pc TROJAN Win.32 pc wors 2010 virus :/

[LosTKarlosT]

Dobrý den, respektive večer, nedávno jsme zde vyřešili problém s podobným virem, snad jen s loňskou verzí, při spuštění windows se mi zobrazí modrá obrazovka která mě "informuje" o tom že mám na disku virus zhruba jména v titulku, a nabádá mě k odeslání sms na komerční číslo s tím že mi obratem pošlou kód k odemčení počítače, neboť mi zbývají jen dvě bezplatná spuštění, vyděrači :/ .... Jsem už předběžně vybaven OTM,AntiMalwarem ( zkusil jsem nejdřív jen komplet test a našlo to jeden infikovaný, pak po smazání a rebootu naběhl zas ten virus log :/ ), a CCleanerem, s jejichž software pomocí se nám to už podařilo předešlý měsíc, chci vás poprosit, moc prosím, pomozte mi se ho zbavit, budu tu co nějčastěji, abych spolupráci co nejvíce usnadnil ... zde je log z RSIT ...

Logfile of random's system information tool 1.06 (written by random/random)
Run by Filip at 2010-01-07 22:54:37
Systém Microsoft Windows XP Professional Service Pack 3
System drive E: has 42 GB (80%) free of 52 GB
Total RAM: 3327 MB (83% free)

HijackThis download failed

======Scheduled tasks folder======

E:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=E:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"StartCCC"=E:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-04-09 61440]
"HControlUser"=E:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2009-04-01 98304]
"ATKHOTKEY"=E:\Program Files\ASUS\ATK Hotkey\HControl.exe [2009-04-23 178744]
"ATKOSD2"=E:\Program Files\ATKOSD2\ATKOSD2.exe [2008-01-23 7766016]
"ETDWare"=E:\Program Files\Elantech\ETDCtrl.exe [2009-04-21 534528]
"HDAudDeck"=E:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-04-30 33619968]
"ATKMEDIA"=E:\Program Files\ASUS\ATK Media\DMedia.exe [2008-06-24 159744]
"Wireless Console 2"=E:\Program Files\Wireless Console 2\wcourier.exe [2007-07-05 1040384]
"ASUS Live Update"=E:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30 51768]
"Power_Gear"=C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe [2006-07-26 90112]
"Net4Switch"=C:\Program Files\ASUS\Net4Switch\Net4Switch.exe [2007-11-20 1145400]
"ADSMTray"=E:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [2008-03-31 266240]
"ACMON"=E:\Program Files\ASUS\Splendid\ACMON.exe [2009-06-16 540672]
"ASUS Screen Saver Protector"=E:\WINDOWS\AsScrPro.exe [2010-01-05 3054136]
"ASUS Camera ScreenSaver"=E:\WINDOWS\AsScrProlog.exe [2010-01-05 47672]
"Adobe Reader Speed Launcher"=E:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-12-03 35184]
"graphic"=C:\Windows\graphic\driver.exe [2009-09-24 65536]
"NeroFilterCheck"=E:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-06-19 570664]
"Malwarebytes Anti-Malware (reboot)"=E:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=E:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=E:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"SRS Premium Sound"=E:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe [2009-04-07 3405048]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=E:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424]
"MSMSGS"=E:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

E:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
FancyStart daemon.lnk - E:\WINDOWS\Installer\{567C654B-7FE9-4970-8323-56E8191D1941}\_71A97E24F422AA49EDBF39.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Aspwdflt]
E:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll [2008-04-19 1556480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
E:\WINDOWS\system32\Ati2evxx.dll [2009-04-10 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - E:\WINDOWS\system32\wpdshserviceobj.dll [2008-04-27 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=E:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
E:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Hry\Company of Heroes - Tales of Valor\RelicCOH.exe"="D:\Hry\Company of Heroes - Tales of Valor\RelicCOH.exe:*:Disabled:RelicCOH"
"D:\Hry\Company of Heroes - Tales of Valor\RelicDownloader\RelicDownloader.exe"="D:\Hry\Company of Heroes - Tales of Valor\RelicDownloader\RelicDownloader.exe:*:Disabled:Relic Patch Download Manager"
"E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="E:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-01-07 22:54:38 ----D---- E:\Program Files\trend micro
2010-01-07 22:54:37 ----D---- E:\rsit
2010-01-07 21:45:56 ----D---- E:\Documents and Settings\Filip\Data aplikací\Malwarebytes
2010-01-07 21:45:51 ----D---- E:\Program Files\Malwarebytes' Anti-Malware
2010-01-07 21:45:51 ----D---- E:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-01-07 21:30:43 ----A---- E:\WINDOWS\system32\MsiExec.exe.log
2010-01-07 21:30:04 ----D---- E:\Program Files\Nero
2010-01-07 21:30:04 ----D---- E:\Program Files\Common Files\Nero
2010-01-07 21:30:04 ----D---- E:\Documents and Settings\All Users\Data aplikací\Nero
2010-01-07 21:09:08 ----A---- E:\WINDOWS\ATKPF.ini
2010-01-07 20:58:59 ----A---- E:\WINDOWS\system32\xinput9_1_0.dll
2010-01-07 20:58:59 ----A---- E:\WINDOWS\system32\d3dx9_28.dll
2010-01-07 20:58:59 ----A---- E:\WINDOWS\system32\d3dx9_27.dll
2010-01-07 20:58:59 ----A---- E:\WINDOWS\system32\d3dx9_26.dll
2010-01-07 20:58:58 ----A---- E:\WINDOWS\system32\d3dx9_25.dll
2010-01-07 20:58:57 ----A---- E:\WINDOWS\system32\d3dx9_24.dll
2010-01-07 20:38:01 ----D---- E:\Documents and Settings\Filip\Data aplikací\dvdcss
2010-01-07 20:27:33 ----D---- E:\Documents and Settings\Filip\Data aplikací\WinRAR
2010-01-07 20:27:22 ----D---- E:\Program Files\Microsoft Works
2010-01-07 20:27:07 ----D---- E:\Program Files\Microsoft Visual Studio
2010-01-07 20:27:07 ----D---- E:\Program Files\Common Files\DESIGNER
2010-01-07 20:26:47 ----D---- E:\Program Files\Microsoft.NET
2010-01-07 20:24:05 ----D---- E:\WINDOWS\SHELLNEW
2010-01-07 20:23:39 ----D---- E:\Program Files\Microsoft Office
2010-01-07 20:23:38 ----D---- E:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-01-07 20:23:15 ----RHD---- E:\MSOCache
2010-01-07 20:14:47 ----D---- E:\Documents and Settings\Filip\Data aplikací\vlc
2010-01-07 20:13:48 ----D---- E:\Program Files\VideoLAN
2010-01-07 19:51:49 ----RHD---- E:\Documents and Settings\Filip\Data aplikací\SecuROM
2010-01-07 19:51:49 ----A---- E:\WINDOWS\system32\CmdLineExt.dll
2010-01-07 19:39:02 ----D---- E:\Documents and Settings\Filip\Data aplikací\Mozilla
2010-01-07 19:38:07 ----D---- E:\Program Files\Mozilla Firefox
2010-01-07 19:36:35 ----D---- E:\Program Files\Winamp Detect
2010-01-07 19:36:33 ----D---- E:\Program Files\Winamp
2010-01-07 19:36:33 ----D---- E:\Documents and Settings\Filip\Data aplikací\Winamp
2010-01-07 19:33:06 ----D---- E:\Documents and Settings\All Users\Data aplikací\Google
2010-01-07 19:32:42 ----D---- E:\Program Files\Google
2010-01-07 19:30:33 ----A---- E:\WINDOWS\system32\d3dx10_33.dll
2010-01-07 19:30:33 ----A---- E:\WINDOWS\system32\D3DCompiler_33.dll
2010-01-07 19:30:32 ----A---- E:\WINDOWS\system32\d3dx9_33.dll
2010-01-07 19:30:31 ----A---- E:\WINDOWS\system32\d3dx9_30.dll
2010-01-07 19:28:39 ----SHD---- E:\WINDOWS\ftpcache
2010-01-07 18:12:52 ----SHD---- E:\RECYCLER
2010-01-07 17:26:48 ----D---- E:\Program Files\DAEMON Tools Lite
2010-01-07 17:26:26 ----D---- E:\Documents and Settings\Filip\Data aplikací\DAEMON Tools Lite
2010-01-07 17:26:23 ----D---- E:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2010-01-07 17:25:52 ----D---- E:\Program Files\7-Zip
2010-01-07 17:25:23 ----D---- E:\Program Files\CCleaner
2010-01-07 17:23:28 ----D---- E:\Program Files\WinRAR
2010-01-05 08:27:56 ----D---- E:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-01-05 07:59:33 ----D---- E:\Program Files\Common Files\Adobe AIR
2010-01-05 07:59:31 ----D---- E:\Documents and Settings\Filip\Data aplikací\Adobe
2010-01-05 07:58:58 ----D---- E:\Documents and Settings\All Users\Data aplikací\Adobe
2010-01-05 07:58:34 ----D---- E:\Program Files\Common Files\Adobe
2010-01-05 07:58:34 ----D---- E:\Program Files\Adobe
2010-01-05 07:58:18 ----A---- E:\WINDOWS\AsScrProlog.exe
2010-01-05 07:58:17 ----D---- E:\Documents and Settings\Filip\Data aplikací\Macromedia
2010-01-05 07:58:17 ----A---- E:\WINDOWS\ASUS Camera ScreenSaver.exe
2010-01-05 07:58:17 ----A---- E:\WINDOWS\ASUS Camera ScreenSaver Uninstaller.exe
2010-01-05 07:58:16 ----D---- E:\WINDOWS\system32\Asus_Camera_ScreenSaver dir
2010-01-05 07:58:10 ----A---- E:\WINDOWS\AsScrPro.exe
2010-01-05 07:58:02 ----A---- E:\WINDOWS\system32\ACEngSvr.exe
2010-01-05 07:57:31 ----D---- E:\Program Files\SRS Labs
2010-01-05 07:55:33 ----D---- E:\Program Files\ATKGFNEX
2010-01-05 07:53:34 ----D---- E:\Program Files\Wireless Console 2
2010-01-05 07:51:38 ----RA---- E:\WINDOWS\Uninstvga.bat
2010-01-05 07:51:38 ----RA---- E:\WINDOWS\Uninstuxga.bat
2010-01-05 07:51:38 ----RA---- E:\WINDOWS\Uninstsxga.bat
2010-01-05 07:51:38 ----RA---- E:\WINDOWS\system32\vsnp2uvc.dll
2010-01-05 07:51:38 ----RA---- E:\WINDOWS\DrvInst.exe
2010-01-05 07:51:29 ----D---- E:\Program Files\Multimedia Card Reader
2010-01-05 07:50:17 ----D---- E:\Program Files\Atheros
2010-01-05 07:50:12 ----D---- E:\Documents and Settings\All Users\Data aplikací\Atheros
2010-01-05 07:49:21 ----RA---- E:\WINDOWS\system32\RtNicProp32.dll
2010-01-05 07:49:11 ----D---- E:\WINDOWS\OPTIONS
2010-01-05 07:49:11 ----D---- E:\Program Files\Realtek
2010-01-05 07:48:22 ----N---- E:\WINDOWS\system32\difxapi.dll
2010-01-05 07:48:21 ----D---- E:\Program Files\VIA
2010-01-05 07:47:23 ----D---- E:\Program Files\Elantech
2010-01-05 07:46:36 ----D---- E:\Program Files\ATKOSD2
2010-01-05 07:46:32 ----D---- E:\Documents and Settings\Filip\Data aplikací\InstallShield
2010-01-05 07:46:23 ----D---- E:\WINDOWS\system32\ReinstallBackups
2010-01-05 07:46:17 ----D---- E:\Program Files\ASUS
2010-01-05 07:46:02 ----D---- E:\Documents and Settings\Filip\Data aplikací\ATI
2010-01-05 07:46:02 ----D---- E:\Documents and Settings\All Users\Data aplikací\ATI
2010-01-05 07:42:36 ----RA---- E:\WINDOWS\system32\atiiiexx.dll
2010-01-05 07:42:32 ----RA---- E:\WINDOWS\system32\ATIDEMGX.dll
2010-01-05 07:42:12 ----D---- E:\Program Files\ATI Technologies
2010-01-05 07:42:11 ----HD---- E:\Program Files\InstallShield Installation Information
2010-01-05 07:41:56 ----D---- E:\Program Files\Common Files\InstallShield
2010-01-05 07:40:25 ----RSD---- E:\WINDOWS\assembly
2010-01-05 07:40:08 ----D---- E:\WINDOWS\Microsoft.NET
2010-01-05 07:36:50 ----D---- E:\Program Files\DIFX
2010-01-05 07:36:45 ----DC---- E:\WINDOWS\system32\DRVSTORE
2010-01-05 07:36:44 ----D---- E:\Program Files\AMD
2009-12-20 06:03:50 ----A---- E:\WINDOWS\system32\h323log.txt
2009-12-20 05:48:12 ----A---- E:\WINDOWS\system32\vfwwdm32.dll
2009-12-20 05:48:12 ----A---- E:\WINDOWS\system32\ksuser.dll
