění
User: GR00000PHA13507\Zaluda

Computer Name: GR00000PHA13507
Event Code: 5000
Message:
Record Number: 3317
Source Name: McLogEvent
Time Written: 20110116201131.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\Wireless\Bin\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Logfile of random's system information tool 1.08 (written by random/random)
Run by Zaluda at 2011-01-23 00:41:25
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 175 GB (92%) free of 191 GB
Total RAM: 2046 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:41:36, on 23.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\program files\notes\ntmulti.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Software602\PrintPack\PrnPack.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Documents and Settings\Zaluda\Plocha\RSIT.exe
C:\Program Files\trend micro\Zaluda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [PrintPack dispatcher] "C:\Program Files\Software602\PrintPack\PrnPack.exe" /server
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [Switcher.exe] "C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O9 - Extra button: Print2PDF - {5B7027AD-AA6D-40df-8F56-9560F277D2A5} - C:\WINDOWS\system32\Print602.dll
O9 - Extra 'Tools' menuitem: Print2PDF - {5B7027AD-AA6D-40df-8F56-9560F277D2A5} - C:\WINDOWS\system32\Print602.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Print2Picture - {F242786D-E1AE-49e7-BD01-E1ABCA405241} - C:\WINDOWS\system32\Print602.dll
O9 - Extra 'Tools' menuitem: Print2Picture - {F242786D-E1AE-49e7-BD01-E1ABCA405241} - C:\WINDOWS\system32\Print602.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 5733644093
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 5733633171
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: BCL easyPDF SDK Loader (bepprldr) - Unknown owner - C:\Program Files\Common Files\BCL Technologies\easyPDF 4\bepprldr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\program files\notes\ntmulti.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Program Files\RealVNC\VNC4\WinVNC4.exe (file missing)

--
End of file - 7369 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-09-24 8478720]
"PSQLLauncher"=C:\Program Files\Protector Suite QL\launcher.exe [2007-06-05 49168]
"PrintPack dispatcher"=C:\Program Files\Software602\PrintPack\PrnPack.exe [2005-11-18 741376]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-02-04 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-02-04 162328]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-02-04 137752]
"ISBMgr.exe"=C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2004-02-20 32768]
"SonyPowerCfg"=C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2007-09-28 217088]
"Switcher.exe"=C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [2007-08-31 503808]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-01-13 2424560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2010-12-16 2402512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
C:\WINDOWS\system32\browserchoice.exe [2010-02-12 293376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI]
C:\Program Files\Network Associates\Common Framework\udaterui.exe [2009-03-10 136512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
VPN Client.lnk - C:\WINDOWS\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-03 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-04 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\WINDOWS\system32\psqlpwd.dll [2007-06-05 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\VESWinlogon]
C:\WINDOWS\system32\VESWinlogon.dll [2007-05-16 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
psqlpwd

