Po Combofix nejedou virtuální mechaniky

[Vlkus]

Zdravím a prosím o pomoc. Před nějakou dobou se mi v TEMPu začal objevovat po každém spuštění PC soubor systray.exe. Na fóru jsem našel doporučení použít Combofix. Stáhnul jsem, spusil, PC párkrát strašidelně hlasitě pípnul, většinou nahlásil něco o kritické chybě a stáhnul něco ze serveru combofixu, restartoval PC a pak zase stahoval a restartoval jen sám sebe. Pak mu vadily virtuální mechaniky a celé se mi to zdálo podivné, tak jsem vyměknul a vypnul ho. Výsledkem je to, že systray.exe zmizel, zatím to vypadá, že nadobro. Na C: jsem objevil 6M adresář COMBOFIX se spoustou soborů a nějaký adresář Qoobox, které tam předtím nebyly. Jsem kapku připosražený z toho, co jsem asi provedl.

PC zatím vypadá v pořádku, nepozoruju žádné zpomalení, ani nic podezřelého. Jediné, čeho jsem si všimnul je ztráta virtuálních mechanik vytvořených přes Alcohol. Při spouštění Alcoholu mi to píše, že selhalo zavádění ovladačů virtualní Alcohol mechaniky a že možnosti emulace a výchozí rozhraní ovladače Alcohol 120% nebudou dostupné. Zkusil jsem vytvořit nové mechaniky, ale bez úspěchu.

Můžete mi pls pomoct? Posílám log z HJT. Díky moc.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:56:01, on 7.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\PROGRA~1\GENIUS~2\GNETMOUS.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Genius Multimedia Keyboard Driver\Versato.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Genius Multimedia Keyboard Driver\MePlayer.exe
C:\Program Files\Genius Multimedia Keyboard Driver\OSD.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Martin Vlček\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\GENIUS~2\GNETMOUS.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Genius Multimedia Keyboard Driver.lnk = C:\Program Files\Genius Multimedia Keyboard Driver\Versato.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate1c99835718a3e46) (gupdate1c99835718a3e46) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7794 bytes

[Caroprd111]

Zdravím

Přečtěte si pravidla fóra a dejte log z RSIT.


Nedoporučuji používat ComboFix z vlastní iniciativy, může dojít k poškození systému!

[Vlkus]

OMLOUVÁM SE, tady je RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by ... at 2010-03-07 19:16:40
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 187 GB (31%) free of 610 GB
Total RAM: 3327 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:16:46, on 7.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\PROGRA~1\GENIUS~2\GNETMOUS.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Genius Multimedia Keyboard Driver\Versato.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Genius Multimedia Keyboard Driver\MePlayer.exe
C:\Program Files\Genius Multimedia Keyboard Driver\OSD.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Martin Vlček\Plocha\RSIT.exe
C:\Documents and Settings\Martin Vlček\Plocha\Martin Vlček.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\GENIUS~2\GNETMOUS.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Genius Multimedia Keyboard Driver.lnk = C:\Program Files\Genius Multimedia Keyboard Driver\Versato.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate1c99835718a3e46) (gupdate1c99835718a3e46) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7763 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2008-05-26 1423360]
"QFan Help"=C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
"Cpu Level Up help"=C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
"mouseElf"=C:\PROGRA~1\GENIUS~2\GNETMOUS.EXE [2004-02-24 176128]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-01-24 98304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-10-07 1461080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-07-02 220544]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-04 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-15 644696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-01-24 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Genius Multimedia Keyboard Driver.lnk - C:\Program Files\Genius Multimedia Keyboard Driver\Versato.exe
Launchy.lnk - C:\Program Files\Launchy\Launchy.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-12-01 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, snapapi32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Electronic Arts\Dead Space\Dead Space.exe"="C:\Program Files\Electronic Arts\Dead Space\Dead Space.exe:*:Disabled:Dead Space ™"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Documents and Settings\Martin Vlček\Dokumenty\Hry\gta4\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Documents and Settings\Martin Vlček\Dokumenty\Hry\gta4\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Documents and Settings\Martin Vlček\Dokumenty\Hry\gta4\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Documents and Settings\Martin Vlček\Dokumenty\Hry\gta4\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Documents and Settings\Martin Vlček\Dokumenty\Hry\gta4\Grand Theft Auto IV\GTAIV.exe"="C:\Documents and Settings\Martin Vlček\Dokumenty\Hry\gta4\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7370b986-9cb9-11de-a78f-101111111111}]
shell\AutoRun\command - G:\Launcher.exe


