VIRY.CZ

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=-
"Skype"=-
"DAEMON Tools Lite"=-
"DAEMON Tools Pro Agent"=-
"ICQ"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
"Adobe Reader Speed Launcher"="-
"Adobe ARM"=-
"LogMeIn Hamachi Ui"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000000
"DisableThumbnailCache"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-

Driver::
X6va001

File::
h:\users\Josef\AppData\Local\Temp\00126AD.tmp

RegLock::
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

ComboFix 11-08-22.04 - Josef 23.08.2011 0:14.3.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2013.999 [GMT 2:00]
Spuštěný z: h:\users\Josef\Desktop\ComboFix.exe
Použité ovládací přepínače :: h:\users\Josef\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"h:\users\Josef\AppData\Local\Temp\00126AD.tmp"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_X6VA001
-------\Service_X6va001
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-22 do 2011-08-22 )))))))))))))))))))))))))))))))
.
.
2011-08-22 22:24 . 2011-08-22 22:24 -------- d-----w- h:\users\GN0SYS\AppData\Local\temp
2011-08-22 18:50 . 2011-08-22 18:50 -------- d-----w- H:\_OTL
2011-08-22 17:37 . 2011-08-22 17:50 512 ----a-w- H:\PhysicalMBR.bin
2011-08-22 16:43 . 2011-08-22 16:52 -------- d-----w- h:\program files\trend micro
2011-08-22 16:43 . 2011-08-22 16:43 -------- d-----w- H:\rsit
2011-08-21 20:12 . 2011-08-21 20:12 -------- d-----w- h:\program files (x86)\IP Changer Premium
2011-08-21 10:03 . 2011-08-21 10:03 -------- d--h--w- h:\programdata\Common Files
2011-08-21 10:03 . 2011-08-21 10:40 -------- d-----w- h:\programdata\MFAData
2011-08-21 09:43 . 2011-07-04 11:36 600920 ----a-w- h:\windows\system32\drivers\aswSnx.sys
2011-08-20 07:56 . 2011-08-20 07:56 -------- d-----w- h:\program files (x86)\AMD APP
2011-08-19 06:39 . 2011-08-12 04:10 8862544 ----a-w- h:\programdata\Microsoft\Windows Defender\Definition Updates\{227674C3-09AD-443F-B30F-34F400C3D02D}\mpengine.dll
2011-08-15 12:33 . 2011-08-22 21:40 -------- d-----w- h:\program files (x86)\Garena Classic
2011-08-10 09:02 . 2011-06-23 05:29 5507968 ----a-w- h:\windows\system32\ntoskrnl.exe
2011-08-10 09:02 . 2011-06-23 04:38 3957120 ----a-w- h:\windows\SysWow64\ntkrnlpa.exe
2011-08-10 09:02 . 2011-06-23 04:38 3902336 ----a-w- h:\windows\SysWow64\ntoskrnl.exe
2011-08-08 16:39 . 2011-08-08 16:39 -------- d-----w- h:\program files (x86)\LogMeIn Hamachi
2011-08-04 21:51 . 2011-08-04 22:00 2829 ----a-w- h:\windows\War3Unin.pif
2011-08-04 21:51 . 2011-08-04 22:00 139264 ----a-w- h:\windows\War3Unin.exe
2011-08-04 21:49 . 2011-08-22 22:10 -------- d-----w- h:\program files (x86)\W3
2011-07-31 20:07 . 2011-07-21 12:51 -------- d-----w- h:\users\Josef\AppData\Roaming\.minecraft
2011-07-29 17:43 . 2011-07-29 17:43 -------- d-----w- h:\users\Josef\AppData\Roaming\LolClient
2011-07-26 09:42 . 2011-07-26 09:42 -------- d-----w- H:\TopCD
2011-07-26 09:17 . 2011-07-26 09:39 272448 ----a-w- h:\windows\system32\drivers\dtsoftbus01.sys
2011-07-26 09:17 . 2011-07-26 09:24 -------- d-----w- h:\program files (x86)\DAEMON Tools Pro
2011-07-24 08:13 . 2011-07-24 08:13 -------- d-----w- h:\users\Josef\AppData\Roaming\DAEMON Tools
2011-07-24 08:05 . 2011-07-24 08:06 -------- d-----w- h:\program files (x86)\DAEMON Tools Lite
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-17 19:32 . 2011-07-17 19:32 18328 ----a-w- h:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-07-16 04:32 . 2011-08-10 09:03 44032 ----a-w- h:\windows\apppatch\acwow64.dll
2011-07-15 07:59 . 2011-07-15 07:59 45056 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{4E526F25-8B1F-46AA-B50C-BBDA00EDFF66}\NewShortcut1_31C30ABA960848C399A3EA37FE010825.exe
2011-07-15 07:59 . 2011-07-15 07:59 45056 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{4E526F25-8B1F-46AA-B50C-BBDA00EDFF66}\NewShortcut2_6A293E8C50A64AF995D5612415EFFD9D.exe
2011-07-13 08:45 . 2011-06-10 09:53 404640 ----a-w- h:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-04 16:06 . 2010-05-20 17:12 214520 ----a-w- h:\windows\SysWow64\PnkBstrB.exe
2011-07-04 16:06 . 2010-03-09 14:20 214520 ----a-w- h:\windows\SysWow64\PnkBstrB.xtr
2011-07-04 11:43 . 2010-09-28 19:07 40112 ----a-w- h:\windows\avastSS.scr
2011-07-04 11:43 . 2010-09-28 19:07 199304 ----a-w- h:\windows\SysWow64\aswBoot.exe
2011-07-04 11:43 . 2011-01-25 09:07 253888 ----a-w- h:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2010-09-28 19:08 288088 ----a-w- h:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2010-09-28 19:08 45400 ----a-w- h:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2010-09-28 19:08 31064 ----a-w- h:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-09-28 19:08 64856 ----a-w- h:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2010-09-28 19:08 22360 ----a-w- h:\windows\system32\drivers\aswFsBlk.sys
2011-06-30 12:37 . 2011-06-30 12:37 65536 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut5_3293C06B003F40278380FFD79E38167D.exe
2011-06-30 12:37 . 2011-06-30 12:37 61440 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut3_3293C06B003F40278380FFD79E38167D.exe
2011-06-30 12:37 . 2011-06-30 12:37 61440 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut2_3293C06B003F40278380FFD79E38167D_1.exe
2011-06-30 12:37 . 2011-06-30 12:37 57344 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\ARPPRODUCTICON.exe
2011-06-28 16:37 . 2010-07-21 14:34 43520 ----a-w- h:\windows\SysWow64\CmdLineExt03.dll
2011-06-11 02:56 . 2011-07-13 09:07 3134464 ----a-w- h:\windows\system32\win32k.sys
2011-06-03 11:45 . 2011-06-03 11:45 162584 ----a-w- h:\windows\system32\igfxtray.exe
2011-06-03 11:45 . 2011-06-03 11:45 510232 ----a-w- h:\windows\system32\igfxsrvc.exe
2011-06-03 11:45 . 2011-06-03 11:45 417560 ----a-w- h:\windows\system32\igfxpers.exe
2011-06-03 11:44 . 2011-06-03 11:44 224024 ----a-w- h:\windows\system32\igfxext.exe
2011-06-03 11:44 . 2011-06-03 11:44 386840 ----a-w- h:\windows\system32\hkcmd.exe
2011-06-03 11:44 . 2011-06-03 11:44 3157784 ----a-w- h:\windows\system32\GfxUI.exe
2011-06-03 11:44 . 2011-06-03 11:44 152856 ----a-w- h:\windows\system32\difx64.exe
2011-06-03 11:39 . 2011-06-03 11:39 90112 ----a-w- h:\windows\system32\igfxCoIn_v2413.dll
2011-06-03 11:34 . 2011-06-03 11:34 10628800 ----a-w- h:\windows\system32\drivers\igdkmd64.sys
2011-06-03 11:34 . 2011-06-03 11:34 6549504 ----a-w- h:\windows\system32\igdumd64.dll
2011-06-03 11:28 . 2010-02-20 06:18 4967424 ----a-w- h:\windows\SysWow64\igdumd32.dll
2011-06-03 11:24 . 2010-02-20 06:14 571904 ----a-w- h:\windows\SysWow64\igdumdx32.dll
2011-06-03 11:21 . 2009-07-13 21:59 4722176 ----a-w- h:\windows\system32\igd10umd64.dll
2011-06-03 11:17 . 2011-06-03 11:17 4411392 ----a-w- h:\windows\SysWow64\igd10umd32.dll
2011-06-03 11:10 . 2011-06-03 11:10 15546880 ----a-w- h:\windows\system32\ig4icd64.dll
2011-06-03 11:01 . 2011-06-03 11:01 11405312 ----a-w- h:\windows\SysWow64\ig4icd32.dll
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrsky.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrtrk.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrsve.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrslv.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87040 ----a-w- h:\windows\system32\igfxrtha.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88576 ----a-w- h:\windows\system32\igfxresn.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrrus.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrptg.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrplk.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrptb.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrnor.lrc
2011-06-03 10:56 . 2011-06-03 10:56 84992 ----a-w- h:\windows\system32\igfxrkor.lrc
2011-06-03 10:56 . 2011-06-03 10:56 84992 ----a-w- h:\windows\system32\igfxrjpn.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88576 ----a-w- h:\windows\system32\igfxrell.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrita.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrdeu.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrhun.lrc
2011-06-03 10:56 . 2011-06-03 10:56 86528 ----a-w- h:\windows\system32\igfxrheb.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88576 ----a-w- h:\windows\system32\igfxrfra.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrnld.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrfin.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87040 ----a-w- h:\windows\system32\igfxrdan.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrcsy.lrc
2011-06-03 10:56 . 2011-06-03 10:56 86528 ----a-w- h:\windows\system32\igfxrara.lrc
2011-06-03 10:56 . 2011-06-03 10:56 83968 ----a-w- h:\windows\system32\igfxrcht.lrc
2011-06-03 10:56 . 2011-06-03 10:56 83968 ----a-w- h:\windows\system32\igfxrchs.lrc
2011-06-03 10:56 . 2011-06-03 10:56 122368 ----a-w- h:\windows\system32\igfxcpl.cpl
2011-06-03 10:55 . 2011-06-03 10:55 27648 ----a-w- h:\windows\system32\igfxexps.dll
2011-06-03 10:55 . 2010-02-20 05:43 244224 ----a-w- h:\windows\system32\igfxpph.dll
2011-06-03 10:55 . 2011-06-03 10:55 380416 ----a-w- h:\windows\system32\igfxTMM.dll
2011-06-03 10:55 . 2010-02-20 05:43 61952 ----a-w- h:\windows\system32\igfxsrvc.dll
2011-06-03 10:55 . 2010-02-20 05:42 108544 ----a-w- h:\windows\system32\hccutils.dll
2011-06-03 10:54 . 2011-06-03 10:54 119808 ----a-w- h:\windows\system32\gfxSrvc.dll
2011-06-03 10:54 . 2011-06-03 10:54 4096 ----a-w- h:\windows\system32\IGFXDEVLib.dll
2011-06-03 10:54 . 2011-06-03 10:54 272896 ----a-w- h:\windows\system32\igfxdev.dll
2011-06-03 10:54 . 2011-06-03 10:54 87552 ----a-w- h:\windows\system32\igfxrenu.lrc
2011-06-03 10:54 . 2011-06-03 10:54 142336 ----a-w- h:\windows\system32\igfxdo.dll
2011-06-03 10:54 . 2010-02-20 05:41 830464 ----a-w- h:\windows\system32\igfxress.dll
2011-06-03 10:45 . 2011-06-03 10:45 23552 ----a-w- h:\windows\SysWow64\igfxexps32.dll
2011-06-03 10:44 . 2011-06-03 10:44 228864 ----a-w- h:\windows\SysWow64\igfxdv32.dll
2011-06-03 10:42 . 2011-06-03 10:42 208896 ----a-w- h:\windows\SysWow64\iglhsip32.dll
2011-06-03 10:42 . 2011-06-03 10:42 206336 ----a-w- h:\windows\system32\iglhsip64.dll
2011-06-03 10:42 . 2011-06-03 10:42 188416 ----a-w- h:\windows\system32\iglhcp64.dll
2011-06-03 10:42 . 2011-06-03 10:42 147456 ----a-w- h:\windows\SysWow64\iglhcp32.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-08-22_20.28.56 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 05:10 . 2011-08-22 22:28 41096 h:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-02-28 11:05 . 2011-08-22 22:28 20168 h:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3665194971-35141123-3770490494-1000_UserData.bin
- 2010-02-28 11:22 . 2011-08-22 20:11 16384 h:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-28 11:22 . 2011-08-22 22:01 16384 h:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-28 11:22 . 2011-08-22 22:01 16384 h:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-02-28 11:22 . 2011-08-22 20:11 16384 h:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-02-28 21:10 . 2011-08-22 22:25 5294 h:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2011-08-22 20:28 . 2011-08-22 20:28 2048 h:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-08-22 22:26 . 2011-08-22 22:26 2048 h:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-22 20:28 . 2011-08-22 20:28 2048 h:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-22 22:26 . 2011-08-22 22:26 2048 h:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-08-22 20:27 442272 h:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-08-22 22:25 442272 h:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 02:34 . 2011-08-22 19:09 10485760 h:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2011-08-22 20:42 10485760 h:\windows\system32\SMI\Store\Machine\schema.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="h:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-07-29 3077528]
"Sony Ericsson PC Companion"="h:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2009-12-08 774144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Samsung PanelMgr"="h:\windows\Samsung\PanelMgr\SSMMgr.exe" [2010-06-07 618496]
"Adobe Reader Speed Launcher"="h:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
.
h:\users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth PC Dialer.lnk - h:\program files (x86)\Bluetooth PC Dialer\BluetoothPCDialer.exe [2009-8-24 196608]
OpenOffice.org 3.0.lnk - h:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=h:\progra~2\Bandoo\BndHook.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:English /KBD:2 /wow /dir:h:\progra~1\AVASTS~1\Avast\defs\11070401
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R1 Avgldx64;AVG AVI Loader Driver;h:\windows\system32\DRIVERS\avgldx64.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;h:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;h:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ATICDSDr;ATICDSDr;h:\users\Josef\AppData\Local\Temp\ATICDSDr.sys [x]
R3 AVGIDSFilter;AVGIDSFilter;h:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;h:\windows\system32\Drivers\btnetBus.sys [x]
R3 cpuz135;cpuz135;h:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 dump_wmimmc;dump_wmimmc;h:\program files (x86)\BlackShot\BlackShot\system\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;h:\windows\system32\drivers\EagleX64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;h:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
R3 GGSAFERDriver;GGSAFER Driver;h:\program files (x86)\Garena Classic\safedrv.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;h:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);h:\windows\system32\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;h:\windows\system32\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;h:\windows\system32\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);h:\windows\system32\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);h:\windows\system32\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;h:\windows\system32\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);h:\windows\system32\DRIVERS\s1039unic.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;h:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 AVGIDSEH;AVGIDSEH;h:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;h:\windows\system32\DRIVERS\avgrkx64.sys [x]
S0 BtHidBus;Bluetooth HID Bus Service;h:\windows\System32\Drivers\BtHidBus.sys [x]
S0 sptd;sptd;h:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;h:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;h:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;h:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;h:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 2329480]
S3 LgBttPort;LGE Bluetooth TransPort;h:\windows\system32\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;h:\windows\system32\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;h:\windows\system32\DRIVERS\lgvmdm64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
h:\program files\AVAST Software\Avast\ashShA64.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="h:\combofix\CF4905.cfxxe" [X]
"AdobeAAMUpdater-1.0"="h:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"IgfxTray"="h:\windows\system32\igfxtray.exe" [2011-06-03 162584]
"HotKeysCmds"="h:\windows\system32\hkcmd.exe" [2011-06-03 386840]
"Persistence"="h:\windows\system32\igfxpers.exe" [2011-06-03 417560]
.
------- Doplňkový sken -------
.
uLocal Page = h:\windows\system32\blank.htm
uStart Page = hxxp://www.maxiwe.com
mStart Page = hxxp://www.maxiwe.com
mLocal Page = h:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - h:\windows\system32\GPhotos.scr/200
IE: ????3?? - h:\users\Josef\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - h:\users\Josef\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
TCP: Interfaces\{7CA5A229-0722-4828-A191-DBED3FE9D35A}: DhcpNameServer = 78.156.128.37 80.79.16.3
FF - ProfilePath - h:\users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\xhy3rgc4.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type -
FF - user.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Counter-Strike: Source Texture Pack 1.00 - h:\program files (x86)\Counter-Strike Source\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="h:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="h:\\Users\\Josef\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="h:\\Users\\Josef\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
------------------------ Jiné spuštené procesy ------------------------
.
h:\program files (x86)\Google\Update\GoogleUpdate.exe
h:\windows\SysWOW64\PnkBstrA.exe
h:\windows\SysWOW64\PnkBstrB.exe
h:\program files (x86)\Bandoo\Bandoo.exe
h:\program files (x86)\OpenOffice.org 3\program\soffice.exe
h:\program files (x86)\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Celkový čas: 2011-08-23 00:33:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-22 22:33
ComboFix2.txt 2011-08-22 20:40
.
Před spuštěním: 9 621 684 224
Po spuštění: 9 171 431 424
.
- - End Of File - - F56F0425C103DE44578306BD3B5828A1

