VIRY.CZ

Dobrý den čo mám robiť ked na externom disku mi nejde otvoriť ani jeden priečinok. Vyzeraju byť ako odkaz a stále ked chcem otvoriť priečinok tak mi stále vypíše že systém windows nemože nájsť J:\RECYCLER\0xA25D5DBD .... a neviem čo s tým a mám tam niektoré důležité súbory. Nedá sa to nejako odstrániř bez toho aby sa mi zmazali všetky potrebné súbory ?

Zdravim a pekny vecer preji

Zapojte do PC vsechny USB klice (flashky, ext. disky apod.)

Stahne a ulozte na plochu UsbFix http://forum.viry.cz/viewtopic.php?f=24&t=102308
Spustte a kliknete na Deletion
Po dokonceni sem vlozte log, pokud na Vas nevyskoci, najdete jej zde C:\UsbFix.txt

############################## | UsbFix 7.059 | [Deletion]

User: Dominik (Administrator) # DOMINIK-69843A4 [ ]
Updated 16/09/2011 by El Desaparecido
Started at 21:02:38 | 15/02/2012
Website: http://eldesaparecido.com
Submit your sample: http://eldesaparecido.com/support.php
Contact: contact@eldesaparecido.com

CPU: AMD Sempron(tm) Processor 3100+
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702

Windows Firewall: Enabled
Antivirus: Avira Desktop 12.1.0.18 [Enabled | Updated]
RAM -> 511 Mb
C:\ (%systemdrive%) -> Fixed drive # 20 Gb (4 Mb free - 22%) [] # NTFS
D:\ -> Fixed drive # 55 Gb (784 Mb free - 1%) [] # NTFS
E:\ -> CD-ROM
F:\ -> CD-ROM
G:\ -> CD-ROM
J:\ -> Removable drive # 15 Gb (11 Mb free - 72%) [] # NTFS

################## | Files # Infected Folders |

Deleted ! J:\SOČ Dominik Hamza.lnk
Deleted ! J:\vyuctovanie.lnk
Deleted ! C:\WINDOWS\system32\autorun.exe
Deleted ! C:\Recycler\S-1-5-21-1482476501-926492609-1177238915-1003
Deleted ! D:\Recycler\S-1-5-21-1482476501-926492609-1177238915-1003

(!) Temporary files deleted.

################## | Registry |

Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Adobe Reader Speed Launcher

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{15c53843-f03e-11e0-aca0-806d6172696f}

