VIRY.CZ

Zdravím,
v PC byly viry (4trojany a jiný adware....) "ostatní mi radí a já mažu (jen tak dál a jsem bez windows)
Prosím o radu s vyčištěním PC a tedy kontrolu.
V PC je stažený combofix a nainstalovaný MBAM.
Nejsem zdatný uživatel PC a tak případnou radu - postup vyvyvysvětlit.

logo:
Logfile of random's system information tool 1.09 (written by random/random)
Run by MojePC at 2011-08-03 20:56:10
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 101 GB (33%) free of 305 GB
Total RAM: 2039 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:56:17, on 3.8.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
C:\Documents and Settings\All Users\Data aplikací\Panda Security URL Filtering\Panda_URL_Filtering.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\MojePC\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\MojePC.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=ddr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - (no file)
R3 - URLSearchHook: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: (no name) - {ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
O3 - Toolbar: (no name) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - (no file)
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [DrvLsnr] C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [PSUNMain] "C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" /Traybar
O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\Documents and Settings\All Users\Data aplikací\Panda Security URL Filtering\Panda_URL_Filtering.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3708013187
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - (no file)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 7292 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
Panda Security Toolbar - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll [2011-06-24 86696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806}
{ecdee021-0d17-467f-a1ff-c7a115230949}
{DB4E9724-F518-4dfd-9C7C-78B52103CAB9}
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - Panda Security Toolbar - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll [2011-06-24 86696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-01-31 98304]
"DrvLsnr"=C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe [2002-05-28 69632]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-09-20 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-09-20 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-09-20 114688]
"PSUNMain"=C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe [2011-04-28 439616]
"Panda Security URL Filtering"=C:\Documents and Settings\All Users\Data aplikací\Panda Security URL Filtering\Panda_URL_Filtering.exe [2011-05-17 231592]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2010-08-20 33120]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Disabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Disabled:Microsoft Office OneNote"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Disabled:Microsoft Office Outlook"
"C:\WINDOWS\Network Diagnostic\xpnetdiag.exe"="C:\WINDOWS\Network Diagnostic\xpnetdiag.exe:*:Disabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Disabled:Konzola Microsoft Management Console"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=IR41_32.AX
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=iyvu9_32.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MIDI1"=SYNCOR11.DLL
"VIDC.FFDS"=ff_vfw.dll
"vidc.tscc"=tsccvid.dll
"vidc.xvid"=xvidvfw.dll

======List of files/folders created in the last 1 month======

2011-08-03 12:28:45 ----D---- C:\Program Files\trend micro
2011-08-03 12:28:44 ----D---- C:\rsit
2011-08-02 21:27:38 ----D---- C:\Program Files\Argente Software
2011-08-02 18:52:50 ----D---- C:\Documents and Settings\MojePC\Data aplikací\Panda Security
2011-08-02 18:52:26 ----D---- C:\Program Files\Toolbar Cleaner
2011-08-02 18:52:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Panda Security URL Filtering
2011-08-02 18:52:16 ----A---- C:\WINDOWS\system32\temp.txt
2011-08-02 18:52:06 ----D---- C:\Documents and Settings\MojePC\Data aplikací\pandasecuritytb
2011-08-02 18:51:59 ----A---- C:\WINDOWS\system32\PSUNCpl.dat
2011-08-02 18:51:40 ----D---- C:\Program Files\Panda Security
2011-08-02 18:51:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Panda Security
2011-08-02 17:14:18 ----D---- C:\WINDOWS\Config.Msi
2011-07-31 20:36:11 ----D---- C:\Program Files\Common Files\Java(2)
2011-07-31 20:35:40 ----D---- C:\Program Files\Java(2)
2011-07-31 13:32:55 ----D---- C:\Program Files\AVG
2011-07-29 15:00:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-07-29 13:41:56 ----D---- C:\Documents and Settings\MojePC\Data aplikací\Systenance
2011-07-29 13:41:25 ----D---- C:\Program Files\Index.dat Analyzer
2011-07-28 20:34:56 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-07-28 00:53:11 ----A---- C:\WINDOWS\system32\drivers\Cat.DB
2011-07-27 00:06:23 ----D---- C:\Documents and Settings\MojePC\Data aplikací\Malwarebytes
2011-07-27 00:06:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-07-27 00:06:17 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2011-07-27 00:06:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-07-27 00:06:14 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-07-13 21:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-07-13 20:55:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2555917$
2011-07-05 12:12:43 ----A---- C:\WINDOWS\system32\drivers\PSINAflt.sys