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=0
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Network Associates\Common Framework\FrameworkService.exe"="C:\Program Files\Network Associates\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-01-23 00:41:25 ----D---- C:\rsit
2011-01-23 00:41:25 ----D---- C:\Program Files\trend micro
2011-01-23 00:21:53 ----D---- C:\Documents and Settings\Zaluda\Data aplikací\IObit
2011-01-23 00:21:52 ----D---- C:\Program Files\IObit
2011-01-23 00:15:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-23 00:11:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2011-01-23 00:11:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2011-01-23 00:11:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-01-23 00:11:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2011-01-23 00:11:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-01-23 00:11:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2011-01-23 00:11:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-01-23 00:10:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-01-23 00:07:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-01-23 00:07:18 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-01-23 00:05:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-01-23 00:05:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-01-23 00:05:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-01-23 00:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-01-23 00:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-01-23 00:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-01-23 00:03:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-01-23 00:02:56 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-01-23 00:02:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-01-23 00:02:44 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-01-23 00:02:34 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2011-01-23 00:02:22 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-01-23 00:02:14 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-01-22 23:59:15 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-01-22 23:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-01-22 23:59:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2011-01-22 23:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-01-22 23:53:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-01-22 23:50:34 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-01-22 23:50:29 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2011-01-22 23:50:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-01-22 23:49:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-01-22 23:49:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-01-22 23:49:26 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2011-01-22 23:49:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-01-22 23:49:15 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-01-22 23:49:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-01-22 23:49:05 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-01-22 23:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-01-22 23:48:54 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-01-22 23:48:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-01-22 23:48:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-01-22 23:48:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-01-22 23:48:27 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-01-22 23:47:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-01-22 23:47:25 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-01-22 23:47:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-01-22 23:47:09 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-01-22 23:47:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-01-22 23:46:53 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-01-22 23:46:46 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-01-22 23:45:42 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-01-22 23:45:38 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2011-01-22 23:45:33 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-01-22 23:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-01-22 23:45:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-01-22 23:45:18 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-01-22 23:45:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2011-01-22 23:45:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-01-22 23:42:48 ----HDC---- C:\WINDOWS\ie8
2011-01-22 23:39:54 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-01-22 23:39:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-01-22 23:39:43 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-01-22 23:39:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-01-22 23:39:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-01-22 23:39:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-01-22 23:39:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-01-22 23:38:56 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-01-22 23:38:40 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-01-22 23:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2011-01-22 23:38:32 ----A---- C:\WINDOWS\imsins.BAK
2011-01-22 23:38:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-01-22 23:16:15 ----N---- C:\WINDOWS\system32\browserchoice.exe
2011-01-22 23:01:27 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2011-01-22 22:14:06 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2011-01-22 22:02:55 ----D---- C:\Documents and Settings\Zaluda\Data aplikací\SUPERAntiSpyware.com
2011-01-22 22:02:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-01-22 22:02:48 ----D---- C:\Program Files\SUPERAntiSpyware
2011-01-22 21:47:41 ----D---- C:\Program Files\CCleaner
2011-01-22 18:48:29 ----D---- C:\Documents and Settings\Zaluda\Data aplikací\Malwarebytes
