VIRY.CZ

Dobry den,prosim o pomoc. Zrejme se mi dostal do PC malware.

Run by Michal at 2011-01-21 10:40:03
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 3 GB (9%) free of 36 GB
Total RAM: 1023 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:40:16, on 21.1.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Office-Web Center\panel.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Michal\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Michal.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://atlas.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60341
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60341
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=wbst&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60341
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {e8de9422-3b2c-4243-bf6f-235da84d8ef8} - (no file)
O1 - Hosts: 5.147.216.167 pes09pcgate-e.winning-eleven.net
O1 - Hosts: 5.6.119.25 pes2009web.winning-eleven.net
O1 - Hosts: stun.xten.com pes7stun-e.winning-eleven.net
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [algv.exe] C:\WINDOWS\system32\algv.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NewShortcut1.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.ietoolgate.com/redirect.php (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{210CDD3A-E15B-4C2C-842E-9779326B5C8A}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{749ED766-729A-4B70-A1FB-51008C5D531E}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\..\{8709FAB1-CF69-41DB-BDA5-6D0586C1FFBE}: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 208.67.220.220,208.67.222.222
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: ablator - {fce1c203-ff2b-4ec1-9983-e2900d29bbd8} - (no file)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Google Desktop Manager 5.8.811.4345 (GoogleDesktopManager-110408-113106) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Služba Google Update (gupdate1c9ced9d4230fe4) (gupdate1c9ced9d4230fe4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