======List of files/folders modified in the last 1 month======

2011-08-03 20:53:31 ----SHD---- C:\WINDOWS\Installer
2011-08-03 20:09:56 ----D---- C:\WINDOWS\system32\drivers
2011-08-03 20:09:51 ----D---- C:\WINDOWS\Temp
2011-08-03 19:53:22 ----AD---- C:\WINDOWS\system32
2011-08-03 19:53:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-08-03 19:52:14 ----D---- C:\WINDOWS
2011-08-03 19:49:17 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-03 13:18:04 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-08-03 12:28:45 ----RD---- C:\Program Files
2011-08-03 11:17:07 ----D---- C:\WINDOWS\Prefetch
2011-08-02 22:02:00 ----D---- C:\WINDOWS\Debug
2011-08-02 18:52:02 ----D---- C:\WINDOWS\system32\config
2011-08-02 18:23:09 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-08-02 18:22:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2011-08-02 17:43:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVG10
2011-08-02 17:42:31 ----D---- C:\WINDOWS\system32\wbem
2011-08-02 17:42:31 ----D---- C:\WINDOWS\Registration
2011-08-02 17:16:35 ----D---- C:\Program Files\CentrumczToolbar
2011-08-02 17:14:33 ----AD---- C:\Program Files\Common Files
2011-08-02 17:14:32 ----D---- C:\Program Files\JDownloader
2011-08-02 17:14:18 ----D---- C:\Program Files\SystemRequirementsLab
2011-07-31 11:42:13 ----HD---- C:\WINDOWS\inf
2011-07-29 21:28:06 ----D---- C:\WINDOWS\Help
2011-07-29 20:29:47 ----D---- C:\WINDOWS\system32\NtmsData
2011-07-29 14:45:15 ----D---- C:\Documents and Settings\MojePC\Data aplikací\AVI ReComp
2011-07-29 00:36:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-07-28 20:52:22 ----SHD---- C:\System Volume Information
2011-07-28 20:35:27 ----D---- C:\WINDOWS\WinSxS
2011-07-28 01:29:49 ----RD---- C:\PC software + stažené programy
2011-07-27 13:44:15 ----D---- C:\Documents and Settings\MojePC\Data aplikací\HEXelon
2011-07-27 13:28:35 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-27 11:35:55 ----D---- C:\WINDOWS\ime
2011-07-13 20:57:06 ----A---- C:\WINDOWS\system32\MRT.exe
2011-07-13 18:28:47 ----HD---- C:\WINDOWS\$hf_mig$

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-05-22 436792]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 PSINKNC;PSINKNC; C:\WINDOWS\system32\DRIVERS\psinknc.sys [2011-04-28 129992]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 PSINAflt;PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [2011-07-05 143752]
R2 PSINFile;PSINFile; C:\WINDOWS\system32\DRIVERS\PSINFile.sys [2011-04-28 97096]
R2 PSINProc;PSINProc; C:\WINDOWS\system32\DRIVERS\PSINProc.sys [2011-04-28 111688]
R2 PSINProt;PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [2011-04-28 112456]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-03-13 100224]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-07-25 176640]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-03-19 542976]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys []
S3 aayth1zt;aayth1zt; C:\WINDOWS\system32\drivers\aayth1zt.sys []
S3 Blfp;Broadcom Advanced Server Program Driver; C:\WINDOWS\system32\DRIVERS\baspxp32.sys [2008-06-06 98816]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 cpudrv;cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2011-01-19 73728]
R2 NanoServiceMain;Panda Cloud Antivirus Service; C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-04-28 140608]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-11-09 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Toto vypadá OK. Dejte ještě log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Rudy píše:Toto vypadá OK. Dejte ještě log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Combofix mi zahlásil aktivní štít AVG, ale AVG by měl být odinstalovaný. Můžu spustit Combofix i tak?

Vypněte rezidentní štít AVG. Dříve bylo nutné AVG dočasně odinstalovat při použití CF, nyní stačí vypnout rez. štít.

Rudy píše:Vypněte rezidentní štít AVG. Dříve bylo nutné AVG dočasně odinstalovat při použití CF, nyní stačí vypnout rez. štít.

AVG je odinstalovaný a ve spuštěných procesech správce úloh neběží. PC varuje, že je štít zapnutý - asi špatná odinstalace a já nevim "kde" ho mám vypnout.
Antivir je tu panda a ten je deaktiv.

Pokud je odinstalován, hlášku ignorujte.

Rudy píše:Pokud je odinstalován, hlášku ignorujte.