Jak se chova PC

Ještě pořád mám vyřazený můj antivir,na ploše nelze spustit žádný fílm ani písničky.když se o to pokusím,vyskočí na mě hláška "Provádění serveru selhalo" . mimochodem,přišel mi email od Facebooku,prý zjistily že je můj účet napaden virem Koobface,je tam jeho přesný popis,odpovídá to.Dále se mám přihlásit na účet a postupovat podle pokynů,které by se měly zobrazit...vyskočilo na mě potvrzení "Potvrzuji, že mám spuštěný antivirový program a v mém počítači se nenachází žádný škodlivý software." .Mám potvrdit ? či s facebookem ještě počkat ?

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Projedte PC timto http://download.avg.com/filedir/util/su ... 1_1184.exe

Nainstalujte Avast Free http://www.avast.com/cs-cz/free-antivirus-download

Dejte novy log z RSIT a napiste jak se chova PC

PC se chová bohužel pořád stejně,písničky ani filmy na ploše stále nelze spustit,když se pokusím zapnout antivir ,vyskočí na mě tabulka ""Failed to load language dll [1033\UILangRes.dll]" ,nicméně zde přikládám log :

Logfile of random's system information tool 1.09 (written by random/random)
Run by Josef at 2011-08-23 21:50:14
Microsoft Windows 7 Ultimate
System drive H: has 16 GB (3%) free of 477 GB
Total RAM: 2013 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:50:16, on 23.8.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Normal

Running processes:
H:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
H:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
H:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
H:\Windows\Samsung\PanelMgr\SSMMgr.exe
H:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
H:\Windows\sysdriver32.exe
H:\Windows\sysdriver32_.exe
H:\Windows\systemup.exe
H:\Windows\l1rezerv.exe
H:\Program Files (x86)\Bluetooth PC Dialer\BluetoothPCDialer.exe
H:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
H:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
H:\Program Files (x86)\Opera\opera.exe
H:\Program Files\trend micro\Josef.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.maxiwe.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.maxiwe.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = H:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Samsung PanelMgr] H:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "H:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "H:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [systemup] "H:\Windows\systemup.exe" stand
O4 - HKLM\..\Run: [l1rezerv.exe] "H:\Windows\l1rezerv.exe"
O4 - HKLM\..\Run: [25518034-loader2.exe] "H:\Windows\temp\25518034-loader2.exe"
O4 - HKLM\..\Run: [68975609-loader2.exe] "H:\Windows\temp\68975609-loader2.exe"
O4 - HKLM\..\Run: [avast] "H:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [67255178-loader2.exe] "H:\Windows\TEMP\67255178-loader2.exe"
O4 - HKCU\..\Run: [Pando Media Booster] H:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "H:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
O4 - Startup: Bluetooth PC Dialer.lnk = H:\Program Files (x86)\Bluetooth PC Dialer\BluetoothPCDialer.exe
O4 - Startup: OpenOffice.org 3.0.lnk = H:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://H:\Windows\system32\GPhotos.scr/200
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - H:\Program Files (x86)\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - H:\Program Files (x86)\ICQ7.0\ICQ.exe
O10 - Unknown file in Winsock LSP: h:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: h:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs: h:\progra~2\bandoo\bndhook.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - H:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - H:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - H:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bandoo Coordinator - Bandoo Media Inc. - H:\Program Files (x86)\Bandoo\Bandoo.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - H:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - H:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - H:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - H:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - H:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - H:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - H:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - H:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - H:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - H:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - H:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - H:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - H:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - H:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - H:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - H:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - H:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: srvbtcclient - Unknown owner - H:\Windows\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - H:\Windows\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - H:\Windows\sysdriver32.exe
O23 - Service: Steam Client Service - Valve Corporation - H:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - H:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - H:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - H:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - H:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - H:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - H:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - H:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - H:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8212 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
H:\Windows\system32\services.exe
H:\Windows\system32\lsass.exe
H:\Windows\system32\lsm.exe
winlogon.exe
H:\Windows\system32\svchost.exe -k DcomLaunch
H:\Windows\system32\svchost.exe -k RPCSS
H:\Windows\system32\Ati2evxx.exe
H:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
H:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
H:\Windows\system32\svchost.exe -k netsvcs
H:\Windows\system32\svchost.exe -k LocalService
H:\Windows\system32\svchost.exe -k NetworkService
H:\Windows\System32\spoolsv.exe
H:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
H:\Windows\system32\svchost.exe -k bthsvcs
H:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"H:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
H:\Windows\SysWOW64\PnkBstrA.exe
"taskhost.exe"
"H:\Windows\system32\Dwm.exe"
H:\Windows\Explorer.EXE
"H:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
Ati2evxx.exe -Client
taskeng.exe {CDDE6696-8688-40C8-8C4B-D6E7F8B23D07}
H:\Windows\SysWOW64\PnkBstrB.exe
H:\Windows\update.5.0\svchost.exe srv
"H:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {1FD4B511-51E2-4229-8931-3123022828A2}
"H:\Windows\System32\igfxtray.exe"
"H:\Windows\System32\hkcmd.exe"
"H:\Windows\System32\igfxpers.exe"
"H:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"H:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
"H:\Windows\Samsung\PanelMgr\SSMMgr.exe" /autorun
"H:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe"
"H:\Windows\sysdriver32.exe" rezerv
H:\Windows\update.2\svchost.exe srv
"H:\Windows\update.5.0\svchost.exe" stand
"H:\Windows\sysdriver32_.exe" rezerv
"H:\Windows\systemup.exe" stand
"H:\Windows\l1rezerv.exe"
"H:\Program Files (x86)\Bluetooth PC Dialer\BluetoothPCDialer.exe"
"H:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" -quickstart
H:\Windows\sysdriver32.exe srv
H:\Windows\system32\svchost.exe -k imgsvc
"H:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"H:\Program Files (x86)\Bandoo\Bandoo.exe"
WLIDSvcM.exe 2516
H:\Windows\Samsung\PanelMgr\caller64.exe Samsung PanelMgr
"H:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe" "-quickstart" "-env:OOO_CWD=2H:\\Program Files (x86)\\OpenOffice.org 3\\program"
H:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
H:\Windows\system32\wbem\wmiprvse.exe
"H:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-03e7ea83-af42-4485-8cc3-7e4c576eec2a -SystemEventPortName:HostProcess-17793957-a4a6-4f3a-b61c-006ae65d4733 -IoCancelEventPortName:HostProcess-8ef7170f-ec05-4766-a598-22324cf6ce93 -NonStateChangingEventPortName:HostProcess-eb81e79f-cc61-44b6-8d2c-ac0ea7f69089 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5d746b59-f8fe-454d-bffc-ce9233743894
"H:\Windows\update.2\svchost.exe" stand
H:\Windows\system32\SearchIndexer.exe /Embedding
"H:\Program Files (x86)\Opera\opera.exe"
H:\Windows\system32\sppsvc.exe
H:\Windows\System32\svchost.exe -k secsvcs
H:\Windows\ufa\ufa.exe -o http://127.0.0.1:61316
\??\H:\Windows\system32\conhost.exe "33273356-875091352217836080-718122891-58458238210803448145010889341740768069
"H:\Windows\system32\wuauclt.exe"
"H:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3665194971-35141123-3770490494-10001_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3665194971-35141123-3770490494-10001 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "H:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"H:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"H:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "H:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
H:\Windows\servicing\TrustedInstaller.exe
H:\Windows\System32\svchost.exe -k WerSvcGroup
"H:\Users\Josef\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - H:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\xhy3rgc4.default