2011-01-22 18:48:26 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-01-22 18:48:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-01-22 18:48:22 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-01-22 18:48:22 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-01-21 18:08:30 ----D---- C:\Program Files\windows remote control
2011-01-20 23:05:24 ----SHD---- C:\Config.Msi
2011-01-20 23:05:09 ----D---- C:\Program Files\Microsoft Security Client
2011-01-20 23:04:29 ----D---- C:\f0aba3b22faaa26dc5
2011-01-20 23:04:25 ----A---- C:\Program Files\mseinstall.exe
2011-01-20 20:45:47 ----D---- C:\Documents and Settings\Zaluda\Data aplikací\PC Suite
2011-01-13 21:59:54 ----D---- C:\Documents and Settings\Zaluda\Data aplikací\Macromedia
2011-01-13 21:52:44 ----D---- C:\Documents and Settings\Zaluda\Data aplikací\Adobe
2011-01-13 14:05:10 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt
2011-01-09 21:26:19 ----A---- C:\WINDOWS\system32\drivers\ewusbnet.sys
2011-01-09 21:26:19 ----A---- C:\WINDOWS\system32\drivers\ewusbmdm.sys
2011-01-09 21:26:19 ----A---- C:\WINDOWS\system32\drivers\ewusbdev.sys
2011-01-09 21:26:18 ----A---- C:\WINDOWS\system32\drivers\ewdcsc.sys
2011-01-09 21:26:05 ----D---- C:\Program Files\O2
2011-01-09 20:36:55 ----D---- C:\Documents and Settings\Zaluda\Data aplikací\Telefónica Móviles
2011-01-03 13:37:15 ----D---- C:\Documents and Settings\Zaluda\Data aplikací\Sony Corporation
2011-01-03 13:36:39 ----D---- C:\Documents and Settings\Zaluda\Data aplikací\Identities
2011-01-03 13:36:15 ----SD---- C:\Documents and Settings\Zaluda\Data aplikací\Microsoft
2011-01-03 13:36:15 ----ASH---- C:\Documents and Settings\Zaluda\Data aplikací\desktop.ini
2011-01-03 13:25:43 ----D---- C:\WINDOWS\Prefetch
2011-01-03 13:00:40 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-01-03 13:00:40 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-01-03 13:00:40 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2011-01-03 13:00:40 ----N---- C:\WINDOWS\system32\comsdupd.exe
2011-01-03 13:00:37 ----N---- C:\WINDOWS\system32\azroles.dll
2011-01-03 13:00:37 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2011-01-03 13:00:37 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2011-01-03 13:00:37 ----N---- C:\WINDOWS\system32\ati3duag.dll
2011-01-03 13:00:37 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2011-01-03 13:00:37 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2011-01-03 13:00:37 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2011-01-03 13:00:37 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2011-01-03 13:00:36 ----N---- C:\WINDOWS\system32\dot3svc.dll
2011-01-03 13:00:36 ----N---- C:\WINDOWS\system32\dot3msm.dll
2011-01-03 13:00:36 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-01-03 13:00:36 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2011-01-03 13:00:36 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2011-01-03 13:00:36 ----N---- C:\WINDOWS\system32\dot3api.dll
2011-01-03 13:00:36 ----N---- C:\WINDOWS\system32\dimsroam.dll
2011-01-03 13:00:36 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2011-01-03 13:00:36 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2011-01-03 13:00:36 ----N---- C:\WINDOWS\system32\credssp.dll
2011-01-03 13:00:36 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2011-01-03 13:00:35 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2011-01-03 13:00:35 ----N---- C:\WINDOWS\system32\eapsvc.dll
2011-01-03 13:00:35 ----N---- C:\WINDOWS\system32\eapqec.dll
2011-01-03 13:00:35 ----N---- C:\WINDOWS\system32\eappprxy.dll
2011-01-03 13:00:35 ----N---- C:\WINDOWS\system32\eapphost.dll
2011-01-03 13:00:35 ----N---- C:\WINDOWS\system32\eappgnui.dll
2011-01-03 13:00:35 ----N---- C:\WINDOWS\system32\eappcfg.dll
2011-01-03 13:00:35 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2011-01-03 13:00:35 ----N---- C:\WINDOWS\system32\eapolqec.dll
2011-01-03 13:00:35 ----N---- C:\WINDOWS\system32\dot3ui.dll
2011-01-03 13:00:34 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2011-01-03 13:00:34 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2011-01-03 13:00:33 ----N---- C:\WINDOWS\system32\mmcperf.exe
2011-01-03 13:00:33 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-01-03 13:00:33 ----N---- C:\WINDOWS\system32\mmcex.dll
2011-01-03 13:00:33 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-01-03 13:00:33 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2011-01-03 13:00:33 ----N---- C:\WINDOWS\system32\kmsvc.dll
2011-01-03 13:00:33 ----N---- C:\WINDOWS\system32\kbdpash.dll
2011-01-03 13:00:33 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2011-01-03 13:00:32 ----N---- C:\WINDOWS\system32\qcliprov.dll
2011-01-03 13:00:32 ----N---- C:\WINDOWS\system32\qagentrt.dll
2011-01-03 13:00:32 ----N---- C:\WINDOWS\system32\qagent.dll
2011-01-03 13:00:32 ----N---- C:\WINDOWS\system32\onex.dll
2011-01-03 13:00:32 ----N---- C:\WINDOWS\system32\napstat.exe
2011-01-03 13:00:32 ----N---- C:\WINDOWS\system32\napmontr.dll
2011-01-03 13:00:32 ----N---- C:\WINDOWS\system32\napipsec.dll
2011-01-03 13:00:32 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2011-01-03 13:00:32 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2011-01-03 13:00:32 ----N---- C:\WINDOWS\system32\mssha.dll
2011-01-03 13:00:31 ----N---- C:\WINDOWS\system32\slserv.exe
2011-01-03 13:00:31 ----N---- C:\WINDOWS\system32\slrundll.exe
2011-01-03 13:00:31 ----N---- C:\WINDOWS\system32\slgen.dll
2011-01-03 13:00:31 ----N---- C:\WINDOWS\system32\slextspk.dll
2011-01-03 13:00:31 ----N---- C:\WINDOWS\system32\slcoinst.dll
2011-01-03 13:00:31 ----N---- C:\WINDOWS\system32\setupn.exe
2011-01-03 13:00:31 ----N---- C:\WINDOWS\system32\s3gnb.dll
2011-01-03 13:00:31 ----N---- C:\WINDOWS\system32\rasqec.dll
2011-01-03 13:00:31 ----N---- C:\WINDOWS\system32\qutil.dll
2011-01-03 13:00:30 ----N---- C:\WINDOWS\system32\tspkg.dll
2011-01-03 13:00:29 ----N---- C:\WINDOWS\system32\wlanapi.dll
2011-01-03 13:00:28 ----N---- C:\WINDOWS\slrundll.exe