Díky - log s combofix:
ComboFix 11-08-03.03 - MojePC 03.08.2011 22:56:18.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1455 [GMT 2:00]
Spuštěný z: c:\documents and settings\MojePC\Dokumenty\Stažené soubory\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\iun6002.exe
c:\windows\ST6UNST.000
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-03 do 2011-08-03 )))))))))))))))))))))))))))))))
.
.
2011-08-03 10:28 . 2011-08-03 18:56 -------- d-----w- c:\program files\trend micro
2011-08-03 10:28 . 2011-08-03 18:55 -------- d-----w- C:\rsit
2011-08-02 19:27 . 2011-08-02 19:27 -------- d-----w- c:\program files\Argente Software
2011-08-02 16:52 . 2011-08-02 16:52 -------- d-----w- c:\documents and settings\MojePC\Data aplikací\Panda Security
2011-08-02 16:52 . 2011-08-02 16:52 -------- d-----w- c:\program files\Toolbar Cleaner
2011-08-02 16:52 . 2011-08-02 17:45 -------- d-----w- c:\documents and settings\MojePC\Local Settings\Data aplikací\panda2_0dn
2011-08-02 16:52 . 2011-08-03 17:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Panda Security URL Filtering
2011-08-02 16:52 . 2011-08-03 08:55 -------- d-----w- c:\documents and settings\MojePC\Data aplikací\pandasecuritytb
2011-08-02 16:51 . 2011-08-02 16:52 -------- d-----w- c:\program files\Panda Security
2011-08-02 16:51 . 2011-08-02 16:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Panda Security
2011-08-02 15:42 . 2011-08-02 15:42 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-02 15:14 . 2011-08-02 16:51 -------- d-----w- c:\windows\Config.Msi
2011-07-31 18:36 . 2011-08-02 15:14 -------- d-----w- c:\program files\Common Files\Java(2)
2011-07-31 18:35 . 2011-08-02 15:14 -------- d-----w- c:\program files\Java(2)
2011-07-31 14:31 . 2011-07-31 14:31 -------- d-----w- c:\documents and settings\MojePC\Local Settings\Data aplikací\AVG Security Toolbar
2011-07-31 11:32 . 2011-07-31 11:32 -------- d-----w- c:\program files\AVG
2011-07-29 17:11 . 2011-07-29 17:11 -------- d-----w- c:\documents and settings\MojePC\Local Settings\Data aplikací\Help
2011-07-29 13:00 . 2011-08-03 18:52 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Microsoft Help
2011-07-29 11:41 . 2011-07-29 11:41 -------- d-----w- c:\documents and settings\MojePC\Data aplikací\Systenance
2011-07-29 11:41 . 2011-07-29 11:41 -------- d-----w- c:\program files\Index.dat Analyzer
2011-07-28 18:34 . 2011-07-29 20:58 -------- d---a-w- c:\documents and settings\All Users\Data aplikací\TEMP
2011-07-27 23:35 . 2011-07-27 23:35 -------- d-----w- c:\documents and settings\MojePC\Local Settings\Data aplikací\Eraser 6
2011-07-27 17:41 . 2011-07-27 17:41 -------- d-----w- c:\documents and settings\MojePC\Local Settings\Data aplikací\Mozilla
2011-07-26 22:06 . 2011-07-26 22:06 -------- d-----w- c:\documents and settings\MojePC\Data aplikací\Malwarebytes
2011-07-26 22:06 . 2011-07-26 22:06 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2011-07-26 22:06 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-26 22:06 . 2011-07-26 22:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-07-26 22:06 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-05 10:12 . 2011-07-05 10:12 143752 ----a-w- c:\windows\system32\drivers\PSINAflt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-06 11:35 . 2006-03-02 12:00 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-05-22 19:54 . 2011-05-22 19:54 436792 ----a-w- c:\windows\system32\drivers\sptd.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2011-06-24 17:37 86696 ----a-w- c:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2011-06-24 86696]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2010-08-20 33120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-01-31 98304]
"DrvLsnr"="c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe" [2002-05-28 69632]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-04-28 439616]
"Panda Security URL Filtering"="c:\documents and settings\All Users\Data aplikací\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2011-05-17 231592]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-11-5 110592]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [22.5.2011 21:54 436792]
R1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [28.4.2011 13:57 129992]
R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [28.4.2011 13:58 140608]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [5.7.2011 12:12 143752]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [28.4.2011 13:57 97096]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [28.4.2011 13:57 111688]
R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [28.4.2011 13:57 112456]
S1 VD_FileDisk;VD_FileDisk; [x]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [18.12.2009 12:58 11336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-01-19 14:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.facemoods.com/?a=ddr
TCP: DhcpNameServer = 86.63.218.1 82.150.165.116
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
Toolbar-10 - (no file)
Toolbar-{ecdee021-0d17-467f-a1ff-c7a115230949} - (no file)
Toolbar-{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - (no file)
WebBrowser-{ECDEE021-0D17-467F-A1FF-C7A115230949} - (no file)
AddRemove-Ball Master - c:\program files\GSA Software\Ball Master\DeIsL1.isu
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-03 23:00
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-08-03 23:03:00
ComboFix-quarantined-files.txt 2011-08-03 21:02
.
Před spuštěním: Volných bajtů: 105 300 176 896
Po spuštění: Volných bajtů: 105 464 668 160
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - BAABB4C3443AA505768716048DB974B1

Pár položek CF smazal, zbytek logu vypadá čistý.

Rudy píše:Pár položek CF smazal, zbytek logu vypadá čistý.

díky.
Jinak klobouk dolů, je za vámi hodně práce a tyto stránky www.viry.cz jsou perfektní.
Loučím se

Vy nemáte zač a my děkujeme za uznání!