======List of files/folders created in the last 1 months======

2010-03-07 19:16:40 ----D---- C:\rsit
2010-03-07 18:30:00 ----D---- C:\ComboFix
2010-03-07 18:30:00 ----A---- C:\WINDOWS\system32\CF3424.exe
2010-03-07 18:23:04 ----D---- C:\WINDOWS\ERDNT
2010-03-07 18:18:16 ----D---- C:\Qoobox
2010-02-28 22:41:07 ----AD---- C:\WINDOWS\VDLL.DLL
2010-02-28 22:41:07 ----AD---- C:\WINDOWS\system32\runouce.exe
2010-02-28 22:41:07 ----AD---- C:\WINDOWS\rundll16.exe
2010-02-28 22:41:07 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-02-28 22:41:07 ----AD---- C:\WINDOWS\logo1_.exe
2010-02-28 22:41:07 ----AD---- C:\WINDOWS\logo_1.exe
2010-02-28 22:36:10 ----RA---- C:\WINDOWS\system32\msvcr80.dll
2010-02-28 22:36:10 ----A---- C:\WINDOWS\system32\msvcp80.dll
2010-02-28 22:36:09 ----A---- C:\WINDOWS\system32\eEmpty.exe
2010-02-28 22:36:06 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2010-02-28 22:36:06 ----A---- C:\WINDOWS\system32\T.COM
2010-02-28 22:36:06 ----A---- C:\WINDOWS\REGEDIT.COM
2010-02-28 22:36:06 ----A---- C:\WINDOWS\R.COM
2010-02-28 22:36:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2010-02-23 23:10:44 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-23 21:54:36 ----D---- C:\Program Files\Call of Duty Modern Warfare 2
2010-02-20 18:49:46 ----D---- C:\Documents and Settings\Martin Vlček\Data aplikací\Canneverbe Limited
2010-02-20 18:49:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
2010-02-09 23:12:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-09 23:12:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-09 23:11:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-09 23:11:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-09 23:11:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-09 23:11:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-09 23:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-09 23:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-09 23:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-09 20:45:34 ----A---- C:\WINDOWS\game.ini
2010-02-09 20:40:58 ----D---- C:\Program Files\Activision

======List of files/folders modified in the last 1 months======

2010-03-07 19:16:05 ----D---- C:\WINDOWS\Temp
2010-03-07 18:55:56 ----D---- C:\WINDOWS\Prefetch
2010-03-07 18:51:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-07 18:48:26 ----D---- C:\WINDOWS\system32
2010-03-07 18:48:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-07 18:47:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-03-07 18:23:04 ----D---- C:\WINDOWS
2010-03-07 09:55:52 ----A---- C:\WINDOWS\system.ini
2010-03-06 16:09:29 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-06 16:01:03 ----HD---- C:\WINDOWS\inf
2010-03-06 14:08:30 ----D---- C:\Documents and Settings\Martin Vlček\Data aplikací\vlc
2010-03-06 14:08:24 ----D---- C:\Documents and Settings\Martin Vlček\Data aplikací\dvdcss
2010-03-06 13:37:21 ----A---- C:\WINDOWS\wincmd.ini
2010-03-01 21:28:36 ----D---- C:\WINDOWS\system32\config
2010-02-28 23:17:17 ----D---- C:\Program Files\CCleaner
2010-02-27 17:53:57 ----D---- C:\WINDOWS\Minidump
2010-02-27 08:18:51 ----SHD---- C:\WINDOWS\Installer
2010-02-23 23:11:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-23 23:10:51 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-23 23:10:48 ----A---- C:\WINDOWS\imsins.BAK
2010-02-23 21:54:36 ----RD---- C:\Program Files
2010-02-21 20:56:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\QuickTime
2010-02-21 19:13:06 ----D---- C:\Program Files\Mozilla Firefox
2010-02-20 18:49:30 ----D---- C:\Program Files\CDBurnerXP
2010-02-20 18:49:28 ----D---- C:\WINDOWS\system32\drivers
2010-02-13 20:40:34 ----SD---- C:\WINDOWS\Tasks
2010-02-09 20:46:13 ----D---- C:\WINDOWS\system32\DirectX
2010-02-09 20:46:05 ----RSD---- C:\WINDOWS\assembly
2010-02-09 20:45:33 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-10-07 55256]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2000-09-25 11864]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-10-07 73760]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2008-02-05 97216]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-12-01 3452928]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-05-21 93696]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-10-07 32072]
R3 genmcmn;Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys [2003-01-29 7894]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-02-02 36864]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-09-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 AF15BDA;AF9015 BDA Device; C:\WINDOWS\system32\DRIVERS\AF15BDA.sys [2010-02-06 483200]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 GPU-Z;GPU-Z; \??\C:\DOCUME~1\MARTIN~1\LOCALS~1\Temp\GPU-Z.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-10-30 685816]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-12-01 598016]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-10-07 472280]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-12-05 488960]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-12-01 593920]
S2 gupdate1c99835718a3e46;Google Update Service (gupdate1c99835718a3e46); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-26 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-10-07 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-02 1181328]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-11-17 306432]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Caroprd111]