################## | Listing |

[06/10/2011 - 17:01:58 | N | 1024] C:\.rnd
[06/10/2011 - 16:22:59 | N | 0] C:\AUTOEXEC.BAT
[06/10/2011 - 16:17:30 | N | 211] C:\boot.ini
[25/10/2001 - 17:00:00 | N | 4952] C:\Bootfont.bin
[07/11/2011 - 17:54:51 | D ] C:\CAAD3_0
[27/04/2008 - 14:08:08 | N | 68] C:\clean.cmd
[15/02/2012 - 18:22:27 | D ] C:\Config.Msi
[06/10/2011 - 16:22:59 | N | 0] C:\CONFIG.SYS
[06/10/2011 - 18:09:51 | D ] C:\Data
[06/10/2011 - 16:27:21 | D ] C:\Documents and Settings
[15/02/2012 - 20:58:01 | ASH | 536387584] C:\hiberfil.sys
[06/10/2011 - 16:22:59 | N | 0] C:\IO.SYS
[06/10/2011 - 16:22:59 | N | 0] C:\MSDOS.SYS
[07/10/2011 - 22:12:01 | RHD ] C:\MSOCache
[13/04/2008 - 23:13:04 | N | 47564] C:\NTDETECT.COM
[14/04/2008 - 01:01:48 | N | 250576] C:\ntldr
[15/02/2012 - 20:58:00 | ASH | 805306368] C:\pagefile.sys
[15/02/2012 - 20:57:59 | D ] C:\Program Files
[15/02/2012 - 21:06:12 | SHD ] C:\RECYCLER
[13/02/2012 - 11:51:42 | SHD ] C:\System Volume Information
[15/02/2012 - 21:06:12 | D ] C:\UsbFix
[15/02/2012 - 21:08:10 | A | 1268] C:\UsbFix.txt
[15/02/2012 - 18:03:08 | D ] C:\WINDOWS
[04/12/2011 - 19:45:02 | N | 8150169] D:\02-sergey_nevone_and_simon_oshine-last_goodbye__orchestral_mix.mp3
[04/12/2011 - 18:53:34 | N | 19019763] D:\02. Simon O'shine - Miss You (Original Mix).mp3
[26/12/2011 - 15:10:50 | N | 78144] D:\1305409508_timetostudyanatomy_796836.jpeg
[10/01/2012 - 22:27:16 | D ] D:\2012gift
[02/01/2012 - 12:44:54 | D ] D:\3 Way aktivní reproduktor eng_files
[08/12/2011 - 19:31:32 | N | 321002] D:\328790_270151153036315_221977627853668_827463_1711959961_o.jpg
[28/01/2012 - 17:51:47 | N | 150278] D:\339188_10150564531897436_90039127435_8978593_1205390734_o.jpg
[15/12/2011 - 20:10:06 | N | 21465] D:\378079_10150464070308470_135958493469_8630823_537320534_n.jpg
[15/12/2011 - 20:14:35 | N | 26606] D:\381192_325373660825624_120184074677918_1198417_1724499882_n.jpg
[10/01/2012 - 22:26:42 | N | 50020] D:\383670_10151129012465062_116512860061_21902329_1307658581_n.jpg
[17/01/2012 - 18:37:16 | N | 30033] D:\383911_351275324885091_205816119431013_1411035_1190942912_n.jpg
[28/11/2011 - 20:39:26 | N | 29436] D:\383959_317803394898951_205816119431013_1312121_598458416_n.jpg
[28/11/2011 - 20:39:54 | N | 38146] D:\384666_318369591508998_205816119431013_1313581_253883093_n.jpg
[28/12/2011 - 12:45:08 | N | 133299] D:\386293_10150443148316761_89550521760_8871183_48417134_n.jpg
[07/02/2012 - 18:05:31 | N | 71782] D:\420651_291593737562469_135064079882103_709297_1657590667_n.jpg
[06/02/2012 - 21:08:28 | N | 84478] D:\430223_10151237030885062_116512860061_22240683_1240933317_n.jpg
[23/01/2012 - 17:40:14 | N | 15540755] D:\Afrojack & Shermanol.mp3
[02/01/2012 - 12:51:28 | N | 2482] D:\AlbumArtSmall.jpg
[02/01/2012 - 12:51:28 | N | 8617] D:\AlbumArt_{286E1F5F-5528-46B9-9C9C-7480D4E923E5}_Large.jpg
[02/01/2012 - 12:51:28 | N | 2482] D:\AlbumArt_{286E1F5F-5528-46B9-9C9C-7480D4E923E5}_Small.jpg
[16/10/2011 - 18:25:55 | N | 9361] D:\AlbumArt_{F74CA1BD-995C-48CE-BC1A-C3FBF5513A94}_Large.jpg
[16/10/2011 - 18:25:55 | N | 2532] D:\AlbumArt_{F74CA1BD-995C-48CE-BC1A-C3FBF5513A94}_Small.jpg
[09/01/2012 - 21:38:39 | N | 14213194] D:\Alesso - Nillionaire (Original Mix).mp3
[28/01/2012 - 18:36:04 | N | 13903894] D:\Alex Niko - Music Is My Drug (Incognet Remix) (ResidentDJ.org).mp3
