VIRY.CZ

zdravim nejde aktualizace zadneho antiviru co naistaluji a ni online scanery jinak internet jede normalne a pocitac nevykazuje zadne problemy prozatim


Logfile of random's system information tool 1.09 (written by random/random)
Run by xxx at 2011-07-25 18:28:25
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 263 GB (90%) free of 293 GB
Total RAM: 3036 MB (66% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\ASUS SmartLogon Console Sensor.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-06-29 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}]
Browsing Protection Class - C:\Program Files\F-Secure\NRS\iescript\baselitmus.dll [2011-07-24 541352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-06-29 305328]
{265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files\F-Secure\NRS\iescript\baselitmus.dll [2011-07-24 541352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun"=C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2008-10-01 237568]
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-03-04 8392704]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2008-12-29 159744]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2009-02-07 1593344]
"ASUS Screen Saver Protector"=C:\Windows\AsScrPro.exe [2009-07-27 3054136]
"ASUS Camera ScreenSaver"=C:\Windows\AsScrProlog.exe [2009-07-27 47672]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-03-06 424352]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 172568]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"F-Secure Manager"=C:\Program Files\F-Secure\Common\FSM32.EXE [2011-07-24 201384]
"F-Secure TNB"=C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [2011-07-24 1655464]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-27 39408]
"SRS Premium Sound"=C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe [2009-03-20 3261688]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpmgma_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableStatusMessages"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"NoDriveAutoRun"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-07-25 18:28:25 ----D---- C:\rsit
2011-07-25 18:28:25 ----D---- C:\Program Files\trend micro
2011-07-24 18:37:07 ----D---- C:\Windows\temp
2011-07-24 18:30:02 ----SHD---- C:\$RECYCLE.BIN
2011-07-24 18:29:57 ----A---- C:\ComboFix.txt
2011-07-24 18:23:35 ----A---- C:\Windows\zip.exe
2011-07-24 18:23:35 ----A---- C:\Windows\SWSC.exe
2011-07-24 18:23:35 ----A---- C:\Windows\SWREG.exe
2011-07-24 18:23:35 ----A---- C:\Windows\sed.exe
2011-07-24 18:23:35 ----A---- C:\Windows\PEV.exe
2011-07-24 18:23:35 ----A---- C:\Windows\NIRCMD.exe
2011-07-24 18:23:35 ----A---- C:\Windows\MBR.exe
2011-07-24 18:23:35 ----A---- C:\Windows\grep.exe
2011-07-24 18:23:30 ----D---- C:\Windows\ERDNT
2011-07-24 18:23:05 ----D---- C:\Qoobox
2011-07-24 18:05:03 ----D---- C:\Users\xxx\AppData\Roaming\Malwarebytes
2011-07-24 18:04:58 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-07-24 18:04:57 ----D---- C:\ProgramData\Malwarebytes
2011-07-24 18:04:51 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-07-24 18:04:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-24 18:02:34 ----D---- C:\Program Files\ESET
2011-07-24 17:10:36 ----A---- C:\Windows\system32\drivers\fsbts.sys
2011-07-24 17:10:17 ----A---- C:\Windows\system32\drivers\fses.sys
2011-07-24 17:10:12 ----A---- C:\Windows\system32\msvcp50.dll
2011-07-24 17:10:12 ----A---- C:\Windows\system32\drivers\fsdfw.sys
2011-07-24 17:09:42 ----D---- C:\Program Files\F-Secure
2011-07-24 17:09:21 ----D---- C:\ProgramData\fssg
2011-07-24 16:48:14 ----D---- C:\ProgramData\f-secure
2011-07-20 19:42:13 ----A---- C:\Windows\system32\rpcnetp.dll
2011-07-20 19:41:53 ----A---- C:\Windows\system32\rpcnetp.exe
2011-07-20 19:05:37 ----A---- C:\Windows\system32\drivers\dw_wfp.sys
2011-07-20 19:05:37 ----A---- C:\Windows\system32\drivers\DrWebLwf.sys
2011-07-18 17:21:49 ----D---- C:\Program Files\Common Files\Doctor Web
2011-07-13 15:36:00 ----A---- C:\Windows\system32\win32k.sys
2011-07-13 15:35:59 ----A---- C:\Windows\system32\kernel32.dll
2011-07-13 15:35:58 ----A---- C:\Windows\system32\winsrv.dll
2011-07-13 15:35:58 ----A---- C:\Windows\system32\csrsrv.dll
2011-07-10 16:27:51 ----ASH---- C:\hiberfil.sys
2011-07-10 16:26:24 ----A---- C:\Windows\ntbtlog.txt
2011-07-07 18:39:25 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-07-06 20:07:08 ----D---- C:\Program Files\Common Files\TrustPort
2011-06-30 19:25:13 ----D---- C:\Users\xxx\AppData\Roaming\ESET
2011-06-30 10:40:36 ----D---- C:\Users\xxx\AppData\Roaming\GRETECH
2011-06-29 05:07:07 ----A---- C:\Windows\system32\schannel.dll