Odinstalujte Spybot - Search & Destroy a Ad-Aware.


Otevřete si Poznámkový blok a zkopírujte do něj text (z bílého políčka):

Kód: Vybrat vše

REGEDIT4

[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Nyní uložte jako (typ: všechny soubory) kde za název souboru zadáte "smazani.reg" bez uvozovek, klik na uložit, pak na soubor standardně 2X kliknete a potvrďte dialogové okno.



Vložte sem log log C:\ComboFix.txt (pokud tam bude).


Doporučuji odinstalovat:
C:\Program Files\uTorrent\utorrent.exe

P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů, zbytečně se vystavujete riziku.

[Vlkus]

uTorrent už dlouho nepoužívám, zapomněl jsem, že ho ještě mám.
S tím spybotem a ad-awarem je něco špatně, nebo se už dneska nepoužívají? Tedy, nemám se už pak pokoušet je vrátit zpátky?

Nechal jsem ještě PC projet mwavem a kromě asi stovky problémů v registrech, které neodhalil ani ccleaner mi mwav našel dva problémy:
Objekt "Perfwo Trojan" nalezen v souborovém systému!
Objekt "CyberSitter Spyware/Adware" nalezen v souborovém systému!

Je to nákaza nebo jenom nějaké zbytky?

Jinak moc díky za rady, provedu, co jste napsal a pak vložím log. Ještě jednou díky.

[Caroprd111]

Tyto programy jsou zastaralé a nedoporučují se používat.
Vložte sem ten log z MBAM, předem nic nemažte.

[Vlkus]

Tak jsem byl rychlejší a utorrent, ad-aware a spybot už jsem odinstaloval. Zatím jsem ještě neprovedl tu úpravu registrů. Mám tedy počkat?
Ten log z MWAV je strašně dlouhý, mám ho sem vložit celý, nebo jen ty chyby?

[Caroprd111]

Podle návodu http://www.viry.cz/forum/viewtopic.php?f=29&t=4097

Omlouvám se, spletl jsem si programy, přes MWAV to ani smazat nejde.

[Vlkus]

Tak tady je log z rsit po vložení dat z bílého rámečku.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Martin Vlček at 2010-03-07 20:00:03
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 187 GB (31%) free of 610 GB
Total RAM: 3327 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:00:07, on 7.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe
C:\PROGRA~1\GENIUS~2\GNETMOUS.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Genius Multimedia Keyboard Driver\Versato.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\Genius Multimedia Keyboard Driver\MePlayer.exe
C:\Program Files\Genius Multimedia Keyboard Driver\OSD.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\Documents and Settings\Martin Vlček\Plocha\KPZ\RSIT.exe
C:\Program Files\trend micro\Martin Vlček.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [mouseElf] C:\PROGRA~1\GENIUS~2\GNETMOUS.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Genius Multimedia Keyboard Driver.lnk = C:\Program Files\Genius Multimedia Keyboard Driver\Versato.exe
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate1c99835718a3e46) (gupdate1c99835718a3e46) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