--
End of file - 10592 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-682003330-362288127-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-682003330-362288127-839522115-1003UA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-682003330-362288127-839522115-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-682003330-362288127-839522115-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-09-22 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-11-05 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-08-14 16050176]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"CHotkey"=C:\WINDOWS\mHotkey.exe [2002-10-09 493056]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-01 30192]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-01-10 2267136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe [2006-05-10 90112]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-01-13 3396624]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"TkBellExe"=C:\Program Files\Real\RealPlayer\update\realsched.exe [2010-11-05 274608]
"algv.exe"=C:\WINDOWS\system32\algv.exe [2009-07-06 1269760]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-06-11 68856]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-01-03 15028104]
""= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.0\ICQ.exe [2010-10-27 133432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-06-11 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BDARemote.lnk]
C:\PROGRA~1\USBTV~1\EM28XX\BDAREM~1.EXE [2007-06-26 81997]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Software Kodak EasyShare.lnk]
C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2009-07-10 323584]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
NewShortcut1.lnk - C:\Program Files\HP\Office-Web Center\panel.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-10-12 90112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
ablator - {fce1c203-ff2b-4ec1-9983-e2900d29bbd8}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0x91000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Roger Wilco\roger.exe"="C:\Program Files\Roger Wilco\roger.exe:*:Disabled:roger"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"D:\Hry\battlefield 2\BF2.exe"="D:\Hry\battlefield 2\BF2.exe:*:Enabled:BF2"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Hry\Graw 2\GRAW2NothingRipped\GRAW2 Nothing Ripped\graw2.exe"="D:\Hry\Graw 2\GRAW2NothingRipped\GRAW2 Nothing Ripped\graw2.exe:*:Disabled:Ghost Recon Advanced Warfighter® 2"
"D:\Hry\Company of Heroes\RelicCOH.exe"="D:\Hry\Company of Heroes\RelicCOH.exe:*:Enabled:RelicCOH"
"D:\Hry\GTA GAME\samp-server.exe"="D:\Hry\GTA GAME\samp-server.exe:*:Enabled:samp-server"
"D:\Hry\Medal of honor PA\mohpa.exe"="D:\Hry\Medal of honor PA\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\Xfire\xfire.exe"="C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire"
"C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe"="C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Disabled:Media Player Classic"
"D:\Hry\NFS MW\speed.exe"="D:\Hry\NFS MW\speed.exe:*:Enabled:speed"
"D:\Hry\Warcraft III\war3.exe"="D:\Hry\Warcraft III\war3.exe:*:Enabled:Warcraft III"
"C:\Documents and Settings\Michal\Dokumenty\ICQ\461491997\ReceivedFiles\445798818 BACS\TeamViewer.exe"="C:\Documents and Settings\Michal\Dokumenty\ICQ\461491997\ReceivedFiles\445798818 BACS\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4X.exe"="C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4X.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate"
"C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4XDedicatedServer.exe"="C:\Program Files\Sierra\SWAT 4\ContentExpansion\System\Swat4XDedicatedServer.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate dedikovaný server"
"C:\tempo\GoalServer2009kp\GoalServer2009.exe"="C:\tempo\GoalServer2009kp\GoalServer2009.exe:*:Enabled:GoalServer2009"
"C:\tempo\GoalServer2009kp\stunnel\stunnel.exe"="C:\tempo\GoalServer2009kp\stunnel\stunnel.exe:*:Enabled:stunnel"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"D:\CAVEDOG\TOTALA\totala.exe"="D:\CAVEDOG\TOTALA\totala.exe:*:Enabled:Total Annihilation"
"C:\Documents and Settings\Michal\Plocha\utorrent.exe"="C:\Documents and Settings\Michal\Plocha\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Michal\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"D:\Hry\Star wars\Xfire\Xfire.exe"="D:\Hry\Star wars\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\Program Files\Metin2_CZ\metin2.bin"="C:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2"
"C:\Program Files\Garena\Garena.exe"="C:\Program Files\Garena\Garena.exe:*:Enabled:Garena"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Disabled:ICQ"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"
"D:\Hry\T3\Terminator3\T3.exe"="D:\Hry\T3\Terminator3\T3.exe:*:Enabled:T3"
"D:\Hry\Postal2\System\Postal2MP.exe"="D:\Hry\Postal2\System\Postal2MP.exe:*:Enabled:Postal2MP"
"C:\Alien Arena 2008\crx.exe"="C:\Alien Arena 2008\crx.exe:*:Enabled:crx"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Wolfenstein - Enemy Territory\ET.exe"="C:\Program Files\Wolfenstein - Enemy Territory\ET.exe:*:Disabled:ET"
"C:\Program Files\Valve\Half-Life 2\hl2.exe"="C:\Program Files\Valve\Half-Life 2\hl2.exe:*:Enabled:HL2_1"
"C:\Program Files\Valve\Half-Life 2 Episode One\hl2.exe"="C:\Program Files\Valve\Half-Life 2 Episode One\hl2.exe:*:Enabled:HL2_2"
"C:\Program Files\Valve\Half-Life 2 Episode Two\hl2.exe"="C:\Program Files\Valve\Half-Life 2 Episode Two\hl2.exe:*:Enabled:HL2_3"
"C:\Program Files\Project Snowblind\Snowblind.MP"="C:\Program Files\Project Snowblind\Snowblind.MP:*:Enabled:Project: Snowblind (PC)"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"D:\Hry\mECHWARIOR\MW4MERCS.ICD"="D:\Hry\mECHWARIOR\MW4MERCS.ICD:*:Disabled:MechWarrior IV"
"C:\Program Files\mektek.net\MTX\mtx.exe"="C:\Program Files\mektek.net\MTX\mtx.exe:*:Enabled:MTX"
"C:\Program Files\mektek.net\Mechwarrior Mercenaries - Mektek Mekpak\MW4Mercs.exe"="C:\Program Files\mektek.net\Mechwarrior Mercenaries - Mektek Mekpak\MW4Mercs.exe:*:Enabled:MechWarrior IV"
"D:\Hry\Area 51 cz\A51.exe"="D:\Hry\Area 51 cz\A51.exe:*:Enabled:A51"
"C:\Program Files\FlightGear\bin\Win32\fgfs.exe"="C:\Program Files\FlightGear\bin\Win32\fgfs.exe:*:Disabled:fgfs"
"D:\Hry\Starship\Starship Troopers\STGame.exe"="D:\Hry\Starship\Starship Troopers\STGame.exe:*:Enabled:Starship Troopers"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe:*:Enabled:Alien Swarm Dedicated Server"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"D:\Hry\Fifa\fifa07.exe"="D:\Hry\Fifa\fifa07.exe:*:Enabled:fifa07"
"C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe"="C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe:*:Enabled:Alien Swarm"
"D:\Hry\Dirt\DiRT.exe"="D:\Hry\Dirt\DiRT.exe:*:Disabled:DiRT Executable"
"D:\Hry\SWAT4\SWAT 4\Content\System\Swat4.exe"="D:\Hry\SWAT4\SWAT 4\Content\System\Swat4.exe:*:Disabled:SWAT 4"
"C:\Program Files\America's Army\System\ArmyOps.exe"="C:\Program Files\America's Army\System\ArmyOps.exe:*:Enabled:ArmyOps"
"D:\ISO HRY\Left 4 Dead\left4dead.exe"="D:\ISO HRY\Left 4 Dead\left4dead.exe:*:Enabled:left4dead"
"C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe:*:Enabled:Studio"
"C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe"="C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe:*:Enabled:umi"
"D:\Hry\Hidden\hd2.exe"="D:\Hry\Hidden\hd2.exe:*:Enabled:hd2"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe"="C:\Documents and Settings\All Users\Data aplikací\NexonEU\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*:Enabled:Combat Arms"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Nexon\Combat Arms EU\CombatArms.exe"="C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe"
"C:\Nexon\Combat Arms EU\Engine.exe"="C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe"