[27/01/2012 - 12:54:18 | N | 9181518] D:\Alexandra Burke feat. Erick Morillo - Elephant (Radio Edit).mp3
[17/01/2012 - 18:37:54 | D ] D:\Alexandra Damiani feat J Be - The Beat Of My Heart (2011)
[28/01/2012 - 18:36:12 | N | 7604799] D:\AlexUnder+Base+ft.+Soel+-+Set+Me+Free+[+Radio+Edit+].mp3
[15/01/2012 - 18:10:12 | D ] D:\Annia- House Noise Sensation Vol.19
[04/02/2012 - 22:43:15 | N | 50188121] D:\Annia- House Noise Sensation Vol.20.mp3
[29/11/2011 - 16:55:22 | N | 19829703] D:\Arty - Around The World (Original Mix).mp3
[29/11/2011 - 16:55:04 | N | 8650464] D:\Arty - Around The World (Radio Edit).mp3
[29/11/2011 - 16:55:40 | N | 15311978] D:\Arty - Kate (Original Mix).mp3
[18/01/2012 - 21:13:23 | N | 8573474] D:\ATB feat. Sean Ryan - All I Need Is You[By Adida Electrotrack.pl].mp3
[31/12/2011 - 18:23:37 | N | 3451272] D:\Avicii & Alesso - The Rules Has Changed (Original Mix).mp3
[11/01/2012 - 20:18:24 | N | 13811375] D:\Avicii & NERVO - You're Gonna Love Again (Extended Mix) www.dumbassdeejays.blogspot.com.mp3
[27/11/2011 - 22:29:39 | N | 14509529] D:\Avicii - Fuck School (feat. Nicky Romero).MP3
[09/12/2011 - 20:59:00 | N | 11353740] D:\Avicii - Levels (Skrillex Remix).mp3
[13/02/2012 - 20:20:49 | N | 4673114] D:\Bingo_Players_featuring_Heather_Bright_-_Don't_Blame_The_Party_(Mode)[_www.Brainshutdown.com_].mp3
[12/02/2012 - 20:03:04 | N | 12471339] D:\Chuckie - Who Is Ready To Jump (Dada Life Remix) (ResidentDJ.org).mp3
[12/02/2012 - 20:06:46 | N | 9014981] D:\Chuckie_-_Who_is_Ready_to_Jump_(Radio_Edit).mp3
[14/12/2011 - 15:44:24 | N | 14282964] D:\Coldplay - The Scientist (Dimitri Vangelis & Wyman need Howie's thin mint cookies Mix).mp3
[05/12/2011 - 21:21:40 | N | 14035068] D:\Dada Life - Kick Out The Epic Motherfucker (Original Mix).mp3
[11/12/2011 - 15:24:47 | D ] D:\Dada Life @ Queen Club Paris, France – 11-12-2011
[28/01/2012 - 18:52:41 | N | 7859546] D:\Dash Berlin feat. Jonathan Mendelsohn - World Falls Apart (Radio Mix) [formp3life.ru].mp3
[28/01/2012 - 18:54:03 | N | 17039578] D:\David+Guetta+Ft.+Usher+-+Without+You+(Armin+van+Buuren+Remix).mp3
[19/12/2011 - 21:20:07 | N | 11473974] D:\Deep Ocean ft. Synteticsax - Moonlight (Radio Mix).mp3
[16/10/2011 - 18:25:55 | SH | 318] D:\desktop.ini
[23/01/2012 - 17:33:24 | N | 13002161] D:\Dirty South & Thomas.mp3
[31/01/2012 - 18:45:44 | N | 250534266] D:\dj ekg live @ europa giraltovce 28012012.mp3
[15/12/2011 - 20:39:13 | N | 6935327] D:\DJ Fresh - Hot Right Now (Ft. Rita Ora) (Zomboy Remix).mp3
[19/12/2011 - 22:46:52 | N | 7423032] D:\Dj Fresh Ft Rita Ora - Hot Right Now.mp3
[06/02/2012 - 12:37:58 | D ] D:\Dominik
[06/02/2012 - 12:20:28 | D ] D:\Downloads
[29/11/2011 - 19:00:08 | N | 10462157] D:\Dynasty Noise (Kaskade Mash Up) - 6A.mp3
[19/01/2012 - 20:15:35 | N | 14429013] D:\Dyro - Magno (Original Mix) www.top10music.pl.mp3
[17/01/2012 - 19:57:50 | D ] D:\Faktura k telefonu Sony ericsson Xperia X8
[02/01/2012 - 12:51:28 | N | 8617] D:\Folder.jpg
[20/12/2011 - 21:27:51 | D ] D:\Gareth Emery & Ben Gold - Flash (Original Mix)
[06/02/2012 - 10:30:14 | N | 9617721] D:\Gareth Emery feat Christina Novelli - Concrete Angel (Inspiron).mp3
[29/12/2011 - 13:24:43 | N | 16235136] D:\George Acosta feat Emma Lock - Never Fear Joey Shine Remix).mp3
[02/01/2012 - 12:52:26 | N | 6991895] D:\George Acosta feat. Emma Lock - Never Fear (Album Version) [guikmusic.com].mp3