--
End of file - 7137 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-12-18 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"Ai Nap"=C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe [2008-05-26 1423360]
"QFan Help"=C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe [2008-05-06 594432]
"Cpu Level Up help"=C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe [2007-11-30 881152]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
"mouseElf"=C:\PROGRA~1\GENIUS~2\GNETMOUS.EXE [2004-02-24 176128]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-01-24 98304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-10-07 1461080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2007-07-02 220544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2009-12-18 40368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-04 1603152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-15 644696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-01-24 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Genius Multimedia Keyboard Driver.lnk - C:\Program Files\Genius Multimedia Keyboard Driver\Versato.exe
Launchy.lnk - C:\Program Files\Launchy\Launchy.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-12-01 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Electronic Arts\Dead Space\Dead Space.exe"="C:\Program Files\Electronic Arts\Dead Space\Dead Space.exe:*:Disabled:Dead Space ™"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe"="C:\Program Files\Ubisoft\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"C:\Documents and Settings\Martin Vlček\Dokumenty\Hry\gta4\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Documents and Settings\Martin Vlček\Dokumenty\Hry\gta4\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Documents and Settings\Martin Vlček\Dokumenty\Hry\gta4\Grand Theft Auto IV\LaunchGTAIV.exe"="C:\Documents and Settings\Martin Vlček\Dokumenty\Hry\gta4\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Documents and Settings\Martin Vlček\Dokumenty\Hry\gta4\Grand Theft Auto IV\GTAIV.exe"="C:\Documents and Settings\Martin Vlček\Dokumenty\Hry\gta4\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7370b986-9cb9-11de-a78f-101111111111}]
shell\AutoRun\command - G:\Launcher.exe


======List of files/folders created in the last 1 months======

2010-03-07 19:40:39 ----SHD---- C:\Config.Msi
2010-03-07 19:21:45 ----D---- C:\Program Files\trend micro
2010-03-07 19:16:40 ----D---- C:\rsit
2010-03-07 18:30:00 ----D---- C:\ComboFix
2010-03-07 18:30:00 ----A---- C:\WINDOWS\system32\CF3424.exe
2010-03-07 18:23:04 ----D---- C:\WINDOWS\ERDNT
2010-03-07 18:18:16 ----D---- C:\Qoobox
2010-02-28 22:41:07 ----AD---- C:\WINDOWS\VDLL.DLL
2010-02-28 22:41:07 ----AD---- C:\WINDOWS\system32\runouce.exe
2010-02-28 22:41:07 ----AD---- C:\WINDOWS\rundll16.exe
2010-02-28 22:41:07 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-02-28 22:41:07 ----AD---- C:\WINDOWS\logo1_.exe
2010-02-28 22:41:07 ----AD---- C:\WINDOWS\logo_1.exe
2010-02-28 22:36:10 ----RA---- C:\WINDOWS\system32\msvcr80.dll
2010-02-28 22:36:10 ----A---- C:\WINDOWS\system32\msvcp80.dll
2010-02-28 22:36:09 ----A---- C:\WINDOWS\system32\eEmpty.exe
2010-02-28 22:36:06 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2010-02-28 22:36:06 ----A---- C:\WINDOWS\system32\T.COM
2010-02-28 22:36:06 ----A---- C:\WINDOWS\REGEDIT.COM
2010-02-28 22:36:06 ----A---- C:\WINDOWS\R.COM
2010-02-28 22:36:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2010-02-23 23:10:44 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-02-23 21:54:36 ----D---- C:\Program Files\Call of Duty Modern Warfare 2
2010-02-20 18:49:46 ----D---- C:\Documents and Settings\Martin Vlček\Data aplikací\Canneverbe Limited
2010-02-20 18:49:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
2010-02-09 23:12:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-09 23:12:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-09 23:11:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-09 23:11:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-09 23:11:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-09 23:11:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-09 23:10:41 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-09 23:10:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-09 23:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-09 20:45:34 ----A---- C:\WINDOWS\game.ini
2010-02-09 20:40:58 ----D---- C:\Program Files\Activision