======List of files/folders created in the last 1 months======

2011-01-21 10:40:03 ----D---- C:\rsit
2011-01-21 10:40:03 ----D---- C:\Program Files\trend micro
2011-01-16 23:19:49 ----D---- C:\3D Online Snooker
2011-01-13 21:39:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
2011-01-13 19:56:28 ----D---- C:\Program Files\PC Connectivity Solution
2011-01-13 19:56:01 ----A---- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
2011-01-13 19:56:00 ----A---- C:\WINDOWS\system32\drivers\nmwcdnsu.sys
2011-01-13 19:55:59 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2011-01-13 19:55:57 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2011-01-13 19:55:56 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2011-01-13 19:55:51 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2011-01-13 19:55:51 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2011-01-13 19:55:51 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2011-01-13 19:55:51 ----A---- C:\WINDOWS\system32\ccdcmbwu.dll
2011-01-07 08:33:53 ----ASH---- C:\WINDOWS\system32\algv.exe

======List of files/folders modified in the last 1 months======

2011-01-21 10:40:14 ----D---- C:\WINDOWS\Prefetch
2011-01-21 10:40:03 ----D---- C:\Program Files
2011-01-21 10:34:33 ----D---- C:\Documents and Settings\Michal\Data aplikací\Skype
2011-01-21 10:30:29 ----SD---- C:\WINDOWS\Tasks
2011-01-21 09:50:46 ----D---- C:\WINDOWS\Temp
2011-01-21 09:49:35 ----D---- C:\WINDOWS
2011-01-21 09:49:17 ----D---- C:\Documents and Settings\Michal\Data aplikací\skypePM
2011-01-21 00:33:08 ----A---- C:\WINDOWS\NeroDigital.ini
2011-01-19 23:31:35 ----D---- C:\WINDOWS\system32
2011-01-19 23:31:34 ----D---- C:\WINDOWS\system32\drivers\umdf
2011-01-19 23:30:32 ----SHD---- C:\WINDOWS\Installer
2011-01-19 23:24:13 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-19 23:18:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-19 23:17:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-01-18 22:55:50 ----D---- C:\Documents and Settings\Michal\Data aplikací\ICQ
2011-01-18 19:04:31 ----D---- C:\Program Files\ICQ7.0
2011-01-18 00:15:15 ----D---- C:\Documents and Settings\Michal\Data aplikací\uTorrent
2011-01-15 21:54:25 ----D---- C:\Documents and Settings\Michal\Data aplikací\vlc
2011-01-14 23:00:51 ----D---- C:\WINDOWS\WinSxS
2011-01-14 10:08:43 ----D---- C:\Program Files\Spyware Terminator
2011-01-14 10:06:14 ----D---- C:\Documents and Settings\Michal\Data aplikací\Spyware Terminator
2011-01-13 22:04:28 ----D---- C:\WINDOWS\system32\drivers
2011-01-13 21:39:10 ----A---- C:\WINDOWS\WININIT.INI
2011-01-13 20:08:54 ----HD---- C:\WINDOWS\inf
2011-01-13 19:57:39 ----D---- C:\Program Files\Common Files\Nokia
2011-01-13 19:56:34 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-01-13 19:55:48 ----D---- C:\Program Files\Nokia
2011-01-13 19:40:27 ----A---- C:\WINDOWS\ModemLog_Motorola USB Modem.txt
2011-01-13 19:31:06 ----D---- C:\Documents and Settings\Michal\Data aplikací\PC Suite
2011-01-13 09:47:32 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-01-13 06:32:39 ----D---- C:\Program Files\Mozilla Firefox
2011-01-12 23:05:29 ----D---- C:\Documents and Settings\Michal\Data aplikací\Vso
2011-01-06 23:10:36 ----AC---- C:\WINDOWS\BlendSettings.ini
2011-01-06 21:28:42 ----D---- C:\Nexon
2011-01-06 13:34:15 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-12-24 18:49:53 ----A---- C:\WINDOWS\avisplitter.ini
2010-12-23 21:09:55 ----D---- C:\WINDOWS\Help
2010-12-23 21:09:55 ----D---- C:\Program Files\Microsoft ActiveSync

