VIRY.CZ

Zkuste ho spustit v nouzovém režimu - po restartu mačkejte F8 - nouzový režim

V nouzovém řežimu se normálně spustil.Doběhlo to do 50. fáze a napasalo to: mažu soubory:

A začalo to vypisovat cesty k různým exe souborům.To jsem chvilku nechal, ale zachvilku mě začalo znepokojovat, že se tam ukazovaly cesty i k myslím zcela neškodným programům jako aplikace pro psaní všemi deseti atd.Akci jsem raději vypl, protože jsem se bál, že to smaže i windows soubory.

Po restartu PC jsem se podíval do složek někde ty .exe soubory byli někde ne.

To jste se bát nemusel, z karanteny combofixu jdou vytáhnout. Takže log asi nemáte

Log z ComboFixu:

ComboFix 09-12-17.03 - jakub 18.12.2009 19:59:04.3.1 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.958.763 [GMT 1:00]
Spuštěný z: c:\documents and settings\jakub\Plocha\KittyFix2.exe
AV: COMODO Antivirus *On-access scanning enabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Data aplikací\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\readme.eml
c:\documents and settings\jakub\Local Settings\Data aplikací\Adobe\Flash CS3\en\Configuration\Classes\readme.eml
c:\documents and settings\jakub\Local Settings\Data aplikací\Adobe\Flash CS3\en\Configuration\Detection\readme.eml
c:\documents and settings\jakub\Local Settings\Data aplikací\Adobe\Flash CS3\en\Configuration\HelpPanel\_sharedassets\readme.eml
c:\documents and settings\jakub\Local Settings\Data aplikací\Adobe\Flash CS3\en\Configuration\HTML\Learning Extensions Srvr Files\readme.eml
c:\documents and settings\jakub\Local Settings\Data aplikací\Adobe\Flash CS3\en\Configuration\HTML\readme.eml
c:\documents and settings\jakub\Local Settings\Data aplikací\Google\Chrome\Application\3.0.195.27\Resources\Inspector\readme.eml
c:\documents and settings\jakub\Local Settings\Data aplikací\Google\Chrome\Application\4.0.223.16\Resources\Inspector\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\2D49U5GF\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\4Z8PY3QT\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\6DKFAL25\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\89ABCDEF\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\8P4RGB0B\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\GFK1E52J\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\GHIJKLMN\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\I6IIPZHV\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\LD83MK3G\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\M5SLSPUR\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\OPQRSTUV\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\QN27Q9AJ\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\QZCBI3WF\readme.eml
c:\documents and settings\jakub\Local Settings\Temporary Internet Files\Content.IE5\SHSXIVWD\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\Cz\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\Da\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\De\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-uk\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-us\Controller\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-us\Crash\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-us\Direct_X\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-us\Error_Message\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-us\Getting_More_Help_Online\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-us\Graphics\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-us\Install\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-us\Lock-up_and_Freeze\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-us\Online_Connectivity_and_Performance\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-us\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-us\Sound\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-us\whdata\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\en-us\Whitepages\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\Es\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\Fi\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\fr-fr\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\Hu\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\It\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\NL\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\No\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\Pol\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\pt-br\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\pt\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\Ru\readme.eml
c:\documents and settings\jakub\Plocha\fifa\Support\EA Help\Sv\readme.eml
c:\documents and settings\jakub\Plocha\HLDS_WINDOWS\cstrike\manual\readme.eml
c:\documents and settings\jakub\Plocha\programy\OpenOffice.org 3.1 (cs) Installation Files\licenses\readme.eml
c:\documents and settings\jakub\Plocha\programy\OpenOffice.org 3.1 (cs) Installation Files\readmes\readme.eml
c:\documents and settings\jakub\Plocha\psychostats-nightly\upload\admin\themes\acp\msg\readme.eml
c:\documents and settings\jakub\Plocha\psychostats-nightly\upload\admin\themes\acp\readme.eml
c:\documents and settings\jakub\Plocha\psychostats-nightly\upload\install\themes\default\readme.eml
c:\documents and settings\jakub\Plocha\psychostats-nightly\upload\plugins\readme.eml
c:\documents and settings\jakub\Plocha\psychostats-nightly\upload\themes\default-blue\readme.eml
c:\documents and settings\jakub\Plocha\psychostats-nightly\upload\themes\default\msg\readme.eml
c:\documents and settings\jakub\Plocha\psychostats-nightly\upload\themes\default\readme.eml
c:\documents and settings\jakub\Plocha\swat\Kitty.exe
c:\documents and settings\jakub\Plocha\web\kociweb\readme.eml
c:\documents and settings\jakub\Plocha\weby\aquaria\readme.eml
c:\documents and settings\jakub\Plocha\weby\rs-2 - blog\rs2-rc53\admin\texyla\readme.eml
c:\documents and settings\jakub\Plocha\weby\rs-2 - blog\rs2-rc53\help\readme.eml
c:\documents and settings\jakub\Plocha\weby\rs-2 - blog\rs2-rc53\vzhled\styl-solution\html\foto\readme.eml
c:\documents and settings\jakub\Plocha\weby\rs-2 - blog\rs2-rc53\vzhled\styl-solution\html\web\readme.eml
c:\nvidia\DisplayDriver\186.18\International\NvCplSetupInt.exe
c:\nvidia\DisplayDriver\186.18\International\nvudisp.exe
c:\nvidia\DisplayDriver\186.18\International\PhysX_9.09.0428_SystemSoftware.exe
c:\nvidia\DisplayDriver\186.18\International\setup.exe
c:\nvidia\Win2k\175.19\IS\nvudisp.exe
c:\nvidia\Win2k\175.19\IS\setup.exe
c:\progra~1\ALWILS~1\Avast4\ashDisp.exe
c:\program files\Activision\Call of Duty 2\CoD2MP_s.exe
c:\program files\Activision\Call of Duty 2\CoD2SP_s.exe
c:\program files\Activision\Call of Duty 2\Uninst_Call of Duty(R) 2 Patch 1.3.exe
c:\program files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
c:\program files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
c:\program files\Adobe\Acrobat 7.0\Reader\Updater\acroaum.exe
c:\program files\Adobe\Acrobat 7.0\Setup Files\RdrBig705\CZE\instmsiw.exe
c:\program files\Adobe\Acrobat 7.0\Setup Files\RdrBig705\CZE\setup.exe
c:\program files\Adobe\Adobe Bridge CS3\Adobe DNG Converter.exe
c:\program files\Adobe\Adobe Bridge CS3\Bridge.exe
c:\program files\Adobe\Adobe Bridge CS3\bridgeproxy.exe
c:\program files\Adobe\Adobe Bridge CS3\Photodownloader.exe
c:\program files\Adobe\Adobe Device Central CS3\DeviceCentral.exe
c:\program files\Adobe\Adobe Flash CS3 Video Encoder\Flash Video Encoder.exe
c:\program files\Adobe\Adobe Help Viewer\1.1\ahv.exe
c:\program files\Adobe\Adobe Utilities\ExtendScript Toolkit 2\ExtendScript Toolkit 2.exe
c:\program files\AGEIA Technologies\bin\AGEIAPhysXBoxes.exe
c:\program files\AGEIA Technologies\bin\TrayIcon.exe
c:\program files\AGEIA Technologies\driver\x86\1.1.1.12\DIFxSetup.exe
c:\program files\AGEIA Technologies\driver\x86\1.1.1.12\rescanDevNode.exe
c:\program files\AGEIA Technologies\driver\x86\1.1.1.14\DIFxSetup.exe
c:\program files\AGEIA Technologies\driver\x86\1.1.1.14\rescanDevNode.exe
c:\program files\AGEIA Technologies\driver\x86\1.1.1.15\DIFxSetup.exe
c:\program files\AGEIA Technologies\driver\x86\1.1.1.15\rescanDevNode.exe
c:\program files\Ahead\CoverDesigner\CoverDes.exe
c:\program files\Ahead\ImageDrive\ImageDrive.exe
c:\program files\Ahead\Nero BackItUp\BackItUp.exe
c:\program files\Ahead\Nero BackItUp\NBJ.exe
c:\program files\Ahead\Nero BackItUp\NBR.exe
c:\program files\Ahead\Nero SoundTrax\SoundTrax.exe
c:\program files\Ahead\Nero StartSmart\NeroStartSmart.exe
c:\program files\Ahead\Nero Toolkit\CDSpeed.exe
c:\program files\Ahead\Nero Toolkit\DriveSpeed.exe
c:\program files\Ahead\Nero Toolkit\InfoTool.exe
c:\program files\Ahead\Nero Wave Editor\DXEnum.exe
c:\program files\Ahead\Nero Wave Editor\WaveEdit.exe
c:\program files\Ahead\Nero\nero.exe
c:\program files\Ahead\Nero\NeroCmd.exe
c:\program files\Ahead\Nero\Uninstall\UNNero.exe
c:\program files\Ahead\WMPBurn\WMPBurn.exe
c:\program files\AltoMP3 Gold\AltoMP3Gold.exe
c:\program files\AltoMP3 Gold\uninst.exe
c:\program files\Alwil Software\Avast4\ashAvast.exe
c:\program files\Alwil Software\Avast4\ashBug.exe
c:\program files\Alwil Software\Avast4\ashCnsnt.exe
c:\program files\Alwil Software\Avast4\ashDisp.exe
c:\program files\Alwil Software\Avast4\ashChest.exe
c:\program files\Alwil Software\Avast4\ashLogV.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashPopWz.exe
c:\program files\Alwil Software\Avast4\ashQuick.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Alwil Software\Avast4\ashSimp2.exe
c:\program files\Alwil Software\Avast4\ashSimpl.exe
c:\program files\Alwil Software\Avast4\ashSkPcc.exe
c:\program files\Alwil Software\Avast4\ashSkPck.exe
c:\program files\Alwil Software\Avast4\ashUpd.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\Alwil Software\Avast4\aswChLic.exe
c:\program files\Alwil Software\Avast4\aswRegSvr.exe
c:\program files\Alwil Software\Avast4\aswRunDll.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\AVASTSS.scr
c:\program files\Alwil Software\Avast4\Setup\INF\AMD64\aswMem64.exe
c:\program files\Alwil Software\Avast4\sched.exe
c:\program files\Alwil Software\Avast4\VisthAux.exe
c:\program files\Alwil Software\Avast4\VisthLic.exe
c:\program files\Alwil Software\Avast4\VisthUpd.exe
c:\program files\AMD\Athlon 64 Processor Driver\amdcon.exe
c:\program files\Aspell\bin\aspell.exe
c:\program files\Aspell\bin\word-list-compress.exe
c:\program files\Aspell\unins000.exe
c:\program files\Aspell\unins001.exe
c:\program files\AvRack\rtlrack.exe
c:\program files\BitTorrent\bittorrent.exe
c:\program files\BitTorrent\uninst.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Buka\The Entente\Antanta.exe
c:\program files\Buka\The Entente\ArcadeInstallENTENTE13f.EXE
c:\program files\Buka\The Entente\Setup.exe
c:\program files\BumpTop\BumpTop Settings.exe
c:\program files\BumpTop\BumpTop.exe
c:\program files\BumpTop\Installer\unins000.exe
c:\program files\BumpTop\PostExec.exe
c:\program files\BumpTop\TexHelper.exe
c:\program files\BumpTop\vcredist_x86.exe