2011-06-27 14:27:52 ----A---- C:\Windows\avastSS.scr
2011-06-27 13:44:29 ----D---- C:\ProgramData\Trymedia
2011-06-27 10:37:03 ----D---- C:\temp
2011-06-26 15:40:11 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-06-26 15:40:10 ----A---- C:\Windows\system32\xinput1_3.dll
2011-06-26 15:40:10 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-06-26 15:40:10 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-06-26 15:40:10 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-06-26 15:40:10 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-06-26 15:40:10 ----A---- C:\Windows\system32\d3dx10.dll
2011-06-26 15:40:09 ----A---- C:\Windows\system32\xinput1_2.dll
2011-06-26 15:40:09 ----A---- C:\Windows\system32\xinput1_1.dll
2011-06-26 15:40:09 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-06-26 15:40:09 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-06-26 15:40:09 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-06-26 15:40:06 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-06-26 15:40:06 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-06-26 15:40:06 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-06-26 15:40:06 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-06-26 15:40:06 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-06-26 15:40:05 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-06-26 15:40:05 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-06-26 15:40:05 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-06-26 15:40:05 ----A---- C:\Windows\system32\d3dx9_24.dll

======List of files/folders modified in the last 1 month======

2011-07-25 18:28:25 ----RD---- C:\Program Files
2011-07-25 18:28:17 ----D---- C:\Users\xxx\AppData\Roaming\uTorrent
2011-07-25 03:40:33 ----D---- C:\Windows\Prefetch
2011-07-24 18:37:07 ----D---- C:\Windows
2011-07-24 18:28:42 ----A---- C:\Windows\system.ini
2011-07-24 18:28:36 ----D---- C:\Windows\system32\drivers\etc
2011-07-24 18:26:24 ----D---- C:\Windows\system32\drivers
2011-07-24 18:26:24 ----D---- C:\Windows\System32
2011-07-24 18:26:24 ----D---- C:\Windows\AppPatch
2011-07-24 18:26:23 ----D---- C:\Program Files\Common Files
2011-07-24 18:04:57 ----D---- C:\ProgramData
2011-07-24 18:02:36 ----SD---- C:\Windows\Downloaded Program Files
2011-07-24 17:50:03 ----D---- C:\Windows\inf
2011-07-24 17:50:03 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-24 17:09:39 ----SHD---- C:\Windows\Installer
2011-07-24 11:45:24 ----SD---- C:\ProgramData\Microsoft
2011-07-24 11:13:59 ----D---- C:\Windows\system32\Tasks
2011-07-22 18:12:54 ----D---- C:\Windows\system32\catroot
2011-07-22 17:27:24 ----D---- C:\Windows\system32\catroot2
2011-07-22 17:25:18 ----D---- C:\Windows\Tasks
2011-07-20 19:15:07 ----A---- C:\Windows\system32\agremove.exe
2011-07-19 12:08:58 ----D---- C:\Windows\system32\WDI
2011-07-18 13:43:00 ----D---- C:\Windows\system32\config
2011-07-13 17:50:57 ----D---- C:\Windows\winsxs
2011-07-13 17:34:06 ----D---- C:\Windows\Debug
2011-07-13 17:34:05 ----A---- C:\Windows\system32\mrt.exe
2011-07-10 16:36:21 ----D---- C:\ProgramData\MFAData
2011-07-07 19:29:33 ----SHD---- C:\System Volume Information
2011-07-07 19:09:02 ----D---- C:\Windows\system32\LogFiles
2011-07-07 18:39:29 ----RSD---- C:\Windows\assembly
2011-07-02 09:09:28 ----D---- C:\Users\xxx\AppData\Roaming\DAEMON Tools Lite
2011-07-02 09:07:16 ----D---- C:\Program Files\CCleaner
2011-06-29 17:27:48 ----D---- C:\Windows\SoftwareDistribution
2011-06-29 05:37:48 ----RSD---- C:\Windows\Fonts
2011-06-27 13:50:45 ----D---- C:\Program Files\Common Files\InstallShield
2011-06-27 13:50:31 ----HD---- C:\Program Files\InstallShield Installation Information
2011-06-27 06:21:58 ----D---- C:\Program Files\ASUS
2011-06-26 15:40:07 ----D---- C:\Windows\Microsoft.NET
2011-06-26 09:17:59 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DrWebLwf;Dr.Web Firewall Kernel-Mode Driver; C:\Windows\system32\drivers\DrWebLwf.sys [2011-07-21 165368]
R0 fsbts;fsbts; C:\Windows\system32\Drivers\fsbts.sys [2011-07-24 33408]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-02-11 329752]
R1 DrWebWfp;DrWebWfp; C:\Windows\system32\DRIVERS\DW_WFP.sys [2011-07-21 53752]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-22 218688]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2011-06-03 33656]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files\F-Secure\HIPS\drivers\fshs.sys [2011-07-24 72520]
R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys [2011-07-24 37832]