======List of files/folders modified in the last 1 months======

2010-03-07 19:59:04 ----D---- C:\WINDOWS\Temp
2010-03-07 19:49:15 ----D---- C:\WINDOWS\system32
2010-03-07 19:49:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-07 19:44:42 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-03-07 19:43:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-03-07 19:43:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-03-07 19:40:40 ----RD---- C:\Program Files
2010-03-07 19:40:39 ----SHD---- C:\WINDOWS\Installer
2010-03-07 19:40:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2010-03-07 19:40:33 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-07 19:40:33 ----D---- C:\WINDOWS\system32\drivers
2010-03-07 19:40:16 ----D---- C:\Documents and Settings\Martin Vlček\Data aplikací\uTorrent
2010-03-07 18:55:56 ----D---- C:\WINDOWS\Prefetch
2010-03-07 18:23:04 ----D---- C:\WINDOWS
2010-03-07 09:55:52 ----A---- C:\WINDOWS\system.ini
2010-03-06 16:09:29 ----D---- C:\WINDOWS\system32\CatRoot2
2010-03-06 16:01:03 ----HD---- C:\WINDOWS\inf
2010-03-06 14:08:30 ----D---- C:\Documents and Settings\Martin Vlček\Data aplikací\vlc
2010-03-06 14:08:24 ----D---- C:\Documents and Settings\Martin Vlček\Data aplikací\dvdcss
2010-03-06 13:37:21 ----A---- C:\WINDOWS\wincmd.ini
2010-03-01 21:28:36 ----D---- C:\WINDOWS\system32\config
2010-02-28 23:17:17 ----D---- C:\Program Files\CCleaner
2010-02-27 17:53:57 ----D---- C:\WINDOWS\Minidump
2010-02-23 23:11:08 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-23 23:10:51 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-23 23:10:48 ----A---- C:\WINDOWS\imsins.BAK
2010-02-21 20:56:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\QuickTime
2010-02-21 19:13:06 ----D---- C:\Program Files\Mozilla Firefox
2010-02-20 18:49:30 ----D---- C:\Program Files\CDBurnerXP
2010-02-13 20:40:34 ----SD---- C:\WINDOWS\Tasks
2010-02-09 20:46:13 ----D---- C:\WINDOWS\system32\DirectX
2010-02-09 20:46:05 ----RSD---- C:\WINDOWS\assembly
2010-02-09 20:45:33 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-10-07 55256]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2000-09-25 11864]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-10-07 73760]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2008-02-05 97216]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-12-01 3452928]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-05-21 93696]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-05-31 20480]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-04-30 10804]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-04-30 11860]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-10-07 32072]
R3 genmcmn;Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gmfiltr.sys [2003-01-29 7894]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-02-02 36864]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-09-21 47360]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2002-10-01 9856]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2008-04-14 5888]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 AF15BDA;AF9015 BDA Device; C:\WINDOWS\system32\DRIVERS\AF15BDA.sys [2010-02-06 483200]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-05-31 23000]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 GPU-Z;GPU-Z; \??\C:\DOCUME~1\MARTIN~1\LOCALS~1\Temp\GPU-Z.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-10-30 685816]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-12-01 598016]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2007-01-31 96370]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-10-07 472280]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2007-06-05 177704]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-12-05 488960]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-12-01 593920]
S2 gupdate1c99835718a3e46;Google Update Service (gupdate1c99835718a3e46); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-26 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-10-07 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2008-11-17 306432]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Caroprd111]

Vložte sem log log C:\ComboFix.txt (pokud tam bude).

MWAV: To budou jenom zbytky.

[Vlkus]

Na C: žádný takový soubor není.

[Caroprd111]

OK, vydržte, napíšu Vám další postup.

[Caroprd111]

Emulátory virtuálních mechanik přeinstalujte.


Odinstalujte ComboFix přes:
Start >> Spustit, zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter


Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

• Spusťte, pro potvrzení volby mačkejte klávesu A, Enter
• Po použití program vymažte. Pozor,antiviry ho mohou falešně označit za vir.

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

• Spusťte.
• Klikněte na "CleanUp!". Potvrďte hlášky stiskem "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478

• Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.
  
  Záložka Čistič
• Dejte analyzovat, po dokončení dejte Spustit Ccleaner.
  
  Záložka Registry
• Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
  OK Zavřít

[Vlkus]

tak ten combofix nejde odinstalovat, píše to, že jej Windows nemůže najít. A ještě mám jednu věc, MWAV (já blbec jsem neměl zaškrtnutý sken disku, jen spywaru a dalších věci) mi našel nějaké soubory infikované tímhle:

Soubor C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\NW7D1Z9J\dotnetfx35setup[1].exe je infikovaný virem NULL.Corrupted !!
Soubor C:\Program Files\EA Games\Need For Speed Hot Pursuit 2\tracks\Alpine\inform.vbs je infikovaný virem NULL.Corrupted !!
Soubor C:\Program Files\EA Games\Need For Speed Hot Pursuit 2\tracks\Medit\inform.vbs je infikovaný virem NULL.Corrupted !!
Soubor C:\Program Files\EA Games\Need For Speed Hot Pursuit 2\tracks\Parkland\inform.vbs je infikovaný virem NULL.Corrupted !!
Soubor C:\Program Files\EA Games\Need For Speed Hot Pursuit 2\tracks\Tropics\inform.vbs je infikovaný virem NULL.Corrupted !!

Je to vůbec virus? A pomůže proti němu některý z těch programů, co jste napsal?

[Caroprd111]

Je to v pořádku, odinstalaci CF vynechte a pokračujte dalšími kroky.