prefs.js - "browser.search.useDBForOrder" - ""
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=H:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=H:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=H:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=H:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=H:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=H:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@idsoftware.com/QuakeLive]
"Description"=
"Path"=H:\ProgramData\id Software\QuakeLive\npquakezero.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=h:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=H:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=H:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=H:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ngm.nexoneu.com/NxGame]
"Description"=Nexon Game Controller 1.0.0.1
"Path"=H:\ProgramData\NexonEU\NGM\npNxGameeu.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=H:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=H:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=H:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Webzen.com/NPGameWebStarter]
"Description"=Webzen Game Controller
"Path"=H:\Program Files (x86)\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll

H:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{AB2CE124-6272-4b12-94A9-7303C7397BD1}
{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

H:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
npijjiFFPlugin1.xpt

H:\Program Files (x86)\Mozilla Firefox\plugins\
libdivx.dll
np-mswmp.dll
npdeploytk.dll
npdivx32.dll
npdivx32.xpt
npDivxPlayerPlugin.dll
npijjiFFPlugin1.dll
nppdf32.dll
nsIDivxPlayerPlugin.xpt
ssldivx.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

H:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
SearchResults.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

H:\Users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\xhy3rgc4.default\extensions\
battlefieldheroespatcher@ea.com
ffox@bandoo.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - H:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - H:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - H:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=H:\Windows\system32\igfxtray.exe [2011-06-03 162584]
"HotKeysCmds"=H:\Windows\system32\hkcmd.exe [2011-06-03 386840]
"Persistence"=H:\Windows\system32\igfxpers.exe [2011-06-03 417560]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"=H:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [2011-07-29 3077528]
"Sony Ericsson PC Companion"=H:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2009-12-08 774144]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Samsung PanelMgr"=H:\Windows\Samsung\PanelMgr\SSMMgr.exe [2010-06-07 618496]
"Adobe Reader Speed Launcher"=H:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"sysdriver32.exe"=H:\Windows\sysdriver32.exe [2011-08-23 258048]
"sysdriver32_.exe"=H:\Windows\sysdriver32_.exe [2011-08-23 258048]
"systemup"=H:\Windows\systemup.exe [2011-08-23 137728]
"l1rezerv.exe"=H:\Windows\l1rezerv.exe [2011-08-23 232960]
"25518034-loader2.exe"=H:\Windows\temp\25518034-loader2.exe [2011-08-23 258048]
"68975609-loader2.exe"=H:\Windows\temp\68975609-loader2.exe [2011-08-23 258048]
"avast"=H:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
"67255178-loader2.exe"=H:\Windows\TEMP\67255178-loader2.exe [2011-08-23 258048]

H:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth PC Dialer.lnk - H:\Program Files (x86)\Bluetooth PC Dialer\BluetoothPCDialer.exe
OpenOffice.org 3.0.lnk - H:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
H:\Windows\system32\igfxdev.dll [2011-06-03 272896]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"H:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="H:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"
"H:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="H:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine.exe"
"H:\Nexon\Combat Arms EU\CombatArms.exe"="H:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"H:\Nexon\Combat Arms EU\Engine.exe"="H:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"
"H:\_OTL\MovedFiles\08222011_205037\H_Windows\update.tray-7-0-lnk\svchost.exe"="H:\_OTL\MovedFiles\08222011_205037\H_Windows\update.tray-7-0-lnk\svchost.exe:*:Enabled:H:\_OTL\MovedFiles\08222011_205037\H_Windows\update.tray-7-0-lnk\svchost.exe"
"H:\Windows\update.1\svchost.exe"="H:\Windows\update.1\svchost.exe:*:Enabled:H:\Windows\update.1\svchost.exe"
"H:\Windows\update.2\svchost.exe"="H:\Windows\update.2\svchost.exe:*:Enabled:H:\Windows\update.2\svchost.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=H:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - H:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-08-23 21:47:41 ----D---- H:\rsit
2011-08-23 21:40:21 ----D---- H:\ProgramData\Alwil Software
2011-08-23 21:40:21 ----D---- H:\Program Files\AVAST Software
2011-08-23 10:06:21 ----D---- H:\Program Files (x86)\AMD APP
2011-08-23 09:55:52 ----A---- H:\Windows\l1rezerv.exe
2011-08-23 09:53:35 ----HD---- H:\Windows\update.7.1
2011-08-23 09:51:26 ----A---- H:\Windows\iecheck_iplist.txt
2011-08-23 09:51:02 ----HD---- H:\Windows\update.2
2011-08-23 09:49:12 ----D---- H:\Windows\ufa
2011-08-23 09:49:12 ----D---- H:\Windows\rpcminer
2011-08-23 09:49:12 ----D---- H:\Windows\phoenix
2011-08-23 09:48:43 ----A---- H:\Windows\btc_client_iplist.txt
2011-08-23 09:48:01 ----A---- H:\Windows\unrar.exe
2011-08-23 09:47:51 ----HD---- H:\Windows\update.5.0
2011-08-23 09:47:36 ----A---- H:\Windows\systemup.exe
2011-08-23 09:47:26 ----A---- H:\Windows\iplist.txt
2011-08-23 09:47:09 ----A---- H:\Windows\sysdriver32_.exe
2011-08-23 09:46:55 ----A---- H:\Windows\sysdriver32.exe
2011-08-23 09:46:40 ----A---- H:\Windows\front_ip_list.txt
2011-08-23 09:40:28 ----SHD---- H:\$RECYCLE.BIN
2011-08-23 00:24:35 ----D---- H:\Windows\temp
2011-08-22 18:43:17 ----D---- H:\Program Files\trend micro
2011-08-21 22:12:41 ----D---- H:\Program Files (x86)\IP Changer Premium
2011-08-21 12:03:45 ----HD---- H:\ProgramData\Common Files
2011-08-21 12:03:39 ----D---- H:\ProgramData\MFAData
2011-08-21 11:43:18 ----A---- H:\Windows\system32\drivers\aswSnx.sys
2011-08-15 14:33:30 ----D---- H:\Program Files (x86)\Garena Classic
2011-08-10 11:04:05 ----A---- H:\Windows\SYSWOW64\xmllite.dll
2011-08-10 11:04:05 ----A---- H:\Windows\system32\xmllite.dll
2011-08-10 11:04:03 ----A---- H:\Windows\SYSWOW64\odbctrac.dll
2011-08-10 11:04:03 ----A---- H:\Windows\SYSWOW64\odbcjt32.dll
2011-08-10 11:04:03 ----A---- H:\Windows\SYSWOW64\odbccu32.dll
2011-08-10 11:04:03 ----A---- H:\Windows\SYSWOW64\odbccr32.dll
2011-08-10 11:04:03 ----A---- H:\Windows\SYSWOW64\odbccp32.dll
2011-08-10 11:04:03 ----A---- H:\Windows\system32\odbctrac.dll
2011-08-10 11:04:03 ----A---- H:\Windows\system32\odbccu32.dll
2011-08-10 11:04:03 ----A---- H:\Windows\system32\odbccr32.dll
2011-08-10 11:04:03 ----A---- H:\Windows\system32\odbccp32.dll
2011-08-10 11:04:00 ----A---- H:\Windows\system32\drivers\mrxsmb10.sys
2011-08-10 11:03:46 ----A---- H:\Windows\system32\kernel32.dll
2011-08-10 11:03:46 ----A---- H:\Windows\system32\conhost.exe
2011-08-10 11:03:45 ----A---- H:\Windows\system32\wow64.dll
2011-08-10 11:03:45 ----A---- H:\Windows\system32\winsrv.dll
2011-08-10 11:03:45 ----A---- H:\Windows\system32\KernelBase.dll
2011-08-10 11:03:44 ----A---- H:\Windows\SYSWOW64\setup16.exe
2011-08-10 11:03:44 ----A---- H:\Windows\SYSWOW64\ntvdm64.dll
2011-08-10 11:03:44 ----A---- H:\Windows\system32\wow64win.dll
2011-08-10 11:03:44 ----A---- H:\Windows\system32\wow64cpu.dll
2011-08-10 11:03:44 ----A---- H:\Windows\system32\ntvdm64.dll
2011-08-10 11:03:40 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-10 11:03:40 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-08-10 11:03:40 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-08-10 11:03:40 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-10 11:03:40 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-08-10 11:03:40 ----AH---- H:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-10 11:03:40 ----A---- H:\Windows\SYSWOW64\wow32.dll
2011-08-10 11:03:40 ----A---- H:\Windows\SYSWOW64\KernelBase.dll
2011-08-10 11:03:40 ----A---- H:\Windows\SYSWOW64\kernel32.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-10 11:03:39 ----AH---- H:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-10 11:03:38 ----AH---- H:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-10 11:03:37 ----AH---- H:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-08-10 11:03:37 ----AH---- H:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-10 11:03:37 ----AH---- H:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-10 11:03:37 ----A---- H:\Windows\SYSWOW64\instnm.exe
2011-08-10 11:03:36 ----A---- H:\Windows\SYSWOW64\user.exe
2011-08-10 11:03:34 ----A---- H:\Windows\system32\drivers\tcpip.sys
2011-08-10 11:03:27 ----A---- H:\Windows\system32\mshtml.dll
2011-08-10 11:03:19 ----A---- H:\Windows\system32\ieframe.dll
2011-08-10 11:03:17 ----A---- H:\Windows\SYSWOW64\iertutil.dll
2011-08-10 11:03:17 ----A---- H:\Windows\system32\iertutil.dll
2011-08-10 11:03:15 ----A---- H:\Windows\SYSWOW64\ieframe.dll
2011-08-10 11:03:12 ----A---- H:\Windows\SYSWOW64\mshtml.dll
2011-08-10 11:03:11 ----A---- H:\Windows\system32\urlmon.dll
2011-08-10 11:03:10 ----A---- H:\Windows\SYSWOW64\urlmon.dll
2011-08-10 11:03:10 ----A---- H:\Windows\system32\wininet.dll
2011-08-10 11:03:09 ----A---- H:\Windows\SYSWOW64\wininet.dll
2011-08-10 11:03:09 ----A---- H:\Windows\SYSWOW64\msfeeds.dll
2011-08-10 11:03:09 ----A---- H:\Windows\system32\msfeeds.dll
2011-08-10 11:03:08 ----A---- H:\Windows\system32\iedkcs32.dll
2011-08-10 11:03:07 ----A---- H:\Windows\SYSWOW64\url.dll
2011-08-10 11:03:07 ----A---- H:\Windows\SYSWOW64\mstime.dll
2011-08-10 11:03:07 ----A---- H:\Windows\SYSWOW64\mshtmled.dll
2011-08-10 11:03:07 ----A---- H:\Windows\SYSWOW64\msfeedsbs.dll
2011-08-10 11:03:07 ----A---- H:\Windows\SYSWOW64\ieui.dll
2011-08-10 11:03:07 ----A---- H:\Windows\SYSWOW64\iepeers.dll
2011-08-10 11:03:07 ----A---- H:\Windows\SYSWOW64\iedkcs32.dll
2011-08-10 11:03:07 ----A---- H:\Windows\system32\url.dll
2011-08-10 11:03:07 ----A---- H:\Windows\system32\mstime.dll
2011-08-10 11:03:07 ----A---- H:\Windows\system32\mshtmled.dll
2011-08-10 11:03:07 ----A---- H:\Windows\system32\msfeedsbs.dll
2011-08-10 11:03:07 ----A---- H:\Windows\system32\ieui.dll
2011-08-10 11:03:07 ----A---- H:\Windows\system32\iepeers.dll
2011-08-10 11:03:06 ----A---- H:\Windows\SYSWOW64\licmgr10.dll
2011-08-10 11:03:06 ----A---- H:\Windows\SYSWOW64\jsproxy.dll
2011-08-10 11:03:06 ----A---- H:\Windows\system32\licmgr10.dll
2011-08-10 11:03:06 ----A---- H:\Windows\system32\jsproxy.dll
2011-08-10 11:03:05 ----A---- H:\Windows\SYSWOW64\msfeedssync.exe
2011-08-10 11:03:05 ----A---- H:\Windows\system32\msfeedssync.exe
2011-08-10 11:02:59 ----A---- H:\Windows\system32\ntoskrnl.exe
2011-08-10 11:02:57 ----A---- H:\Windows\SYSWOW64\ntkrnlpa.exe
2011-08-10 11:02:56 ----A---- H:\Windows\SYSWOW64\ntoskrnl.exe
2011-08-08 18:39:45 ----D---- H:\Program Files (x86)\LogMeIn Hamachi
2011-08-04 23:51:26 ----A---- H:\Windows\War3Unin.dat
2011-08-04 23:51:24 ----A---- H:\Windows\War3Unin.pif
2011-08-04 23:51:24 ----A---- H:\Windows\War3Unin.exe
2011-08-04 23:49:22 ----D---- H:\Program Files (x86)\W3
2011-07-31 22:07:34 ----D---- H:\Users\Josef\AppData\Roaming\.minecraft
2011-07-29 19:43:40 ----D---- H:\Users\Josef\AppData\Roaming\LolClient
2011-07-28 17:49:14 ----A---- H:\Windows\system32\OVDecode64.dll
2011-07-28 17:48:48 ----A---- H:\Windows\system32\amdocl64.dll
2011-07-26 11:42:00 ----D---- H:\TopCD
2011-07-26 11:17:51 ----A---- H:\Windows\system32\drivers\dtsoftbus01.sys
2011-07-26 11:17:31 ----D---- H:\Program Files (x86)\DAEMON Tools Pro
2011-07-24 10:13:33 ----D---- H:\Users\Josef\AppData\Roaming\DAEMON Tools
2011-07-24 10:05:34 ----D---- H:\Program Files (x86)\DAEMON Tools Lite