c:\program files\BumpTop\x64\GetIconPositions.exe
c:\program files\Burn4Free Toolbar\v3.3.0.1\resources\Toolbar4Free.exe
c:\program files\Burn4Free\Burn4Free.exe
c:\program files\Burn4Free\uninstall.exe
c:\program files\CamStudio\Player.exe
c:\program files\CamStudio\Playplus.exe
c:\program files\CamStudio\Producer.exe
c:\program files\CamStudio\Recorder.exe
c:\program files\CamStudio\uninstall.exe
c:\program files\CesarFTP\CesarFTP.exe
c:\program files\CesarFTP\Server.exe
c:\program files\CesarFTP\unins000.exe
c:\program files\Clear FTP 2006\clearftp.exe
c:\program files\Clear FTP 2006\Messenger.exe
c:\program files\Clear FTP 2006\unins000.exe
c:\program files\Common Files\Adobe\Adobe Asset Services CS3\AssetServicesCS3.exe
c:\program files\Common Files\Adobe\Installers\c3c7fe8b09d497ab2b3fd91c9353390\Setup.exe
c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
c:\program files\Common Files\Adobe\Updater5\AdobeUpdaterInstallMgr.exe
c:\program files\Common Files\GTK\2.0\bin\gdk-pixbuf-query-loaders.exe
c:\program files\Common Files\GTK\2.0\bin\gspawn-win32-helper-console.exe
c:\program files\Common Files\GTK\2.0\bin\gspawn-win32-helper.exe
c:\program files\Common Files\GTK\2.0\bin\gtk-query-immodules-2.0.exe
c:\program files\Common Files\GTK\2.0\bin\gtkthemeselector.exe
c:\program files\Common Files\GTK\2.0\bin\pango-querymodules.exe
c:\program files\Common Files\GTK\2.0\uninst.exe
c:\program files\Common Files\InstallShield\Driver\10\Intel 32\IDriver.exe
c:\program files\Common Files\InstallShield\Driver\10\Intel 32\IDriver2.exe
c:\program files\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe
c:\program files\Common Files\InstallShield\Driver\9\Intel 32\IDriver2.exe
c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
c:\program files\Common Files\InstallShield\Professional\RunTime\09\00\Intel32\DotNetInstaller.exe
c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
c:\program files\Common Files\InstallShield\UpdateService\agent.exe
c:\program files\Common Files\InstallShield\UpdateService\ISDM.exe
c:\program files\Common Files\InstallShield\UpdateService\issch.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\program files\Common Files\Microsoft Shared\Artgalry\ARTGALRY.EXE
c:\program files\Common Files\Microsoft Shared\Artgalry\CAG.EXE
c:\program files\Common Files\Microsoft Shared\DW\DW20.EXE
c:\program files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE
c:\program files\Common Files\Microsoft Shared\Help 9\dexplore.exe
c:\program files\Common Files\Microsoft Shared\MSEnv\en\VSContentInstaller.exe
c:\program files\Common Files\Microsoft Shared\MSEnv\VSContentInstaller.exe
c:\program files\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe
c:\program files\Common Files\Microsoft Shared\MSInfo\OFFPROV.EXE
c:\program files\Common Files\System\ado\readme.eml
c:\program files\Common Files\System\Mapi\1029\NT\CNFNOT32.EXE
c:\program files\Common Files\System\Mapi\1029\NT\MAPISP32.EXE
c:\program files\Common Files\System\Mapi\1029\NT\NEWPROF.EXE
c:\program files\Common Files\System\Mapi\1029\NT\SCANPST.EXE
c:\program files\Common Files\System\Mapi\OUT40.EXE
c:\program files\Convert AVI to MP4\ConvertAVItoMP4.exe
c:\program files\Convert AVI to MP4\unins000.exe
c:\program files\Counter-Strike 2D\CounterStrike2D.exe
c:\program files\Counter-Strike 2D\cs2d_dedicated.exe
c:\program files\Counter-Strike 2D\Launcher.exe
c:\program files\Counter-Strike 2D\unins000.exe
c:\program files\CyberLink\PowerDVD\CLDMA.exe
c:\program files\CyberLink\PowerDVD\cltest.exe
c:\program files\CyberLink\PowerDVD\ddtester.exe
c:\program files\CyberLink\PowerDVD\dvdrgn.exe
c:\program files\CyberLink\PowerDVD\OLRSubmission\OLRStateCheck.exe
c:\program files\CyberLink\PowerDVD\OLRSubmission\OLRSubmission.exe
c:\program files\CyberLink\PowerDVD\PDVDServ.exe
c:\program files\CyberLink\PowerDVD\PowerDVD.exe
c:\program files\Darkest of Days\darkestofdays.exe
c:\program files\DivX\DivX Converter\DivX Converter.exe
c:\program files\DivX\DivX Player\DivX Player.exe
c:\program files\DivX\DivX Updater\DivXVersionChecker.exe
c:\program files\DivX\DivXBundleUninstall.exe
c:\program files\DivX\DivXConverterUninstall.exe
c:\program files\DivX\DivXDSFiltersUninstall.exe
c:\program files\DivX\DivXPlayerUninstall.exe
c:\program files\DivX\DivXWebPlayerUninstall.exe
c:\program files\DNA\btdna.exe
c:\program files\EA GAMES\Battlefield 2\BF2.exe
c:\program files\EA GAMES\Battlefield 2\BF2VoiceSetup.exe
c:\program files\EA GAMES\Battlefield 2\Redist\ArcadeInstallBATTLEFIELD2_20.EXE
c:\program files\EA GAMES\Battlefield 2\Support\Battlefield 2_code.exe
c:\program files\EA GAMES\Battlefield 2\Support\EasyInfo.exe
c:\program files\EA GAMES\Battlefield 2\Support\EReg.exe
c:\program files\EA GAMES\Battlefield Heroes\BFHeroes.exe
c:\program files\EA GAMES\Battlefield Heroes\pb\pbsvc.exe
c:\program files\EA GAMES\Battlefield Heroes\pb\pbsvc_heroes.exe
c:\program files\EA GAMES\Battlefield Heroes\Uninstaller.exe
c:\program files\EA Sports\FIFA 08\FIFA08.exe
c:\program files\EA Sports\FIFA 08\Support\FIFA 08_code.exe
c:\program files\EA Sports\FIFA 08\Support\FIFA 08_uninst.exe
c:\program files\Electronic Arts\Medal of Honor Airborne\Support\Medal of Honor Airborne_code.exe
c:\program files\Electronic Arts\Medal of Honor Airborne\Support\Medal of Honor Airborne_uninst.exe
c:\program files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\MOHA.exe
c:\program files\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\Binaries\moha_setup.exe
c:\program files\ESTsoft\ALZip\alupdate.exe
c:\program files\ESTsoft\ALZip\ALZip.exe
c:\program files\ESTsoft\ALZip\unins000.exe
c:\program files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe
c:\program files\Fighters\SLOW-PCfighter\Uninstall.exe
c:\program files\Fighters\SLOW-PCfighter\UpDates.exe
c:\program files\FileZilla FTP Client\filezilla.exe
c:\program files\FileZilla FTP Client\fzputtygen.exe
c:\program files\FileZilla FTP Client\fzsftp.exe
c:\program files\FileZilla FTP Client\uninstall.exe
c:\program files\GamePark\GameparkClient.exe
c:\program files\GamePark\GameparkUpdate.exe
c:\program files\GamePark\Setup_2018.exe
c:\program files\GamePark\unins000.exe
c:\program files\GCFScape\GCFScape.exe
c:\program files\GCFScape\unins000.exe
c:\program files\Hamachi\hamachi.exe
c:\program files\Hamachi\nicmgr.exe
c:\program files\Hamachi\uninstall.exe
c:\program files\HLSW\hlsw.exe
c:\program files\HLSW\unins000.exe
c:\program files\HYL\MountBlue\MountBlue.exe
c:\program files\HYL\MountBlue\unins000.exe
c:\program files\ICQ6.5\ICQ.exe
c:\program files\ICQ6.5\ICQLRun.exe
c:\program files\ICQ6.5\IcqUpdater.exe
c:\program files\InstallShield Installation Information\{13B792AA-C078-43A4-8A3A-8B12D629940D}\setup.exe
c:\program files\InstallShield Installation Information\{3D6293F2-53DA-45A1-B7F4-1843CA3B2658}\setup.exe
c:\program files\InstallShield Installation Information\{4F4BB48A-7F05-4CB8-B8F4-81581DC51090}\Setup.exe
c:\program files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe
c:\program files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe
c:\program files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe
c:\program files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe
c:\program files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\setup.exe
c:\program files\InstallShield Installation Information\{D80A6A73-E58A-4673-AFF5-F12D7110661F}\uninstall.exe
c:\program files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe
c:\program files\IrfanView\i_view32.exe
c:\program files\IrfanView\iv_uninstall.exe
c:\program files\IrfanView\Plugins\Slideshow.exe
c:\program files\Jabbim\jabbim.exe
c:\program files\Jabbim\Uninstall.exe
c:\program files\Jabbim\w9xpopen.exe
c:\program files\Jalbum\Jalbum.exe
c:\program files\Java\jre6\bin\java-rmi.exe
c:\program files\Java\jre6\bin\java.exe
c:\program files\Java\jre6\bin\javacpl.exe
c:\program files\Java\jre6\bin\javaw.exe
c:\program files\Java\jre6\bin\javaws.exe
c:\program files\Java\jre6\bin\jbroker.exe
c:\program files\Java\jre6\bin\jp2launcher.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Java\jre6\bin\jqsnotify.exe
c:\program files\Java\jre6\bin\jucheck.exe
c:\program files\Java\jre6\bin\jureg.exe
c:\program files\Java\jre6\bin\jusched.exe
c:\program files\Java\jre6\bin\keytool.exe
c:\program files\Java\jre6\bin\kinit.exe
c:\program files\Java\jre6\bin\klist.exe
c:\program files\Java\jre6\bin\ktab.exe
c:\program files\Java\jre6\bin\orbd.exe
c:\program files\Java\jre6\bin\pack200.exe
c:\program files\Java\jre6\bin\policytool.exe
c:\program files\Java\jre6\bin\rmid.exe
c:\program files\Java\jre6\bin\rmiregistry.exe
c:\program files\Java\jre6\bin\servertool.exe
c:\program files\Java\jre6\bin\ssvagent.exe
c:\program files\Java\jre6\bin\tnameserv.exe
c:\program files\Java\jre6\bin\unpack200.exe
c:\program files\JetVoice\JETVOICE.EXE
c:\program files\K-Lite Codec Pack\Filters\Haali\gdsmux.exe
c:\program files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
c:\program files\K-Lite Codec Pack\Real\mpclauncher.exe
c:\program files\K-Lite Codec Pack\Real\settings.exe
c:\program files\K-Lite Codec Pack\Real\Update_OB\upgrdhlp.exe
c:\program files\K-Lite Codec Pack\Tools\CodecTweakTool.exe
c:\program files\K-Lite Codec Pack\Tools\dsconfig.exe
c:\program files\K-Lite Codec Pack\Tools\graphstudio.exe
c:\program files\K-Lite Codec Pack\Tools\gspot\gspot.exe
c:\program files\K-Lite Codec Pack\Tools\mediainfo.exe
c:\program files\K-Lite Codec Pack\Tools\StatsReader.exe
c:\program files\K-Lite Codec Pack\Tools\VobSubStrip.exe
c:\program files\K-Lite Codec Pack\unins000.exe
c:\program files\kikin\KikinBroker.exe
c:\program files\kikin\uninst.exe
c:\program files\Malwarebytes' Anti-Malware\mbam.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\program files\Malwarebytes' Anti-Malware\unins000.exe
c:\program files\Mediaware Task Manager 3.5\TaskManager.exe
c:\program files\Messenger\msmsgs.exe
c:\program files\Microsoft Games for Windows - LIVE\Client\dotnetfx3setup.exe
c:\program files\Microsoft Games for Windows - LIVE\Client\GFWLClient.exe
c:\program files\Microsoft Games for Windows - LIVE\Client\GFWLive.exe
c:\program files\Microsoft Games for Windows - LIVE\Redist\DirectX\DXSETUP.exe
c:\program files\Microsoft Office\Office\1029\MSOHELP.EXE
c:\program files\Microsoft Office\Office\1029\PROJWIZ.EXE
c:\program files\Microsoft Office\Office\1029\WRKGADM.EXE
c:\program files\Microsoft Office\Office\EXCEL.EXE
c:\program files\Microsoft Office\Office\FINDER.EXE
c:\program files\Microsoft Office\Office\GRAPH9.EXE
c:\program files\Microsoft Office\Office\MSACCESS.EXE
c:\program files\Microsoft Office\Office\MSO7FTP.EXE
c:\program files\Microsoft Office\Office\MSO7FTPA.EXE
c:\program files\Microsoft Office\Office\MSO7FTPS.EXE
c:\program files\Microsoft Office\Office\MSOHTMED.EXE
c:\program files\Microsoft Office\Office\OSA9.EXE
c:\program files\Microsoft Office\Office\OUTLOOK.EXE