2009-12-20 05:47:12 ----A---- E:\WINDOWS\system32\usbui.dll
2009-12-20 05:45:54 ----SHD---- E:\WINDOWS\Installer
2009-12-20 05:45:54 ----A---- E:\WINDOWS\system32\PerfStringBackup.INI
2009-12-20 05:45:53 ----D---- E:\Program Files\Common Files\ODBC
2009-12-20 05:45:53 ----A---- E:\WINDOWS\ODBCINST.INI
2009-12-20 05:45:50 ----D---- E:\Program Files\Common Files\SpeechEngines
2009-12-20 05:45:49 ----RD---- E:\Program Files
2009-12-20 05:45:49 ----D---- E:\Program Files\Common Files\Microsoft Shared
2009-12-20 05:45:49 ----D---- E:\Program Files\Common Files
2009-12-20 05:45:45 ----RA---- E:\WINDOWS\system32\kbdtuq.dll
2009-12-20 05:45:45 ----RA---- E:\WINDOWS\system32\kbdtuf.dll
2009-12-20 05:45:45 ----RA---- E:\WINDOWS\system32\kbdazel.dll
2009-12-20 05:45:43 ----RA---- E:\WINDOWS\system32\kbdycc.dll
2009-12-20 05:45:43 ----RA---- E:\WINDOWS\system32\kbduzb.dll
2009-12-20 05:45:43 ----RA---- E:\WINDOWS\system32\kbdur.dll
2009-12-20 05:45:43 ----RA---- E:\WINDOWS\system32\kbdtat.dll
2009-12-20 05:45:43 ----RA---- E:\WINDOWS\system32\kbdru1.dll
2009-12-20 05:45:43 ----RA---- E:\WINDOWS\system32\kbdru.dll
2009-12-20 05:45:43 ----RA---- E:\WINDOWS\system32\kbdmon.dll
2009-12-20 05:45:43 ----RA---- E:\WINDOWS\system32\kbdkyr.dll
2009-12-20 05:45:43 ----RA---- E:\WINDOWS\system32\kbdkaz.dll
2009-12-20 05:45:43 ----RA---- E:\WINDOWS\system32\kbdbu.dll
2009-12-20 05:45:43 ----RA---- E:\WINDOWS\system32\kbdblr.dll
2009-12-20 05:45:43 ----RA---- E:\WINDOWS\system32\kbdaze.dll
2009-12-20 05:45:41 ----RA---- E:\WINDOWS\system32\kbdhept.dll
2009-12-20 05:45:41 ----RA---- E:\WINDOWS\system32\kbdhela3.dll
2009-12-20 05:45:41 ----RA---- E:\WINDOWS\system32\kbdhela2.dll
2009-12-20 05:45:41 ----RA---- E:\WINDOWS\system32\kbdhe319.dll
2009-12-20 05:45:41 ----RA---- E:\WINDOWS\system32\kbdhe220.dll
2009-12-20 05:45:41 ----RA---- E:\WINDOWS\system32\kbdhe.dll
2009-12-20 05:45:41 ----RA---- E:\WINDOWS\system32\kbdgkl.dll
2009-12-20 05:45:40 ----RA---- E:\WINDOWS\system32\kbdlt1.dll
2009-12-20 05:45:40 ----RA---- E:\WINDOWS\system32\kbdlt.dll
2009-12-20 05:45:39 ----RA---- E:\WINDOWS\system32\kbdlv1.dll
2009-12-20 05:45:39 ----RA---- E:\WINDOWS\system32\kbdlv.dll
2009-12-20 05:45:39 ----RA---- E:\WINDOWS\system32\kbdest.dll
2009-12-20 05:45:34 ----RA---- E:\WINDOWS\system32\kbdycl.dll
2009-12-20 05:45:34 ----RA---- E:\WINDOWS\system32\kbdsl1.dll
2009-12-20 05:45:34 ----RA---- E:\WINDOWS\system32\kbdsl.dll
2009-12-20 05:45:34 ----RA---- E:\WINDOWS\system32\kbdro.dll
2009-12-20 05:45:34 ----RA---- E:\WINDOWS\system32\kbdpl1.dll
2009-12-20 05:45:34 ----RA---- E:\WINDOWS\system32\kbdpl.dll
2009-12-20 05:45:34 ----RA---- E:\WINDOWS\system32\kbdhu1.dll
2009-12-20 05:45:34 ----RA---- E:\WINDOWS\system32\kbdhu.dll
2009-12-20 05:45:34 ----RA---- E:\WINDOWS\system32\kbdcr.dll
2009-12-20 05:45:34 ----RA---- E:\WINDOWS\system32\KBDAL.DLL
2009-12-20 05:45:32 ----A---- E:\WINDOWS\system32\irclass.dll
2009-12-20 05:45:31 ----A---- E:\WINDOWS\system32\spxcoins.dll
2009-12-20 05:45:31 ----A---- E:\WINDOWS\system32\EqnClass.Dll
2009-12-20 05:45:31 ----A---- E:\WINDOWS\system32\dgsetup.dll
2009-12-20 05:45:31 ----A---- E:\WINDOWS\system32\dgrpsetu.dll
2009-12-20 05:45:29 ----N---- E:\WINDOWS\system32\CONFIG.TMP
2009-12-20 05:45:29 ----A---- E:\WINDOWS\TASKMAN.EXE
2009-12-20 05:45:28 ----A---- E:\WINDOWS\system32\batt.dll
2009-12-20 05:45:28 ----A---- E:\WINDOWS\NOTEPAD.EXE
2009-12-20 05:45:27 ----A---- E:\WINDOWS\system32\storprop.dll
2009-12-20 05:45:19 ----ASH---- E:\Documents and Settings\All Users\Data aplikací\desktop.ini
2009-12-20 05:45:15 ----RA---- E:\WINDOWS\SET8.tmp
2009-12-20 05:45:13 ----RA---- E:\WINDOWS\SET4.tmp
2009-12-20 05:45:11 ----RA---- E:\WINDOWS\SET3.tmp
2009-12-20 05:45:05 ----D---- E:\WINDOWS\system32\CatRoot2
2009-12-20 05:45:05 ----D---- E:\WINDOWS\system32\CatRoot
2009-12-20 05:45:00 ----SD---- E:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-12-20 05:44:31 ----SHD---- E:\System Volume Information
2009-12-20 05:44:31 ----D---- E:\Documents and Settings
2009-12-20 05:43:44 ----D---- E:\Data
2009-12-20 05:39:22 ----SD---- E:\WINDOWS\Downloaded Program Files
2009-12-20 05:39:22 ----RSHDC---- E:\WINDOWS\system32\dllcache
2009-12-20 05:39:22 ----RSD---- E:\WINDOWS\Fonts
2009-12-20 05:39:22 ----RD---- E:\WINDOWS\Web
2009-12-20 05:39:22 ----HD---- E:\WINDOWS\inf
2009-12-20 05:39:22 ----D---- E:\WINDOWS\WinSxS
2009-12-20 05:39:22 ----D---- E:\WINDOWS\WBEM
2009-12-20 05:39:22 ----D---- E:\WINDOWS\twain_32
2009-12-20 05:39:22 ----D---- E:\WINDOWS\Temp
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\wins
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\wbem
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\usmt
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\spool
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\ShellExt
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\Setup
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\ras
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\oobe
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\npp
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\mui
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\inetsrv
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\IME
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\icsxml
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\ias
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\export
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\drivers
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\dhcp
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\cs-cz
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\cs
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\config
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\3com_dmi
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\3076
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\2052
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\1054
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\1042
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\1041
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\1037
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\1033
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\1031
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\1029
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\1028
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32\1025
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system32
2009-12-20 05:39:22 ----D---- E:\WINDOWS\system
2009-12-20 05:39:22 ----D---- E:\WINDOWS\security
2009-12-20 05:39:22 ----D---- E:\WINDOWS\Resources
2009-12-20 05:39:22 ----D---- E:\WINDOWS\repair
2009-12-20 05:39:22 ----D---- E:\WINDOWS\Provisioning
2009-12-20 05:39:22 ----D---- E:\WINDOWS\pchealth
2009-12-20 05:39:22 ----D---- E:\WINDOWS\PeerNet
2009-12-20 05:39:22 ----D---- E:\WINDOWS\Offline Web Pages
2009-12-20 05:39:22 ----D---- E:\WINDOWS\Network Diagnostic
2009-12-20 05:39:22 ----D---- E:\WINDOWS\mui
2009-12-20 05:39:22 ----D---- E:\WINDOWS\msapps
2009-12-20 05:39:22 ----D---- E:\WINDOWS\msagent
2009-12-20 05:39:22 ----D---- E:\WINDOWS\Media
2009-12-20 05:39:22 ----D---- E:\WINDOWS\L2Schemas
2009-12-20 05:39:22 ----D---- E:\WINDOWS\java
2009-12-20 05:39:22 ----D---- E:\WINDOWS\ime
2009-12-20 05:39:22 ----D---- E:\WINDOWS\Help
2009-12-20 05:39:22 ----D---- E:\WINDOWS\ehome
2009-12-20 05:39:22 ----D---- E:\WINDOWS\Driver Cache
2009-12-20 05:39:22 ----D---- E:\WINDOWS\Debug
2009-12-20 05:39:22 ----D---- E:\WINDOWS\Cursors