2011-01-03 13:00:27 ----D---- C:\WINDOWS\system32\cs
2011-01-03 13:00:27 ----D---- C:\WINDOWS\system32\bits
2011-01-03 13:00:27 ----D---- C:\WINDOWS\l2schemas
2011-01-03 12:58:19 ----D---- C:\WINDOWS\ServicePackFiles
2011-01-03 12:55:35 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2011-01-03 12:55:35 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2011-01-03 12:55:35 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2011-01-03 12:55:35 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2011-01-03 12:55:35 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2011-01-03 12:55:35 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2011-01-03 12:55:35 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2011-01-03 12:55:35 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2011-01-03 12:55:35 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2011-01-03 12:55:34 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2011-01-03 12:55:34 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2011-01-03 12:55:34 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2011-01-03 12:55:34 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2011-01-03 12:55:34 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2011-01-03 12:55:34 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2011-01-03 12:55:34 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2011-01-03 12:55:34 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2011-01-03 12:55:34 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2011-01-03 12:55:34 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2011-01-03 12:55:33 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2011-01-03 12:55:33 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2011-01-03 12:55:33 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2011-01-03 12:55:33 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2011-01-03 12:55:33 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2011-01-03 12:55:33 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2011-01-03 12:55:33 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2011-01-03 12:55:33 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2011-01-03 12:55:33 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2011-01-03 12:55:33 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2011-01-03 12:55:32 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2011-01-03 12:55:32 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2011-01-03 12:55:32 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2011-01-03 12:55:32 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2011-01-03 12:55:32 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2011-01-03 12:55:32 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2011-01-03 12:55:32 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2011-01-03 12:55:32 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2011-01-03 12:55:32 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2011-01-03 12:55:32 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2011-01-03 12:55:32 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2011-01-03 12:55:32 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2011-01-03 12:55:31 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2011-01-03 12:55:31 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2011-01-03 12:55:31 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2011-01-03 12:55:31 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2011-01-03 12:55:30 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2011-01-03 12:55:30 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2011-01-03 12:55:30 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2011-01-03 12:55:30 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2011-01-03 12:55:30 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2011-01-03 12:55:29 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2011-01-03 12:55:29 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2011-01-03 12:55:29 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2011-01-03 12:55:29 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2011-01-03 12:55:29 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2011-01-03 12:55:29 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2011-01-03 12:55:28 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2011-01-03 12:55:28 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2011-01-03 12:55:28 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2011-01-03 12:55:28 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2011-01-03 12:55:28 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2011-01-03 12:55:28 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2011-01-03 12:55:27 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2011-01-03 12:55:27 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2011-01-03 12:55:27 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2011-01-03 12:55:27 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2011-01-03 12:55:27 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2011-01-03 12:55:27 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2011-01-03 12:55:27 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2011-01-03 12:55:26 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2011-01-03 12:55:26 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2011-01-03 12:55:26 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2011-01-03 12:55:26 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2011-01-03 12:55:26 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2011-01-03 12:55:26 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2011-01-03 12:55:26 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2011-01-03 12:55:26 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2011-01-03 12:55:25 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2011-01-03 12:50:51 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$