c:\program files\Microsoft Office\Office\POWERPNT.EXE
c:\program files\Microsoft Office\Office\WAVTOASF.EXE
c:\program files\Microsoft Office\Office\WINWORD.EXE
c:\program files\Microsoft Visual Studio 9.0\Common7\IDE\MakeZipExe.exe
c:\program files\Microsoft Visual Studio 9.0\Common7\IDE\mspdbsrv.exe
c:\program files\Microsoft Visual Studio 9.0\Common7\IDE\UserControlTestContainer.exe
c:\program files\Microsoft Visual Studio 9.0\Common7\IDE\vbexpress.exe
c:\program files\Microsoft Visual Studio 9.0\Common7\IDE\vshost.exe
c:\program files\Microsoft Visual Studio 9.0\Common7\IDE\vshost32.exe
c:\program files\Microsoft Visual Studio 9.0\Common7\Tools\guidgen.exe
c:\program files\Microsoft Visual Studio 9.0\Common7\Tools\uuidgen.exe
c:\program files\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition with SP1 - ENU\DeleteTemp.exe
c:\program files\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition with SP1 - ENU\setup.exe
c:\program files\Microsoft Visual Studio 9.0\VB\VBUpgrade\link.exe
c:\program files\Microsoft Visual Studio 9.0\VB\VBUpgrade\resToResX.exe
c:\program files\Microsoft Visual Studio 9.0\VB\VBUpgrade\vbu.exe
c:\program files\Microsoft Visual Studio 9.0\VB\VBUpgrade\VBUpgrade.Exe
c:\program files\Microsoft Windows 7 Upgrade Advisor\aeinventory.exe
c:\program files\Microsoft Windows 7 Upgrade Advisor\Compressor\Compressor.exe
c:\program files\Microsoft Windows 7 Upgrade Advisor\QueryAppBlock.exe
c:\program files\Microsoft Windows 7 Upgrade Advisor\WindowsUpgradeAdvisor.exe
c:\program files\Microsoft Windows 7 Upgrade Advisor\winsat.exe
c:\program files\Mozilla Firefox 3.6 Beta 1\crashreporter.exe
c:\program files\Mozilla Firefox 3.6 Beta 1\firefox.exe
c:\program files\Mozilla Firefox 3.6 Beta 1\uninstall\helper.exe
c:\program files\Mozilla Firefox 3.6 Beta 1\updater.exe
c:\program files\Mozilla Firefox\crashreporter.exe
c:\program files\Mozilla Firefox\firefox.exe
c:\program files\Mozilla Firefox\uninstall\helper.exe
c:\program files\Mozilla Firefox\updater.exe
c:\program files\Mozilla Thunderbird\extensions\talkback@mozilla.org\components\talkback.exe
c:\program files\Mozilla Thunderbird\thunderbird.exe
c:\program files\Mozilla Thunderbird\uninstall\helper.exe
c:\program files\Mozilla Thunderbird\updater.exe
c:\program files\Mozilla Thunderbird\xpicleanup.exe
c:\program files\Mumble\dbus-daemon.exe
c:\program files\Mumble\mumble-g15-helper.exe
c:\program files\Mumble\mumble.exe
c:\program files\Mumble\Uninstall.exe
c:\program files\Nation Red\NationRed.exe
c:\program files\Nation Red\support\OpenAL\oalinst.exe
c:\program files\NetMeeting\readme.eml
c:\program files\OggVorbis\unins000.exe
c:\program files\OpenAL\oalinst.exe
c:\program files\OpenOffice.org 3\Basis\program\gengal.exe
c:\program files\OpenOffice.org 3\Basis\program\msfontextract.exe
c:\program files\OpenOffice.org 3\Basis\program\nsplugin.exe
c:\program files\OpenOffice.org 3\Basis\program\odbcconfig.exe
c:\program files\OpenOffice.org 3\Basis\program\python-core-2.6.1\bin\python.exe
c:\program files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-6.0.exe
c:\program files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-7.1.exe
c:\program files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-8.0.exe
c:\program files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0-amd64.exe
c:\program files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0.exe
c:\program files\OpenOffice.org 3\Basis\program\senddoc.exe
c:\program files\OpenOffice.org 3\program\crashrep.exe
c:\program files\OpenOffice.org 3\program\python.exe
c:\program files\OpenOffice.org 3\program\quickstart.exe
c:\program files\OpenOffice.org 3\program\sbase.exe
c:\program files\OpenOffice.org 3\program\scalc.exe
c:\program files\OpenOffice.org 3\program\sdraw.exe
c:\program files\OpenOffice.org 3\program\simpress.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\sweb.exe
c:\program files\OpenOffice.org 3\program\swriter.exe
c:\program files\OpenOffice.org 3\program\unoinfo.exe
c:\program files\OpenOffice.org 3\program\unopkg.exe
c:\program files\OpenOffice.org 3\URE\bin\regcomp.exe
c:\program files\OpenOffice.org 3\URE\bin\regmerge.exe
c:\program files\OpenOffice.org 3\URE\bin\regview.exe
c:\program files\OpenOffice.org 3\URE\bin\uno.exe
c:\program files\Opera\opera.exe
c:\program files\PC Health Optimizer Free Edition\DiskCare.exe
c:\program files\PC Health Optimizer Free Edition\docmemopt.exe
c:\program files\PC Health Optimizer Free Edition\docunins.exe
c:\program files\PC Health Optimizer Free Edition\EmailBackup\EmailBackup.exe
c:\program files\PC Health Optimizer Free Edition\EmailBackup\OEAutoBackup.exe
c:\program files\PC Health Optimizer Free Edition\FileShredder.exe
c:\program files\PC Health Optimizer Free Edition\filessplitter.exe
c:\program files\PC Health Optimizer Free Edition\JunkCleaner.exe
c:\program files\PC Health Optimizer Free Edition\mainIntegrator.exe
c:\program files\PC Health Optimizer Free Edition\PCInfo.exe
c:\program files\PC Health Optimizer Free Edition\PrivacyCleaner.exe
c:\program files\PC Health Optimizer Free Edition\regclean.exe
c:\program files\PC Health Optimizer Free Edition\Rescue.exe
c:\program files\PC Health Optimizer Free Edition\SpywareCleaner\DoctorSpywareCleaner.exe
c:\program files\PC Health Optimizer Free Edition\SpywareCleaner\RealTimeMonitorSC.exe
c:\program files\PC Health Optimizer Free Edition\unins000.exe
c:\program files\Pidgin\pidgin-uninst.exe
c:\program files\Pidgin\pidgin.exe
c:\program files\Plants\Plants vs. Zombies\Uninstal.exe
c:\program files\PowerArchiver\_PASETUP.EXE
c:\program files\PowerArchiver\PABURNTOOLS.EXE
c:\program files\PowerArchiver\PASTARTER.EXE
c:\program files\PowerArchiver\POWERARC.EXE
c:\program files\Realtek AC97\CPLUtl64.exe
c:\program files\Realtek AC97\RTLCPL.exe
c:\program files\Realtek AC97\SoundMan.exe
c:\program files\Rockstar Games\GTA San Andreas\gta_sa.exe
c:\program files\Rockstar Games\GTA San Andreas\rcon.exe
c:\program files\Rockstar Games\GTA San Andreas\samp.exe
c:\program files\Rockstar Games\GTA San Andreas\samp_debug.exe
c:\program files\Rockstar Games\GTA San Andreas\SAMPUninstall.exe
c:\program files\scourtoolbar\uninstall.exe
c:\program files\Servant Salamander\SALAMAND.EXE
c:\program files\Seznam.cz\listicka-uninstall.exe
c:\program files\Seznam.cz\pomocnikListicky.exe
c:\program files\Seznam.cz\sznpkg.exe
c:\program files\Seznam\Postak\Postak.exe
c:\program files\Seznam\Postak\SMInstall.exe
c:\program files\Skype\Phone\Skype.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Skype\Toolbars\Shared\SkypeNames.exe
c:\program files\Spybot - Search & Destroy\TeaTimer.exe
c:\program files\SystemRequirementsLab\Uninstall.exe
c:\program files\Teamspeak2_RC2\client_sdk\tsControl.exe
c:\program files\Teamspeak2_RC2\unins000.exe
c:\program files\TeamViewer3\install.exe
c:\program files\TeamViewer3\install64.exe
c:\program files\TeamViewer3\SAS.exe
c:\program files\TeamViewer3\TeamViewer.exe
c:\program files\TeamViewer3\TeamViewer_Host.exe
c:\program files\TeamViewer3\uninstall.exe
c:\program files\The Game Creators\FPS Creator\CountPolygons.exe
c:\program files\The Game Creators\FPS Creator\FPSCreatorCleaner.exe
c:\program files\The Game Creators\FPS Creator\FPSCreatorDumpMem.exe
c:\program files\The Game Creators\FPS Creator\ModelConverter.exe
c:\program files\Tinypic\TinyPic.exe
c:\program files\Tinypic\unins000.exe
c:\program files\Trend Micro\HijackThis\HijackThis.exe
c:\program files\Trend Micro\HijackThis\jakub.exe
c:\program files\UltraISO\drivers\IsoCmd.exe
c:\program files\UltraISO\UltraISO.exe
c:\program files\UltraISO\unins000.exe
c:\program files\Valve\Garry's Mod\hl2.exe
c:\program files\Valve\Garry's Mod\srcds.exe
c:\program files\Valve\hl.exe
c:\program files\Valve\hlds.exe
c:\program files\Valve\HldsUpdateTool.exe
c:\program files\Valve\HLServer\HldsUpdateTool.exe
c:\program files\Valve\HLServer\UNWISE.EXE
c:\program files\Valve\hltv.exe
c:\program files\Valve\hlupdate.exe
c:\program files\Valve\mediabrowser\MediaBrowser.exe
c:\program files\Valve\platform\bin\vlocalize.exe
c:\program files\Valve\platform\Steam.exe
c:\program files\Valve\platform\Steam\cached\steambackup.exe
c:\program files\Valve\platform\steam_dev.exe
c:\program files\Valve\platform\SteamEngine.exe
c:\program files\Valve\platform\WriteMiniDump.exe
c:\program files\Valve\SierraUp.exe
c:\program files\Valve\unins000.exe
c:\program files\Valve\UNWISE.EXE
c:\program files\Valve\voice_tweak.exe
c:\program files\VentSrv\ventrilo_srv.exe
c:\program files\VentSrv\ventrilo_status.exe
c:\program files\VentSrv\ventrilo_svc.exe
c:\program files\VideoLAN\VLC\uninstall.exe
c:\program files\VideoLAN\VLC\vlc.exe
c:\program files\VLC\vlc-1.0.2-win32.exe
c:\program files\VUGames\SWAT 4\Content\System\CreateLocalizationPackage.exe
c:\program files\VUGames\SWAT 4\Content\System\IGEffectsConfigurator.exe
c:\program files\VUGames\SWAT 4\Content\System\ShaderPackager.exe
c:\program files\VUGames\SWAT 4\Content\System\Swat4.exe
c:\program files\VUGames\SWAT 4\Content\System\Swat4DedicatedServer.exe
c:\program files\VUGames\SWAT 4\Content\System\SwatEd.exe
c:\program files\VUGames\SWAT 4\Content\System\UCC.exe
c:\program files\VUGames\SWAT 4\ContentExpansion\System\Swat4X.exe
c:\program files\WinRAR\Rar.exe
c:\program files\WinRAR\RarExtLoader.exe
c:\program files\WinRAR\Uninstall.exe
c:\program files\WinRAR\UnRAR.exe
c:\program files\WinRAR\WinRAR.exe
c:\program files\WorldOfGoo\uninstall.exe
c:\program files\WorldOfGoo\WorldOfGoo.exe
c:\program files\www_twse_cz_client\TWSEClient.exe
c:\program files\www_twse_cz_client\TWSEUpdater.exe
c:\program files\www_twse_cz_client\Uninstall.exe
c:\program files\X-ray Anti-Cheat\uninstaller.exe
c:\program files\X-ray Anti-Cheat\XacUpdater.exe
c:\program files\X-ray Anti-Cheat\XrayAntiCheat.exe
c:\program files\YouTube Downloader\FFMPEG.EXE
c:\program files\YouTube Downloader\Uninstall.exe
c:\program files\YouTube Downloader\YouTubeDownloader.exe
c:\program files\zFTPServer Administration\Uninstall.exe
c:\program files\zFTPServer Administration\zFTPServerAdmin.exe
c:\program files\zFTPServer\Uninstall.exe
c:\program files\zFTPServer\zFTPServer.exe
c:\program files\Zlomek kalkulator 1.2\Uninstal.exe
c:\program files\Zlomek kalkulator 1.2\ZlomekKalkulator.exe
c:\soldat\Config.exe
c:\soldat\Soldat.exe
c:\soldat\SoldatAdmin.exe
c:\soldat\soldatserver.exe
c:\soldat\start.exe
c:\soldat\unins001.exe
c:\steam\steamapps\common\peggle deluxe\Peggle.exe
c:\steam\steamapps\kociik0203\age of chivalry\hl2.exe
c:\steam\steamapps\kociik0203\dedicated server\hlds.exe
c:\steam\steamapps\kociik0203\dedicated server\hltv.exe
c:\steam\steamapps\kociik0203\insurgency\hl2.exe
c:\totalcmd\TCMADMIN.EXE
c:\totalcmd\TCUNINST.EXE
c:\totalcmd\TOTALCMD.EXE
c:\ubuntu\uninstall-wubi.exe
c:\windows\system32\ieuinit.inf
c:\windows\system32\runouce.exe
c:\windows\system32\SIntf16.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-18 do 2009-12-18 )))))))))))))))))))))))))))))))
.