2009-12-20 05:39:22 ----D---- E:\WINDOWS\Connection Wizard
2009-12-20 05:39:22 ----D---- E:\WINDOWS\Config
2009-12-20 05:39:22 ----D---- E:\WINDOWS\AppPatch
2009-12-20 05:39:22 ----D---- E:\WINDOWS\addins
2009-12-20 05:39:22 ----D---- E:\WINDOWS
2009-12-20 05:20:29 ----D---- E:\Documents and Settings\Filip\Data aplikací\Identities
2009-12-20 05:20:26 ----HD---- E:\Program Files\Uninstall Information
2009-12-20 05:20:13 ----D---- E:\Program Files\Windows Defender
2009-12-20 05:20:05 ----ASH---- E:\Documents and Settings\Filip\Data aplikací\desktop.ini
2009-12-20 05:20:04 ----SD---- E:\Documents and Settings\Filip\Data aplikací\Microsoft
2009-12-20 05:15:37 ----D---- E:\WINDOWS\SoftwareDistribution
2009-12-20 05:15:34 ----SD---- E:\WINDOWS\system32\Microsoft
2009-12-20 05:15:34 ----N---- E:\WINDOWS\SchedLgU.Txt
2009-12-20 05:15:34 ----D---- E:\WINDOWS\Prefetch
2009-12-20 05:10:55 ----D---- E:\WINDOWS\system32\xircom
2009-12-20 05:10:55 ----D---- E:\Program Files\xerox
2009-12-20 05:10:55 ----D---- E:\Program Files\microsoft frontpage
2009-12-20 05:10:12 ----N---- E:\WINDOWS\system32\spmsg.dll
2009-12-20 05:10:11 ----HD---- E:\WINDOWS\$hf_mig$
2009-12-20 05:09:58 ----A---- E:\WINDOWS\control.ini
2009-12-20 05:09:40 ----A---- E:\WINDOWS\system32\mapi32.dll
2009-12-20 05:08:47 ----RAH---- E:\WINDOWS\system32\logonui.exe.manifest
2009-12-20 05:08:43 ----RAH---- E:\WINDOWS\system32\cdplayer.exe.manifest
2009-12-20 05:08:38 ----HD---- E:\Program Files\WindowsUpdate
2009-12-20 05:08:34 ----D---- E:\Program Files\Online Services
2009-12-20 05:08:17 ----D---- E:\WINDOWS\system32\DirectX
2009-12-20 05:08:08 ----A---- E:\WINDOWS\system32\atrace.dll
2009-12-20 05:08:05 ----A---- E:\WINDOWS\system32\desktop.ini
2009-12-20 05:08:05 ----A---- E:\WINDOWS\desktop.ini
2009-12-20 05:07:58 ----A---- E:\WINDOWS\system32\nmevtmsg.dll
2009-12-20 05:07:57 ----A---- E:\WINDOWS\system32\acctres.dll
2009-12-20 05:07:56 ----D---- E:\Program Files\Common Files\Services
2009-12-20 05:07:53 ----SD---- E:\WINDOWS\Tasks
2009-12-20 05:07:53 ----A---- E:\WINDOWS\system32\icfgnt5.dll
2009-12-20 05:07:52 ----D---- E:\Program Files\Common Files\MSSoap
2009-12-20 05:07:48 ----D---- E:\WINDOWS\srchasst
2009-12-20 05:07:47 ----D---- E:\WINDOWS\system32\Macromed
2009-12-20 05:07:45 ----A---- E:\WINDOWS\system32\wuweb.dll
2009-12-20 05:07:45 ----A---- E:\WINDOWS\system32\wucltui.dll
2009-12-20 05:07:45 ----A---- E:\WINDOWS\system32\wuauserv.dll
2009-12-20 05:07:44 ----A---- E:\WINDOWS\system32\wups.dll
2009-12-20 05:07:44 ----A---- E:\WINDOWS\system32\wuaueng1.dll
2009-12-20 05:07:44 ----A---- E:\WINDOWS\system32\wuaueng.dll
2009-12-20 05:07:44 ----A---- E:\WINDOWS\system32\wuauclt1.exe
2009-12-20 05:07:44 ----A---- E:\WINDOWS\system32\wuauclt.exe
2009-12-20 05:07:44 ----A---- E:\WINDOWS\system32\wuapi.dll
2009-12-20 05:07:43 ----A---- E:\WINDOWS\system32\qmgrprxy.dll
2009-12-20 05:07:43 ----A---- E:\WINDOWS\system32\qmgr.dll
2009-12-20 05:07:43 ----A---- E:\WINDOWS\system32\bitsprx4.dll
2009-12-20 05:07:43 ----A---- E:\WINDOWS\system32\bitsprx3.dll
2009-12-20 05:07:43 ----A---- E:\WINDOWS\system32\bitsprx2.dll
2009-12-20 05:07:39 ----D---- E:\Program Files\Movie Maker
2009-12-20 05:07:20 ----A---- E:\WINDOWS\system32\safrslv.dll
2009-12-20 05:07:20 ----A---- E:\WINDOWS\system32\safrdm.dll
2009-12-20 05:07:20 ----A---- E:\WINDOWS\system32\safrcdlg.dll
2009-12-20 05:07:19 ----A---- E:\WINDOWS\system32\racpldlg.dll
2009-12-20 05:07:15 ----A---- E:\WINDOWS\system32\fltMc.exe
2009-12-20 05:07:15 ----A---- E:\WINDOWS\system32\fltlib.dll
2009-12-20 05:07:14 ----D---- E:\WINDOWS\system32\Restore
2009-12-20 05:07:14 ----A---- E:\WINDOWS\system32\srsvc.dll
2009-12-20 05:07:14 ----A---- E:\WINDOWS\system32\srrstr.dll
2009-12-20 05:07:14 ----A---- E:\WINDOWS\system32\srclient.dll
2009-12-20 05:07:13 ----A---- E:\WINDOWS\system32\nmmkcert.dll
2009-12-20 05:07:13 ----A---- E:\WINDOWS\system32\msconf.dll
2009-12-20 05:07:13 ----A---- E:\WINDOWS\system32\mnmsrvc.exe
2009-12-20 05:07:13 ----A---- E:\WINDOWS\system32\mnmdd.dll
2009-12-20 05:07:13 ----A---- E:\WINDOWS\system32\isrdbg32.dll
2009-12-20 05:07:13 ----A---- E:\WINDOWS\system32\ils.dll
2009-12-20 05:07:10 ----D---- E:\Program Files\NetMeeting
2009-12-20 05:07:09 ----A---- E:\WINDOWS\system32\msoert2.dll
2009-12-20 05:07:09 ----A---- E:\WINDOWS\system32\msoeacct.dll
2009-12-20 05:07:08 ----A---- E:\WINDOWS\system32\inetres.dll
2009-12-20 05:07:08 ----A---- E:\WINDOWS\system32\inetcomm.dll
2009-12-20 05:07:06 ----D---- E:\Program Files\Outlook Express
2009-12-20 05:07:06 ----A---- E:\WINDOWS\system32\schedsvc.dll
2009-12-20 05:07:05 ----A---- E:\WINDOWS\system32\mstinit.exe
2009-12-20 05:07:05 ----A---- E:\WINDOWS\system32\mstask.dll
2009-12-20 05:07:05 ----A---- E:\WINDOWS\system32\icwphbk.dll
2009-12-20 05:07:05 ----A---- E:\WINDOWS\system32\icwdial.dll
2009-12-20 05:07:04 ----A---- E:\WINDOWS\system32\isign32.dll
2009-12-20 05:07:04 ----A---- E:\WINDOWS\system32\inetcfg.dll
2009-12-20 05:06:58 ----D---- E:\Program Files\Common Files\System
2009-12-20 05:06:53 ----D---- E:\Program Files\Internet Explorer
2009-12-20 05:06:11 ----D---- E:\Program Files\ComPlus Applications
2009-12-20 05:06:09 ----A---- E:\WINDOWS\vbaddin.ini
2009-12-20 05:06:09 ----A---- E:\WINDOWS\vb.ini
2009-12-20 05:06:03 ----D---- E:\WINDOWS\Registration
2009-12-20 05:05:43 ----D---- E:\Program Files\Windows Media Connect 2
2009-12-20 05:05:42 ----D---- E:\Program Files\Windows Media Player
2009-12-20 05:05:40 ----D---- E:\Program Files\Messenger
2009-12-20 05:05:36 ----D---- E:\Program Files\MSN Gaming Zone
2009-12-20 05:05:36 ----A---- E:\WINDOWS\system32\write.exe
2009-12-20 05:05:27 ----A---- E:\WINDOWS\system32\sndvol32.exe
2009-12-20 05:05:27 ----A---- E:\WINDOWS\system32\hticons.dll
2009-12-20 05:05:27 ----A---- E:\WINDOWS\system32\avwav.dll
2009-12-20 05:05:27 ----A---- E:\WINDOWS\system32\avmeter.dll
2009-12-20 05:05:26 ----A---- E:\WINDOWS\system32\winchat.exe
2009-12-20 05:05:26 ----A---- E:\WINDOWS\system32\avtapi.dll
2009-12-20 05:05:19 ----A---- E:\WINDOWS\system32\sol.exe
2009-12-20 05:05:19 ----A---- E:\WINDOWS\system32\charmap.exe
2009-12-20 05:05:19 ----A---- E:\WINDOWS\system32\getuname.dll
2009-12-20 05:05:19 ----A---- E:\WINDOWS\system32\calc.exe
2009-12-20 05:05:18 ----A---- E:\WINDOWS\system32\winmine.exe
2009-12-20 05:05:18 ----A---- E:\WINDOWS\system32\usrlogon.cmd
2009-12-20 05:05:18 ----A---- E:\WINDOWS\system32\reset.exe
2009-12-20 05:05:18 ----A---- E:\WINDOWS\system32\mshearts.exe
2009-12-20 05:05:18 ----A---- E:\WINDOWS\system32\freecell.exe
2009-12-20 05:05:17 ----A---- E:\WINDOWS\system32\tsshutdn.exe
2009-12-20 05:05:17 ----A---- E:\WINDOWS\system32\tslabels.ini
2009-12-20 05:05:17 ----A---- E:\WINDOWS\system32\tskill.exe
2009-12-20 05:05:17 ----A---- E:\WINDOWS\system32\tsdiscon.exe
2009-12-20 05:05:17 ----A---- E:\WINDOWS\system32\tscon.exe
2009-12-20 05:05:17 ----A---- E:\WINDOWS\system32\shadow.exe
2009-12-20 05:05:17 ----A---- E:\WINDOWS\system32\rwinsta.exe
2009-12-20 05:05:17 ----A---- E:\WINDOWS\system32\regini.exe
2009-12-20 05:05:17 ----A---- E:\WINDOWS\system32\rdpcfgex.dll
2009-12-20 05:05:17 ----A---- E:\WINDOWS\system32\qwinsta.exe
2009-12-20 05:05:17 ----A---- E:\WINDOWS\system32\qappsrv.exe
2009-12-20 05:05:17 ----A---- E:\WINDOWS\system32\msg.exe
2009-12-20 05:05:17 ----A---- E:\WINDOWS\system32\logoff.exe
2009-12-20 05:05:16 ----A---- E:\WINDOWS\system32\msdtcprf.ini
2009-12-20 05:05:16 ----A---- E:\WINDOWS\system32\cdmodem.dll
2009-12-20 05:05:10 ----A---- E:\WINDOWS\system32\wmimgmt.msc
