VIRY.CZ

1)Nwm jak se to tam jmenuje

2) vyhodilo mi to error

Error: Unable to interpret <Paste Instructions for Items to be Moved> in the current context!
 
OTM by OldTimer - Version 3.1.12.2 log created on 07032010_133450

3)

Kód: Vybrat vše

Při zjišťování verze softwaru, který je v počítači spuštěn, používá tento web ovládací prvky ActiveX. Zobrazí-li se upozornění na ovládací prvek ActiveX, zkontrolujte nejprve, zda je ovládací prvek digitálně podepsán společností Microsoft, a potom ho nainstalujte a povolte.

O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Softonic VLC EN Toolbar - {e6570cd8-9978-4621-b1f9-6a62436f0466} - C:\Program Files\Softonic_VLC_EN\tbSof0.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.3\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O3 - Toolbar: Max EN Toolbar - {867dd841-5bf7-44ca-8426-c5a6eda00735} - C:\Program Files\Max_EN\tbMax1.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1384.0\npwinext.dll
O3 - Toolbar: Softonic English TC Toolbar - {4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8} - C:\Program Files\Softonic_English_TC\tbSoft.dll
O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfir.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: ZoneAlarm Toolbar - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files\ZoneAlarm\tbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll

Obrázek

Aplikujte skript znovu.

Obrázek

Instalaci povolte.

O5 mi tam naskákaly errory a co sem nainstaloval FW tak mi blbne net po restartu mi ani nešel tak sem ho odinstaloval...

Sedím tady hodiny a hodiny včera do půlnoci dneska od pěti a marně budu mít rači zavirovanej PC než se stím takhle prát...

Moc vám děkuji za trpělivost a čas co ste si pro mě udělal

Nemáte zač

Ještě pár otázek nazávěr:
1)Co používat za defragmentaci abych to dal někdy do kupy original windows? Momentálně používám Auslogics Disk Defrag
2)Jak oživit PC je pomalej na to jakej má výkon

1) Doporučuji Defraggler http://www.slunecnice.cz/sw/defraggler/

2) Pokud nechcete PC odvirovat, tak se nedivte, že je pomalý. Odinstalujte nepotřebné programy a pročistěte CCleanerem.

Kdyby to šlo odvirovat tak to odviruju ale samej error a komplikace...

Ono by to šlo, ale musel byste trochu lépe spolupracovat.

Spolupracuju jak jen můžu ale když to píše errory? To je jedno

Psal jste, že budete mít PC radši zavirovaný, tak nevím, co si o tom mám myslet.

To je jedno...

Díky moc za ochotu a čas

Třeba zase napíšu až mi PC skolabuje

Zdravim.
PROSIM CITAJTE POZORNE NAVODY!!!,

Stáhněte na plochu, ukončete všechna aktivní okna
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
Driver::
twomat
zfzurgqoh
zwxpff
NetSvc::
twomat
zfzurgqoh
zwxpff

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí

ComboFix 10-07-01.02 - Patrik 03.07.2010 18:03:13.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.697 [GMT 2:00]
Spuštěný z: c:\documents and settings\Patrik\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Patrik\Plocha\CFScript.txt.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\vbzlib1.dll
D:\install.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TWOMAT
-------\Legacy_ZFZURGQOH
-------\Legacy_ZWXPFF
-------\Service_twomat
-------\Service_zfzurgqoh
-------\Service_zwxpff

((((((((((((((((((((((((( Soubory vytvořené od 2010-06-03 do 2010-07-03 )))))))))))))))))))))))))))))))
.