======List of files/folders modified in the last 1 month======

2011-08-23 21:49:24 ----D---- H:\Windows\system32\config
2011-08-23 21:40:53 ----SHD---- H:\Windows\Installer
2011-08-23 21:40:21 ----RD---- H:\Program Files
2011-08-23 21:40:21 ----D---- H:\ProgramData
2011-08-23 21:40:13 ----SHD---- H:\System Volume Information
2011-08-23 21:35:23 ----D---- H:\Windows
2011-08-23 21:33:37 ----D---- H:\Windows\system32\drivers
2011-08-23 21:33:37 ----D---- H:\Windows\Prefetch
2011-08-23 21:28:22 ----D---- H:\Program Files (x86)\CCleaner
2011-08-23 21:09:19 ----D---- H:\Users\Josef\AppData\Roaming\Skype
2011-08-23 21:06:28 ----D---- H:\ProgramData\Easybits GO
2011-08-23 16:01:26 ----D---- H:\Users\Josef\AppData\Roaming\go
2011-08-23 10:06:22 ----D---- H:\Windows\System32
2011-08-23 10:06:21 ----D---- H:\Windows\SysWOW64
2011-08-23 10:06:21 ----D---- H:\Program Files (x86)
2011-08-23 09:51:24 ----D---- H:\Windows\system32\drivers\etc
2011-08-23 00:27:13 ----A---- H:\Windows\system.ini
2011-08-23 00:25:24 ----D---- H:\Users\Josef\AppData\Roaming\uTorrent
2011-08-23 00:20:53 ----D---- H:\Windows\SYSWOW64\drivers
2011-08-23 00:20:53 ----D---- H:\Windows\AppPatch
2011-08-23 00:20:51 ----D---- H:\Program Files\Common Files
2011-08-23 00:20:51 ----D---- H:\Program Files (x86)\Common Files
2011-08-22 22:24:34 ----D---- H:\games
2011-08-22 20:51:23 ----D---- H:\Windows\Tasks
2011-08-22 20:51:20 ----D---- H:\Program Files (x86)\4Storko
2011-08-22 20:51:16 ----D---- H:\Program Files (x86)\ConduitEngine
2011-08-22 20:51:05 ----D---- H:\Program Files (x86)\BS_Player
2011-08-22 20:51:04 ----D---- H:\Program Files (x86)\Hot_MP3
2011-08-22 20:51:04 ----D---- H:\Program Files (x86)\Brothersoft
2011-08-22 19:22:42 ----D---- H:\Windows\system32\Tasks
2011-08-22 16:31:10 ----D---- H:\Program Files (x86)\Mozilla Firefox
2011-08-22 15:31:15 ----D---- H:\Windows\system32\NDF
2011-08-22 15:16:09 ----D---- H:\Program Files (x86)\QuadCoreM2
2011-08-21 20:50:13 ----D---- H:\Windows\Logs
2011-08-21 14:05:59 ----D---- H:\Windows\system32\wfp
2011-08-21 14:05:59 ----D---- H:\Windows\system32\DriverStore
2011-08-21 14:05:59 ----D---- H:\Windows\system32\catroot2
2011-08-21 14:05:58 ----D---- H:\Windows\inf
2011-08-21 14:05:57 ----D---- H:\Windows\system32\wbem
2011-08-21 14:05:57 ----D---- H:\ProgramData\PMB Files
2011-08-21 14:05:56 ----D---- H:\Windows\registration
2011-08-12 11:48:21 ----RSD---- H:\Windows\assembly
2011-08-12 11:48:21 ----D---- H:\Windows\Microsoft.NET
2011-08-11 10:37:42 ----D---- H:\Windows\winsxs
2011-08-11 10:33:56 ----D---- H:\Windows\SYSWOW64\migration
2011-08-11 10:33:56 ----D---- H:\Program Files\Internet Explorer
2011-08-11 10:33:56 ----D---- H:\Program Files (x86)\Internet Explorer
2011-08-11 10:33:54 ----D---- H:\Windows\system32\migration
2011-08-11 01:19:05 ----D---- H:\Windows\system32\catroot
2011-08-11 01:18:09 ----A---- H:\Windows\SYSWOW64\PerfStringBackup.INI
2011-08-11 01:17:41 ----A---- H:\Windows\system32\PerfStringBackup.INI
2011-08-05 21:26:07 ----D---- H:\Program Files (x86)\DsNET Corp
2011-08-05 14:54:00 ----D---- H:\Program Files (x86)\Valve
2011-08-02 19:59:07 ----D---- H:\Program Files (x86)\Warcraft3
2011-07-31 22:29:35 ----HD---- H:\Program Files (x86)\InstallShield Installation Information
2011-07-26 11:59:29 ----D---- H:\Program Files (x86)\SystemRequirementsLab
2011-07-24 14:30:50 ----D---- H:\Users\Josef\AppData\Roaming\BitTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; H:\Windows\System32\Drivers\BtHidBus.sys [2009-09-24 23304]
R0 rdyboost;ReadyBoost; H:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; H:\Windows\System32\Drivers\sptd.sys [2011-05-27 526392]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; H:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; H:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-07-26 272448]
R3 hamachi;Hamachi Network Interface; H:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
R3 igfx;igfx; H:\Windows\system32\DRIVERS\igdkmd64.sys [2011-06-03 10628800]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); H:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
R3 LgBttPort;LGE Bluetooth TransPort; H:\Windows\system32\DRIVERS\lgbtpt64.sys [2009-09-29 16384]
R3 lgbusenum;LG Bluetooth Bus Enumerator; H:\Windows\system32\DRIVERS\lgbtbs64.sys [2009-09-29 14848]
R3 LGVMODEM;LGE Virtual Modem; H:\Windows\system32\DRIVERS\lgvmdm64.sys [2009-09-29 17408]
R3 MTsensor;ATK0110 ACPI UTILITY; H:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
S2 DgiVecp;DgiVecp; \??\H:\Windows\system32\Drivers\DgiVecp.sys []
S2 SSPORT;SSPORT; \??\H:\Windows\system32\Drivers\SSPORT.sys []
S3 a4wvssmu;a4wvssmu; H:\Windows\system32\drivers\a4wvssmu.sys []
S3 ATICDSDr;ATICDSDr; \??\H:\Users\Josef\AppData\Local\Temp\ATICDSDr.sys []
S3 atikmdag;atikmdag; H:\Windows\system32\DRIVERS\atikmdag.sys [2010-02-11 5352960]
S3 aybpgrnm;aybpgrnm; H:\Windows\system32\drivers\aybpgrnm.sys []
S3 BT;Bluetooth PAN Network Adapter; H:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 btnetBUs;Bluetooth PAN Bus Service; H:\Windows\System32\Drivers\btnetBus.sys [2009-09-24 27776]
S3 cpuz135;cpuz135; \??\H:\Windows\TEMP\cpuz135\cpuz135_x64.sys []
S3 dump_wmimmc;dump_wmimmc; \??\H:\Program Files (x86)\BlackShot\BlackShot\system\GameGuard\dump_wmimmc.sys []
S3 EagleX64;EagleX64; \??\H:\Windows\system32\drivers\EagleX64.sys []
S3 GGSAFERDriver;GGSAFER Driver; \??\H:\Program Files (x86)\Garena Classic\safedrv.sys []
S3 IvtBtBUs;IVT Bluetooth Bus Service; H:\Windows\System32\Drivers\IvtBtBus.sys [2009-08-26 30344]
S3 NPPTNT2;NPPTNT2; \??\H:\Windows\syswow64\npptNT2.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; H:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; H:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; H:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); H:\Windows\system32\DRIVERS\s1039bus.sys [2009-11-19 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; H:\Windows\system32\DRIVERS\s1039mdfl.sys [2009-11-19 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; H:\Windows\system32\DRIVERS\s1039mdm.sys [2009-11-19 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); H:\Windows\system32\DRIVERS\s1039mgmt.sys [2009-11-19 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); H:\Windows\system32\DRIVERS\s1039nd5.sys [2009-11-19 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; H:\Windows\system32\DRIVERS\s1039obex.sys [2009-11-19 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); H:\Windows\system32\DRIVERS\s1039unic.sys [2009-11-19 158320]
S3 s3cap;s3cap; H:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; H:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbbus;LGE Mobile Composite USB Device; H:\Windows\system32\DRIVERS\lgx64bus.sys [2008-11-19 17920]
S3 UsbDiag;LGE Mobile USB Serial Port; H:\Windows\system32\DRIVERS\lgx64diag.sys [2008-11-19 27136]
S3 USBModem;LGE Mobile USB Modem; H:\Windows\system32\DRIVERS\lgx64modem.sys [2008-11-19 33792]
S3 usbscan;Ovladač skeneru USB; H:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VComm;Virtual Serial port driver; H:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; H:\Windows\System32\Drivers\VcommMgr.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; H:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; H:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; H:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; H:\Windows\system32\Ati2evxx.exe [2010-02-11 952320]
R2 Bandoo Coordinator;Bandoo Coordinator; H:\Program Files (x86)\Bandoo\Bandoo.exe [2011-07-13 2051472]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; H:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; H:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 2329480]
R2 PnkBstrA;PnkBstrA; H:\Windows\syswow64\PnkBstrA.exe [2010-11-21 75136]
R2 PnkBstrB;PnkBstrB; H:\Windows\syswow64\PnkBstrB.exe [2011-07-04 214520]
R2 srvbtcclient;srvbtcclient; H:\Windows\update.5.0\svchost.exe [2011-08-23 355840]
R2 srviecheck;srviecheck; H:\Windows\update.2\svchost.exe [2011-08-23 636416]
R2 srvsysdriver32;srvsysdriver32; H:\Windows\sysdriver32.exe [2011-08-23 258048]
R2 wlidsvc;Windows Live ID Sign-in Assistant; H:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 avast! Antivirus;avast! Antivirus; H:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; H:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; H:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; H:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; H:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; H:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
S3 IDriverT;InstallDriver Table Manager; H:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 npggsvc;nProtect GameGuard Service; H:\Windows\syswow64\GameMon.des [2011-01-28 3988144]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; H:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; H:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-09-08 575488]
S3 Steam Client Service;Steam Client Service; H:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-08-03 411432]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; H:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; H:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-27 1255736]
S4 NetMsmqActivator;@H:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; H:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@H:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; H:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@H:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; H:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Pustte tam AVPTool http://viry.cz/forum/viewtopic.php?f=29&t=58179 , havet se nam nejak vratila