2009-12-20 05:05:09 ----A---- E:\WINDOWS\system32\sndrec32.exe
2009-12-20 05:05:09 ----A---- E:\WINDOWS\system32\mplay32.exe
2009-12-20 05:05:09 ----A---- E:\WINDOWS\system32\hypertrm.dll
2009-12-20 05:05:09 ----A---- E:\WINDOWS\system32\accwiz.exe
2009-12-20 05:05:08 ----D---- E:\Program Files\Windows NT
2009-12-20 05:05:08 ----A---- E:\WINDOWS\system32\mspaint.exe
2009-12-20 05:05:08 ----A---- E:\WINDOWS\system32\clipbrd.exe
2009-12-20 05:05:07 ----A---- E:\WINDOWS\system32\spider.exe
2009-12-20 05:05:06 ----A---- E:\WINDOWS\system32\tsgqec.dll
2009-12-20 05:05:06 ----A---- E:\WINDOWS\system32\tscfgwmi.dll
2009-12-20 05:05:06 ----A---- E:\WINDOWS\system32\rhttpaa.dll
2009-12-20 05:05:06 ----A---- E:\WINDOWS\system32\aaclient.dll
2009-12-20 05:05:05 ----A---- E:\WINDOWS\system32\mstscax.dll
2009-12-20 05:05:05 ----A---- E:\WINDOWS\system32\mstsc.exe
2009-12-20 05:05:04 ----A---- E:\WINDOWS\system32\termsrv.dll
2009-12-20 05:05:04 ----A---- E:\WINDOWS\system32\sessmgr.exe
2009-12-20 05:05:04 ----A---- E:\WINDOWS\system32\remotepg.dll
2009-12-20 05:05:04 ----A---- E:\WINDOWS\system32\rdshost.exe
2009-12-20 05:05:04 ----A---- E:\WINDOWS\system32\rdsaddin.exe
2009-12-20 05:05:04 ----A---- E:\WINDOWS\system32\rdpwsx.dll
2009-12-20 05:05:04 ----A---- E:\WINDOWS\system32\rdpsnd.dll
2009-12-20 05:05:04 ----A---- E:\WINDOWS\system32\rdpclip.exe
2009-12-20 05:05:04 ----A---- E:\WINDOWS\system32\rdchost.dll
2009-12-20 05:05:04 ----A---- E:\WINDOWS\system32\qprocess.exe
2009-12-20 05:05:03 ----D---- E:\WINDOWS\system32\MsDtc
2009-12-20 05:05:03 ----A---- E:\WINDOWS\system32\mtxoci.dll
2009-12-20 05:05:03 ----A---- E:\WINDOWS\system32\msdtcuiu.dll
2009-12-20 05:05:03 ----A---- E:\WINDOWS\system32\msdtcprx.dll
2009-12-20 05:05:03 ----A---- E:\WINDOWS\system32\icaapi.dll
2009-12-20 05:05:03 ----A---- E:\WINDOWS\system32\cfgbkend.dll
2009-12-20 05:05:02 ----A---- E:\WINDOWS\system32\xolehlp.dll
2009-12-20 05:05:02 ----A---- E:\WINDOWS\system32\msdtctm.dll
2009-12-20 05:05:02 ----A---- E:\WINDOWS\system32\msdtclog.dll
2009-12-20 05:05:02 ----A---- E:\WINDOWS\system32\msdtc.exe
2009-12-20 05:05:01 ----D---- E:\WINDOWS\system32\Com
2009-12-20 05:05:01 ----A---- E:\WINDOWS\system32\mtxlegih.dll
2009-12-20 05:05:01 ----A---- E:\WINDOWS\system32\mtxex.dll
2009-12-20 05:05:01 ----A---- E:\WINDOWS\system32\mtxdm.dll
2009-12-20 05:05:01 ----A---- E:\WINDOWS\system32\dcomcnfg.exe
2009-12-20 05:05:01 ----A---- E:\WINDOWS\system32\comrepl.dll
2009-12-20 05:05:01 ----A---- E:\WINDOWS\system32\comaddin.dll
2009-12-20 05:05:01 ----A---- E:\WINDOWS\system32\colbact.dll
2009-12-20 05:05:00 ----A---- E:\WINDOWS\system32\stclient.dll
2009-12-20 05:05:00 ----A---- E:\WINDOWS\system32\clbcatex.dll
2009-12-20 05:05:00 ----A---- E:\WINDOWS\system32\catsrvut.dll
2009-12-20 05:05:00 ----A---- E:\WINDOWS\system32\catsrvps.dll
2009-12-20 05:05:00 ----A---- E:\WINDOWS\system32\catsrv.dll
2009-12-20 05:04:59 ----A---- E:\WINDOWS\system32\comuid.dll
2009-12-20 05:04:59 ----A---- E:\WINDOWS\system32\comsvcs.dll
2009-12-20 05:04:59 ----A---- E:\WINDOWS\system32\comsnap.dll
2009-12-20 05:04:58 ----A---- E:\WINDOWS\system32\clbcatq.dll
2009-12-20 05:04:52 ----A---- E:\WINDOWS\system32\servdeps.dll
2009-12-20 05:04:51 ----A---- E:\WINDOWS\system32\mmfutil.dll
2009-12-20 05:04:51 ----A---- E:\WINDOWS\system32\licwmi.dll
2009-12-20 05:04:51 ----A---- E:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2010-01-07 20:24:29 ----A---- E:\WINDOWS\win.ini
2009-12-20 05:45:48 ----A---- E:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASMMAP;ASMMAP; \??\E:\Program Files\ATKGFNEX\ASMMAP.sys []
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys []
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; E:\WINDOWS\system32\DRIVERS\athw.sys [2009-02-13 1503840]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\E:\PROGRA~1\ASUS\ATKHOT~1\ASNDIS5.SYS []
R3 ati2mtag;ati2mtag; E:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-04-10 3644416]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; E:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 ETD;ELAN PS/2 Port Input Device; E:\WINDOWS\system32\DRIVERS\ETD.sys [2009-04-21 89856]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; E:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; E:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 kbfiltr;Keyboard Filter; E:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 monfilt;monfilt; E:\WINDOWS\system32\drivers\monfilt.sys [2008-02-14 1389056]
R3 mouhid;Ovladač myši standardu HID; E:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; E:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-24 5760]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; E:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-10-30 117888]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); E:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; E:\WINDOWS\system32\drivers\srs_PremiumSound_i386.sys [2009-04-01 233128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; E:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbfilter;AMD USB Filter Driver; E:\WINDOWS\system32\DRIVERS\usbfilter.sys [2008-05-28 22072]
R3 usbhub;Rozbočovač umožnující USB2; E:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; E:\WINDOWS\system32\drivers\viahduaa.sys [2009-04-28 1131264]
S3 afznny51;afznny51; E:\WINDOWS\system32\drivers\afznny51.sys []
S3 CCDECODE;Dekodér Closed Caption; E:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 CRFILTER;USB Mass Storage Filter; E:\WINDOWS\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
S3 ipswuio;ipswuio; E:\WINDOWS\System32\DRIVERS\ipswuio.sys [2007-08-01 41656]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; E:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; E:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; E:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 SLIP;BDA Slip De-Framer; E:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; E:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; E:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; E:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbvideo;Zobrazovací zařízení USB (WDM); E:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 WSTCODEC;Dálnopisný kodek světového standardu; E:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; E:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-04-27 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; E:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-04-27 82944]
S4 IntelIde;IntelIde; E:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADSMService;ADSM Service; E:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 Ati HotKey Poller;Ati HotKey Poller; E:\WINDOWS\system32\Ati2evxx.exe [2009-04-10 602112]
R2 ATKGFNEXSrv;ATKGFNEX Service; E:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 SRS_VolSync_Service;SRS Volume Sync Service; E:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-04-07 70880]
R2 WinDefend;Windows Defender; E:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 NMIndexingService;NMIndexingService; E:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 aspnet_state;ASP.NET State Service; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; E:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 odserv;Microsoft Office Diagnostics Service; E:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; E:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; E:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; E:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