======List of files/folders modified in the last 1 months======

2011-01-23 00:41:25 ----RD---- C:\Program Files
2011-01-23 00:41:16 ----D---- C:\WINDOWS\Temp
2011-01-23 00:40:38 ----D---- C:\WINDOWS
2011-01-23 00:40:11 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-23 00:39:53 ----D---- C:\WINDOWS\system32
2011-01-23 00:39:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-23 00:23:10 ----SD---- C:\WINDOWS\Tasks
2011-01-23 00:22:08 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-23 00:19:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-23 00:19:30 ----HD---- C:\WINDOWS\inf
2011-01-23 00:17:44 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-23 00:17:40 ----D---- C:\WINDOWS\system32\cs-cz
2011-01-23 00:17:40 ----D---- C:\WINDOWS\AppPatch
2011-01-23 00:17:39 ----D---- C:\WINDOWS\Media
2011-01-23 00:17:39 ----D---- C:\WINDOWS\Help
2011-01-23 00:17:39 ----D---- C:\Program Files\Internet Explorer
2011-01-23 00:13:10 ----RSD---- C:\WINDOWS\assembly
2011-01-23 00:13:08 ----SHD---- C:\WINDOWS\Installer
2011-01-23 00:11:51 ----D---- C:\WINDOWS\Microsoft.NET
2011-01-23 00:11:30 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-23 00:11:27 ----D---- C:\WINDOWS\system32\drivers
2011-01-23 00:11:03 ----D---- C:\Program Files\Outlook Express
2011-01-23 00:09:11 ----D---- C:\WINDOWS\WinSxS
2011-01-23 00:06:37 ----A---- C:\WINDOWS\win.ini
2011-01-23 00:04:50 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-01-23 00:02:24 ----D---- C:\Program Files\Movie Maker
2011-01-22 23:56:19 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-22 23:41:21 ----D---- C:\WINDOWS\Debug
2011-01-22 23:38:50 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-22 23:01:42 ----D---- C:\WINDOWS\SoftwareDistribution
2011-01-22 23:00:50 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-01-22 21:53:38 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-22 21:53:15 ----D---- C:\Program Files\Network Associates
2011-01-22 21:52:34 ----D---- C:\Program Files\Common Files
2011-01-22 21:52:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2011-01-22 21:52:29 ----D---- C:\Program Files\Notes
2011-01-22 21:49:32 ----D---- C:\WINDOWS\system32\LogFiles
2011-01-22 21:49:31 ----D---- C:\WINDOWS\Minidump
2011-01-22 18:53:37 ----SHD---- C:\WINDOWS\CSC
2011-01-17 13:20:51 ----A---- C:\WINDOWS\ODBC.INI
2011-01-09 20:51:02 ----SHD---- C:\RECYCLER
2011-01-04 17:20:14 ----A---- C:\WINDOWS\system32\MRT.exe
2011-01-03 13:36:14 ----D---- C:\Documents and Settings
2011-01-03 13:32:30 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2011-01-03 13:31:59 ----D---- C:\WINDOWS\security
2011-01-03 13:25:14 ----D---- C:\WINDOWS\system32\Setup
2011-01-03 13:25:13 ----D---- C:\WINDOWS\system32\wbem
2011-01-03 13:25:12 ----RSD---- C:\WINDOWS\Fonts
2011-01-03 13:23:34 ----A---- C:\WINDOWS\wincmd.ini
2011-01-03 13:06:23 ----D---- C:\Program Files\Messenger
2011-01-03 13:00:41 ----D---- C:\WINDOWS\ehome
2011-01-03 13:00:39 ----D---- C:\WINDOWS\system32\inetsrv
2011-01-03 13:00:39 ----D---- C:\WINDOWS\network diagnostic
2011-01-03 13:00:39 ----D---- C:\WINDOWS\ime
2011-01-03 13:00:28 ----D---- C:\WINDOWS\system32\usmt
2011-01-03 13:00:27 ----D---- C:\WINDOWS\PeerNet
2011-01-03 12:58:07 ----D---- C:\WINDOWS\system32\Restore
2011-01-03 12:58:06 ----D---- C:\WINDOWS\system32\npp
2011-01-03 12:58:05 ----D---- C:\WINDOWS\msagent
2011-01-03 12:58:03 ----D---- C:\WINDOWS\srchasst
2011-01-03 12:58:02 ----D---- C:\Program Files\NetMeeting
2011-01-03 12:58:00 ----D---- C:\WINDOWS\system32\Com
2011-01-03 12:57:58 ----D---- C:\Program Files\Windows Media Player
2011-01-03 12:57:57 ----D---- C:\Program Files\Windows NT
2011-01-03 12:57:53 ----D---- C:\Program Files\Common Files\System
2011-01-03 12:57:30 ----D---- C:\WINDOWS\system32\oobe
2011-01-03 12:57:28 ----D---- C:\WINDOWS\system
2011-01-03 12:53:39 ----D---- C:\WINDOWS\system32\ReinstallBackups