R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys [2011-07-24 72840]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys [2011-07-24 14504]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2011-06-03 162912]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-09-05 1183744]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-03-13 140800]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys [2011-07-24 102568]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2009-08-05 48640]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2008-12-24 14392]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\Windows\system32\drivers\srs_PremiumSound_i386.sys [2009-01-14 230952]
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S3 catchme;catchme; \??\C:\Users\xxx\AppData\Local\Temp\catchme.sys []
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 131000]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2011-07-24 41896]
S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2011-07-24 27304]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2008-08-14 100920]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [2011-07-24 221864]
R2 FSMA;F-Secure Management Agent; C:\Program Files\F-Secure\Common\FSMA32.EXE [2011-07-24 189096]
R3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [2011-07-24 529064]
R3 FSORSPClient;F-Secure ORSP Client; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [2011-07-24 58024]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 DrWebAVService;Dr.Web Control Service; C:\Program Files\DrWeb\dwservice.exe --loglevel=inf --logfile=C:\ProgramData\Doctor Web\Logs\dwservice.log []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-21 135664]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-06-21 182768]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Také zdravím!
Včera jste dělal sken ComboFix. Dejte z něj log, který najdete v C:\combofix.txt. Log RSIT, který dáte bezprostředně po skenu CF bude vždy čistý, CF zničí všechny stopy havěti, pokud tam nějaká byla.

ComboFix 11-07-24.01 - xxx 24.07.2011 18:24:22.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3036.1853 [GMT 2:00]
Spuštěný z: c:\users\xxx\Desktop\ComboFix.exe
AV: F-Secure Internet Security 2011 10.51 *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: F-Secure Internet Security 2011 10.51 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: F-Secure Internet Security 2011 10.51 *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\xxx\AppData\Roaming\chrtmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-24 do 2011-07-24 )))))))))))))))))))))))))))))))
.
.
2011-07-24 16:28 . 2011-07-24 16:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-24 16:23 . 2011-07-24 16:23 -------- d-----w- C:\32788R22FWJFW
2011-07-24 16:05 . 2011-07-24 16:05 -------- d-----w- c:\users\xxx\AppData\Roaming\Malwarebytes
2011-07-24 16:04 . 2011-07-06 17:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-24 16:04 . 2011-07-24 16:04 -------- d-----w- c:\programdata\Malwarebytes
2011-07-24 16:04 . 2011-07-06 17:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-24 16:04 . 2011-07-24 16:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-24 16:02 . 2011-07-24 16:02 -------- d-----w- c:\program files\ESET
2011-07-24 15:10 . 2011-07-24 15:10 33408 ----a-w- c:\windows\system32\drivers\fsbts.sys
2011-07-24 15:10 . 2011-07-24 15:09 37832 ----a-w- c:\windows\system32\drivers\fses.sys
2011-07-24 15:10 . 2011-07-24 15:09 72840 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2011-07-24 15:10 . 2011-07-24 15:09 574632 ----a-w- c:\windows\system32\msvcp50.dll
2011-07-24 15:09 . 2011-07-24 15:11 -------- d-----w- c:\program files\F-Secure
2011-07-24 15:09 . 2011-07-24 15:09 -------- d-----w- c:\programdata\fssg
2011-07-24 14:48 . 2011-07-24 15:10 -------- d-----w- c:\programdata\f-secure
2011-07-23 05:22 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0DA7BE7D-1E67-42C3-B31D-141ECC1E2DE0}\mpengine.dll
2011-07-20 17:42 . 2011-07-24 15:18 17408 ----a-w- c:\windows\system32\rpcnetp.dll
2011-07-20 17:41 . 2011-07-24 15:18 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2011-07-20 17:05 . 2011-07-21 15:42 53752 ----a-w- c:\windows\system32\drivers\dw_wfp.sys
2011-07-20 17:05 . 2011-07-21 15:42 165368 ----a-w- c:\windows\system32\drivers\DrWebLwf.sys
2011-07-18 15:21 . 2011-07-18 15:21 -------- d-----w- c:\program files\Common Files\Doctor Web
2011-07-18 15:20 . 2011-07-18 15:20 -------- d-----w- c:\users\xxx\AppData\Local\Downloaded Installations
2011-07-13 13:36 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys
2011-07-13 13:35 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll
2011-07-13 13:35 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-07-07 17:47 . 2011-07-24 16:22 -------- d-----w- c:\users\xxx\AppData\Local\CrashDumps