Zatím jsem celkově nedošel dále než k 1 dokončenému procentu,protože vždy na mě vyskočí tabulka "Kaspersky Virus Removal Tool has detected malicious software"..zeptá se mě to,jestli chci provést dezinfekci,na výber mám Yes,perform což je doporučené,nebo No,do not perform.Mám už podruhé souhlasit a dát -Yes-,a čekat další 2 hodiny než se tohle dokončí a restartuje se PC,a pak pokračovat v kompletním skenu,či mám nesouhlasit a nechat to spracovat v souladu s celkovým skenem ?

Pustte tam znovu ComboFix dle navodu jak sjem jiz psal

Zde log :

ComboFix 11-08-24.03 - Josef 24.08.2011 19:26:04.4.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2013.1144 [GMT 2:00]
Spuštěný z: h:\users\Josef\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
h:\windows\btc_client_iplist.txt
h:\windows\front_ip_list.txt
h:\windows\geoiplist
h:\windows\geoiplist.rar
h:\windows\iecheck_iplist.txt
h:\windows\info1
h:\windows\iplist.txt
h:\windows\loader2.exe_ok
h:\windows\phoenix
h:\windows\phoenix.rar
h:\windows\phoenix\kernels\phatk\__init__.py
h:\windows\phoenix\kernels\phatk\__init__.pyc
h:\windows\phoenix\kernels\phatk\8399a8e3ceba6e552beab06670c3a996.elf
h:\windows\phoenix\kernels\phatk\BFIPatcher.py
h:\windows\phoenix\kernels\phatk\BFIPatcher.pyc
h:\windows\phoenix\kernels\phatk\eaeb6d50fd0b9cacaee7adbb93801815.elf
h:\windows\phoenix\kernels\phatk\kernel.cl
h:\windows\phoenix\kernels\poclbm\__init__.py
h:\windows\phoenix\kernels\poclbm\__init__.pyc
h:\windows\phoenix\kernels\poclbm\36979939777f2b82bff70d00e8825827.elf
h:\windows\phoenix\kernels\poclbm\5806fb642792f6f838b0e8f11fa91c26.elf
h:\windows\phoenix\kernels\poclbm\BFIPatcher.py
h:\windows\phoenix\kernels\poclbm\BFIPatcher.pyc
h:\windows\phoenix\kernels\poclbm\kernel.cl
h:\windows\phoenix\phoenix.exe
h:\windows\rpcminer
h:\windows\rpcminer.rar
h:\windows\rpcminer\bitcoinminercuda_10.cubin
h:\windows\rpcminer\bitcoinminercuda_11.cubin
h:\windows\rpcminer\bitcoinminercuda_20.cubin
h:\windows\rpcminer\bitcoinmineropencl.cl
h:\windows\rpcminer\cudart32_32_16.dll
h:\windows\rpcminer\curllib.dll
h:\windows\rpcminer\libeay32.dll
h:\windows\rpcminer\libsasl.dll
h:\windows\rpcminer\openldap.dll
h:\windows\rpcminer\rpcminer-4way.exe
h:\windows\rpcminer\rpcminer-cpu.exe
h:\windows\rpcminer\rpcminer-cuda.exe
h:\windows\rpcminer\rpcminer-opencl.exe
h:\windows\rpcminer\ssleay32.dll
h:\windows\system32\drivers\etc\HSTS~1
h:\windows\ufa.rar
h:\windows\update.2
h:\windows\update.5.0
h:\windows\update.7.1
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-24 do 2011-08-24 )))))))))))))))))))))))))))))))
.
.
2011-08-24 17:37 . 2011-08-24 17:37 -------- d-----w- h:\users\GN0SYS\AppData\Local\temp
2011-08-24 17:37 . 2011-08-24 17:37 -------- d-----w- h:\users\Default\AppData\Local\temp
2011-08-24 08:36 . 2011-08-24 08:36 -------- d-----w- h:\programdata\Kaspersky Lab
2011-08-23 19:47 . 2011-08-23 19:47 -------- d-----w- H:\rsit
2011-08-23 19:40 . 2011-08-23 19:40 -------- d-----w- h:\programdata\Alwil Software
2011-08-23 19:40 . 2011-08-23 19:40 -------- d-----w- h:\program files\AVAST Software
2011-08-23 08:06 . 2011-08-23 08:06 -------- d-----w- h:\program files (x86)\AMD APP
2011-08-23 07:49 . 2011-08-23 19:27 -------- d-----w- h:\windows\ufa
2011-08-23 07:48 . 2011-08-23 19:27 246272 ----a-w- h:\windows\unrar.exe
2011-08-22 17:37 . 2011-08-22 17:50 512 ----a-w- H:\PhysicalMBR.bin
2011-08-22 16:43 . 2011-08-23 19:50 -------- d-----w- h:\program files\trend micro
2011-08-21 20:12 . 2011-08-21 20:12 -------- d-----w- h:\program files (x86)\IP Changer Premium
2011-08-21 10:03 . 2011-08-21 10:03 -------- d--h--w- h:\programdata\Common Files
2011-08-21 10:03 . 2011-08-21 10:40 -------- d-----w- h:\programdata\MFAData
2011-08-21 09:43 . 2011-07-04 11:36 600920 ----a-w- h:\windows\system32\drivers\aswSnx.sys
2011-08-15 12:33 . 2011-08-24 15:16 -------- d-----w- h:\program files (x86)\Garena Classic
2011-08-10 09:02 . 2011-06-23 05:29 5507968 ----a-w- h:\windows\system32\ntoskrnl.exe
2011-08-10 09:02 . 2011-06-23 04:38 3957120 ----a-w- h:\windows\SysWow64\ntkrnlpa.exe
2011-08-10 09:02 . 2011-06-23 04:38 3902336 ----a-w- h:\windows\SysWow64\ntoskrnl.exe
2011-08-08 16:39 . 2011-08-08 16:39 -------- d-----w- h:\program files (x86)\LogMeIn Hamachi
2011-08-04 21:51 . 2011-08-04 22:00 2829 ----a-w- h:\windows\War3Unin.pif
2011-08-04 21:51 . 2011-08-04 22:00 139264 ----a-w- h:\windows\War3Unin.exe
2011-08-04 21:49 . 2011-08-24 17:18 -------- d-----w- h:\program files (x86)\W3
2011-07-31 20:07 . 2011-07-21 12:51 -------- d-----w- h:\users\Josef\AppData\Roaming\.minecraft
2011-07-29 17:43 . 2011-07-29 17:43 -------- d-----w- h:\users\Josef\AppData\Roaming\LolClient
2011-07-28 15:49 . 2011-07-28 15:49 60416 ----a-w- h:\windows\system32\OVDecode64.dll
2011-07-28 15:48 . 2011-07-28 15:48 16552960 ----a-w- h:\windows\system32\amdocl64.dll
2011-07-26 09:42 . 2011-07-26 09:42 -------- d-----w- H:\TopCD
2011-07-26 09:17 . 2011-07-26 09:39 272448 ----a-w- h:\windows\system32\drivers\dtsoftbus01.sys
2011-07-26 09:17 . 2011-07-26 09:24 -------- d-----w- h:\program files (x86)\DAEMON Tools Pro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 04:10 . 2011-08-23 10:08 8862544 ----a-w- h:\programdata\Microsoft\Windows Defender\Definition Updates\{41878B7C-CF60-4FA3-B10B-331AC2DD9695}\mpengine.dll
2011-07-17 21:54 . 2011-07-17 21:54 59904 ----a-w- h:\windows\SysWow64\OVDecode.dll
2011-07-17 19:32 . 2011-07-17 19:32 18328 ----a-w- h:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-07-16 04:32 . 2011-08-10 09:03 44032 ----a-w- h:\windows\apppatch\acwow64.dll
2011-07-15 07:59 . 2011-07-15 07:59 45056 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{4E526F25-8B1F-46AA-B50C-BBDA00EDFF66}\NewShortcut1_31C30ABA960848C399A3EA37FE010825.exe
2011-07-15 07:59 . 2011-07-15 07:59 45056 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{4E526F25-8B1F-46AA-B50C-BBDA00EDFF66}\NewShortcut2_6A293E8C50A64AF995D5612415EFFD9D.exe
2011-07-13 08:45 . 2011-06-10 09:53 404640 ----a-w- h:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-04 16:06 . 2010-05-20 17:12 214520 ----a-w- h:\windows\SysWow64\PnkBstrB.exe
2011-07-04 16:06 . 2010-03-09 14:20 214520 ----a-w- h:\windows\SysWow64\PnkBstrB.xtr
2011-07-04 11:43 . 2010-09-28 19:07 40112 ----a-w- h:\windows\avastSS.scr
2011-07-04 11:43 . 2010-09-28 19:07 199304 ----a-w- h:\windows\SysWow64\aswBoot.exe
2011-07-04 11:43 . 2011-01-25 09:07 253888 ----a-w- h:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2010-09-28 19:08 288088 ----a-w- h:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2010-09-28 19:08 45400 ----a-w- h:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2010-09-28 19:08 31064 ----a-w- h:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-09-28 19:08 64856 ----a-w- h:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2010-09-28 19:08 22360 ----a-w- h:\windows\system32\drivers\aswFsBlk.sys
2011-06-30 12:37 . 2011-06-30 12:37 65536 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut5_3293C06B003F40278380FFD79E38167D.exe
2011-06-30 12:37 . 2011-06-30 12:37 61440 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut3_3293C06B003F40278380FFD79E38167D.exe
2011-06-30 12:37 . 2011-06-30 12:37 61440 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut2_3293C06B003F40278380FFD79E38167D_1.exe
2011-06-30 12:37 . 2011-06-30 12:37 57344 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\ARPPRODUCTICON.exe
2011-06-28 16:37 . 2010-07-21 14:34 43520 ----a-w- h:\windows\SysWow64\CmdLineExt03.dll
2011-06-16 01:34 . 2011-06-16 01:34 2971648 ----a-w- h:\windows\system32\SlotMaximizerBe.dll
2011-06-16 01:34 . 2011-06-16 01:34 105984 ----a-w- h:\windows\system32\SlotMaximizerAg.dll
2011-06-11 02:56 . 2011-07-13 09:07 3134464 ----a-w- h:\windows\system32\win32k.sys
2011-06-03 11:45 . 2011-06-03 11:45 162584 ----a-w- h:\windows\system32\igfxtray.exe
2011-06-03 11:45 . 2011-06-03 11:45 510232 ----a-w- h:\windows\system32\igfxsrvc.exe
2011-06-03 11:45 . 2011-06-03 11:45 417560 ----a-w- h:\windows\system32\igfxpers.exe
2011-06-03 11:44 . 2011-06-03 11:44 224024 ----a-w- h:\windows\system32\igfxext.exe
2011-06-03 11:44 . 2011-06-03 11:44 386840 ----a-w- h:\windows\system32\hkcmd.exe
2011-06-03 11:44 . 2011-06-03 11:44 3157784 ----a-w- h:\windows\system32\GfxUI.exe
2011-06-03 11:44 . 2011-06-03 11:44 152856 ----a-w- h:\windows\system32\difx64.exe
2011-06-03 11:39 . 2011-06-03 11:39 90112 ----a-w- h:\windows\system32\igfxCoIn_v2413.dll
2011-06-03 11:34 . 2011-06-03 11:34 10628800 ----a-w- h:\windows\system32\drivers\igdkmd64.sys
2011-06-03 11:34 . 2011-06-03 11:34 6549504 ----a-w- h:\windows\system32\igdumd64.dll
2011-06-03 11:28 . 2010-02-20 06:18 4967424 ----a-w- h:\windows\SysWow64\igdumd32.dll
2011-06-03 11:24 . 2010-02-20 06:14 571904 ----a-w- h:\windows\SysWow64\igdumdx32.dll
2011-06-03 11:21 . 2009-07-13 21:59 4722176 ----a-w- h:\windows\system32\igd10umd64.dll
2011-06-03 11:17 . 2011-06-03 11:17 4411392 ----a-w- h:\windows\SysWow64\igd10umd32.dll
2011-06-03 11:10 . 2011-06-03 11:10 15546880 ----a-w- h:\windows\system32\ig4icd64.dll
2011-06-03 11:01 . 2011-06-03 11:01 11405312 ----a-w- h:\windows\SysWow64\ig4icd32.dll
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrsky.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrtrk.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrsve.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrslv.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87040 ----a-w- h:\windows\system32\igfxrtha.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88576 ----a-w- h:\windows\system32\igfxresn.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrrus.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrptg.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrplk.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrptb.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrnor.lrc
2011-06-03 10:56 . 2011-06-03 10:56 84992 ----a-w- h:\windows\system32\igfxrkor.lrc
2011-06-03 10:56 . 2011-06-03 10:56 84992 ----a-w- h:\windows\system32\igfxrjpn.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88576 ----a-w- h:\windows\system32\igfxrell.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrita.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrdeu.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrhun.lrc
2011-06-03 10:56 . 2011-06-03 10:56 86528 ----a-w- h:\windows\system32\igfxrheb.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88576 ----a-w- h:\windows\system32\igfxrfra.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrnld.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrfin.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87040 ----a-w- h:\windows\system32\igfxrdan.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrcsy.lrc
2011-06-03 10:56 . 2011-06-03 10:56 86528 ----a-w- h:\windows\system32\igfxrara.lrc
2011-06-03 10:56 . 2011-06-03 10:56 83968 ----a-w- h:\windows\system32\igfxrcht.lrc
2011-06-03 10:56 . 2011-06-03 10:56 83968 ----a-w- h:\windows\system32\igfxrchs.lrc
2011-06-03 10:56 . 2011-06-03 10:56 122368 ----a-w- h:\windows\system32\igfxcpl.cpl
2011-06-03 10:55 . 2011-06-03 10:55 27648 ----a-w- h:\windows\system32\igfxexps.dll
2011-06-03 10:55 . 2010-02-20 05:43 244224 ----a-w- h:\windows\system32\igfxpph.dll
2011-06-03 10:55 . 2011-06-03 10:55 380416 ----a-w- h:\windows\system32\igfxTMM.dll
2011-06-03 10:55 . 2010-02-20 05:43 61952 ----a-w- h:\windows\system32\igfxsrvc.dll
2011-06-03 10:55 . 2010-02-20 05:42 108544 ----a-w- h:\windows\system32\hccutils.dll
2011-06-03 10:54 . 2011-06-03 10:54 119808 ----a-w- h:\windows\system32\gfxSrvc.dll
2011-06-03 10:54 . 2011-06-03 10:54 4096 ----a-w- h:\windows\system32\IGFXDEVLib.dll
2011-06-03 10:54 . 2011-06-03 10:54 272896 ----a-w- h:\windows\system32\igfxdev.dll
2011-06-03 10:54 . 2011-06-03 10:54 87552 ----a-w- h:\windows\system32\igfxrenu.lrc
2011-06-03 10:54 . 2011-06-03 10:54 142336 ----a-w- h:\windows\system32\igfxdo.dll
2011-06-03 10:54 . 2010-02-20 05:41 830464 ----a-w- h:\windows\system32\igfxress.dll
2011-06-03 10:45 . 2011-06-03 10:45 23552 ----a-w- h:\windows\SysWow64\igfxexps32.dll
2011-06-03 10:44 . 2011-06-03 10:44 228864 ----a-w- h:\windows\SysWow64\igfxdv32.dll
2011-06-03 10:42 . 2011-06-03 10:42 208896 ----a-w- h:\windows\SysWow64\iglhsip32.dll
2011-06-03 10:42 . 2011-06-03 10:42 206336 ----a-w- h:\windows\system32\iglhsip64.dll
2011-06-03 10:42 . 2011-06-03 10:42 188416 ----a-w- h:\windows\system32\iglhcp64.dll
2011-06-03 10:42 . 2011-06-03 10:42 147456 ----a-w- h:\windows\SysWow64\iglhcp32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="h:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-07-29 3077528]
"Sony Ericsson PC Companion"="h:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2009-12-08 774144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Samsung PanelMgr"="h:\windows\Samsung\PanelMgr\SSMMgr.exe" [2010-06-07 618496]
"Adobe Reader Speed Launcher"="h:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"avast"="h:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
h:\users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth PC Dialer.lnk - h:\program files (x86)\Bluetooth PC Dialer\BluetoothPCDialer.exe [2009-8-24 196608]
OpenOffice.org 3.0.lnk - h:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]
_uninst_33496887.lnk - h:\users\Josef\AppData\Local\Temp\_uninst_33496887.bat [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=h:\progra~2\Bandoo\BndHook.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:English /KBD:2 /wow /dir:h:\progra~1\AVASTS~1\Avast\defs\11070401
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;h:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;h:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ATICDSDr;ATICDSDr;h:\users\Josef\AppData\Local\Temp\ATICDSDr.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;h:\windows\system32\Drivers\btnetBus.sys [x]
R3 cpuz135;cpuz135;h:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 dump_wmimmc;dump_wmimmc;h:\program files (x86)\BlackShot\BlackShot\system\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;h:\windows\system32\drivers\EagleX64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;h:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
R3 GGSAFERDriver;GGSAFER Driver;h:\program files (x86)\Garena Classic\safedrv.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;h:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);h:\windows\system32\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;h:\windows\system32\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;h:\windows\system32\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);h:\windows\system32\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);h:\windows\system32\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;h:\windows\system32\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);h:\windows\system32\DRIVERS\s1039unic.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;h:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 BtHidBus;Bluetooth HID Bus Service;h:\windows\System32\Drivers\BtHidBus.sys [x]
S0 sptd;sptd;h:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;h:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;h:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 2329480]
S3 LgBttPort;LGE Bluetooth TransPort;h:\windows\system32\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;h:\windows\system32\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;h:\windows\system32\DRIVERS\lgvmdm64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - 59967345
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 134384 ----a-w- h:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="h:\windows\system32\igfxtray.exe" [2011-06-03 162584]
"HotKeysCmds"="h:\windows\system32\hkcmd.exe" [2011-06-03 386840]
"Persistence"="h:\windows\system32\igfxpers.exe" [2011-06-03 417560]
.
------- Doplňkový sken -------
.
uLocal Page = h:\windows\system32\blank.htm
uStart Page = hxxp://www.maxiwe.com
mStart Page = hxxp://www.maxiwe.com
mLocal Page = h:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - h:\windows\system32\GPhotos.scr/200
IE: ????3?? - h:\users\Josef\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - h:\users\Josef\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
TCP: Interfaces\{7CA5A229-0722-4828-A191-DBED3FE9D35A}: DhcpNameServer = 78.156.128.37 80.79.16.3
FF - ProfilePath - h:\users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\xhy3rgc4.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.proxy.type - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Adobe Shockwave Player - h:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Mafia Game - h:\windows\system32\MafiaSetup.exe
AddRemove-PunkBusterSvc - h:\windows\system32\pbsvc(2).exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="h:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="h:\\Users\\Josef\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="h:\\Users\\Josef\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\lexmark\web_update]
@Class="REG_SZ"
@DACL=(02 0000)
"CDdirectory"="c:\\LEXMARK\\WIN32DRV"
.
------------------------ Jiné spuštené procesy ------------------------
.
h:\windows\SysWOW64\PnkBstrA.exe
h:\windows\SysWOW64\PnkBstrB.exe
h:\program files (x86)\Google\Update\GoogleUpdate.exe
h:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
h:\program files (x86)\Bandoo\Bandoo.exe
h:\program files (x86)\OpenOffice.org 3\program\soffice.exe
h:\program files (x86)\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Celkový čas: 2011-08-24 19:46:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-24 17:46
.
Před spuštěním: Volných bajtů: 15 213 146 112
Po spuštění: Volných bajtů: 15 209 828 352
.
- - End Of File - - D01C366DFA2EDB090DBD00556DB539D1