Děkuju alespoň za přečtení a váš čas, s přáním hezkého večera, Karel Novotný

[cernohous13]

Zdravím,

Stáhni si ComboFix
a ulož ho na plochu. - zatím nespouštěj
Ukonči všechna aktivní okna,vypni Antispy a Antivir
Otevři Poznámkový blok (Notepad) a zkopíruj celý zelený text z "CFscriptu".
Soubor ulož na plochu jako CFscript.txt a jeho ikonu přetáhni myší nad ikonu ComboFixu - tam pusť.

- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna a nic nespouštěj
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Kdyby ti po použití ComboFixu systém nenaběhl - při restartu F8 a poslední známá funkční konfigurace

CFscript

Kód: Vybrat vše

KillAll::

Folder::
c:\windows\graphic

Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"graphic"=-

Stáhni a nainstaluj MBAM z odkazu v mém podpisu.
Spustit > na 3.záložce "Aktualizace" > Kontrola aktualizací
následně na 1.záložce "Skener" > Provést rychlý sken > Skenovat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení

[LosTKarlosT]

Dobré dopoledne, vše proběhlo dle pokynů a tady je log za Combofixu :
ComboFix 10-01-04.01 - Filip 08.01.2010 10:25:22.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2789 [GMT 1:00]
Spuštěný z: e:\documents and settings\Filip\Plocha\ComboFix.exe
Použité ovládací přepínače :: e:\documents and settings\Filip\Plocha\CFscript.txt
AV: avast! antivirus 4.8.1356 [VPS 091023-0] *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

E:\data
e:\data\WINDOWSDEFENDER.EXE

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-08 do 2010-01-08 )))))))))))))))))))))))))))))))
.

2010-01-08 04:14 . 2005-02-25 03:34 22752 ----a-w- e:\windows\system32\spupdsvc.exe
2010-01-08 03:33 . 2009-09-15 11:54 52368 ----a-w- e:\windows\system32\drivers\aswTdi.sys
2010-01-08 03:33 . 2009-09-15 11:54 23152 ----a-w- e:\windows\system32\drivers\aswRdr.sys
2010-01-08 03:33 . 2009-09-15 11:53 27408 ----a-w- e:\windows\system32\drivers\aavmker4.sys
2010-01-08 03:33 . 2009-09-15 11:53 97480 ----a-w- e:\windows\system32\AvastSS.scr
2010-01-08 03:33 . 2009-09-15 11:56 93424 ----a-w- e:\windows\system32\drivers\aswmon.sys
2010-01-08 03:33 . 2009-09-15 11:56 94160 ----a-w- e:\windows\system32\drivers\aswmon2.sys
2010-01-08 03:33 . 2009-09-15 11:55 114768 ----a-w- e:\windows\system32\drivers\aswSP.sys
2010-01-08 03:33 . 2009-09-15 11:55 20560 ----a-w- e:\windows\system32\drivers\aswFsBlk.sys
2010-01-08 03:32 . 2009-09-15 11:59 1279968 ----a-w- e:\windows\system32\aswBoot.exe
2010-01-08 03:32 . 2003-03-18 21:20 1060864 ----a-w- e:\windows\system32\MFC71.dll
2010-01-08 03:32 . 2003-03-18 20:14 499712 ----a-w- e:\windows\system32\MSVCP71.dll
2010-01-08 03:32 . 2003-02-21 04:42 348160 ----a-w- e:\windows\system32\MSVCR71.dll
2010-01-08 03:32 . 2010-01-08 03:32 -------- d-----w- e:\program files\Alwil Software
2010-01-07 21:54 . 2010-01-07 21:54 -------- d-----w- e:\program files\trend micro
2010-01-07 21:54 . 2010-01-07 22:21 -------- d-----w- E:\rsit
2010-01-07 20:45 . 2010-01-07 15:07 38224 ----a-w- e:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 20:45 . 2010-01-08 09:11 -------- d-----w- e:\program files\Malwarebytes' Anti-Malware
2010-01-07 20:45 . 2010-01-07 15:07 19160 ----a-w- e:\windows\system32\drivers\mbam.sys
2010-01-07 20:30 . 2010-01-07 20:30 -------- d-----w- e:\program files\Common Files\Nero
2010-01-07 20:30 . 2010-01-07 20:30 -------- d-----w- e:\program files\Nero
2010-01-07 19:58 . 2005-05-26 14:34 2297552 ----a-w- e:\windows\system32\d3dx9_26.dll
2010-01-07 19:27 . 2010-01-07 19:27 -------- d-----w- e:\program files\Microsoft Works
2010-01-07 19:26 . 2010-01-07 19:26 -------- d-----w- e:\program files\Microsoft.NET
2010-01-07 19:24 . 2010-01-07 19:24 -------- d-----w- e:\windows\SHELLNEW
2010-01-07 19:23 . 2010-01-07 19:23 -------- d-----r- E:\MSOCache
2010-01-07 19:13 . 2010-01-07 19:13 -------- d-----w- e:\program files\VideoLAN
2010-01-07 18:51 . 2010-01-07 18:51 107888 ----a-w- e:\windows\system32\CmdLineExt.dll
2010-01-07 18:39 . 2010-01-07 18:39 0 ----a-w- e:\windows\nsreg.dat
2010-01-07 18:36 . 2010-01-07 18:36 -------- d-----w- e:\program files\Winamp Detect
2010-01-07 18:36 . 2010-01-07 18:36 -------- d-----w- e:\program files\Winamp
2010-01-07 18:32 . 2010-01-07 20:07 -------- d-----w- e:\program files\Google
2010-01-07 18:30 . 2007-03-15 15:57 443752 ----a-w- e:\windows\system32\d3dx10_33.dll
2010-01-07 18:30 . 2007-03-12 15:42 1123696 ----a-w- e:\windows\system32\D3DCompiler_33.dll
2010-01-07 18:30 . 2007-03-12 15:42 3495784 ----a-w- e:\windows\system32\d3dx9_33.dll
2010-01-07 18:28 . 2010-01-07 18:28 -------- d-sh--w- e:\windows\ftpcache
2010-01-07 17:09 . 2010-01-07 17:09 -------- d-----w- e:\documents and settings\Guest
2010-01-07 17:09 . 2010-01-07 17:09 -------- d-----w- e:\documents and settings\Guest\Data aplikací
2010-01-07 16:26 . 2010-01-07 16:26 691696 ----a-w- e:\windows\system32\drivers\sptd.sys
2010-01-07 16:26 . 2010-01-07 17:34 -------- d-----w- e:\program files\DAEMON Tools Lite
2010-01-07 16:25 . 2010-01-07 16:25 -------- d-----w- e:\program files\7-Zip
2010-01-07 16:25 . 2010-01-07 16:25 -------- d-----w- e:\program files\CCleaner
2010-01-05 08:53 . 2001-10-24 08:54 12160 -c--a-w- e:\windows\system32\dllcache\mouhid.sys
2010-01-05 08:53 . 2001-10-24 08:54 12160 ----a-w- e:\windows\system32\drivers\mouhid.sys
2010-01-05 08:53 . 2008-04-13 21:15 10368 -c--a-w- e:\windows\system32\dllcache\hidusb.sys
2010-01-05 08:53 . 2008-04-13 21:15 10368 ----a-w- e:\windows\system32\drivers\hidusb.sys
2010-01-05 08:22 . 2008-04-13 21:15 26368 -c--a-w- e:\windows\system32\dllcache\usbstor.sys
2010-01-05 06:59 . 2010-01-05 06:59 -------- d-----w- e:\program files\Common Files\Adobe AIR
2010-01-05 06:58 . 2010-01-05 06:59 -------- d-----w- e:\program files\Common Files\Adobe
2010-01-05 06:58 . 2010-01-05 06:58 47672 ----a-w- e:\windows\AsScrProlog.exe
2010-01-05 06:58 . 2010-01-05 06:58 4814371 ----a-w- e:\windows\ASUS Camera ScreenSaver.exe
2010-01-05 06:58 . 2010-01-05 06:58 281144 ----a-w- e:\windows\ASUS Camera ScreenSaver Uninstaller.exe
2010-01-05 06:58 . 2010-01-05 07:35 -------- d-----w- e:\windows\system32\Asus_Camera_ScreenSaver dir
2010-01-05 06:58 . 2010-01-05 06:58 520192 ----a-w- e:\windows\system32\Asus_Camera_ScreenSaver.scr
2010-01-05 06:58 . 2010-01-05 06:58 3054136 ----a-w- e:\windows\AsScrPro.exe
2010-01-05 06:58 . 2005-07-06 14:43 155648 ----a-w- e:\windows\system32\ACEngSvr.exe
2010-01-05 06:57 . 2009-04-01 13:12 233128 ----a-r- e:\windows\system32\drivers\SRS_PremiumSound_i386.sys
2010-01-05 06:57 . 2010-01-05 06:57 -------- d-----w- e:\program files\SRS Labs
2010-01-05 06:56 . 2007-08-10 19:19 29752 ----a-w- e:\windows\system32\drivers\AsDsm.sys
2010-01-05 06:56 . 2007-08-01 13:51 41656 ------w- e:\windows\system32\drivers\ipswuio.sys
2010-01-05 06:55 . 2010-01-05 06:55 -------- d-----w- e:\program files\ATKGFNEX
2010-01-05 06:53 . 2010-01-05 06:53 -------- d-----w- e:\program files\Wireless Console 2
2010-01-05 06:51 . 2008-08-26 10:02 1580 ----a-r- e:\windows\Uninstsxga.bat
2010-01-05 06:51 . 2008-06-25 19:38 2052 ----a-r- e:\windows\Uninstvga.bat
2010-01-05 06:51 . 2008-06-25 19:00 1682 ----a-r- e:\windows\Uninstuxga.bat
2010-01-05 06:51 . 2008-05-22 09:52 294912 ----a-r- e:\windows\system32\vsnp2uvc.dll
2010-01-05 06:51 . 2008-05-12 11:20 28672 ----a-r- e:\windows\system32\drivers\sncduvc.sys
2010-01-05 06:51 . 2008-03-21 21:44 384 ----a-r- e:\windows\Uninstvga.reg
2010-01-05 06:51 . 2008-03-21 21:44 386 ----a-r- e:\windows\Uninstsxga.reg
2010-01-05 06:51 . 2008-03-21 21:38 386 ----a-r- e:\windows\Uninstuxga.reg
2010-01-05 06:51 . 2006-11-23 22:20 11776 ----a-r- e:\windows\DrvInst.exe
2010-01-05 06:51 . 2008-08-11 10:14 1752704 ----a-r- e:\windows\system32\drivers\snp2uvc.sys
2010-01-05 06:51 . 2010-01-05 06:51 -------- d-----w- e:\program files\Multimedia Card Reader
2010-01-05 06:50 . 2010-01-05 06:50 -------- d-----w- e:\program files\Atheros
2010-01-05 06:50 . 2009-02-13 17:00 1503840 ----a-w- e:\windows\system32\drivers\athw.sys
2010-01-05 06:50 . 2009-02-13 17:00 1503840 ----a-w- e:\windows\system32\athw.sys
2010-01-05 06:49 . 2008-10-30 21:14 117888 ----a-r- e:\windows\system32\drivers\Rtenicxp.sys
2010-01-05 06:49 . 2008-07-16 22:35 9728 ----a-r- e:\windows\system32\RtNicProp32.dll
2010-01-05 06:49 . 2010-01-05 06:49 -------- d-----w- e:\windows\OPTIONS
2010-01-05 06:49 . 2010-01-05 06:49 -------- d-----w- e:\program files\Realtek
2010-01-05 06:47 . 2010-01-05 06:47 -------- d-----w- e:\program files\Elantech
2010-01-05 06:47 . 2009-04-21 18:42 89856 ----a-r- e:\windows\system32\drivers\ETD.sys
2010-01-05 06:46 . 2010-01-05 06:46 -------- d-----w- e:\program files\ATKOSD2
2010-01-05 06:46 . 2008-11-03 15:03 13880 ----a-r- e:\windows\system32\drivers\kbfiltr.sys
2010-01-05 06:46 . 2010-01-05 06:58 -------- d-----w- e:\program files\ASUS
2010-01-05 06:45 . 2010-01-05 06:45 0 ----a-w- e:\windows\ativpsrm.bin
2010-01-05 06:42 . 2009-04-10 01:59 311296 ----a-r- e:\windows\system32\atiiiexx.dll
2010-01-05 06:42 . 2009-04-10 02:17 442368 ----a-r- e:\windows\system32\ATIDEMGX.dll
2010-01-05 06:42 . 2009-04-10 01:42 887724 ----a-r- e:\windows\system32\ativva6x.dat
2010-01-05 06:42 . 2009-04-10 01:42 3107788 ----a-r- e:\windows\system32\ativva5x.dat
2010-01-05 06:42 . 2009-04-01 19:59 188348 ----a-r- e:\windows\system32\atiicdxx.dat
2010-01-05 06:42 . 2010-01-05 06:44 -------- d-----w- e:\program files\ATI Technologies
2010-01-05 06:42 . 2010-01-07 19:59 -------- d--h--w- e:\program files\InstallShield Installation Information
2010-01-05 06:41 . 2010-01-05 06:48 -------- d-----w- e:\program files\Common Files\InstallShield
2010-01-05 06:38 . 2007-08-24 11:46 5760 ----a-r- e:\windows\system32\drivers\ATKACPI.sys
2010-01-05 06:36 . 2010-01-05 06:36 -------- d-----w- e:\program files\DIFX
2010-01-05 06:36 . 2010-01-05 06:36 -------- dc----w- e:\windows\system32\DRVSTORE
2010-01-05 06:36 . 2008-05-28 16:54 22072 ----a-w- e:\windows\system32\drivers\usbfilter.sys
2010-01-05 06:36 . 2010-01-05 06:36 -------- d-----w- e:\program files\AMD