[13/02/2012 - 20:16:42 | N | 12499800] D:\GOTYE - Somebody I Used To Know (It's The DJ Kue Remix!) - No Rap.mp3
[15/02/2012 - 17:57:59 | D ] D:\Hudba
[23/01/2012 - 17:27:46 | N | 10954968] D:\Ian Carey & Rosette .mp3
[09/01/2012 - 21:53:39 | N | 9552352] D:\INNA - Ai se eu te pego (Remix by Play&Win).mp3
[17/12/2011 - 14:48:52 | N | 3220793] D:\Inna - Amazing (House Vocal Remix).mp3
[17/01/2012 - 18:33:31 | N | 17552196] D:\Ivan Gough & Feenixpawl feat. Georgi Kay - In My Mind (Original Mix) justhqmusic.net.mp3
[29/01/2012 - 19:55:05 | N | 17160043] D:\James+Blunt+-+Dangerous+(Deniz+Koyu+&+Johan+Wedel+Remix).mp3
[28/11/2011 - 17:44:14 | N | 13057044] D:\Javi Reina, Alex Guerrero,Syntheticsax - Oig 2011 (DJ V1t & Fast Food Remix) www.eNutka.net.mp3
[28/12/2011 - 20:03:39 | N | 12134443] D:\Jean Elan & CJ Stone - Freak Out (Original Mix).mp3
[04/01/2012 - 14:04:24 | N | 9123544] D:\Joe Garston - The Promise (Original Mix).mp3
[08/12/2011 - 20:40:14 | N | 5259487] D:\Kaskade - Turn It Down (Le Castle Vania Remix) - ThisWeeksBeats.com.mp3
[16/01/2012 - 20:41:36 | N | 17331985] D:\Kaskade feat. Mindy Gledhill - Eyes (Swanky Tunes Remix) HouseMusic365.com.mp3
[08/12/2011 - 19:36:42 | N | 85445] D:\Kaskade-Turn-It-Down-Remixes.jpg
[24/01/2012 - 20:59:49 | N | 24225] D:\Kačičky do kupaľa.jpg
[28/12/2011 - 19:50:22 | N | 14124459] D:\Kelly Clarkson - Stronger (Nicky Romero Remix).mp3
[14/01/2012 - 23:56:27 | N | 10401367] D:\Kid Cudi - Pursuit of Happiness Steve Aoki Remix.mp3
[25/12/2011 - 14:25:58 | N | 8690589] D:\Labrinth Ft. Tinie Tempah - Earthquake.mp3
[29/12/2011 - 15:30:16 | N | 11527022] D:\LMFAO - Sexy And I Know It (DJ Nejtrino & DJ Stranger Remix).mp3
[04/02/2012 - 00:52:03 | N | 20468383] D:\LTN - Inside 11B (Myon & Shane 54 Summer Of Love Remix) (CahulHouseMafia.Net).mp3
[11/12/2011 - 19:37:53 | N | 136155] D:\Lucia.jpg
[03/02/2012 - 23:29:16 | N | 15326972] D:\Maison & Dragen - Rio De Janeiro (Original Mix) - www.electronicfresh.com.mp3
[31/01/2012 - 21:29:57 | N | 16881958] D:\Markus Schulz & Jochen Miller - Rotunda (Original Mix) (BacauHouseMafia.Ro).mp3
[29/11/2011 - 19:43:58 | N | 10171416] D:\Martire pres. X&Y - New Beginnings (Solid Stone Remix).mp3
[05/02/2012 - 21:43:50 | N | 18288276] D:\Matisse & Sadko - Inspire (Instrumental Mix) [Zouk Recordings] [daftsound.pl].mp3
[14/01/2012 - 23:01:03 | N | 12602513] D:\Michael Woods vs Afrojack - Polkadot Oyster (Ben Nicky Mashup) CD-R.mp3
[17/01/2012 - 22:03:31 | N | 10231640] D:\Michel Telo - Ai Se Eu Te Pego (Marco Corona Re-Edit Bootleg).mp3
[29/01/2012 - 17:47:37 | N | 6591352] D:\Michel+Telo+-+Ai+Se+Eu+Te+Pego.mp3
[09/12/2011 - 20:57:14 | N | 16579413] D:\Mikael Weermets feat. Max C & Audible - Let It Go (Jerry Rekonius Remix) (BacauHouseMafia.Ro).mp3
[03/02/2012 - 23:17:53 | N | 8031137] D:\Myon & Shane 54 vs. Václav Neckář - Půlnoční (SHato & Paul Rockseek Edit).mp3
[04/02/2012 - 22:24:09 | N | 64] D:\Na stiahnutie.txt
[16/01/2012 - 19:55:31 | N | 12687301] D:\Neon Hitch - Fuck U Betta (Chuckie Club Remix).mp3
[05/01/2012 - 14:17:15 | D ] D:\Nicky Romero @ Glow, Washington D.C – 30-12-2011
[10/01/2012 - 22:27:15 | D ] D:\Nikey_Rush_feat_Syntheticsax_-_Happiness_Is_Real-(BRD048)-WEB-2011-ZzZz
[22/01/2012 - 22:54:06 | N | 3277834] D:\P7180068.JPG
[22/01/2012 - 22:54:20 | N | 3423451] D:\P7210192.JPG