2011-07-07 16:39 . 2011-07-07 17:21 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-07-06 18:07 . 2011-07-24 09:46 -------- d-----w- c:\program files\Common Files\TrustPort
2011-06-30 17:25 . 2011-06-30 17:25 -------- d-----w- c:\users\xxx\AppData\Local\ESET
2011-06-30 08:40 . 2011-06-30 08:40 -------- d-----w- c:\users\xxx\AppData\Roaming\GRETECH
2011-06-29 03:07 . 2011-04-29 15:59 276992 ----a-w- c:\windows\system32\schannel.dll
2011-06-27 12:27 . 2011-07-04 11:43 40112 ----a-w- c:\windows\avastSS.scr
2011-06-27 11:44 . 2011-06-27 11:44 -------- d-----w- c:\programdata\Trymedia
2011-06-27 08:37 . 2011-06-27 08:37 -------- d-----w- C:\temp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-20 17:15 . 2011-06-21 10:24 44544 ----a-w- c:\windows\system32\agremove.exe
2011-06-23 12:41 . 2009-07-27 17:00 45056 ----a-w- c:\windows\system32\acovcnt.exe
2011-06-22 18:02 . 2011-06-22 18:02 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-06-22 18:02 . 2011-06-22 18:02 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-06-22 11:28 . 2011-06-22 11:28 161792 ----a-w- c:\windows\system32\msls31.dll
2011-06-22 11:28 . 2011-06-22 11:28 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-06-22 11:28 . 2011-06-22 11:28 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-06-22 11:28 . 2011-06-22 11:28 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-06-22 11:28 . 2011-06-22 11:28 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-06-22 11:28 . 2011-06-22 11:28 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-06-22 11:28 . 2011-06-22 11:28 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-06-22 11:28 . 2011-06-22 11:28 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-06-22 11:28 . 2011-06-22 11:28 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-06-22 11:28 . 2011-06-22 11:28 367104 ----a-w- c:\windows\system32\html.iec
2011-06-22 11:28 . 2011-06-22 11:28 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-06-22 11:28 . 2011-06-22 11:28 152064 ----a-w- c:\windows\system32\wextract.exe
2011-06-22 11:28 . 2011-06-22 11:28 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-06-22 11:28 . 2011-06-22 11:28 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-22 11:28 . 2011-06-22 11:28 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-06-22 11:28 . 2011-06-22 11:28 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-22 11:28 . 2011-06-22 11:28 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-06-22 11:28 . 2011-06-22 11:28 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-06-22 11:28 . 2011-06-22 11:28 11776 ----a-w- c:\windows\system32\mshta.exe
2011-06-22 11:28 . 2011-06-22 11:28 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-06-22 11:28 . 2011-06-22 11:28 101888 ----a-w- c:\windows\system32\admparse.dll
2011-06-22 11:28 . 2011-06-22 11:28 98816 ----a-w- c:\windows\system32\mfps.dll
2011-06-22 11:28 . 2011-06-22 11:28 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-06-22 11:28 . 2011-06-22 11:28 586240 ----a-w- c:\windows\system32\stobject.dll
2011-06-22 11:28 . 2011-06-22 11:28 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-06-22 11:28 . 2011-06-22 11:28 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-06-22 11:28 . 2011-06-22 11:28 2873344 ----a-w- c:\windows\system32\mf.dll
2011-06-22 11:28 . 2011-06-22 11:28 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-06-22 11:28 . 2011-06-22 11:28 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-06-22 11:28 . 2011-06-22 11:28 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-06-22 11:28 . 2011-06-22 11:28 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-06-22 11:28 . 2011-06-22 11:28 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-06-22 11:28 . 2011-06-22 11:28 37376 ----a-w- c:\windows\system32\cdd.dll
2011-06-22 11:28 . 2011-06-22 11:28 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-06-22 11:28 . 2011-06-22 11:28 258048 ----a-w- c:\windows\system32\winspool.drv
2011-06-22 11:28 . 2011-06-22 11:28 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-06-22 11:28 . 2011-06-22 11:28 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2011-06-22 11:28 . 2011-06-22 11:28 519680 ----a-w- c:\windows\system32\d3d11.dll
2011-06-22 11:28 . 2011-06-22 11:28 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\dxgkrnl.sys.mui
2011-06-22 11:28 . 2011-06-22 11:28 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2011-06-22 11:28 . 2011-06-22 11:28 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2011-06-22 11:28 . 2011-06-22 11:28 252928 ----a-w- c:\windows\system32\dxdiag.exe