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Folder::
h:\windows\ufa

File::
h:\windows\unrar.exe

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=-[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000000
"DisableThumbnailCache"=dword:00000000

Driver::
59967345

AtJob::

RegLock::
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\lexmark\web_update]

RegNull::
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

ComboFix 11-08-24.03 - Josef 24.08.2011 23:55:01.5.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2013.737 [GMT 2:00]
Spuštěný z: h:\users\Josef\Desktop\ComboFix.exe
Použité ovládací přepínače :: h:\users\Josef\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"h:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
h:\windows\ufa
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_59967345
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-24 do 2011-08-24 )))))))))))))))))))))))))))))))
.
.
2011-08-24 08:36 . 2011-08-24 08:36 -------- d-----w- h:\programdata\Kaspersky Lab
2011-08-23 19:47 . 2011-08-23 19:47 -------- d-----w- H:\rsit
2011-08-23 19:40 . 2011-08-23 19:40 -------- d-----w- h:\programdata\Alwil Software
2011-08-23 19:40 . 2011-08-23 19:40 -------- d-----w- h:\program files\AVAST Software
2011-08-23 08:06 . 2011-08-23 08:06 -------- d-----w- h:\program files (x86)\AMD APP
2011-08-23 07:48 . 2011-08-23 19:27 246272 ----a-w- h:\windows\unrar.exe
2011-08-22 17:37 . 2011-08-22 17:50 512 ----a-w- H:\PhysicalMBR.bin
2011-08-22 16:43 . 2011-08-23 19:50 -------- d-----w- h:\program files\trend micro
2011-08-21 20:12 . 2011-08-21 20:12 -------- d-----w- h:\program files (x86)\IP Changer Premium
2011-08-21 10:03 . 2011-08-21 10:03 -------- d--h--w- h:\programdata\Common Files
2011-08-21 10:03 . 2011-08-21 10:40 -------- d-----w- h:\programdata\MFAData
2011-08-21 09:43 . 2011-07-04 11:36 600920 ----a-w- h:\windows\system32\drivers\aswSnx.sys
2011-08-15 12:33 . 2011-08-24 21:51 -------- d-----w- h:\program files (x86)\Garena Classic
2011-08-10 09:02 . 2011-06-23 05:29 5507968 ----a-w- h:\windows\system32\ntoskrnl.exe
2011-08-10 09:02 . 2011-06-23 04:38 3957120 ----a-w- h:\windows\SysWow64\ntkrnlpa.exe
2011-08-10 09:02 . 2011-06-23 04:38 3902336 ----a-w- h:\windows\SysWow64\ntoskrnl.exe
2011-08-08 16:39 . 2011-08-08 16:39 -------- d-----w- h:\program files (x86)\LogMeIn Hamachi
2011-08-04 21:51 . 2011-08-04 22:00 2829 ----a-w- h:\windows\War3Unin.pif
2011-08-04 21:51 . 2011-08-04 22:00 139264 ----a-w- h:\windows\War3Unin.exe
2011-08-04 21:49 . 2011-08-24 17:18 -------- d-----w- h:\program files (x86)\W3
2011-07-31 20:07 . 2011-07-21 12:51 -------- d-----w- h:\users\Josef\AppData\Roaming\.minecraft
2011-07-29 17:43 . 2011-07-29 17:43 -------- d-----w- h:\users\Josef\AppData\Roaming\LolClient
2011-07-28 15:49 . 2011-07-28 15:49 60416 ----a-w- h:\windows\system32\OVDecode64.dll
2011-07-28 15:48 . 2011-07-28 15:48 16552960 ----a-w- h:\windows\system32\amdocl64.dll
2011-07-26 09:42 . 2011-07-26 09:42 -------- d-----w- H:\TopCD
2011-07-26 09:17 . 2011-07-26 09:39 272448 ----a-w- h:\windows\system32\drivers\dtsoftbus01.sys
2011-07-26 09:17 . 2011-07-26 09:24 -------- d-----w- h:\program files (x86)\DAEMON Tools Pro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 04:10 . 2011-08-23 10:08 8862544 ----a-w- h:\programdata\Microsoft\Windows Defender\Definition Updates\{41878B7C-CF60-4FA3-B10B-331AC2DD9695}\mpengine.dll
2011-07-17 21:54 . 2011-07-17 21:54 59904 ----a-w- h:\windows\SysWow64\OVDecode.dll
2011-07-17 19:32 . 2011-07-17 19:32 18328 ----a-w- h:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-07-16 04:32 . 2011-08-10 09:03 44032 ----a-w- h:\windows\apppatch\acwow64.dll
2011-07-15 07:59 . 2011-07-15 07:59 45056 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{4E526F25-8B1F-46AA-B50C-BBDA00EDFF66}\NewShortcut1_31C30ABA960848C399A3EA37FE010825.exe
2011-07-15 07:59 . 2011-07-15 07:59 45056 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{4E526F25-8B1F-46AA-B50C-BBDA00EDFF66}\NewShortcut2_6A293E8C50A64AF995D5612415EFFD9D.exe
2011-07-13 08:45 . 2011-06-10 09:53 404640 ----a-w- h:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-04 16:06 . 2010-05-20 17:12 214520 ----a-w- h:\windows\SysWow64\PnkBstrB.exe
2011-07-04 16:06 . 2010-03-09 14:20 214520 ----a-w- h:\windows\SysWow64\PnkBstrB.xtr
2011-07-04 11:43 . 2010-09-28 19:07 40112 ----a-w- h:\windows\avastSS.scr
2011-07-04 11:43 . 2010-09-28 19:07 199304 ----a-w- h:\windows\SysWow64\aswBoot.exe
2011-07-04 11:43 . 2011-01-25 09:07 253888 ----a-w- h:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2010-09-28 19:08 288088 ----a-w- h:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2010-09-28 19:08 45400 ----a-w- h:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2010-09-28 19:08 31064 ----a-w- h:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-09-28 19:08 64856 ----a-w- h:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2010-09-28 19:08 22360 ----a-w- h:\windows\system32\drivers\aswFsBlk.sys
2011-06-30 12:37 . 2011-06-30 12:37 65536 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut5_3293C06B003F40278380FFD79E38167D.exe
2011-06-30 12:37 . 2011-06-30 12:37 61440 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut3_3293C06B003F40278380FFD79E38167D.exe
2011-06-30 12:37 . 2011-06-30 12:37 61440 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut2_3293C06B003F40278380FFD79E38167D_1.exe
2011-06-30 12:37 . 2011-06-30 12:37 57344 ----a-r- h:\users\Josef\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\ARPPRODUCTICON.exe
2011-06-28 16:37 . 2010-07-21 14:34 43520 ----a-w- h:\windows\SysWow64\CmdLineExt03.dll
2011-06-16 01:34 . 2011-06-16 01:34 2971648 ----a-w- h:\windows\system32\SlotMaximizerBe.dll
2011-06-16 01:34 . 2011-06-16 01:34 105984 ----a-w- h:\windows\system32\SlotMaximizerAg.dll
2011-06-11 02:56 . 2011-07-13 09:07 3134464 ----a-w- h:\windows\system32\win32k.sys
2011-06-03 11:45 . 2011-06-03 11:45 162584 ----a-w- h:\windows\system32\igfxtray.exe
2011-06-03 11:45 . 2011-06-03 11:45 510232 ----a-w- h:\windows\system32\igfxsrvc.exe
2011-06-03 11:45 . 2011-06-03 11:45 417560 ----a-w- h:\windows\system32\igfxpers.exe
2011-06-03 11:44 . 2011-06-03 11:44 224024 ----a-w- h:\windows\system32\igfxext.exe
2011-06-03 11:44 . 2011-06-03 11:44 386840 ----a-w- h:\windows\system32\hkcmd.exe
2011-06-03 11:44 . 2011-06-03 11:44 3157784 ----a-w- h:\windows\system32\GfxUI.exe
2011-06-03 11:44 . 2011-06-03 11:44 152856 ----a-w- h:\windows\system32\difx64.exe
2011-06-03 11:39 . 2011-06-03 11:39 90112 ----a-w- h:\windows\system32\igfxCoIn_v2413.dll
2011-06-03 11:34 . 2011-06-03 11:34 10628800 ----a-w- h:\windows\system32\drivers\igdkmd64.sys
2011-06-03 11:34 . 2011-06-03 11:34 6549504 ----a-w- h:\windows\system32\igdumd64.dll
2011-06-03 11:28 . 2010-02-20 06:18 4967424 ----a-w- h:\windows\SysWow64\igdumd32.dll
2011-06-03 11:24 . 2010-02-20 06:14 571904 ----a-w- h:\windows\SysWow64\igdumdx32.dll
2011-06-03 11:21 . 2009-07-13 21:59 4722176 ----a-w- h:\windows\system32\igd10umd64.dll
2011-06-03 11:17 . 2011-06-03 11:17 4411392 ----a-w- h:\windows\SysWow64\igd10umd32.dll
2011-06-03 11:10 . 2011-06-03 11:10 15546880 ----a-w- h:\windows\system32\ig4icd64.dll
2011-06-03 11:01 . 2011-06-03 11:01 11405312 ----a-w- h:\windows\SysWow64\ig4icd32.dll
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrsky.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrtrk.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrsve.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrslv.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87040 ----a-w- h:\windows\system32\igfxrtha.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88576 ----a-w- h:\windows\system32\igfxresn.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrrus.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrptg.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrplk.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrptb.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrnor.lrc
2011-06-03 10:56 . 2011-06-03 10:56 84992 ----a-w- h:\windows\system32\igfxrkor.lrc
2011-06-03 10:56 . 2011-06-03 10:56 84992 ----a-w- h:\windows\system32\igfxrjpn.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88576 ----a-w- h:\windows\system32\igfxrell.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrita.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrdeu.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrhun.lrc
2011-06-03 10:56 . 2011-06-03 10:56 86528 ----a-w- h:\windows\system32\igfxrheb.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88576 ----a-w- h:\windows\system32\igfxrfra.lrc
2011-06-03 10:56 . 2011-06-03 10:56 88064 ----a-w- h:\windows\system32\igfxrnld.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrfin.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87040 ----a-w- h:\windows\system32\igfxrdan.lrc
2011-06-03 10:56 . 2011-06-03 10:56 87552 ----a-w- h:\windows\system32\igfxrcsy.lrc
2011-06-03 10:56 . 2011-06-03 10:56 86528 ----a-w- h:\windows\system32\igfxrara.lrc
2011-06-03 10:56 . 2011-06-03 10:56 83968 ----a-w- h:\windows\system32\igfxrcht.lrc
2011-06-03 10:56 . 2011-06-03 10:56 83968 ----a-w- h:\windows\system32\igfxrchs.lrc
2011-06-03 10:56 . 2011-06-03 10:56 122368 ----a-w- h:\windows\system32\igfxcpl.cpl
2011-06-03 10:55 . 2011-06-03 10:55 27648 ----a-w- h:\windows\system32\igfxexps.dll
2011-06-03 10:55 . 2010-02-20 05:43 244224 ----a-w- h:\windows\system32\igfxpph.dll