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 DMICall;Sony DMI Call service; C:\WINDOWS\system32\DRIVERS\DMICall.sys [2000-12-05 3952]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsle9ed42d0;MpKsle9ed42d0; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{5095ECA5-E67C-41C9-A3F4-2681C38C02A6}\MpKsle9ed42d0.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 tidnet;TID NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\tidnet.sys [2009-09-15 19200]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.4.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-04-02 21393]
R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2007-09-24 12672]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-05-29 12416]
R3 5U870UVC;Sony Visual Communication Camera VGP-VCC7; C:\WINDOWS\System32\Drivers\5U870UVCx86.sys [2007-09-24 70144]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2008-02-04 539512]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37424]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-02-04 879624]
R3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-02-04 156392]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2008-02-04 55352]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-02-04 74688]
R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2007-01-31 127376]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2007-09-24 990592]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2007-09-24 208256]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-09-24 41216]
R3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-06-21 2208512]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-09-24 6844864]
R3 SNC;Zařízení pro ovládání přenosného počítače Sony; C:\WINDOWS\system32\DRIVERS\SonyNC.sys [2001-08-17 20752]
R3 SonyImgF;Sony Image Conversion Filter Driver; C:\WINDOWS\system32\DRIVERS\SonyImgF.sys [2007-09-24 31104]
R3 SPI;Programovatelné zařízení Sony pro ovládání V/V ; C:\WINDOWS\system32\DRIVERS\SonyPI.sys [2001-08-17 37040]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-09-24 1222840]
R3 TcUsb;TC USB Kernel Driver; C:\WINDOWS\System32\Drivers\tcusb.sys [2007-08-16 47120]
R3 ti21sony;ti21sony; C:\WINDOWS\system32\drivers\ti21sony.sys [2007-09-24 812544]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2007-09-24 727808]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2007-09-24 259712]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]
S3 hidsys;hidsys; \??\C:\WINDOWS\system32\Drivers\hidsys.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2009-12-15 24448]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-12-15 100736]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-04 5762208]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-12-06 264800]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2007-04-03 1516584]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-06-01 647168]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\Network Associates\Common Framework\FrameworkService.exe [2009-03-10 103744]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 Multi-user Cleanup Service;Multi-user Cleanup Service; C:\program files\notes\ntmulti.exe [2005-03-28 57393]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-09-24 155716]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-06-01 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-06-01 987136]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [2007-05-16 176128]
S2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe -service []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 bepprldr;BCL easyPDF SDK Loader; C:\Program Files\Common Files\BCL Technologies\easyPDF 4\bepprldr.exe [2006-04-19 86016]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Poprosil bych o ten log z MBAM - je v zalozce protokoly...

Já to odstranil to se omlouvám
můžu tedy udělat nový

Ja bych tam preci jen radeji ted uz pustil Combofix, jestli tam neni neco zazraneho...

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
• Pokud mate Win XP spustte pod uctem Spravce\Administratora
• Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
• Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
• Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
• Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
• Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
• Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
• Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

spustěno

Tak byl stale, ale asi neaktivni... Po vymazu se objevila ikonka Explorer na plose


ComboFix 11-01-22.02 - Zaluda 23.01.2011 7:47.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1479 [GMT 1:00]
Spuštěný z: c:\documents and settings\Zaluda\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Zaluda\Data aplikací\Adobe\plugs
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000010_.tmp.dll
c:\windows\system32\_000012_.tmp.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-23 do 2011-01-23 )))))))))))))))))))))))))))))))
.