2010-07-03 12:26 . 2010-07-03 12:26 -------- d-----w- c:\program files\Defraggler
2010-07-03 12:06 . 2010-07-03 12:06 -------- d-----w- c:\windows\Internet Logs
2010-07-03 10:53 . 2010-07-03 10:53 -------- d-----w- c:\program files\CheckPoint
2010-07-03 10:53 . 2010-07-03 11:59 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-07-03 10:49 . 2008-01-17 17:59 713216 -c----w- c:\windows\system32\dllcache\sxs.dll
2010-07-03 06:28 . 2010-07-03 06:29 -------- d-----w- c:\windows\system32\NtmsData
2010-07-03 05:52 . 2010-07-03 05:52 -------- d-sh--w- c:\documents and settings\Patrik\IECompatCache
2010-07-03 05:51 . 2010-07-03 05:51 -------- d-----w- c:\program files\CCleaner
2010-07-02 19:13 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-02 19:13 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-02 17:09 . 2010-07-02 17:11 -------- d-----w- C:\ToolBar SD
2010-07-02 16:34 . 2010-07-03 11:21 -------- d-----w- c:\program files\trend micro
2010-07-02 13:07 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-07-02 13:07 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-07-02 13:07 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-07-02 13:07 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-07-02 13:07 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-07-02 13:07 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-07-02 13:07 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-07-02 13:06 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-07-02 13:06 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-07-01 20:08 . 2010-07-01 20:08 -------- d-----w- c:\program files\SystemRequirementsLab
2010-07-01 20:08 . 2010-07-01 20:08 -------- d-----w- c:\documents and settings\Patrik\SystemRequirementsLab
2010-07-01 12:49 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-07-01 12:49 . 2010-07-01 12:49 -------- d-----w- c:\windows\Logs
2010-06-30 20:24 . 2010-06-30 20:24 -------- d-----w- c:\program files\Winamp Detect
2010-06-30 20:24 . 2010-06-30 20:24 -------- d-----w- c:\program files\Winamp Toolbar
2010-06-30 20:23 . 2009-04-28 20:20 129520 ------w- c:\windows\system32\pxafs.dll
2010-06-30 20:23 . 2010-06-30 20:24 -------- d-----w- c:\program files\Winamp
2010-06-30 16:26 . 2010-06-30 16:26 7 ----a-w- C:\tw0001.dat
2010-06-29 14:22 . 2010-06-29 14:22 286720 ------w- c:\windows\Setup1.exe
2010-06-29 14:22 . 2010-06-29 14:22 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-06-28 18:05 . 2010-07-02 12:10 -------- d-----w- c:\program files\SRS - Street Racing Syndicate
2010-06-26 21:41 . 2010-06-26 21:41 -------- d-----w- c:\program files\Common Files\DirectX
2010-06-26 21:29 . 2010-06-26 21:29 -------- d-----w- c:\program files\EA GAMES
2010-06-21 14:26 . 2010-07-03 11:52 70992 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-06-18 16:24 . 2010-06-18 16:24 -------- d-----w- c:\program files\FreeCall.com
2010-06-18 08:36 . 2010-06-18 08:37 -------- d-----w- c:\program files\mp3DirectCut
2010-06-14 20:09 . 2010-07-02 17:11 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-06-14 20:01 . 2010-06-14 20:01 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-11 15:25 . 2010-06-11 15:25 -------- d-----w- c:\program files\XfireXO
2010-06-11 15:24 . 2010-07-03 00:22 -------- d-----w- c:\program files\Xfire
2010-06-09 14:17 . 2010-06-09 14:17 -------- d-----w- c:\program files\MSBuild
2010-06-09 14:14 . 2010-06-09 14:14 -------- d-----w- c:\windows\system32\XPSViewer
2010-06-09 14:13 . 2010-06-09 14:13 -------- d-----w- c:\program files\Reference Assemblies
2010-06-09 14:13 . 2006-10-14 14:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-06-09 14:12 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-06-06 20:55 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-06-06 20:55 . 2010-06-26 08:59 138592 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-06 20:55 . 2010-06-26 10:09 219128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-06 20:55 . 2010-06-11 15:46 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-06 20:15 . 2010-06-06 20:15 -------- d-sh--w- c:\windows\ftpcache
2010-06-04 04:57 . 2010-06-04 04:57 -------- d-s---w- c:\documents and settings\LocalService\Dokumenty
2010-06-04 04:47 . 2010-06-04 04:47 -------- d-----w- c:\program files\Common Files\Eye 312
2010-06-04 04:47 . 2007-10-04 15:42 48128 ----a-w- c:\windows\system32\Remove.exe
2010-06-04 04:47 . 2010-06-04 04:47 -------- d-----w- c:\program files\Common Files\Pac7302
2010-06-04 04:47 . 2006-10-12 09:57 14336 ----a-w- c:\windows\system32\P7302USD.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-03 10:53 . 2010-07-03 10:53 -------- d-----w- c:\program files\CheckPoint
2010-07-03 05:43 . 2010-05-21 21:39 -------- d-----w- c:\program files\Windows Desktop Search
2010-07-03 05:42 . 2002-09-23 12:00 77706 ----a-w- c:\windows\system32\perfc005.dat
2010-07-03 05:42 . 2002-09-23 12:00 427336 ----a-w- c:\windows\system32\perfh005.dat
2010-07-02 18:53 . 2010-05-26 15:38 -------- d-----w- c:\program files\WinFlip
2010-07-02 17:41 . 2009-11-17 15:39 -------- d-----w- c:\program files\Opera 10 Beta
2010-07-02 17:11 . 2009-12-18 10:42 -------- d-----w- c:\program files\AskBarDis
2010-07-01 13:12 . 2009-10-29 07:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-01 12:50 . 2010-07-01 12:50 -------- d-----w- c:\program files\Rockstar Games
2010-06-28 18:07 . 2009-12-11 14:09 -------- d-----w- c:\program files\GameSpy Arcade
2010-06-26 16:07 . 2002-09-23 12:00 163644 ----a-w- c:\windows\system32\drivers\secdrv.sys
2010-05-31 13:08 . 2010-05-31 13:08 -------- d-----w- c:\program files\Common Files\Java
2010-05-31 13:07 . 2010-05-31 13:08 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-28 00:04 . 2010-05-28 00:04 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-05-26 15:38 . 2010-05-26 15:38 -------- d-----w- c:\program files\TrueTransparency
2010-05-26 15:38 . 2010-05-26 15:38 -------- d-----w- c:\program files\Vista Drive Icon
2010-05-26 15:10 . 2010-05-26 15:10 -------- d-----w- c:\program files\Softonic_English_TC
2010-05-26 15:01 . 2010-05-26 15:01 -------- d-----w- c:\program files\WinPcap
2010-05-26 14:38 . 2009-10-29 18:08 -------- d-----w- c:\program files\QIP Infium
2010-05-23 16:24 . 2010-04-24 15:14 921632 ----a-w- C:\PA7302.DAT
2010-05-21 21:14 . 2010-02-08 19:05 -------- d-----w- c:\program files\Max_EN
2010-05-21 21:14 . 2009-12-17 15:51 -------- d-----w- c:\program files\Softonic_VLC_EN
2010-05-14 11:06 . 2010-05-14 11:06 -------- d-----w- c:\program files\Common Files\Real
2010-05-14 11:06 . 2010-05-14 11:06 -------- d-----w- c:\program files\Real
2010-05-14 11:06 . 2010-05-14 11:06 -------- d-----w- c:\program files\Common Files\xing shared
2010-05-14 11:06 . 2010-01-13 21:39 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-05-14 11:01 . 2010-05-14 11:01 -------- d-----w- c:\program files\Xvid
2010-04-24 12:32 . 2010-04-24 12:32 81 --sh--r- c:\windows\CT4CET.bin
2010-04-07 20:18 . 2010-04-07 20:18 74703 ----a-w- c:\windows\system32\mfc45.dll
.