[09/02/2012 - 21:20:59 | D ] D:\Pc
[14/10/2011 - 17:48:47 | D ] D:\Propellerhead
[10/02/2012 - 22:52:15 | N | 12679193] D:\Qulinez - Troll (Original Mix) Www.equipehs.com.br.mp3
[09/01/2012 - 21:44:10 | N | 11523242] D:\Qulinez - Troll.mp3
[04/01/2012 - 21:48:19 | D ] D:\Reason subory
[15/02/2012 - 21:06:12 | SHD ] D:\RECYCLER
[05/12/2011 - 21:14:18 | N | 15900672] D:\Red Hot Chili Peppers - Otherside (Third Party Remix) www.livingelectro.com.mp3
[24/01/2012 - 21:12:55 | N | 13108] D:\Ruže do vody.jpg
[10/01/2012 - 22:27:14 | D ] D:\Rytmus - Fenomen (2011)
[04/12/2011 - 19:35:33 | N | 28113888] D:\Sergey Nevone & Simon O'Shine - Last Goodbye (Original Mix) RedMusic.pl.mp3
[13/02/2012 - 14:03:06 | D ] D:\Serialy a filmy
[17/12/2011 - 20:23:44 | N | 5964363] D:\SHASH'U---MAN-DOWN-REMIX.mp3
[28/11/2011 - 17:44:49 | N | 12394654] D:\Sidney Samson & Lil Jon - Mutate (Original Mix) www.music-team.net.mp3
[19/01/2012 - 19:54:19 | N | 15154581] D:\Spaceman (Original Mix).mp3
[07/01/2012 - 22:15:20 | N | 15062838] D:\Steve Aoki feat. Angger Dimas - The 80's (Original Mix).mp3
[15/01/2012 - 22:29:32 | N | 11937871] D:\Swanky Tunes & Hard Rock Sofa - The Edge .mp3
[15/01/2012 - 18:09:07 | D ] D:\Swanky Tunes – January 2012
[09/10/2011 - 08:46:32 | SHD ] D:\System Volume Information
[29/12/2011 - 13:55:09 | N | 12591074] D:\Teo Moss - Activation (Original Mix).mp3
[07/02/2012 - 18:06:38 | ASH | 104448] D:\Thumbs.db
[11/12/2011 - 16:45:04 | D ] D:\Tiesto - Club Life 245 (12-11-2011)
[14/02/2012 - 18:50:44 | N | 18767872] D:\Tiesto ft BT - Love Comes Again (Hardwell 2011 Rework) www.LivingElectro.com.mp3
[19/01/2012 - 20:14:40 | N | 9263717] D:\Tiesto_-_What_Can_We_Do_(A_Deeper_Love)_(Third_Party_Remix)_www.edmtunes.com.mp3
[14/01/2012 - 23:43:46 | N | 16602249] D:\Tim Mason - Anima (Original Mix).mp3
[10/01/2012 - 22:27:14 | D ] D:\TINA - S.E.X.Y. (SK 2011)
[08/12/2011 - 19:50:19 | N | 13413881] D:\Tonite Only - Haters Gonna Hate (Nicky Romero 'Out Of Space' Remix).mp3
[19/12/2011 - 21:59:39 | N | 12599976] D:\Uppermost - Acedia (www.ckmp3.com).mp3
[15/02/2012 - 20:52:30 | N | 1238088] D:\UsbFix.exe
[06/10/2011 - 16:50:59 | D ] D:\Windows XP SP3 CZ
[06/01/2012 - 22:55:44 | N | 8026997] D:\wretch 32 ft Josh Kumra - Don't Go (DJ Fresh Remix).mp3
[13/12/2011 - 19:58:33 | N | 159950] D:\Zdroj final 2.jpg
[29/01/2012 - 14:32:49 | N | 7295562] D:\[ClubMusicFM.Com]Bob+Sinclar+feat.+Pitbull,+DragonFly+&+Fatman+Scoop+–+Rock+The+Boat+(+www.ClubMusicFM.com+).mp3
[13/02/2012 - 12:51:44 | D ] D:\škoola
[13/02/2012 - 19:17:30 | N | 537488] J:\burky-sub-70W-doc.pdf
[09/02/2012 - 20:52:27 | D ] J:\Filmy
[16/12/2011 - 16:34:16 | D ] J:\fotky
[15/02/2012 - 18:50:00 | N | 305] J:\fotky.lnk
[14/02/2012 - 20:55:02 | N | 411370] J:\Kopie - skenovat0008.tif
[15/02/2012 - 17:04:58 | N | 2010192] J:\Regulovateľný symetrický zdroj 0-30V 2012.docx
[14/02/2012 - 21:48:14 | N | 2184192] J:\Regulovateľný symetrický zdroj 0-30V.doc
[14/02/2012 - 19:08:32 | N | 1420554] J:\skenovat0007.tif
[14/02/2012 - 20:38:44 | N | 487822] J:\skenovat0008.tif
[13/02/2012 - 18:28:36 | N | 26849166] J:\skenovat0009.tif
[15/02/2012 - 20:27:20 | N | 1189862] J:\skenovat0010.tif
[14/02/2012 - 20:08:46 | N | 1762314] J:\skenovat0011.tif
[14/02/2012 - 21:43:35 | D ] J:\SOČ Dominik Hamza
[16/12/2011 - 16:34:17 | D ] J:\vyuctovanie