2011-01-23 00:00 . 2010-11-06 00:23 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2011-01-23 00:00 . 2010-11-06 00:23 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2011-01-23 00:00 . 2010-11-06 00:23 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2011-01-22 23:41 . 2011-01-22 23:41 -------- d-----w- c:\program files\trend micro
2011-01-22 23:21 . 2011-01-22 23:21 -------- d-----w- c:\program files\IObit
2011-01-22 22:42 . 2011-01-22 22:44 -------- dc-h--w- c:\windows\ie8
2011-01-22 22:34 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-01-22 22:33 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-01-22 22:31 . 2010-08-16 08:45 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2011-01-22 22:30 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2011-01-22 22:30 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-01-22 22:29 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-01-22 22:27 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-01-22 22:21 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-01-22 22:16 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2011-01-22 22:13 . 2010-08-27 08:03 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-01-22 22:13 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-01-22 22:13 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-01-22 22:10 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-01-22 22:01 . 2009-08-06 18:24 15072 ----a-w- c:\windows\system32\wuapi.dll.mui
2011-01-22 21:14 . 2011-01-20 09:39 5890896 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{5095ECA5-E67C-41C9-A3F4-2681C38C02A6}\mpengine.dll
2011-01-22 21:14 . 2010-10-19 20:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-22 21:02 . 2011-01-22 21:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-01-22 21:02 . 2011-01-22 21:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-01-22 20:47 . 2011-01-22 20:47 -------- d-----w- c:\program files\CCleaner
2011-01-22 17:48 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-22 17:48 . 2011-01-22 17:48 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-01-22 17:48 . 2011-01-22 17:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-22 17:48 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-21 17:08 . 2011-01-21 17:11 -------- d-----w- c:\program files\windows remote control
2011-01-20 22:46 . 2011-01-20 22:46 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\PCHealth
2011-01-20 22:05 . 2011-01-20 22:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\PCHealth
2011-01-20 22:05 . 2011-01-20 22:24 -------- d-----w- c:\program files\Microsoft Security Client
2011-01-20 22:04 . 2011-01-20 22:04 -------- d-----w- C:\f0aba3b22faaa26dc5
2011-01-20 22:04 . 2011-01-20 21:34 8147144 ----a-w- c:\program files\mseinstall.exe
2011-01-09 20:26 . 2009-12-15 12:05 113280 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2011-01-09 20:26 . 2009-12-15 12:05 102528 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2011-01-09 20:26 . 2009-12-15 12:05 100736 ----a-w- c:\windows\system32\drivers\ewusbdev.sys
2011-01-09 20:26 . 2009-12-15 12:05 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2011-01-09 20:26 . 2011-01-09 20:26 -------- d-----w- c:\program files\O2
2011-01-03 12:36 . 2011-01-22 23:54 -------- d-----w- c:\documents and settings\Zaluda
2011-01-03 11:56 . 2008-04-14 07:52 220672 ----a-w- c:\windows\system32\logon.scr