------- Sigcheck -------

[7] 2004-08-17 . 84FEF6BE553ACC66729F5D4113F53310 . 2150400 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2004-08-17 . 5C108FECE9B30922649C5C4E9B80B9B5 . 2146816 . . [5.1.2600.2180] . . c:\windows\system32\ntoskrnl.exe
[7] 2004-08-17 . 84FEF6BE553ACC66729F5D4113F53310 . 2150400 . . [5.1.2600.2180] . . c:\windows\system32\VITrans\ntoskrnl.exe
[-] 2002-09-23 . BB405B214B5B49AB3F00196C10885611 . 1891840 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe

[-] 2004-08-17 . D528D77EAD3C7A52A4F17D45D2809E81 . 1438208 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[-] 2004-08-17 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-17 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\system32\VITrans\explorer.exe
[-] 2002-09-23 . 11D80755545CFB5EB9659EE88440EAE2 . 1004544 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\explorer.exe

[7] 2004-08-17 . 7715EDDD01EDFEF9EF335D29C6DFE212 . 2017280 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2004-08-17 . 60B05387246DF377C22DCCA1EE7B5006 . 2013696 . . [5.1.2600.2180] . . c:\windows\system32\ntkrnlpa.exe
[7] 2004-08-17 . 7715EDDD01EDFEF9EF335D29C6DFE212 . 2017280 . . [5.1.2600.2180] . . c:\windows\system32\VITrans\ntkrnlpa.exe
[-] 2002-09-23 . E2A57A7B4182490DFE1EBADE818146A2 . 1920512 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]
"{e6570cd8-9978-4621-b1f9-6a62436f0466}"= "c:\program files\Softonic_VLC_EN\tbSof0.dll" [2010-05-21 2515552]
"{867dd841-5bf7-44ca-8426-c5a6eda00735}"= "c:\program files\Max_EN\tbMax1.dll" [2010-05-21 2515552]
"{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}"= "c:\program files\Softonic_English_TC\tbSoft.dll" [2010-04-15 2515552]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files\XfireXO\tbXfir.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{867dd841-5bf7-44ca-8426-c5a6eda00735}]

[HKEY_CLASSES_ROOT\clsid\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]