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
D:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)
J:\Autorun.inf -> Vaccine created by UsbFix (TeamXscript)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_DOMINIK-69843A4.zip
http://eldesaparecido.com/support.php
Thank you for your contribution.

################## | E.O.F |

Co disk, uz je OK

Poprosim o log z RSIT http://forum.viry.cz/viewtopic.php?f=13&t=105895

Jo iba že do každeho usb disku aj na hardware mi pribudol priečinok autoran ktorý mi potom antivirusový program blokuje a jeden priečinok mi zobrazilo jeho obsah a zároven aj ostal ako odkaz

...... ale to mi až tak nevadí Ďakujem veľmi pekne

Autorun je neskodny, je to ochrana prave proti teto obrane, byl vytvoren USBFixem

Dejte mi prosim log z RSIT, at to pripadne poladime

Ktera ta slozka je stale jako odkaz

Jinak prozatim neni zac

Logfile of random's system information tool 1.09 (written by random/random)
Run by Dominik at 2012-02-15 22:05:48
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (23%) free of 20 GB
Total RAM: 511 MB (25% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:06:09, on 15.2.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Dominik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Dominik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Dominik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Dominik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\AIMP2\AIMP2.exe
D:\RSIT.exe
C:\Program Files\trend micro\Dominik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C089305-6C94-44D9-AAC9-208157E41CB1}: NameServer = 213.151.202.130,213.151.208.161
O17 - HKLM\System\CS1\Services\Tcpip\..\{0C089305-6C94-44D9-AAC9-208157E41CB1}: NameServer = 213.151.202.130,213.151.208.161
O17 - HKLM\System\CS2\Services\Tcpip\..\{0C089305-6C94-44D9-AAC9-208157E41CB1}: NameServer = 213.151.202.130,213.151.208.161
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe

--
End of file - 8059 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Dominik\Data aplikací\Mozilla\Firefox\Profiles\8glrcq7x.default

prefs.js - "browser.startup.homepage" - "http://www.azet.sk/"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-01-11 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-01-11 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-01-11 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2004-05-14 3784704]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2004-05-14 81920]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-07-01 67584]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2011-10-11 258512]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-09 153136]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-03-12 153136]
"Sony Ericsson PC Companion"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-12-07 433872]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Documents and Settings\Dominik\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-04-27 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=3

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=3
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe"="C:\NVIDIA\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe"="C:\Program Files\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe:*:Enabled:Update Engine"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=i420vfw.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"midi"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"vidc.yv12"=yv12vfw.dll

======List of files/folders created in the last 1 month======

2012-02-15 22:05:51 ----D---- C:\Program Files\trend micro
2012-02-15 22:05:48 ----D---- C:\rsit
2012-02-15 21:08:12 ----D---- C:\Autorun.inf
2012-02-15 20:53:39 ----A---- C:\UsbFix.txt
2012-02-15 20:53:37 ----D---- C:\UsbFix
2012-02-15 18:19:04 ----D---- C:\Documents and Settings\Dominik\Data aplikací\Malwarebytes
2012-02-15 18:18:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2012-02-15 18:05:36 ----D---- C:\WINDOWS\system32\Lang
2012-02-09 21:11:59 ----D---- C:\Documents and Settings\Dominik\Data aplikací\Global Graphics
2012-02-09 21:11:24 ----D---- C:\Documents and Settings\Dominik\Data aplikací\jaws
2012-02-09 21:01:05 ----D---- C:\Program Files\Microsoft.NET
2012-02-09 20:59:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Global Graphics
2012-02-06 14:05:49 ----D---- C:\Documents and Settings\Dominik\Data aplikací\PioneerLog
2012-02-06 12:48:11 ----D---- C:\Documents and Settings\Dominik\Data aplikací\Pioneer
2012-02-06 12:47:33 ----D---- C:\WINDOWS\system32\ipp20
2012-02-06 12:46:41 ----D---- C:\Program Files\Pioneer
2012-01-28 19:21:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$