2009-12-18 19:28 . 2009-12-18 19:28 53248 ----a-w- c:\temp\catchme.dll
2009-12-18 18:54 . 2009-12-18 18:57 -------- d-----w- C:\KittyFix2
2009-12-16 14:02 . 2009-12-16 14:02 -------- d-----w- c:\temp\_avast4_
2009-12-15 18:50 . 2009-12-18 18:47 -------- d-----w- c:\temp\hsperfdata_jakub
2009-12-15 18:48 . 2009-12-18 19:25 -------- d-----w- c:\program files\www_twse_cz_client
2009-12-15 13:17 . 2009-12-18 15:10 -------- d-----w- c:\temp\_av_proI.tm~a01480
2009-12-14 17:30 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-14 17:30 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-14 17:30 . 2009-12-18 19:21 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-14 16:35 . 2009-09-15 11:54 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-12-14 16:35 . 2009-09-15 11:54 52368 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-12-14 16:35 . 2009-09-15 11:53 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-12-14 16:35 . 2009-09-15 11:53 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-12-14 16:35 . 2009-09-15 11:56 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-12-14 16:35 . 2009-09-15 11:56 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-12-14 16:35 . 2009-09-15 11:55 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-12-14 16:35 . 2009-09-15 11:55 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-12-14 16:35 . 2009-09-15 11:59 1279968 ----a-w- c:\windows\system32\aswBoot.exe
2009-12-14 16:35 . 2003-03-18 21:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-12-14 16:35 . 2009-12-14 16:35 -------- d-----w- c:\program files\Alwil Software
2009-12-14 15:37 . 2009-12-14 15:37 -------- d-----w- C:\rsit
2009-12-14 15:23 . 2009-12-14 15:23 -------- d-----w- C:\found.000
2009-12-13 17:24 . 2009-12-18 15:10 -------- d-s---w- c:\temp\Cookies
2009-12-13 17:24 . 2009-12-13 17:24 -------- d-s---w- c:\temp\History
2009-12-13 17:24 . 2009-12-13 17:24 -------- d-s---w- c:\temp\Temporary Internet Files
2009-12-11 20:57 . 2003-05-30 08:00 1962496 -c--a-w- c:\windows\system32\dllcache\quartz.dll
2009-12-11 20:26 . 2009-12-11 20:26 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2009-12-11 20:20 . 2009-12-11 20:20 -------- d-----w- c:\program files\VUGames
2009-12-07 17:45 . 2009-12-07 17:45 -------- d-----w- c:\program files\Trend Micro
2009-12-02 15:01 . 2009-12-18 19:26 -------- d-----w- C:\ubuntu
2009-11-30 17:11 . 2009-12-01 13:34 -------- d-----w- C:\Nexon
2009-11-30 17:07 . 2009-11-30 17:07 421888 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2009-11-29 19:55 . 2009-12-18 19:20 -------- d-----w- c:\program files\GamePark
2009-11-22 17:49 . 2009-12-18 19:20 -------- d-----w- c:\program files\FileZilla FTP Client
2009-11-21 17:24 . 2009-12-16 16:05 -------- d-----w- c:\windows\Atlas CR 10R
2009-11-21 17:24 . 2004-05-12 07:49 1089536 ----a-w- c:\windows\system32\ROBOEX32.DLL
2009-11-21 17:24 . 2004-05-12 07:48 49152 ----a-w- c:\windows\system32\INETWH32.dll
2009-11-21 17:24 . 2009-12-18 15:13 -------- d-----w- C:\Garmin
2009-11-21 17:22 . 2009-12-18 15:10 -------- d-----w- c:\temp\_ir_sf7_temp_0
2009-11-19 16:19 . 2009-12-18 19:25 -------- d-----w- c:\program files\zFTPServer Administration
2009-11-19 16:19 . 2009-12-18 19:25 -------- d-----w- c:\program files\zFTPServer

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-18 19:26 . 2009-10-20 16:55 -------- d-----w- c:\program files\Zlomek kalkulator 1.2
2009-12-18 19:25 . 2009-10-12 13:49 -------- d-----w- c:\program files\YouTube Downloader
2009-12-18 19:25 . 2009-09-13 17:44 -------- d-----w- c:\program files\X-ray Anti-Cheat
2009-12-18 19:25 . 2009-10-24 19:37 -------- d-----w- c:\program files\WorldOfGoo
2009-12-18 19:25 . 2009-10-04 14:35 -------- d-----w- c:\program files\VLC
2009-12-18 19:25 . 2009-11-16 18:01 -------- d-----w- c:\program files\VentSrv
2009-12-18 19:25 . 2009-05-15 16:44 -------- d-----w- c:\program files\Valve
2009-12-18 19:25 . 2009-06-26 09:54 -------- d-----w- c:\program files\UltraISO
2009-12-18 19:24 . 2009-08-10 18:43 -------- d-----w- c:\program files\Tinypic
2009-12-18 19:24 . 2009-05-21 16:57 -------- d-----w- c:\program files\TeamViewer3
2009-12-18 19:24 . 2009-05-21 13:40 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-12-18 19:24 . 2009-06-25 15:43 -------- d-----w- c:\program files\SystemRequirementsLab
2009-12-18 19:24 . 2009-05-14 16:23 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-18 19:24 . 2009-11-04 14:04 -------- d-----w- c:\program files\Seznam.cz
2009-12-18 19:24 . 2009-08-04 11:25 -------- d-----w- c:\program files\scourtoolbar
2009-12-18 19:24 . 2009-05-14 15:29 -------- d-----w- c:\program files\Servant Salamander
2009-12-18 19:24 . 2009-05-14 15:25 -------- d-----w- c:\program files\Realtek AC97
2009-12-18 19:23 . 2009-06-26 10:04 -------- d-----w- c:\program files\PowerArchiver
2009-12-18 19:23 . 2009-09-20 19:02 -------- d-----w- c:\program files\Pidgin
2009-12-18 19:23 . 2009-08-17 13:15 -------- d-----w- c:\program files\PC Health Optimizer Free Edition
2009-12-18 19:23 . 2009-10-04 16:04 -------- d-----w- c:\program files\Opera
2009-12-18 19:22 . 2009-05-28 19:06 -------- d-----w- c:\program files\OpenAL
2009-12-18 19:22 . 2009-10-03 08:14 -------- d-----w- c:\program files\OggVorbis
2009-12-18 19:22 . 2009-08-07 20:35 -------- d-----w- c:\program files\Nation Red
2009-12-18 19:22 . 2009-05-27 17:19 -------- d-----w- c:\program files\Mumble
2009-12-18 19:22 . 2009-08-02 18:53 -------- d-----w- c:\program files\Mozilla Thunderbird
2009-12-18 19:22 . 2009-11-03 19:13 -------- d-----w- c:\program files\Mozilla Firefox 3.6 Beta 1
2009-12-18 19:22 . 2009-10-20 15:31 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2009-12-18 19:21 . 2009-09-17 12:56 -------- d-----w- c:\program files\Mediaware Task Manager 3.5
2009-12-18 19:21 . 2009-06-20 20:45 -------- d-----w- c:\program files\kikin
2009-12-18 19:21 . 2009-10-05 16:31 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-12-18 19:21 . 2009-10-11 18:37 -------- d-----w- c:\program files\JetVoice
2009-12-18 19:21 . 2009-05-29 19:23 -------- d-----w- c:\program files\Jalbum
2009-12-18 19:21 . 2009-08-17 16:00 -------- d-----w- c:\program files\Jabbim
2009-12-18 19:21 . 2009-05-16 08:43 -------- d-----w- c:\program files\IrfanView
2009-12-18 19:21 . 2009-05-21 12:41 -------- d-----w- c:\program files\ICQ6.5
2009-12-18 19:21 . 2009-06-17 13:06 -------- d-s---w- c:\program files\HLSW
2009-12-18 19:20 . 2009-05-21 16:52 -------- d-----w- c:\program files\Hamachi
2009-12-18 19:20 . 2009-06-23 17:07 -------- d-----w- c:\program files\GCFScape
2009-12-18 19:19 . 2009-11-17 17:57 -------- d-----w- c:\program files\DNA
2009-12-18 19:19 . 2009-07-22 16:48 -------- d-----w- c:\program files\DivX
2009-12-18 19:19 . 2009-09-13 16:25 -------- d-----w- c:\program files\Darkest of Days
2009-12-18 19:19 . 2009-06-20 20:45 -------- d-----w- c:\program files\Counter-Strike 2D
2009-12-18 19:19 . 2009-10-14 14:44 -------- d-----w- c:\program files\Convert AVI to MP4
2009-12-18 19:18 . 2009-09-28 11:27 -------- d-----w- c:\program files\Clear FTP 2006
2009-12-18 19:18 . 2009-11-17 16:13 -------- d-----w- c:\program files\CesarFTP
2009-12-18 19:18 . 2009-06-26 12:25 -------- d-----w- c:\program files\CamStudio
2009-12-18 19:18 . 2009-06-07 16:24 -------- d-----w- c:\program files\Burn4Free
2009-12-18 19:18 . 2009-10-14 17:31 -------- d-----w- c:\program files\BumpTop
2009-12-18 19:18 . 2009-09-24 17:04 -------- d-----w- c:\program files\BitTorrent
2009-12-18 19:18 . 2009-08-06 09:33 -------- d-----w- c:\program files\Bonjour
2009-12-18 19:18 . 2009-05-14 15:25 -------- d-----w- c:\program files\AvRack
2009-12-18 19:18 . 2009-09-20 19:03 -------- d-----w- c:\program files\Aspell
2009-12-18 19:18 . 2009-10-10 14:39 -------- d-----w- c:\program files\AltoMP3 Gold
2009-12-14 15:17 . 2009-05-14 17:19 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat
2009-12-11 20:58 . 2009-12-11 20:58 -------- d-----w- c:\program files\EA Sports
2009-12-11 20:26 . 2009-05-14 15:24 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-10 16:43 . 2009-10-19 12:31 -------- d-----w- c:\program files\OpenOffice.org 3
2009-12-02 18:21 . 2009-10-22 18:56 16 ----a-w- c:\windows\popcinfot.dat
2009-12-01 09:48 . 2009-05-17 08:07 138504 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-01 09:47 . 2009-05-17 07:28 214488 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-11-28 14:19 . 2009-05-17 07:23 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-11-28 14:19 . 2009-05-17 08:03 2373712 ----a-w- c:\windows\system32\pbsvc.exe
2009-11-19 16:26 . 2009-11-17 17:56 -------- d-----w- c:\program files\GamersFirst
2009-11-16 18:01 . 2009-05-28 19:06 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-11-15 19:36 . 2009-11-15 19:36 0 ----a-r- C:\logwmemory.bin
2009-11-04 15:00 . 2009-11-04 15:00 2395944 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2009-11-02 18:52 . 2009-05-15 11:39 -------- d-----w- c:\program files\EA GAMES
2009-10-27 21:24 . 2001-10-25 16:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2009-10-27 21:24 . 2001-10-25 16:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2009-10-22 19:28 . 2009-10-22 19:26 -------- d-----r- c:\program files\Skype
2009-10-22 19:26 . 2009-10-22 19:26 -------- d-----w- c:\program files\Common Files\Skype
2009-10-03 08:38 . 2009-10-03 08:38 5430 ----a-w- c:\windows\unins000.dat
2009-05-13 21:55 . 2009-05-13 21:55 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-13 21:55 . 2009-05-13 21:55 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9A9E-3AF287E2699B}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E601996F-E400-41CA-804B-CD6373A7EEE2}]
2009-05-21 13:34 429808 ----a-w- c:\program files\kikin\ie_kikin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^jakub^Nabídka Start^Programy^Po spuštění^hamachi.lnk]
backupExtension=.Startup
backup=c:\windows\pss\hamachi.lnk.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-08-16 16:46 139756 ----a-w- c:\documents and settings\jakub\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\steam\\Steam.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=

S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5.6.2009 10:55 721904]
S3 ESLvnic1;ESLvnic Virtual Network 32 Bit;c:\windows\system32\drivers\ESLvnic.sys [23.9.2009 15:29 23512]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\program files\Seznam.cz\listicka.dll
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\program files\kikin\ie_kikin.dll
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/update ... 0.27.0.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
HKLM-Run-avast! - c:\progra~1\ALWILS~1\Avast4\ashDisp.exe
MSConfigStartUp-Mediaware Task Manager 3 - c:\program files\Mediaware Task Manager 3.5\TaskManager.exe
MSConfigStartUp-RemoteControl - c:\program files\CyberLink\PowerDVD\PDVDServ.exe
MSConfigStartUp-SMail - c:\program files\Seznam\Postak\Postak.exe
AddRemove-Adobe_c3c7fe8b09d497ab2b3fd91c9353390 - c:\program files\Common Files\Adobe\Installers\c3c7fe8b09d497ab2b3fd91c9353390\Setup.exe
AddRemove-AltoMP3 Gold - c:\program files\AltoMP3 Gold\uninst.exe
AddRemove-ALZip_is1 - c:\program files\ESTsoft\ALZip\unins000.exe
AddRemove-Aspell Czech Dictionary_is1 - c:\program files\Aspell\unins001.exe
AddRemove-avast! - c:\program files\Alwil Software\Avast4\aswRunDll.exe
AddRemove-Burn4Free - c:\program files\Burn4Free\uninstall.exe
AddRemove-CamStudio - c:\program files\CamStudio\uninstall.exe
AddRemove-CesarFTP 0.99g_is1 - c:\program files\CesarFTP\unins000.exe
AddRemove-Clear FTP 2006_is1 - c:\program files\Clear FTP 2006\unins000.exe
AddRemove-DivX Plus DirectShow Filters - c:\program files\DivX\DivXDSFiltersUninstall.exe
AddRemove-GameParkClient_is1 - c:\program files\GamePark\unins000.exe
AddRemove-GCFScape_is1 - c:\program files\GCFScape\unins000.exe
AddRemove-GNU Aspell_is1 - c:\program files\Aspell\unins000.exe
AddRemove-GTK 2.0 - c:\program files\Common Files\GTK\2.0\uninst.exe
AddRemove-Half-Life Dedicated Server Update Tool - c:\progra~1\Valve\UNWISE.EXE
AddRemove-Hamachi - c:\program files\Hamachi\uninstall.exe
AddRemove-HijackThis - c:\program files\Trend Micro\HijackThis\HijackThis.exe
AddRemove-HLSW_is1 - c:\program files\HLSW\unins000.exe
AddRemove-InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8} - c:\progra~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe
AddRemove-InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374} - c:\progra~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe
AddRemove-IrfanView - c:\program files\IrfanView\iv_uninstall.exe
AddRemove-kikin plugin (CounterStrike2D Edition) - c:\program files\kikin\uninst.exe
AddRemove-KLiteCodecPack_is1 - c:\program files\K-Lite Codec Pack\unins000.exe
AddRemove-Malwarebytes' Anti-Malware_is1 - c:\program files\Malwarebytes' Anti-Malware\unins000.exe
AddRemove-Microsoft Visual Basic 2008 Express Edition with SP1 - ENU - c:\program files\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition with SP1 - ENU\setup.exe
AddRemove-Mozilla Firefox (3.0.12) - c:\program files\Mozilla Firefox\uninstall\helper.exe
AddRemove-Mozilla Firefox (3.6b1) - c:\program files\Mozilla Firefox 3.6 Beta 1\uninstall\helper.exe
AddRemove-Mozilla Thunderbird (2.0.0.22) - c:\program files\Mozilla Thunderbird\uninstall\helper.exe
AddRemove-Mumble - c:\program files\Mumble\Uninstall.exe
AddRemove-Nero - Burning Rom!UninstallKey - c:\program files\Ahead\nero\uninstall\UNNERO.exe
AddRemove-Ogg Vorbis Redistributable V 1.0b (vorbis1_0_pub~343AD259_is1 - c:\program files\OggVorbis\unins000.exe
AddRemove-OpenAL - c:\program files\OpenAL\oalinst.exe
AddRemove-PC Health Optimizer Free Edition_is1 - c:\program files\PC Health Optimizer Free Edition\unins000.exe
AddRemove-Pidgin - c:\program files\Pidgin\pidgin-uninst.exe
AddRemove-scourtoolbar - c:\program files\scourtoolbar\uninstall.exe
AddRemove-SLOW-PCfighter - c:\program files\Fighters\SLOW-PCfighter\Uninstall.exe
AddRemove-SMail - c:\program files\Seznam\Postak\SMInstall.exe
AddRemove-Soldat Beta_is1 - c:\soldat\unins001.exe
AddRemove-SystemRequirementsLab - c:\program files\SystemRequirementsLab\Uninstall.exe
AddRemove-szn-software-listicka - c:\program files\Seznam.cz\listicka-uninstall.exe
AddRemove-Teamspeak 2 RC2_is1 - c:\program files\Teamspeak2_RC2\unins000.exe
AddRemove-TeamViewer 3 - c:\program files\TeamViewer3\uninstall.exe
AddRemove-Totalcmd - c:\totalcmd\tcuninst.exe
AddRemove-twse.cz gameclient - c:\program files\www_twse_cz_client\Uninstall.exe
AddRemove-UltraISO_is1 - c:\program files\UltraISO\unins000.exe
AddRemove-VLC media player - c:\program files\VideoLAN\VLC\uninstall.exe
AddRemove-WinRAR archiver - c:\program files\WinRAR\uninstall.exe
AddRemove-Wubi - c:\ubuntu\uninstall-wubi.exe
AddRemove-X-ray Anti-Cheat - c:\program files\X-ray Anti-Cheat\uninstaller.exe
AddRemove-Zlomek kalkulator 1.2 - c:\program files\Zlomek kalkulator 1.2\Uninstal.exe
AddRemove-{0217f2cc-bb5c-4cea-8a90-47ab8b7b8c7f}_is1 - c:\program files\HYL\MountBlue\unins000.exe
AddRemove-{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} - c:\program files\YouTube Downloader\uninstall.exe
AddRemove-{3D6293F2-53DA-45A1-B7F4-1843CA3B2658} - c:\program files\InstallShield Installation Information\{3D6293F2-53DA-45A1-B7F4-1843CA3B2658}\setup.exe
AddRemove-{5194F1F9-2C98-4481-B9AA-A2078B56AF4E} - c:\program files\Buka\The Entente\Setup.exe
AddRemove-{60DE4033-9503-48D1-A483-7846BD217CA9} - c:\program files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe
AddRemove-{6889EE56-1816-4E89-94DF-9F56E7804039}_is1 - c:\program files\Valve\unins000.exe
AddRemove-{71702641-2849-45A4-8E62-4B85974B24A0}_is1 - c:\program files\BumpTop\Installer\unins000.exe
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - c:\program files\DivX\DivXConverterUninstall.exe
AddRemove-{849F6C2A-3F9C-4731-B659-8C606B706CF0}_is1 - c:\program files\Counter-Strike 2D\unins000.exe
AddRemove-{8ADFC4160D694100B5B8A22DE9DCABD9} - c:\program files\DivX\DivXPlayerUninstall.exe
AddRemove-{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4} - c:\program files\EA Games\Battlefield Heroes\uninstaller.exe
AddRemove-{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1 - c:\program files\Convert AVI to MP4\unins000.exe
AddRemove-{B13A7C41581B411290FBC0395694E2A9} - c:\program files\DivX\DivXConverterUninstall.exe
AddRemove-{B7050CBDB2504B34BC2A9CA0A692CC29} - c:\program files\DivX\DivXWebPlayerUninstall.exe
AddRemove-{C13E90B0-4E1C-11DB-6784-0152EAA218BE} - c:\program files\Activision\Call of Duty 2\Uninst_Call of Duty(R) 2 Patch 1.3.exe
AddRemove-{E3723A04-A894-4036-A78E-282E18F43C0A}_is1 - c:\program files\Tinypic\unins000.exe
AddRemove-BitTorrent - c:\program files\BitTorrent\uninst.exe
AddRemove-FileZilla Client - c:\program files\FileZilla FTP Client\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-18 20:28
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\.xaml\bootstrap]
@DACL=(02 0000)
@="bootstrap.xaml.1"