2011-06-03 10:55 . 2011-06-03 10:55 380416 ----a-w- h:\windows\system32\igfxTMM.dll
2011-06-03 10:55 . 2010-02-20 05:43 61952 ----a-w- h:\windows\system32\igfxsrvc.dll
2011-06-03 10:55 . 2010-02-20 05:42 108544 ----a-w- h:\windows\system32\hccutils.dll
2011-06-03 10:54 . 2011-06-03 10:54 119808 ----a-w- h:\windows\system32\gfxSrvc.dll
2011-06-03 10:54 . 2011-06-03 10:54 4096 ----a-w- h:\windows\system32\IGFXDEVLib.dll
2011-06-03 10:54 . 2011-06-03 10:54 272896 ----a-w- h:\windows\system32\igfxdev.dll
2011-06-03 10:54 . 2011-06-03 10:54 87552 ----a-w- h:\windows\system32\igfxrenu.lrc
2011-06-03 10:54 . 2011-06-03 10:54 142336 ----a-w- h:\windows\system32\igfxdo.dll
2011-06-03 10:54 . 2010-02-20 05:41 830464 ----a-w- h:\windows\system32\igfxress.dll
2011-06-03 10:45 . 2011-06-03 10:45 23552 ----a-w- h:\windows\SysWow64\igfxexps32.dll
2011-06-03 10:44 . 2011-06-03 10:44 228864 ----a-w- h:\windows\SysWow64\igfxdv32.dll
2011-06-03 10:42 . 2011-06-03 10:42 208896 ----a-w- h:\windows\SysWow64\iglhsip32.dll
2011-06-03 10:42 . 2011-06-03 10:42 206336 ----a-w- h:\windows\system32\iglhsip64.dll
2011-06-03 10:42 . 2011-06-03 10:42 188416 ----a-w- h:\windows\system32\iglhcp64.dll
2011-06-03 10:42 . 2011-06-03 10:42 147456 ----a-w- h:\windows\SysWow64\iglhcp32.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-08-24_17.40.01 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-28 11:05 . 2011-08-24 21:12 63368 h:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-08-24 17:41 41268 h:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-08-24 22:11 41268 h:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-02-28 11:05 . 2011-08-24 22:11 21200 h:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3665194971-35141123-3770490494-1000_UserData.bin
+ 2010-02-28 11:00 . 2011-08-24 17:57 16384 h:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-02-28 11:00 . 2011-08-24 11:36 16384 h:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-08-24 11:36 . 2011-08-24 11:36 32768 h:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-08-24 11:36 . 2011-08-24 17:57 32768 h:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-08-24 17:57 16384 h:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-08-24 11:36 16384 h:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2011-08-24 21:13 71736 h:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2010-02-28 11:22 . 2011-08-24 21:18 16384 h:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-02-28 11:22 . 2011-08-24 17:05 16384 h:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-02-28 11:22 . 2011-08-24 21:18 16384 h:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-02-28 11:22 . 2011-08-24 17:05 16384 h:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-08-24 17:39 . 2011-08-24 17:39 2048 h:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-08-24 22:09 . 2011-08-24 22:09 2048 h:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-08-24 17:39 . 2011-08-24 17:39 2048 h:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-08-24 22:09 . 2011-08-24 22:09 2048 h:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-08-24 17:38 442272 h:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-08-24 22:08 442272 h:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 04:45 . 2011-08-11 08:43 3607895 h:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 04:45 . 2011-08-24 21:13 3607895 h:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2010-12-27 10:52 . 2011-08-24 17:38 2583008 h:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3665194971-35141123-3770490494-1000-12288.dat
+ 2010-12-27 10:52 . 2011-08-24 22:08 2583008 h:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3665194971-35141123-3770490494-1000-12288.dat
- 2009-07-14 02:34 . 2011-08-24 11:14 10485760 h:\windows\system32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:34 . 2011-08-24 21:27 10485760 h:\windows\system32\SMI\Store\Machine\schema.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="h:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2011-07-29 3077528]
"Sony Ericsson PC Companion"="h:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2009-12-08 774144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"FirewallOverride"="0 (0x0)" [X]
"DisableThumbnailCache"="0 (0x0)" [X]
"Samsung PanelMgr"="h:\windows\Samsung\PanelMgr\SSMMgr.exe" [2010-06-07 618496]
"Adobe Reader Speed Launcher"="h:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"avast"="h:\program files\AVAST Software\Avast\avastUI.exe" [2011-07-04 3493720]
.
h:\users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth PC Dialer.lnk - h:\program files (x86)\Bluetooth PC Dialer\BluetoothPCDialer.exe [2009-8-24 196608]
OpenOffice.org 3.0.lnk - h:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]
_uninst_33496887.lnk - h:\users\Josef\AppData\Local\Temp\_uninst_33496887.bat [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=h:\progra~2\Bandoo\BndHook.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:English /KBD:2 /wow /dir:h:\progra~1\AVASTS~1\Avast\defs\11070401
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;h:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;h:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ATICDSDr;ATICDSDr;h:\users\Josef\AppData\Local\Temp\ATICDSDr.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;h:\windows\system32\Drivers\btnetBus.sys [x]
R3 cpuz135;cpuz135;h:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 dump_wmimmc;dump_wmimmc;h:\program files (x86)\BlackShot\BlackShot\system\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;h:\windows\system32\drivers\EagleX64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;h:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
R3 GGSAFERDriver;GGSAFER Driver;h:\program files (x86)\Garena Classic\safedrv.sys [x]
R3 IvtBtBUs;IVT Bluetooth Bus Service;h:\windows\system32\Drivers\IvtBtBus.sys [x]
R3 s1039bus;Sony Ericsson Device 1039 driver (WDM);h:\windows\system32\DRIVERS\s1039bus.sys [x]
R3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter;h:\windows\system32\DRIVERS\s1039mdfl.sys [x]
R3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver;h:\windows\system32\DRIVERS\s1039mdm.sys [x]
R3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM);h:\windows\system32\DRIVERS\s1039mgmt.sys [x]
R3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS);h:\windows\system32\DRIVERS\s1039nd5.sys [x]
R3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface;h:\windows\system32\DRIVERS\s1039obex.sys [x]
R3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM);h:\windows\system32\DRIVERS\s1039unic.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;h:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 BtHidBus;Bluetooth HID Bus Service;h:\windows\System32\Drivers\BtHidBus.sys [x]
S0 sptd;sptd;h:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;h:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;h:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 2329480]
S3 LgBttPort;LGE Bluetooth TransPort;h:\windows\system32\DRIVERS\lgbtpt64.sys [x]
S3 lgbusenum;LG Bluetooth Bus Enumerator;h:\windows\system32\DRIVERS\lgbtbs64.sys [x]
S3 LGVMODEM;LGE Virtual Modem;h:\windows\system32\DRIVERS\lgvmdm64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 134384 ----a-w- h:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="h:\windows\system32\igfxtray.exe" [2011-06-03 162584]
"HotKeysCmds"="h:\windows\system32\hkcmd.exe" [2011-06-03 386840]
"Persistence"="h:\windows\system32\igfxpers.exe" [2011-06-03 417560]
"combofix"="h:\combofix\CF8190.3XE" [2009-07-14 344576]
.
------- Doplňkový sken -------
.
uLocal Page = h:\windows\system32\blank.htm
uStart Page = hxxp://www.maxiwe.com
mStart Page = hxxp://www.maxiwe.com
mLocal Page = h:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - h:\windows\system32\GPhotos.scr/200
IE: ????3?? - h:\users\Josef\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - h:\users\Josef\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
TCP: Interfaces\{7CA5A229-0722-4828-A191-DBED3FE9D35A}: DhcpNameServer = 78.156.128.37 80.79.16.3
FF - ProfilePath - h:\users\Josef\AppData\Roaming\Mozilla\Firefox\Profiles\xhy3rgc4.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.proxy.type - 0
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="h:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}Ź]
@="h:\\Users\\Josef\\AppData\\Roaming\\FlashGetBHO\\GetUrl.htm"
"contexts"=dword:00000022
.
[HKEY_USERS\S-1-5-21-3665194971-35141123-3770490494-1000\Software\Microsoft\Internet Explorer\MenuExt\O(uë_fŹ3*N}ŹhQčţ”Ąc]
@="h:\\Users\\Josef\\AppData\\Roaming\\FlashGetBHO\\GetAllUrl.htm"
"contexts"=dword:000000f3
.
------------------------ Jiné spuštené procesy ------------------------
.
h:\windows\SysWOW64\PnkBstrA.exe
h:\program files (x86)\Google\Update\GoogleUpdate.exe
h:\windows\SysWOW64\PnkBstrB.exe
h:\program files (x86)\Bandoo\Bandoo.exe
h:\program files (x86)\OpenOffice.org 3\program\soffice.exe
h:\program files (x86)\OpenOffice.org 3\program\soffice.bin
.
**************************************************************************
.
Celkový čas: 2011-08-25 00:16:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-24 22:16
ComboFix2.txt 2011-08-24 17:46
.
Před spuštěním: Volných bajtů: 14 412 308 480
Po spuštění: Volných bajtů: 14 266 126 336
.
- - End Of File - - 7C6FDDEC9289917C1BD860F5087E7BC2