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-18 18:15 . 2008-04-02 15:53 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52 . 2004-08-17 13:49 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:25 . 2010-11-06 00:25 78336 ------w- c:\windows\system32\ieencode.dll
2010-11-06 00:23 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2004-08-17 13:49 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-06 00:23 . 2004-08-17 13:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-03 12:25 . 2004-08-17 13:44 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2001-10-25 11:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2004-08-17 13:48 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2004-08-17 13:44 1853312 ----a-w- c:\windows\system32\win32k.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-06-05 21:16 2955264 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-06-05 21:16 2955264 ----a-w- c:\program files\Protector Suite QL\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-01-13 2424560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-24 8478720]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2007-06-05 49168]
"PrintPack dispatcher"="c:\program files\Software602\PrintPack\PrnPack.exe" [2005-11-18 741376]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-04 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-04 162328]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-04 137752]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2007-09-28 217088]
"Switcher.exe"="c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2007-08-31 503808]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-12-6 576104]
VPN Client.lnk - c:\windows\Installer\{CCBAA1F7-E5E1-48B2-9ED9-A79C6A37CE78}\Icon3E5562ED7.ico [2008-4-3 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-06-05 21:03 90112 ----a-w- c:\windows\system32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-05-16 14:43 73728 ----a-w- c:\windows\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2010-12-16 15:19 2402512 ----a-w- c:\program files\IObit\Advanced SystemCare 3\AWC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrowserChoice]
2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\McAfeeUpdaterUI]
2009-03-10 14:00 136512 ----a-w- c:\program files\Network Associates\Common Framework\UdaterUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 19:41 67656]
R1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\drivers\tidnet.sys [15.9.2009 10:51 19200]
R3 5U870UVC;Sony Visual Communication Camera VGP-VCC7;c:\windows\system32\drivers\5U870UVCx86.sys [24.9.2007 14:13 70144]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [24.9.2007 14:40 41216]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [24.9.2007 14:39 31104]
R3 SPI;Programovatelné zařízení Sony pro ovládání V/V ;c:\windows\system32\drivers\SonyPI.sys [2.4.2008 18:45 37040]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [24.9.2007 14:31 812544]
S1 MpKsl93e76176;MpKsl93e76176;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{5095ECA5-E67C-41C9-A3F4-2681C38C02A6}\MpKsl93e76176.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{5095ECA5-E67C-41C9-A3F4-2681C38C02A6}\MpKsl93e76176.sys [?]
S3 bepprldr;BCL easyPDF SDK Loader;c:\program files\Common Files\BCL Technologies\easyPDF 4\bepprldr.exe [3.4.2008 8:28 86016]
S3 hidsys;hidsys;\??\c:\windows\system32\Drivers\hidsys.sys --> c:\windows\system32\Drivers\hidsys.sys [?]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\drivers\ewdcsc.sys [9.1.2011 21:26 24448]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [9.1.2011 21:26 100736]
.
Obsah adresáře 'Naplánované úlohy'

2011-01-23 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.cz/
IE: {{F242786D-E1AE-49e7-BD01-E1ABCA405241} - {861B46DD-E551-4dab-A464-208F44F7ABEA} - c:\windows\system32\Print602.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-23 07:51
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1648)
c:\windows\system32\vrlogon.dll
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\psqlpwd.dll
c:\program files\Protector Suite QL\homefus2.dll
c:\program files\Protector Suite QL\infra.dll
c:\program files\Protector Suite QL\homepass.dll
c:\program files\Protector Suite QL\bio.dll
c:\program files\Protector Suite QL\remote.dll
c:\windows\system32\VESWinlogon.dll
c:\program files\Protector Suite QL\crypto.dll

- - - - - - - > 'explorer.exe'(2376)
c:\program files\Protector Suite QL\farchns.dll
c:\program files\Protector Suite QL\infra.dll
c:\windows\system32\webcheck.dll
c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
c:\program files\Common Files\Microsoft Shared\Web Components\11\1029\OWCI11.DLL
c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL
c:\program files\Common Files\Microsoft Shared\Web Components\10\1029\OWCI10.DLL
c:\windows\system32\btmmhook.dll
c:\windows\system32\msls31.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Network Associates\Common Framework\FrameworkService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\notes\ntmulti.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\program files\Network Associates\Common Framework\naPrdMgr.exe
c:\windows\system32\wscntfy.exe
c:\program files\Protector Suite QL\psqltray.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
.
**************************************************************************
.
Celkový čas: 2011-01-23 07:53:52 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-23 06:53

Před spuštěním: Volných bajtů: 183 358 754 816
Po spuštění: Volných bajtů: 183 225 229 312

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - EF464BBFBF6ED592FCBAF69664604A81

Doporucuji odinstalovat Advanced SystemCare 3 a nasledne i vse od IOBit - jsou to cinske smejdy, databazi haveti ukdradli renomovane spolecnosti, casto jsou oznacovany za spyware a delaji spise skodu nez uzitek


Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Registry::
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
  
  RegLock::
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
  [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
  [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
  [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
  [HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci