log z comboxix, aviru stale nespustilo
ComboFix 11-08-11.02 - Marco 11.08.2011 23:55:16.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1789.1079 [GMT 2:00]
Spuštěný z: c:\documents and settings\Marco\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Marco\Plocha\CFScript.txt
AV: AntiVir Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
FILE ::
"c:\windows\system32\REN34.tmp"
"c:\windows\system32\REN35.tmp"
"c:\windows\system32\REN36.tmp"
.
file zipped: c:\program files\umad.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\umad.exe
c:\windows\system32\REN34.tmp
c:\windows\system32\REN35.tmp
c:\windows\system32\REN36.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-11 do 2011-08-11 )))))))))))))))))))))))))))))))
.
.
2011-08-11 19:59 . 2011-08-11 19:59 -------- d-----w- c:\program files\LogMeIn Hamachi
2011-08-11 19:49 . 2011-08-11 19:49 -------- d-----w- c:\documents and settings\Marco\Data aplikací\OpenCl
2011-08-11 19:48 . 2011-08-11 19:48 -------- d-----w- C:\_OTL
2011-08-11 18:37 . 2011-08-11 18:37 512 ----a-w- C:\PhysicalMBR.bin
2011-08-11 18:04 . 2011-08-11 18:04 -------- d-----w- C:\rsit
2011-08-11 18:03 . 2011-08-11 18:04 -------- d-----w- c:\program files\trend micro
2011-08-08 13:45 . 2004-07-09 02:26 30208 ----a-w- c:\windows\system32\psisrndr.ax
2011-08-08 13:45 . 2004-07-09 02:26 354816 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
2011-08-08 13:45 . 2004-07-09 02:26 354816 ----a-w- c:\windows\system32\psisdecd.dll
2011-08-08 13:45 . 2004-07-09 02:26 52224 ----a-w- c:\windows\system32\msdvbnp.ax
2011-08-08 13:45 . 2004-07-09 02:26 52096 -c--a-w- c:\windows\system32\dllcache\msdv.sys
2011-08-08 13:45 . 2004-07-09 02:26 52096 ----a-w- c:\windows\system32\drivers\msdv.sys
2011-08-08 13:45 . 2004-07-09 02:26 15104 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2011-08-08 13:45 . 2004-07-09 02:26 15104 ----a-w- c:\windows\system32\drivers\mpe.sys
2011-08-08 13:45 . 2004-07-09 02:26 1230336 -c--a-w- c:\windows\system32\dllcache\msvidctl.dll
2011-08-08 13:45 . 2004-07-09 02:26 11392 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
2011-08-08 13:45 . 2004-07-09 02:26 11392 ----a-w- c:\windows\system32\drivers\bdasup.sys
2011-08-08 13:31 . 2011-08-08 13:31 -------- d-----w- c:\program files\Steam
2011-08-08 13:31 . 2011-08-08 13:31 -------- d-----w- c:\program files\Valve
2011-08-06 22:01 . 2011-08-06 22:01 -------- d-----w- c:\program files\BitTorrent
2011-08-06 21:55 . 2011-08-06 21:59 -------- d-----w- c:\program files\uTorrent
2011-08-06 21:55 . 2011-08-06 21:55 -------- d-----w- c:\program files\BabylonToolbar
2011-08-06 21:55 . 2011-08-06 21:55 -------- d-----w- c:\documents and settings\Marco\Local Settings\Data aplikací\Babylon
2011-08-06 21:55 . 2011-08-06 21:55 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Babylon
2011-08-06 21:55 . 2011-08-06 21:55 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Babylon
2011-08-04 21:10 . 2011-08-04 21:34 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2011-08-04 21:10 . 2011-08-04 21:34 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2011-08-04 20:56 . 2011-08-04 20:56 -------- d-----w- c:\program files\Deep Silver
2011-08-02 11:35 . 2011-08-07 09:12 -------- d-----w- c:\program files\Metin2
2011-07-30 17:44 . 2011-07-30 17:44 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Need for Speed World
2011-07-30 17:33 . 2011-07-30 17:33 -------- d-----w- c:\documents and settings\Marco\Local Settings\Data aplikací\Electronic_Arts_Inc
2011-07-24 10:12 . 2011-07-24 10:17 2829 ----a-w- c:\windows\War3Unin.pif
2011-07-24 10:12 . 2011-07-24 10:17 139264 ----a-w- c:\windows\War3Unin.exe
2011-07-24 10:09 . 2011-07-24 12:00 -------- d-----w- c:\program files\Warcraft III
2011-07-19 20:19 . 2011-07-19 20:19 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Publish Providers
2011-07-19 20:19 . 2011-07-19 20:19 -------- d-----w- c:\documents and settings\Marco\Local Settings\Data aplikací\Sony
2011-07-19 20:19 . 2011-07-19 20:19 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Sony
2011-07-19 20:13 . 2011-07-19 20:13 -------- d-----w- c:\program files\Vstplugins
2011-07-19 20:13 . 2011-07-19 20:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Sony
2011-07-19 20:13 . 2011-07-19 20:13 -------- d-----w- c:\program files\Sony
2011-07-19 20:12 . 2011-07-19 20:12 -------- d-----w- c:\program files\Sony Setup
2011-07-19 19:57 . 2011-07-19 19:57 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Media Player Classic
2011-07-19 19:51 . 2011-07-19 19:51 -------- d-----w- C:\videodvdmaker
2011-07-19 19:51 . 2011-07-19 19:51 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Video DVD Maker FREE
2011-07-19 19:50 . 2011-07-19 19:50 -------- d-----w- c:\program files\Video DVD Maker
2011-07-19 13:28 . 2011-07-25 17:37 -------- d-----w- c:\program files\Microsoft Games
2011-07-18 20:49 . 2011-07-18 20:49 -------- d-----w- c:\program files\Editeur Handling GTA-SA
2011-07-18 09:31 . 2011-07-18 09:31 -------- d-----w- c:\program files\Common Files\Java
2011-07-15 14:34 . 2011-07-15 14:34 -------- d-----w- c:\documents and settings\Marco\Data aplikací\Day 1 Studios
2011-07-15 14:34 . 2011-07-15 14:34 -------- d-----w- c:\documents and settings\Marco\Local Settings\Data aplikací\SKIDROW
2011-07-15 14:25 . 2011-07-15 14:25 -------- d-----w- c:\program files\WB Games
2011-07-15 09:59 . 2011-07-15 10:10 -------- d-----w- C:\Root
2011-07-15 09:58 . 2011-07-15 09:58 -------- d-----w- c:\program files\Activision
2011-07-14 19:42 . 2011-07-14 19:42 443448 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-07-14 19:27 . 2011-07-19 21:32 -------- d-----w- c:\program files\DAEMON Tools Pro
2011-07-14 19:27 . 2011-07-14 19:28 -------- d-----w- c:\documents and settings\Marco\Data aplikací\DAEMON Tools Pro
2011-07-14 19:27 . 2011-07-14 19:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Pro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-06 12:05 . 2011-02-28 13:06 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2011-07-18 09:30 . 2011-03-12 20:37 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-07-18 09:30 . 2011-03-12 20:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-07-03 20:39 . 2011-07-03 20:29 281656 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-07-03 20:39 . 2011-03-02 14:11 281656 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-07-03 20:36 . 2011-03-02 14:11 141200 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-07-03 20:36 . 2011-03-02 14:11 281656 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-07-03 20:16 . 2011-03-02 14:11 138056 ----a-w- c:\documents and settings\Marco\Data aplikací\PnkBstrK.sys
2011-07-03 20:16 . 2011-03-02 14:11 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-06-30 12:47 . 2011-02-28 12:56 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-06-30 12:47 . 2011-02-28 12:56 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-06-26 19:16 . 2011-04-03 16:14 8070 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2011-06-10 21:27 . 2011-06-10 21:27 108336 ----a-w- c:\windows\system32\MSWINSCK.OCX
2011-05-21 20:04 . 2011-02-28 13:12 235 ----a-w- c:\windows\system32\nxEuUninstall.bat
2011-05-21 20:04 . 2011-02-28 13:12 446464 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2011-05-21 08:15 . 2011-05-21 08:15 53248 ----a-r- c:\documents and settings\Marco\Data aplikací\Microsoft\Installer\{1E05D2CE-6402-4D64-B515-6F587D0F6BA5}\ARPPRODUCTICON.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-08-11_20.30.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-08-11 22:05 . 2011-08-11 22:05 16384 c:\windows\temp\Perflib_Perfdata_d74.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-06-15 15141768]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-08-04 1955208]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Marco\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-12-11 604776]
GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2011-6-1 2586736]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\cs1.6 ahahahaha\\hl.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\moha\\UnrealEngine3\\Binaries\\MOHA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Metin2\\metin2.bin"=
"c:\\Program Files\\Metin2\\metin2client.bin"=
"d:\\marco\\CoDWaWmp.exe"=
"d:\\marco\\CoDWaW.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"d:\\IDM stahovanie\\vsetko\\styriaponechanynasmrt_chudaci\\left 4 dead\\left4dead.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"c:\\Program Files\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"d:\\kf\\KillingFloor\\System\\KillingFloor.exe"=
"d:\\return to castle wolfeinten\\MP\\Wolf2MP.exe"=
"d:\\return to castle wolfeinten\\MP\\Wolf2MPLite.exe"=
"d:\\fear\\FEARMP.exe"=
"d:\\lama\\hl.exe"=
"d:\\cs16\\hl.exe"=
"d:\\Call of duty Moden warfare 2\\Modern Warfare 2\\iw4mp.exe"=
"c:\\Documents and Settings\\Marco\\Plocha\\NST\\CSO-NST\\hl.exe"=
"d:\\NST\\CSO-NST\\hl.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"d:\\Call of Duty modern warfare\\iw3mp.exe"=
"c:\\Documents and Settings\\Marco\\Plocha\\Client by abesgaara v3.5 - Evolution CATACLYSM\\Client by abesgaara v3.5 - Evolution CATACLYSM\\mc.exe"=
"c:\\Program Files\\R.G. Catalyst\\Crysis 2\\bin32\\Crysis2.exe"=
"d:\\Medal of Honor 2010\\Binaries\\moh.exe"=
"d:\\Medal of Honor 2010\\MP\\MoHMPGame.exe"=
"c:\\Documents and Settings\\Marco\\Plocha\\NST\\CSO-NST\\hltv.exe"=
"c:\\Vietcong\\vietcong.exe"=
"d:\\worms 4\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE"=
"c:\\Program Files\\Activision\\Prototype\\prototypef.exe"=
"c:\\Program Files\\WB Games\\F.E.A.R. 3\\F.E.A.R. 3.exe"=
"c:\\Program Files\\Electronic Arts\\Dead Space\\Dead Space.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe"=
"c:\\Program Files\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"c:\\Documents and Settings\\Marco\\Plocha\\Sindicate\\client.bin"=
"c:\\Program Files\\Valve\\Half-Life 2\\hl2.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56543:TCP"= 56543:TCP:Pando Media Booster
"56543:UDP"= 56543:UDP:Pando Media Booster
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R0 xmasbus;xmasbus;c:\windows\system32\drivers\xmasbus.sys [28.2.2011 14:48 140800]
R0 xmasscsi;xmasscsi;c:\windows\system32\drivers\xmasscsi.sys [28.2.2011 14:48 5504]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [28.2.2011 14:56 136360]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [4.8.2011 14:34 1361288]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [28.2.2011 13:56 113536]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://
www.google.sk/
mStart Page = hxxp://
www.games-fusion.net
uInternet Settings,ProxyServer = 62.209.212.66:8080
uInternet Settings,ProxyOverride = <local>
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat do zařízení Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM obsah FLV videa - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
TCP: DhcpNameServer = 195.12.128.1 195.72.0.3
FF - ProfilePath - c:\documents and settings\Marco\Data aplikací\Mozilla\Firefox\Profiles\liaadxmy.default\
FF - prefs.js: browser.startup.homepage - hxxp://
www.google.sk/
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=fc7e1de500000000000000247e994c13&tlver=1.4.31.2&instlRef=sst&affID=100370&q=
FF - Ext: Skype extension: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Babylon:
ffxtlbr@babylon.com - %profile%\extensions\
ffxtlbr@babylon.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Killing Floor 2.5 - c:\ut2004\KFMod20\Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2011-08-12 00:04
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-448539723-1202660629-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"??"=hex:0c,9f,4c,80,69,d1,a8,fe,37,5d,c5,9f,51,d5,56,93,ff,5b,62,49,fb,29,7a,
b6,f3,c9,48,b1,01,ad,af,44,2f,c6,00,26,91,ff,94,ed,26,8b,f2,cd,cc,6f,76,e6,\
"??"=hex:2f,b6,6f,45,ee,e2,ec,0a,29,d5,69,d3,55,fd,2c,18
.
[HKEY_USERS\S-1-5-21-448539723-1202660629-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:51,ac,a1,d8,70,e1,02,38,72,a0,d8,a3,86,1f,1b,83,f5,16,20,f7,30,
c1,07,f0,3d,60,bf,77,56,0c,47,98,d3,8f,36,73,4b,77,01,0e,00,1a,34,0b,be,e1,\
"rkeysecu"=hex:74,7d,39,f0,b8,8d,b5,b5,f7,5b,e5,9a,30,3e,d2,4e
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1008)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2836)
c:\windows\system32\btmmhook.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\idt\wdm\STacSV.exe
c:\program files\Pando Networks\Media Booster\PMB.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\LSI SoftModem\agrsmsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2011-08-12 00:08:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-11 22:08
ComboFix2.txt 2011-08-11 20:35
.
Před spuštěním: Volných bajtů: 13 228 179 456
Po spuštění: Volných bajtů: 13 202 108 416
.
- - End Of File - - E37F7E4C735AA2680014217485EDA10A
Nahr nˇ probŘhlo ŁspŘçnŘ
Pokud nemáte, přesuňte Combofix na plochu
MBAM má občas falešné detekce a mohl by smazat např. systémové soubory.