======List of files/folders modified in the last 1 month======

2012-02-15 22:05:56 ----D---- C:\WINDOWS\Temp
2012-02-15 22:05:55 ----D---- C:\WINDOWS\Prefetch
2012-02-15 22:05:51 ----D---- C:\Program Files
2012-02-15 22:04:45 ----A---- C:\WINDOWS\NeroDigital.ini
2012-02-15 21:57:53 ----D---- C:\Documents and Settings\Dominik\Data aplikací\AIMP
2012-02-15 21:06:39 ----SD---- C:\WINDOWS\Tasks
2012-02-15 21:06:12 ----SHD---- C:\RECYCLER
2012-02-15 21:05:53 ----D---- C:\WINDOWS\system32
2012-02-15 18:54:57 ----D---- C:\WINDOWS\system32\drivers
2012-02-15 18:22:28 ----SHD---- C:\WINDOWS\Installer
2012-02-15 18:22:27 ----D---- C:\Config.Msi
2012-02-15 18:18:57 ----D---- C:\WINDOWS\system32\CatRoot2
2012-02-15 18:03:08 ----D---- C:\WINDOWS
2012-02-14 22:10:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-02-13 18:18:09 ----D---- C:\WINDOWS\SxsCaPendDel
2012-02-13 16:03:00 ----D---- C:\WINDOWS\WinSxS
2012-02-13 11:51:42 ----SHD---- C:\System Volume Information
2012-02-13 11:46:21 ----D---- C:\WINDOWS\system32\NtmsData
2012-02-13 11:31:39 ----D---- C:\WINDOWS\Microsoft.NET
2012-02-13 11:20:50 ----RSD---- C:\WINDOWS\assembly
2012-02-13 11:01:11 ----D---- C:\WINDOWS\Registration
2012-02-13 10:55:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2012-02-09 21:16:22 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-09 21:14:08 ----D---- C:\Program Files\Common Files
2012-02-09 21:02:28 ----SD---- C:\Documents and Settings\Dominik\Data aplikací\Microsoft
2012-02-09 21:00:35 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-02-06 12:46:42 ----RSD---- C:\WINDOWS\Fonts
2012-01-28 19:21:50 ----HD---- C:\WINDOWS\inf
2012-01-28 19:21:45 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-28 17:38:16 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-27 00:21:24 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2012-01-17 16:39:57 ----D---- C:\Documents and Settings\Dominik\Data aplikací\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nv_agp;NVIDIA nForce AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\nv_agp.sys [2003-10-29 21120]
R0 nvatabus;nvatabus; C:\WINDOWS\system32\DRIVERS\nvatabus.sys [2004-06-03 79360]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-10-09 443448]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-02-15 137416]
R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2011-10-11 36000]
R1 sdpiosys;sdpiosys; C:\WINDOWS\system32\drivers\sdpiosys.sys [2004-11-30 161792]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2011-10-11 74640]
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2004-02-24 400384]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-07-01 626977]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-05-14 2205760]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-05-17 33280]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-05-17 12928]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 al20xzr4;al20xzr4; C:\WINDOWS\system32\drivers\al20xzr4.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2012-01-11 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2012-01-11 25512]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\WINDOWS\system32\DRIVERS\s816bus.sys [2007-06-19 81832]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-04-27 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-27 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2011-10-11 110032]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-01-11 153376]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-05-14 114755]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-03-12 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-06-29 155344]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

žiadny to iba ja som skušal robiť to cez vlastnosti či sa nebude to dať nejako odstraniť ...... urobil kopiu a som ju zabudol odstrániť

Avira, jak jsem si myslel a tusil ze v tom bude mit prsty...Napisu na jejich podporu

vidim nainstalovany MBAM, delal jste jim sken

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe

Pokud pouzivate Win Vista ci W7, kliknete na OTM pravym a dejte Run As Administrator ci Spustit jako spravce
Do leveho okna Paste Instructions for Items to be Moved (pod zlutou caru) vlozte obsah, ktery mate nize

Kód: Vybrat vše

:services
JavaQuickStarterService
NBService
NMIndexingService

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
"GrooveMonitor"=-
"QuickTime Task"=-
"NeroFilterCheck"=-
"SunJavaUpdateSched"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=-
"DAEMON Tools Lite"=-
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
"Sony Ericsson PC Companion"=-

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Kliknete na cervene tlacitko MoveIt!
Budete vyzvani na restart, dejte Yes, log pote najdete C:\_OTM\MovedFiles, obsah sem vlozte

jo kamoš mi to dneska odporučil ale aj tak mi nič nenašlo.

toto mi vyskočilo hned po reštartovaní:

Files moved on Reboot...
File move failed. C:\WINDOWS\System32\drivers\etc\Hosts scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Fajn, jak se chova PC

Normálne až na maličku chybičku, že ak chcem otvoriť nejaký priečinok tak mi stále otvorí hľadať a v nové okne