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 a347bus;a347bus; C:\WINDOWS\system32\DRIVERS\a347bus.sys [2004-04-30 160640]
R0 a347scsi;a347scsi; C:\WINDOWS\System32\Drivers\a347scsi.sys [2004-04-30 5248]
R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2006-06-28 105088]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2004-08-04 61056]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-08-09 114016]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-08-12 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-01-11 685816]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-08-09 53920]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-01-11 278984]
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2007-08-09 18048]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-10-12 1777152]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2004-06-08 3968]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-08-12 25280]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-08-15 4368896]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-07-11 57856]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-07-11 20480]
R3 PAC7311;Trust Webcam Live; C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2007-03-14 449024]
R3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2008-11-20 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2007-02-19 9856]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-17 14848]
S3 a3bricus;a3bricus; C:\WINDOWS\system32\drivers\a3bricus.sys []
S3 a983slgg;a983slgg; C:\WINDOWS\system32\drivers\a983slgg.sys []
S3 a9cdlwzq;a9cdlwzq; C:\WINDOWS\system32\drivers\a9cdlwzq.sys []
S3 amy32x8c;amy32x8c; C:\WINDOWS\system32\drivers\amy32x8c.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-17 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 Maplom;Maplom; C:\WINDOWS\system32\drivers\Maplom.sys [2007-03-30 32256]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2009-10-27 23936]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-17 61824]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2004-08-03 40320]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-07-26 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-07-26 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 se45bus;Sony Ericsson Device 069 driver (WDM); C:\WINDOWS\system32\DRIVERS\se45bus.sys [2006-11-30 61536]
S3 se45mdfl;Sony Ericsson Device 069 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se45mdfl.sys [2006-11-30 9360]
S3 se45mdm;Sony Ericsson Device 069 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se45mdm.sys [2006-11-30 97088]
S3 se45mgmt;Sony Ericsson Device 069 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se45mgmt.sys [2006-11-30 88624]
S3 se45nd5;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (NDIS); C:\WINDOWS\system32\DRIVERS\se45nd5.sys [2006-11-30 18704]
S3 se45obex;Sony Ericsson Device 069 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se45obex.sys [2006-11-30 86432]
S3 se45unic;Sony Ericsson Device 069 USB Ethernet Emulation SEMC45 (WDM); C:\WINDOWS\system32\DRIVERS\se45unic.sys [2006-11-30 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 usbscan;Usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2004-08-03 25600]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 usbsermptxp;Motorola USB Modem Driver for MPT XP; C:\WINDOWS\system32\DRIVERS\usbsermptxp.sys [2008-03-05 25600]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-10-12 430080]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-09-04 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-09-04 189392]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-01-10 540672]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2010-05-18 126976]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-10-11 520192]
S2 gupdate1c9ced9d4230fe4;Služba Google Update (gupdate1c9ced9d4230fe4); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-04-15 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-02-02 194032]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe -service -config C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 GoogleDesktopManager-110408-113106;Google Desktop Manager 5.8.811.4345; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-01-01 30192]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2009-05-06 2785582]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------
Dekuji za pomoc
P.S jeste byl spusten soubor algv.exe,ktery PC zpomaloval nejvic

Hezké poledne

Jak se Vám sama načítá?

Otestujte na www.virustotal.com
C:\WINDOWS\system32\algv.exe
-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
-pokud se Vás zeptá, dejte soubor otestovat znovu, tak aby to byl soubor z Vašeho počítače

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Jakmille se pripojim k netu,zacne samovolne pracovat(ovsem neni to pravidlo). Zacalo to po manipulkaci s pametovou kartou
Obcas se pak spusti algv.exe a PC ukazuje,ze mam nedostatek virtualni pameti.