[HKEY_LOCAL_MACHINE\software\Classes\.xbap\bootstrap]
@DACL=(02 0000)
@="bootstrap.xbap.1"

[HKEY_LOCAL_MACHINE\software\Classes\.xps\bootstrap]
@DACL=(02 0000)
@="bootstrap.xps.1"
.
Celkový čas: 2009-12-18 20:34:13
ComboFix-quarantined-files.txt 2009-12-18 19:34

Před spuštěním: Volných bajtů: 14 995 628 032
Po spuštění: Volných bajtů: 16 488 972 288

- - End Of File - - DDACB09978604DC862D6FA1AC62F485C

tak s tím jsem se ještě nesetkala, že by takhle hromadně mazal věci které jsou ok. Je to sice beta verze, ale nikdo tu s tím neměl problémy .
Zkuste otestovat pár těch souborů uložených v karanténě combofixu na www.virustotal.com, jsou ve složce C:\Qoobox

Dejte soubor otestovat na http://www.virustotal.com
Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
Sem vložte link s výsledky.

Soubory se dají bud vytáhnout ručně z karantény, ale to by jste měl moc práce, nebo opět přes combofix

Dal jsem na test pár souborů, které jsou podle mě absolutně neškodné a výsledky vyšly negativně:

http://www.virustotal.com/cs/analisis/b ... 1261172393

http://www.virustotal.com/cs/analisis/5 ... 1261172690

http://www.virustotal.com/cs/analisis/2 ... 1261172875

Pokud ty adresy nepůjdou tak sem hodím pouze fotky.

Myslel jste spíš pozitivně, ne?
Tohle je jasný vir 39/41 .

Ještě zkuste u nějakého souboru smazat koncovku vir - tedy přejmenovat ho a otestovat znovu.


Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

Jak to tu vypadá?

Omlouvám se za delší neaktivitu, ale zjistil jsem, že na ten test potřebuju více jak 3 hodiny, takže až budu mít víc času tak sem ten log dám.

Dobře, můžete mezitím ještě otestovat nějaký soubor z té karantény combofixu?

Při odstranění koncovky .vir a poslání na VirusTotal.com mi to vypsalo jako u minulých souborů 39/41.