Jak se chova PC

Stále nelze spustit antivir,ani písničky či filmy .."Provádění serveru selhalo" . ale facebook už jede bez chyb

Antivir je poskozen, ten poresime, WMP snad tez - ale google ani microsoft k tomuto problemu moc sdilny neni

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

v nouzovem rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti) projedte PC temito utilitami, at se zbavime zbytku antiviru co tam mate

http://files.avast.com/files/eng/aswclear.exe

Nainstalujte Avast Free http://www.avast.com/cs-cz/free-antivirus-download

Otevrete si poznamkovy blok

Start->spustit->notepad
Vlozte text nize

Kód: Vybrat vše

@echo off
regsvr32 jscript.dll
regsvr32 vbscript.dll

Soubor ulozte jako del.bat
Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
Zavrit notepad a spustit dvojklikem del.bat
Okno jen problikne a provede mazani - soubor muzete smazat

Dejte novy log z RSIT a napiste jak se chova PC

VIRY.CZ

FcB virus.

Re: FcB virus.

Re: FcB virus.

Re: FcB virus.

Re: FcB virus.

Re: FcB virus.

Re: FcB virus.

Re: FcB virus.

Re: FcB virus.

Re: FcB virus.

Re: FcB virus.

Re: FcB virus.

Re: FcB virus.

Re: FcB virus.

Re: FcB virus.

Re: FcB virus.