2011-06-22 11:28 . 2011-06-22 11:28 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2011-06-22 11:28 . 2011-06-22 11:28 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2011-06-21 06:50 . 2011-06-21 06:50 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-03 14:01 . 2011-06-03 14:01 33656 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2011-06-03 14:00 . 2010-12-21 13:04 162912 ----a-w- c:\windows\system32\drivers\eamonm.sys
2011-05-24 17:14 . 2011-06-21 17:17 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-05-02 17:16 . 2011-06-21 17:28 739328 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 13:25 . 2011-06-21 10:44 146432 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 13:25 . 2011-06-21 10:44 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-29 13:24 . 2011-06-21 10:44 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-29 13:24 . 2011-06-21 10:44 79872 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-29 13:24 . 2011-06-21 10:44 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-27 39408]
"SRS Premium Sound"="c:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-03-20 3261688]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun"="c:\program files\AmIcoSingLun\AmIcoSinglun.exe" [2008-09-30 237568]
"HControlUser"="c:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2008-08-18 98304]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2009-03-04 8392704]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-12-29 159744]
"Wireless Console 3"="c:\program files\ASUS\Wireless Console 3\wcourier.exe" [2009-02-06 1593344]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-07-27 3054136]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2009-07-27 47672]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-03-06 424352]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2011-07-24 201384]
"F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2011-07-24 1655464]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0tpnative
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 DrWebAVService;Dr.Web Control Service;c:\program files\DrWeb\dwservice.exe [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-21 135664]
R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2011-07-24 41896]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2011-07-24 27304]
S0 DrWebLwf;Dr.Web Firewall Kernel-Mode Driver;c:\windows\system32\drivers\DrWebLwf.sys [2011-07-21 165368]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2011-07-24 33408]
S1 DrWebWfp;DrWebWfp;c:\windows\system32\DRIVERS\DW_WFP.sys [2011-07-21 53752]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-06-22 218688]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-06-03 33656]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\F-Secure\HIPS\drivers\fshs.sys [2011-07-24 72520]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2011-07-24 37832]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2011-07-24 72840]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\F-Secure\Anti-Virus\minifilter\fsvista.sys [2011-07-24 14504]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-06-03 162912]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-03-13 140800]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\F-Secure\Anti-Virus\minifilter\fsgk.sys [2011-07-24 102568]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files\F-Secure\ORSP Client\fsorsp.exe [2011-07-24 58024]
S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\srs_PremiumSound_i386.sys [2009-01-14 230952]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-18 c:\windows\Tasks\ASUS SmartLogon Console Sensor.job
- c:\program files\ASUS\SmartLogon\sensorsrv.exe [2008-12-09 22:00]
.
2011-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-21 06:50]
.
2011-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-21 06:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
LSP: c:\program files\F-Secure\FSPS\program\FSLSP.DLL
TCP: Interfaces\{2AB2B1E8-3755-4CF2-B1C3-CA23498F81B2}: NameServer = 195.146.100.100,195.146.100.5
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-24 18:28
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-07-24 18:29:57
ComboFix-quarantined-files.txt 2011-07-24 16:29
.
Před spuštěním: Volných bajtů: 277 284 020 224
Po spuštění: Volných bajtů: 277 409 693 696
.
- - End Of File - - 001243FF46AA9BCDD3A9406AB8511F40

Ještě dočistíme. Otevřte poznámkový blok a zklopírujte do něj:

Collect::
c:\windows\system32\acovcnt.exe

Uložte na plochu jako CFScript.txt. pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.