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 12-02-16.02 - Dominik 16.02.2012 17:29:37.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.511.268 [GMT 1:00]
Spuštěný z: c:\documents and settings\Dominik\Plocha\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\data
c:\data\WINDOWSDEFENDER.EXE
c:\windows\msmqinst.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-16 do 2012-02-16 )))))))))))))))))))))))))))))))
.
.
2012-02-16 12:28 . 2012-02-16 12:28 -------- d-----w- c:\windows\LastGood
2012-02-15 21:05 . 2012-02-15 21:06 -------- d-----w- c:\program files\trend micro
2012-02-15 19:53 . 2012-02-15 20:08 -------- d-----w- C:\UsbFix
2012-02-15 18:29 . 2012-02-15 18:29 -------- d-----w- c:\documents and settings\Dominik\Local Settings\Data aplikací\GHISLER
2012-02-15 17:19 . 2012-02-15 17:19 -------- d-----w- c:\documents and settings\Dominik\Data aplikací\Malwarebytes
2012-02-15 17:18 . 2012-02-15 17:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-02-15 17:05 . 2012-02-15 17:05 -------- d-----w- c:\windows\system32\Lang
2012-02-15 16:07 . 2012-02-15 16:07 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{8CF5E4F4-78FF-492A-BCDF-F04390399210}\offreg.dll
2012-02-14 16:45 . 2012-01-06 04:19 6557240 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{8CF5E4F4-78FF-492A-BCDF-F04390399210}\mpengine.dll
2012-02-09 20:11 . 2012-02-09 20:14 -------- d-----w- c:\documents and settings\Dominik\Data aplikací\Global Graphics
2012-02-09 20:11 . 2012-02-09 20:11 -------- d-----w- c:\documents and settings\Dominik\Data aplikací\jaws
2012-02-09 20:07 . 2012-02-09 20:07 -------- d-----w- c:\documents and settings\Dominik\Local Settings\Data aplikací\assembly
2012-02-09 20:01 . 2012-02-09 20:01 -------- d-----w- c:\program files\Microsoft.NET
2012-02-09 19:59 . 2012-02-09 20:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Global Graphics
2012-02-06 11:48 . 2012-02-06 13:05 -------- d-----w- c:\documents and settings\Dominik\Data aplikací\Pioneer
2012-02-06 11:47 . 2012-02-06 11:47 -------- d-----w- c:\windows\system32\ipp20
2012-02-06 11:46 . 2012-02-06 13:06 -------- d-----w- c:\program files\Pioneer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-15 20:08 . 2012-02-15 20:08 357243 ----a-w- C:\UsbFix_Upload_Me_DOMINIK-69843A4.zip
2012-02-15 16:37 . 2011-10-20 17:56 137416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-01-26 23:21 . 2011-10-09 07:24 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-11 15:43 . 2012-01-11 15:43 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-01-11 15:43 . 2012-01-11 15:43 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2012-01-11 15:43 . 2012-01-11 15:43 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2012-01-11 15:41 . 2012-01-11 15:41 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-01-11 15:41 . 2012-01-11 15:41 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-06 04:19 . 2011-10-09 07:24 6557240 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2011-11-25 21:57 . 2008-04-14 08:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-11-25 21:28 . 2011-10-09 06:52 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 14:40 . 2008-04-14 07:45 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-20 06:12 . 2008-04-14 08:52 60416 ----a-w- c:\windows\system32\packager.exe
2011-10-11 19:44 . 2011-10-07 20:53 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2006-05-03 09:06 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 10:47 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 12:30 216064 --sh--r- c:\windows\system32\nbDX.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-27 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-05-14 3784704]
"nwiz"="nwiz.exe" [2004-05-14 831488]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2004-05-14 81920]
"SoundMan"="SOUNDMAN.EXE" [2004-07-01 67584]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
.
c:\documents and settings\Dominik\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [20.10.2011 18:56 36000]
R1 sdpiosys;sdpiosys;c:\windows\system32\drivers\SDPIOSYS.SYS [30.11.2004 12:10 161792]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [20.10.2011 18:56 86224]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [11.1.2012 16:43 13224]
S3 s816bus;Sony Ericsson Device 816 driver (WDM);c:\windows\system32\drivers\s816bus.sys [6.10.2011 18:22 81832]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [10.1.2012 20:45 155344]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-16 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: Interfaces\{0C089305-6C94-44D9-AAC9-208157E41CB1}: NameServer = 213.151.202.130,213.151.208.161
FF - ProfilePath - c:\documents and settings\Dominik\Data aplikací\Mozilla\Firefox\Profiles\8glrcq7x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.azet.sk/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Reason5_is1 - c:\program files\Propellerhead\Reason\Uninstall Reason\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-16 17:41
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-02-16 17:42:47
ComboFix-quarantined-files.txt 2012-02-16 16:42
.
Před spuštěním: 4 695 736 320
Po spuštění: 5 606 346 752
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 41FA72948DD19115F4FEFDA1CF282811

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000000

ClearJavaCache::

AtJob::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

VIRY.CZ

Chyba na externom disku

Chyba na externom disku

Re: Chyba na externom disku

Re: Chyba na externom disku

Re: Chyba na externom disku

Re: Chyba na externom disku

Re: Chyba na externom disku

Re: Chyba na externom disku

Re: Chyba na externom disku

Re: Chyba na externom disku

Re: Chyba na externom disku

Re: Chyba na externom disku

Re: Chyba na externom disku

Re: Chyba na externom disku

Re: Chyba na externom disku

Re: Chyba na externom disku