To vypadá na nějaký souborový infektor, něco jako virut, který napadá exe soubory. Jen jsem se nikdy nesetkala s tím, že by to combofix mazal.
http://translate.google.cz/translate?hl ... 26hs%3Dgn6

http://translate.google.cz/translate?hl ... 26hs%3Dgn6

Provedte ten sken Avptoolem

Autoscan: stopped 16 minutes ago (events: 3, objects: 4, time: 00:00:56)
Disinfect active threats: completed 6 minutes ago (events: 72, objects: 1628, time: 00:09:54)
4.1.2010 19:58:42 Task started
4.1.2010 19:58:43 Detected: Trojan.Win32.FraudPack.afba C:\WINDOWS\system32\sshnas.dll
4.1.2010 19:59:10 Will be deleted on system restart: Trojan.Win32.FraudPack.afba C:\WINDOWS\system32\sshnas.dll
4.1.2010 19:59:11 Detected: Trojan.Win32.Patched.gq C:\WINDOWS\system32\USER32.dll
4.1.2010 19:59:11 Detected: Trojan.Win32.Patched.gq C:\WINDOWS\system32\USER32.dll
4.1.2010 19:59:11 Disinfected: Trojan.Win32.Patched.gq C:\WINDOWS\system32\USER32.dll
4.1.2010 19:59:11 Will be disinfected on system restart: Trojan.Win32.Patched.gq C:\WINDOWS\system32\USER32.dll
4.1.2010 19:59:11 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\winlogon.exe
4.1.2010 19:59:13 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\winlogon.exe
4.1.2010 19:59:13 Disinfected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\winlogon.exe
4.1.2010 19:59:13 Will be disinfected on system restart: Trojan.Win32.Patched.aa C:\WINDOWS\system32\winlogon.exe
4.1.2010 19:59:17 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\services.exe
4.1.2010 19:59:18 Detected: Backdoor.Win32.Agent.ajfg C:\WINDOWS\system32\nvrtm.dll
4.1.2010 19:59:18 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\services.exe
4.1.2010 19:59:18 Disinfected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\services.exe
4.1.2010 19:59:18 Will be disinfected on system restart: Trojan.Win32.Patched.aa C:\WINDOWS\system32\services.exe
4.1.2010 19:59:19 Will be deleted on system restart: Backdoor.Win32.Agent.ajfg C:\WINDOWS\system32\nvrtm.dll
4.1.2010 19:59:19 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\lsass.exe
4.1.2010 19:59:20 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\lsass.exe
4.1.2010 19:59:20 Disinfected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\lsass.exe
4.1.2010 19:59:20 Will be disinfected on system restart: Trojan.Win32.Patched.aa C:\WINDOWS\system32\lsass.exe
4.1.2010 19:59:21 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\svchost.exe
4.1.2010 19:59:21 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\svchost.exe
4.1.2010 19:59:21 Disinfected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\svchost.exe
4.1.2010 19:59:21 Will be disinfected on system restart: Trojan.Win32.Patched.aa C:\WINDOWS\system32\svchost.exe
4.1.2010 19:59:22 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\svchost.exe
4.1.2010 19:59:22 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\svchost.exe
4.1.2010 19:59:22 Disinfected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\svchost.exe
4.1.2010 19:59:22 Will be disinfected on system restart: Trojan.Win32.Patched.aa C:\WINDOWS\system32\svchost.exe
4.1.2010 19:59:25 Detected: Trojan.Win32.FraudPack.afba C:\WINDOWS\system32\sshnas.dll
4.1.2010 19:59:52 Will be deleted on system restart: Trojan.Win32.FraudPack.afba C:\WINDOWS\system32\sshnas.dll
4.1.2010 19:59:54 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\spoolsv.exe
4.1.2010 19:59:54 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\spoolsv.exe
4.1.2010 19:59:54 Disinfected: Trojan.Win32.Patched.aa C:\WINDOWS\system32\spoolsv.exe
4.1.2010 19:59:54 Will be disinfected on system restart: Trojan.Win32.Patched.aa C:\WINDOWS\system32\spoolsv.exe
4.1.2010 19:59:57 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\Explorer.EXE
4.1.2010 19:59:59 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\Explorer.EXE
4.1.2010 19:59:59 Disinfected: Trojan.Win32.Patched.aa C:\WINDOWS\Explorer.EXE
4.1.2010 20:00:00 Will be disinfected on system restart: Trojan.Win32.Patched.aa C:\WINDOWS\Explorer.EXE
4.1.2010 20:00:01 Detected: Packed.Win32.Krap.ag C:\WINDOWS\msa.exe
4.1.2010 20:00:01 Detected: Trojan.Win32.Patched.gq C:\WINDOWS\system32\USER32.dll
4.1.2010 20:00:01 Detected: Trojan.Win32.Patched.gq C:\WINDOWS\system32\USER32.dll
4.1.2010 20:00:01 Disinfected: Trojan.Win32.Patched.gq C:\WINDOWS\system32\USER32.dll
4.1.2010 20:00:02 Will be disinfected on system restart: Trojan.Win32.Patched.gq C:\WINDOWS\system32\USER32.dll
4.1.2010 20:00:37 Will be deleted on system restart: Packed.Win32.Krap.ag C:\WINDOWS\msa.exe
4.1.2010 20:00:37 Detected: Email-Worm.Win32.Runouce.b C:\WINDOWS\system32\runouce.exe
4.1.2010 20:00:37 Detected: Trojan.Win32.Patched.gq C:\WINDOWS\system32\USER32.dll
4.1.2010 20:00:38 Disinfection on system restart failed: Email-Worm.Win32.Runouce.b C:\WINDOWS\system32\runouce.exe
4.1.2010 20:00:38 Detected: Trojan.Win32.Patched.gq C:\WINDOWS\system32\USER32.dll
4.1.2010 20:00:38 Disinfected: Trojan.Win32.Patched.gq C:\WINDOWS\system32\USER32.dll
4.1.2010 20:00:38 Will be disinfected on system restart: Trojan.Win32.Patched.gq C:\WINDOWS\system32\USER32.dll
4.1.2010 20:01:06 Will be deleted on system restart: Email-Worm.Win32.Runouce.b C:\WINDOWS\system32\runouce.exe
4.1.2010 20:01:07 Detected: Trojan.Win32.Cosmu.jax C:\WINDOWS\system32\bkwlfn.exe
4.1.2010 20:01:35 Will be deleted on system restart: Trojan.Win32.Cosmu.jax C:\WINDOWS\system32\bkwlfn.exe
4.1.2010 20:01:35 Detected: Email-Worm.Win32.Runouce.b C:\Documents and Settings\koci\Plocha\New Folder\opera.exe
4.1.2010 20:01:36 Disinfection on system restart failed: Email-Worm.Win32.Runouce.b C:\Documents and Settings\koci\Plocha\New Folder\opera.exe
4.1.2010 20:01:37 Will be deleted on system restart: Email-Worm.Win32.Runouce.b C:\Documents and Settings\koci\Plocha\New Folder\opera.exe
4.1.2010 20:02:01 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\Explorer.EXE
4.1.2010 20:02:01 Detected: Trojan.Win32.Patched.aa C:\WINDOWS\Explorer.EXE
4.1.2010 20:02:01 Disinfected: Trojan.Win32.Patched.aa C:\WINDOWS\Explorer.EXE
4.1.2010 20:02:01 Will be disinfected on system restart: Trojan.Win32.Patched.aa C:\WINDOWS\Explorer.EXE
4.1.2010 20:02:09 Detected: Email-Worm.Win32.Runouce.b C:\Program Files\Game_Maker7\Game_Maker.exe
4.1.2010 20:02:15 Disinfected: Email-Worm.Win32.Runouce.b C:\Program Files\Game_Maker7\Game_Maker.exe
4.1.2010 20:02:17 Disinfected: Email-Worm.Win32.Runouce.b C:\Program Files\Game_Maker7\Game_Maker.exe
4.1.2010 20:02:45 Detected: Email-Worm.Win32.Runouce.b C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
4.1.2010 20:02:46 Disinfected: Email-Worm.Win32.Runouce.b C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
4.1.2010 20:02:46 Disinfected: Email-Worm.Win32.Runouce.b C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
4.1.2010 20:02:56 Detected: Email-Worm.Win32.Runouce.b C:\Documents and Settings\LocalService\aproif.exe
4.1.2010 20:02:57 Disinfected: Email-Worm.Win32.Runouce.b C:\Documents and Settings\LocalService\aproif.exe
4.1.2010 20:02:58 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\LocalService\aproif.exe
4.1.2010 20:08:29 Cannot be quarantined: HEUR:Trojan.Win32.Generic C:\Documents and Settings\LocalService\aproif.exe
4.1.2010 20:08:36 Task completed

Jste měl infikovanou hromadu syst.souborů.
Jak to ted vypadá s počítačem?

otestujte na www.virustotal.com
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\USER32.dll
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE

Když to odešlu přes jejich klienta tak to napíše, že to nemůže přečíst z toho souboru, při variantě přes web mi to hodí 404. Systém naběhl normálně, ale myslím, že žádné změny k lepšímu nejsou.

Když jsem teď spustil i kontrolu C: tak to hlásí, že jsou infikované třeba i uninstaler.exe u nějakých aplikací jako "Email worm".

Zjistil jsem, že když u nějakého programu to píše tu chybu co je v předmětu, tak po reinstalaci zase jde třeba jeden den a potom to zas píše.