Fajn, běžte do nouzového režimu a pracujte pouze v něm.
Ten soubor co jsem psala otestujte na virustotalu, bude to určitě vir

.
Po mbamu použijeme větší kalibr

Tak tohle je z virustotal http://www.virustotal.com/file-scan/rea ... 1295616410
a v priloze vysledek testu malware

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5564

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

21.1.2011 14:29:12
mbam-log-2011-01-21 (14-29-04).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 298827
Uplynulý čas: 50 minut, 20 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 9
Infikované hodnoty v registru: 6
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 4

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DAED9266-8C28-4C1C-8B58-5C66EFF1D302} (Search.Hijacker) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00 (Trojan.BHO) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\algv.exe (Trojan.Agent) -> Value: algv.exe -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Value: {9034A523-D068-4BE8-A284-9DF278BE776E} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Value: {9034A523-D068-4BE8-A284-9DF278BE776E} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Value: *.securewebinfo.com -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Value: *.safetyincludes.com -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Value: *.securemanaging.com -> No action taken.

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\WINDOWS\system32\algv.exe (Trojan.Agent) -> No action taken.
d:\Programy\Nero\Keygen.exe (Trojan.Agent) -> No action taken.
c:\documents and settings\Michal\oblíbené položky\online security test.url (Rogue.Link) -> No action taken.
c:\program files\icqtoolbar\toolbaru.dll (Trojan.BHO) -> No action taken.

Vše smažte

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

Bohuzel nemam moznost zalohovat data

Co ted?

A k cemu prosim presne slouzi konzole pro zotaveni a je opravdu nezbytne nutna?

Riskneme to?

většinou se nic nestává , nebojte, a kdyby se něco stalo, data z disku vždy dostaneme

budu Vam duverovat

Jeste jednou ted projizdim ten teast na Malware a nasledne to promazu
pak se vrhnu na ten Combofix. Tusite,jak dlouho to tak obvykle trva?
Juj a momentalne nejsem ve stavu nouze

Ve stavu nouze už být nemusíte.
Trvá tak kolem půl hodiny, já tu tak do 11-12 budu

.

Dekuji Vam za vse!!!

A co se tyce te konzole pro zotaveni,je to opravdu nezbytne nutne?

není

po odpolednim testu na malware jsem mel 19 infekci a ted uz 22!

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5564

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

21.1.2011 22:41:59
mbam-log-2011-01-21 (22-41-59).txt

Typ kontroly: Úplný test (C:\|D:\|)
Testované objekty: 298842
Uplynulý čas: 1 hodin, 5 minut, 29 sekund

Infikované procesy v paměti: 1
Infikované moduly v paměti: 0
Infikované klíče v registru: 9
Infikované hodnoty v registru: 7
Infikované datové položky v registru: 1
Infikované složky: 0
Infikované soubory: 4

Infikované procesy v paměti:
c:\WINDOWS\system32\algv.exe (Trojan.Agent) -> 1568 -> Unloaded process successfully.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DAED9266-8C28-4C1C-8B58-5C66EFF1D302} (Search.Hijacker) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055FD26D-3A88-4e15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{77D6DDFA-7834-4541-B2B3-A8B0FB0E3924} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ToolBand.XTTBPos00 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D} (Trojan.BHO) -> Quarantined and deleted successfully.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\algv.exe (Trojan.Agent) -> Value: algv.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\x.exe (Trojan.Agent) -> Value: x.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Value: {9034A523-D068-4BE8-A284-9DF278BE776E} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034A523-D068-4BE8-A284-9DF278BE776E} (Trojan.Zlob) -> Value: {9034A523-D068-4BE8-A284-9DF278BE776E} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Value: *.securewebinfo.com -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Value: *.safetyincludes.com -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Value: *.securemanaging.com -> Quarantined and deleted successfully.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Trojan.Agent) -> Bad: (algv.exe) Good: () -> Quarantined and deleted successfully.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\WINDOWS\system32\algv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
d:\Programy\Nero\Keygen.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\Michal\oblíbené položky\online security test.url (Rogue.Link) -> Quarantined and deleted successfully.
c:\program files\icqtoolbar\toolbaru.dll (Trojan.BHO) -> Quarantined and deleted successfully.
Vse smazano

Vložte zde log

VIRY.CZ

Zrejme zavirovane PC. Samovolne se nacita disketova jednotka

Zrejme zavirovane PC. Samovolne se nacita disketova jednotka

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn

Re: Zrejme zavirovane PC. Samovolne se nacita disketova jedn