[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]
2010-04-15 10:33 2515552 ----a-w- c:\program files\Softonic_English_TC\tbSoft.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
2010-06-03 16:24 2736736 ----a-w- c:\program files\XfireXO\tbXfir.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{867dd841-5bf7-44ca-8426-c5a6eda00735}]
2010-05-21 21:14 2515552 ----a-w- c:\program files\Max_EN\tbMax1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e6570cd8-9978-4621-b1f9-6a62436f0466}]
2010-05-21 21:14 2515552 ----a-w- c:\program files\Softonic_VLC_EN\tbSof0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e6570cd8-9978-4621-b1f9-6a62436f0466}"= "c:\program files\Softonic_VLC_EN\tbSof0.dll" [2010-05-21 2515552]
"{867dd841-5bf7-44ca-8426-c5a6eda00735}"= "c:\program files\Max_EN\tbMax1.dll" [2010-05-21 2515552]
"{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}"= "c:\program files\Softonic_English_TC\tbSoft.dll" [2010-04-15 2515552]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files\XfireXO\tbXfir.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{867dd841-5bf7-44ca-8426-c5a6eda00735}]

[HKEY_CLASSES_ROOT\clsid\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]

[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E6570CD8-9978-4621-B1F9-6A62436F0466}"= "c:\program files\Softonic_VLC_EN\tbSof0.dll" [2010-05-21 2515552]
"{867DD841-5BF7-44CA-8426-C5A6EDA00735}"= "c:\program files\Max_EN\tbMax1.dll" [2010-05-21 2515552]
"{4FF5F6EA-FFAF-43E5-9A01-361C0893C3E8}"= "c:\program files\Softonic_English_TC\tbSoft.dll" [2010-04-15 2515552]
"{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}"= "c:\program files\XfireXO\tbXfir.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{867dd841-5bf7-44ca-8426-c5a6eda00735}]

[HKEY_CLASSES_ROOT\clsid\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]

[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Patrik\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-01-06 135664]
"QIP2005"="c:\program files\QIP\qip.exe" [2009-08-13 3276288]
"RegistryMechanic"="d:\registry mechanic\RegMech.exe" [2010-04-08 3233752]
"SkinClock"="c:\program files\Free Desktop Clock\DesktopClock.exe" [2006-10-01 334848]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"DAEMON Tools Lite"="d:\daemon tools lite\daemon.exe" [2009-04-23 691656]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-07-12 352256]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"AtiPTA"="atiptaxx.exe" [2006-02-22 344064]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"Bing Bar"="c:\program files\MSN Toolbar\Platform\5.0.1384.0\mswinext.exe" [2010-02-17 243032]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-14 202256]
"DrvIcon"="c:\program files\Vista Drive Icon\DrvIcon.exe" [2008-04-13 49152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-12 37888]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\Patrik\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ProgSense.lnk - d:\progsense\ProgSense.exe [2010-5-24 888000]
Screenshot Utility.lnk - d:\screenshot utility\ScreenshotUtility.exe [2010-6-6 344064]
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2010-5-28 3493264]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2009-10-02 128360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Codemasters\\Worms 4 Mayhem Demo\\Worms 4 Mayhem Demo.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Team17 Software Ltd\\WormsFortsDemo\\WF.exe"=
"c:\\Program Files\\Codemasters\\Worms 4 Mayhem Online Demo\\Worms 4 Mayhem Online Demo.exe"=
"c:\\Program Files\\Opera 10 Beta\\opera.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp03\\samp-server.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp02x\\samp-server.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp01b\\samp-server.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp022\\samp-server.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe"=
"d:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\SRS - Street Racing Syndicate\\Bin\\SRS.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\trainer.exe.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4805:TCP"= 4805:TCP:eufbhvcx
"21034:TCP"= 21034:TCP:BitComet 21034 TCP
"21034:UDP"= 21034:UDP:BitComet 21034 UDP

R0 ahci8086;ahci8086;c:\windows\system32\drivers\ahci8086.sys [29.10.2009 12:31 119808]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.7.2010 15:07 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.7.2010 15:07 17744]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [20.11.2009 17:07 246520]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 18:33 50704]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [12.5.2010 15:08 632792]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\Patrik\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\Patrik\LOCALS~1\Temp\ALSysIO.sys [?]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14.6.2010 22:01 721904]
.
Obsah adresáře 'Naplánované úlohy'

2010-07-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-07-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-07-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-07-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-07-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-07-03 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-02-24 20:09]

2010-07-03 c:\windows\Tasks\User_Feed_Synchronization-{9C10480B-93C6-4E37-91DA-96E8674D38DE}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page =
uDefault_Search_URL =
mWindow Title =
uInternet Connection Wizard,ShellNext = hxxp://www.zoner.cz/podpora/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant =
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{3e717667-c786-43d0-b809-b378938f6770} - d:\clip extractor\ClipExtractor.exe
TCP: {52B0A3FB-BE3D-424D-A8D1-BAE446DAD5F8} = 213.211.45.3,212.96.160.7
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-HookURL - (no file)
URLSearchHooks-Rank - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{3041D03E-FD4B-44E0-B742-2D9B88305F98} - (no file)
AddRemove-2kv4.8.442 - c:\windows\Radeon Omega Drivers v4.8.442

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-03 18:44
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

c:\docume~1\Patrik\LOCALS~1\Temp\pic8880.jpg 4676 bytes

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(708)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'explorer.exe'(4060)
c:\program files\Xfire\xfire_toucan_42784.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\msi.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
c:\program files\Stardock\Fences\FencesMenu.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\stardock\fences\DesktopDock.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2010-07-03 18:52:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-03 16:52

Před spuštěním: Volných bajtů: 12 730 314 752
Po spuštění: Volných bajtů: 12 624 216 064

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer

- - End Of File - - CFF92F7E574FF63805FDC3FB28188A41

no mas tam confickera.
Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
FCOPY::
c:\windows\ServicePackFiles\i386\ntoskrnl.exe | c:\windows\system32\ntoskrnl.exe
c:\windows\ServicePackFiles\i386\ntoskrnl.exe | c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
c:\windows\ServicePackFiles\i386\ntkrnlpa.exe | c:\windows\system32\ntkrnlpa.exe
c:\windows\ServicePackFiles\i386\ntkrnlpa.exe | c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
RESTORE::
c:\windows\explorer.exe
srpeek::
c:\windows\explorer.exe
Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4805:TCP"=-
Driver::
eufbhvcx
ICQ Service
File::
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
DDS::
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
Rootkit::
c:\docume~1\Patrik\LOCALS~1\Temp\pic8880.jpg

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí

ComboFix 10-07-01.02 - Patrik 03.07.2010 19:31:04.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.493 [GMT 2:00]
Spuštěný z: c:\documents and settings\Patrik\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Patrik\Plocha\CFScript.txt.txt
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1003.job"
"c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1007.job"
"c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1008.job"
"c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1003.job"
"c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1007.job"
"c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1008.job"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1801674531-2077806209-725345543-1008.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1003.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1007.job
c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1801674531-2077806209-725345543-1008.job

c:\windows\explorer.exe . . . je infikován!!

.
--------------- FCopy ---------------

c:\windows\ServicePackFiles\i386\ntoskrnl.exe --> c:\windows\system32\ntoskrnl.exe
c:\windows\ServicePackFiles\i386\ntoskrnl.exe --> c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
c:\windows\ServicePackFiles\i386\ntkrnlpa.exe --> c:\windows\system32\ntkrnlpa.exe
c:\windows\ServicePackFiles\i386\ntkrnlpa.exe --> c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ICQ_SERVICE
-------\Service_ICQ Service

((((((((((((((((((((((((( Soubory vytvořené od 2010-06-03 do 2010-07-03 )))))))))))))))))))))))))))))))
.

2010-07-03 12:26 . 2010-07-03 12:26 -------- d-----w- c:\program files\Defraggler
2010-07-03 12:06 . 2010-07-03 12:06 -------- d-----w- c:\windows\Internet Logs
2010-07-03 10:53 . 2010-07-03 10:53 -------- d-----w- c:\program files\CheckPoint
2010-07-03 10:53 . 2010-07-03 11:59 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2010-07-03 10:49 . 2008-01-17 17:59 713216 -c----w- c:\windows\system32\dllcache\sxs.dll
2010-07-03 06:28 . 2010-07-03 06:29 -------- d-----w- c:\windows\system32\NtmsData
2010-07-03 05:52 . 2010-07-03 05:52 -------- d-sh--w- c:\documents and settings\Patrik\IECompatCache
2010-07-03 05:51 . 2010-07-03 05:51 -------- d-----w- c:\program files\CCleaner
2010-07-02 19:13 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-07-02 19:13 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-07-02 17:09 . 2010-07-02 17:11 -------- d-----w- C:\ToolBar SD
2010-07-02 16:34 . 2010-07-03 11:21 -------- d-----w- c:\program files\trend micro
2010-07-02 13:07 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-07-02 13:07 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-07-02 13:07 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-07-02 13:07 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-07-02 13:07 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-07-02 13:07 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-07-02 13:07 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-07-02 13:06 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-07-02 13:06 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-07-01 20:08 . 2010-07-01 20:08 -------- d-----w- c:\program files\SystemRequirementsLab
2010-07-01 20:08 . 2010-07-01 20:08 -------- d-----w- c:\documents and settings\Patrik\SystemRequirementsLab
2010-07-01 12:49 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-07-01 12:49 . 2010-07-01 12:49 -------- d-----w- c:\windows\Logs
2010-06-30 20:24 . 2010-06-30 20:24 -------- d-----w- c:\program files\Winamp Detect
2010-06-30 20:24 . 2010-06-30 20:24 -------- d-----w- c:\program files\Winamp Toolbar
2010-06-30 20:23 . 2009-04-28 20:20 129520 ------w- c:\windows\system32\pxafs.dll
2010-06-30 20:23 . 2010-06-30 20:24 -------- d-----w- c:\program files\Winamp
2010-06-30 16:26 . 2010-06-30 16:26 7 ----a-w- C:\tw0001.dat
2010-06-29 14:22 . 2010-06-29 14:22 286720 ------w- c:\windows\Setup1.exe
2010-06-29 14:22 . 2010-06-29 14:22 73216 ----a-w- c:\windows\ST6UNST.EXE
2010-06-28 18:05 . 2010-07-02 12:10 -------- d-----w- c:\program files\SRS - Street Racing Syndicate
2010-06-26 21:41 . 2010-06-26 21:41 -------- d-----w- c:\program files\Common Files\DirectX
2010-06-26 21:29 . 2010-06-26 21:29 -------- d-----w- c:\program files\EA GAMES
2010-06-21 14:26 . 2010-07-03 11:52 70992 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-06-18 16:24 . 2010-06-18 16:24 -------- d-----w- c:\program files\FreeCall.com
2010-06-18 08:36 . 2010-06-18 08:37 -------- d-----w- c:\program files\mp3DirectCut
2010-06-14 20:09 . 2010-07-02 17:11 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-06-14 20:01 . 2010-06-14 20:01 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-06-11 15:25 . 2010-06-11 15:25 -------- d-----w- c:\program files\XfireXO
2010-06-11 15:24 . 2010-07-03 00:22 -------- d-----w- c:\program files\Xfire
2010-06-09 14:17 . 2010-06-09 14:17 -------- d-----w- c:\program files\MSBuild
2010-06-09 14:14 . 2010-06-09 14:14 -------- d-----w- c:\windows\system32\XPSViewer
2010-06-09 14:13 . 2010-06-09 14:13 -------- d-----w- c:\program files\Reference Assemblies
2010-06-09 14:13 . 2006-10-14 14:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-06-09 14:12 . 2006-06-29 11:07 14048 ------w- c:\windows\system32\spmsg2.dll
2010-06-06 20:55 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2010-06-06 20:55 . 2010-06-26 08:59 138592 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-06 20:55 . 2010-06-26 10:09 219128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-06 20:55 . 2010-06-11 15:46 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-06-06 20:15 . 2010-06-06 20:15 -------- d-sh--w- c:\windows\ftpcache
2010-06-04 04:57 . 2010-06-04 04:57 -------- d-s---w- c:\documents and settings\LocalService\Dokumenty
2010-06-04 04:47 . 2010-06-04 04:47 -------- d-----w- c:\program files\Common Files\Eye 312
2010-06-04 04:47 . 2007-10-04 15:42 48128 ----a-w- c:\windows\system32\Remove.exe
2010-06-04 04:47 . 2010-06-04 04:47 -------- d-----w- c:\program files\Common Files\Pac7302
2010-06-04 04:47 . 2006-10-12 09:57 14336 ----a-w- c:\windows\system32\P7302USD.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-03 10:53 . 2010-07-03 10:53 -------- d-----w- c:\program files\CheckPoint
2010-07-03 05:43 . 2010-05-21 21:39 -------- d-----w- c:\program files\Windows Desktop Search
2010-07-03 05:42 . 2002-09-23 12:00 77706 ----a-w- c:\windows\system32\perfc005.dat
2010-07-03 05:42 . 2002-09-23 12:00 427336 ----a-w- c:\windows\system32\perfh005.dat
2010-07-02 18:53 . 2010-05-26 15:38 -------- d-----w- c:\program files\WinFlip
2010-07-02 17:41 . 2009-11-17 15:39 -------- d-----w- c:\program files\Opera 10 Beta
2010-07-02 17:11 . 2009-12-18 10:42 -------- d-----w- c:\program files\AskBarDis
2010-07-01 13:12 . 2009-10-29 07:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-01 12:50 . 2010-07-01 12:50 -------- d-----w- c:\program files\Rockstar Games
2010-06-28 18:07 . 2009-12-11 14:09 -------- d-----w- c:\program files\GameSpy Arcade
2010-06-26 16:07 . 2002-09-23 12:00 163644 ----a-w- c:\windows\system32\drivers\secdrv.sys
2010-05-31 13:08 . 2010-05-31 13:08 -------- d-----w- c:\program files\Common Files\Java
2010-05-31 13:07 . 2010-05-31 13:08 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-28 00:04 . 2010-05-28 00:04 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-05-26 15:38 . 2010-05-26 15:38 -------- d-----w- c:\program files\TrueTransparency
2010-05-26 15:38 . 2010-05-26 15:38 -------- d-----w- c:\program files\Vista Drive Icon
2010-05-26 15:10 . 2010-05-26 15:10 -------- d-----w- c:\program files\Softonic_English_TC
2010-05-26 15:01 . 2010-05-26 15:01 -------- d-----w- c:\program files\WinPcap
2010-05-26 14:38 . 2009-10-29 18:08 -------- d-----w- c:\program files\QIP Infium
2010-05-23 16:24 . 2010-04-24 15:14 921632 ----a-w- C:\PA7302.DAT
2010-05-21 21:14 . 2010-02-08 19:05 -------- d-----w- c:\program files\Max_EN
2010-05-21 21:14 . 2009-12-17 15:51 -------- d-----w- c:\program files\Softonic_VLC_EN
2010-05-14 11:06 . 2010-05-14 11:06 -------- d-----w- c:\program files\Common Files\Real
2010-05-14 11:06 . 2010-05-14 11:06 -------- d-----w- c:\program files\Real
2010-05-14 11:06 . 2010-05-14 11:06 -------- d-----w- c:\program files\Common Files\xing shared
2010-05-14 11:06 . 2010-01-13 21:39 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-05-14 11:01 . 2010-05-14 11:01 -------- d-----w- c:\program files\Xvid
2010-04-24 12:32 . 2010-04-24 12:32 81 --sh--r- c:\windows\CT4CET.bin
2010-04-07 20:18 . 2010-04-07 20:18 74703 ----a-w- c:\windows\system32\mfc45.dll
.

(((((((((((((((((((((((((((((((((((((((((( SR_Search ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
------- Sigcheck -------

[-] 2004-08-17 . D528D77EAD3C7A52A4F17D45D2809E81 . 1438208 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[-] 2004-08-17 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2004-08-17 . 4D32D7FFC2F583FE21EF0A4F99EABB12 . 974848 . . [6.00.2900.2180] . . c:\windows\system32\VITrans\explorer.exe
[-] 2002-09-23 . 11D80755545CFB5EB9659EE88440EAE2 . 1004544 . . [6.00.2800.1106] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]
"{e6570cd8-9978-4621-b1f9-6a62436f0466}"= "c:\program files\Softonic_VLC_EN\tbSof0.dll" [2010-05-21 2515552]
"{867dd841-5bf7-44ca-8426-c5a6eda00735}"= "c:\program files\Max_EN\tbMax1.dll" [2010-05-21 2515552]
"{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}"= "c:\program files\Softonic_English_TC\tbSoft.dll" [2010-04-15 2515552]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files\XfireXO\tbXfir.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{867dd841-5bf7-44ca-8426-c5a6eda00735}]

[HKEY_CLASSES_ROOT\clsid\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]

[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]
2010-04-15 10:33 2515552 ----a-w- c:\program files\Softonic_English_TC\tbSoft.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
2010-06-03 16:24 2736736 ----a-w- c:\program files\XfireXO\tbXfir.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{867dd841-5bf7-44ca-8426-c5a6eda00735}]
2010-05-21 21:14 2515552 ----a-w- c:\program files\Max_EN\tbMax1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e6570cd8-9978-4621-b1f9-6a62436f0466}]
2010-05-21 21:14 2515552 ----a-w- c:\program files\Softonic_VLC_EN\tbSof0.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{e6570cd8-9978-4621-b1f9-6a62436f0466}"= "c:\program files\Softonic_VLC_EN\tbSof0.dll" [2010-05-21 2515552]
"{867dd841-5bf7-44ca-8426-c5a6eda00735}"= "c:\program files\Max_EN\tbMax1.dll" [2010-05-21 2515552]
"{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}"= "c:\program files\Softonic_English_TC\tbSoft.dll" [2010-04-15 2515552]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files\XfireXO\tbXfir.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{867dd841-5bf7-44ca-8426-c5a6eda00735}]

[HKEY_CLASSES_ROOT\clsid\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]

[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{E6570CD8-9978-4621-B1F9-6A62436F0466}"= "c:\program files\Softonic_VLC_EN\tbSof0.dll" [2010-05-21 2515552]
"{867DD841-5BF7-44CA-8426-C5A6EDA00735}"= "c:\program files\Max_EN\tbMax1.dll" [2010-05-21 2515552]
"{4FF5F6EA-FFAF-43E5-9A01-361C0893C3E8}"= "c:\program files\Softonic_English_TC\tbSoft.dll" [2010-04-15 2515552]
"{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}"= "c:\program files\XfireXO\tbXfir.dll" [2010-06-03 2736736]

[HKEY_CLASSES_ROOT\clsid\{e6570cd8-9978-4621-b1f9-6a62436f0466}]

[HKEY_CLASSES_ROOT\clsid\{867dd841-5bf7-44ca-8426-c5a6eda00735}]

[HKEY_CLASSES_ROOT\clsid\{4ff5f6ea-ffaf-43e5-9a01-361c0893c3e8}]

[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Patrik\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-01-06 135664]
"QIP2005"="c:\program files\QIP\qip.exe" [2009-08-13 3276288]
"RegistryMechanic"="d:\registry mechanic\RegMech.exe" [2010-04-08 3233752]
"SkinClock"="c:\program files\Free Desktop Clock\DesktopClock.exe" [2006-10-01 334848]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"DAEMON Tools Lite"="d:\daemon tools lite\daemon.exe" [2009-04-23 691656]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-07-12 352256]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-06-23 847872]
"AtiPTA"="atiptaxx.exe" [2006-02-22 344064]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"Bing Bar"="c:\program files\MSN Toolbar\Platform\5.0.1384.0\mswinext.exe" [2010-02-17 243032]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-05-14 202256]
"DrvIcon"="c:\program files\Vista Drive Icon\DrvIcon.exe" [2008-04-13 49152]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2010-01-12 37888]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\Patrik\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ProgSense.lnk - d:\progsense\ProgSense.exe [2010-5-24 888000]
Screenshot Utility.lnk - d:\screenshot utility\ScreenshotUtility.exe [2010-6-6 344064]
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2010-5-28 3493264]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2009-10-02 128360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Codemasters\\Worms 4 Mayhem Demo\\Worms 4 Mayhem Demo.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Team17 Software Ltd\\WormsFortsDemo\\WF.exe"=
"c:\\Program Files\\Codemasters\\Worms 4 Mayhem Online Demo\\Worms 4 Mayhem Online Demo.exe"=
"c:\\Program Files\\Opera 10 Beta\\opera.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp03\\samp-server.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp02x\\samp-server.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp01b\\samp-server.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Documents and Settings\\Patrik\\Plocha\\samp022\\samp-server.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\FreeCall.com\\FreeCall\\FreeCall.exe"=
"d:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\SRS - Street Racing Syndicate\\Bin\\SRS.exe"=
"c:\\Program Files\\EA GAMES\\Need for Speed Underground 2\\trainer.exe.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"21034:TCP"= 21034:TCP:BitComet 21034 TCP
"21034:UDP"= 21034:UDP:BitComet 21034 UDP

R0 ahci8086;ahci8086;c:\windows\system32\drivers\ahci8086.sys [29.10.2009 12:31 119808]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14.6.2010 22:01 721904]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.7.2010 15:07 165456]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.7.2010 15:07 17744]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 18:33 50704]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [12.5.2010 15:08 632792]
S3 ALSysIO;ALSysIO;\??\c:\docume~1\Patrik\LOCALS~1\Temp\ALSysIO.sys --> c:\docume~1\Patrik\LOCALS~1\Temp\ALSysIO.sys [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-07-03 c:\windows\Tasks\User_Feed_Synchronization-{9C10480B-93C6-4E37-91DA-96E8674D38DE}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page =
uDefault_Search_URL =
mWindow Title =
uInternet Connection Wizard,ShellNext = hxxp://www.zoner.cz/podpora/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Stáhnout odkaz s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: Stáhnout všechna videa s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: Stáhnout všechny odkazy s použitím BitCometu - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: {{3e717667-c786-43d0-b809-b378938f6770} - d:\clip extractor\ClipExtractor.exe
TCP: {52B0A3FB-BE3D-424D-A8D1-BAE446DAD5F8} = 213.211.45.3,212.96.160.7
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-HookURL - (no file)
URLSearchHooks-Rank - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-03 19:41
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x867D51F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7650fc3
\Driver\ACPI -> ACPI.sys @ 0xf739acb8
\Driver\atapi -> 0x867d61f8
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058236c
ParseProcedure -> ntkrnlpa.exe @ 0x8058146a
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x8058236c
ParseProcedure -> ntkrnlpa.exe @ 0x8058146a
NDIS: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xf720cba0
PacketIndicateHandler -> NDIS.sys @ 0xf7219b21
SendHandler -> NDIS.sys @ 0xf71f787b
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(724)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\cscui.dll

- - - - - - - > 'explorer.exe'(3240)
c:\windows\system32\ntshrui.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\program files\Stardock\Fences\FencesMenu.dll
c:\program files\stardock\fences\DesktopDock.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wscntfy.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
.
**************************************************************************
.
Celkový čas: 2010-07-03 19:48:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-03 17:48
ComboFix2.txt 2010-07-03 16:52

Před spuštěním: Volných bajtů: 12 694 392 832
Po spuštění: Volných bajtů: 12 570 824 704

- - End Of File - - 4EE87A97D70B837B6BD00479FD744DF4

VIRY.CZ

Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help

Re: Viry ve windows prosím help