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-07 17:54 . 2010-01-07 17:54 0 ----a-w- e:\windows\system32\drivers\1043_ASUSTeK_K50AB.alu
2010-01-07 14:33 . 2009-12-20 04:09 86327 ----a-w- e:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-07 14:33 . 2009-12-20 04:09 2426 ----a-w- e:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-07 14:30 . 2009-12-20 04:09 8972 ----a-w- e:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-05 06:51 . 2001-10-25 16:00 68934 ----a-w- e:\windows\system32\perfc005.dat
2010-01-05 06:51 . 2001-10-25 16:00 389902 ----a-w- e:\windows\system32\perfh005.dat
2010-01-05 06:48 . 2010-01-05 06:48 -------- d-----w- e:\program files\VIA
2009-12-20 04:20 . 2009-12-20 04:20 -------- d-----w- e:\program files\Windows Defender
2009-12-20 04:10 . 2009-12-20 04:10 -------- d-----w- e:\program files\microsoft frontpage
2009-12-20 04:06 . 2009-12-20 04:06 21812 ----a-w- e:\windows\system32\emptyregdb.dat
2009-12-20 04:05 . 2009-12-20 04:05 -------- d-----w- e:\program files\Windows Media Connect 2
.

------- Sigcheck -------

[-] 2008-04-27 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . e:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- e:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="e:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"SRS Premium Sound"="e:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-04-07 3405048]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="e:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"MSMSGS"="e:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="e:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="e:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-09 61440]
"HControlUser"="e:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-04-01 98304]
"ATKHOTKEY"="e:\program files\ASUS\ATK Hotkey\HControl.exe" [2009-04-23 178744]
"ATKOSD2"="e:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"ETDWare"="e:\program files\Elantech\ETDCtrl.exe" [2009-04-21 534528]
"HDAudDeck"="e:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-04-30 33619968]
"ATKMEDIA"="e:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-24 159744]
"Wireless Console 2"="e:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ASUS Live Update"="e:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"Net4Switch"="c:\program files\ASUS\Net4Switch\Net4Switch.exe" [2007-11-20 1145400]
"ADSMTray"="e:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-03-31 266240]
"ACMON"="e:\program files\ASUS\Splendid\ACMON.exe" [2009-06-16 540672]
"ASUS Screen Saver Protector"="e:\windows\AsScrPro.exe" [2010-01-05 3054136]
"ASUS Camera ScreenSaver"="e:\windows\AsScrProlog.exe" [2010-01-05 47672]
"Adobe Reader Speed Launcher"="e:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-12-03 35184]
"NeroFilterCheck"="e:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"avast!"="e:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

e:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
FancyStart daemon.lnk - e:\windows\Installer\{567C654B-7FE9-4970-8323-56E8191D1941}\_71A97E24F422AA49EDBF39.exe [2010-1-5 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Aspwdflt]
2008-04-19 22:11 1556480 ----a-w- e:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

R0 sptd;sptd;e:\windows\system32\drivers\sptd.sys [7.1.2010 17:26 691696]
R1 aswSP;avast! Self Protection;e:\windows\system32\drivers\aswSP.sys [8.1.2010 4:33 114768]
R2 aswFsBlk;aswFsBlk;e:\windows\system32\drivers\aswFsBlk.sys [8.1.2010 4:33 20560]
R2 SRS_VolSync_Service;SRS Volume Sync Service;e:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [7.4.2009 10:04 70880]
R2 WinDefend;Windows Defender;e:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
R3 ETD;ELAN PS/2 Port Input Device;e:\windows\system32\drivers\ETD.sys [5.1.2010 7:47 89856]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;e:\windows\system32\drivers\SRS_PremiumSound_i386.sys [5.1.2010 7:57 233128]
R3 usbfilter;AMD USB Filter Driver;e:\windows\system32\drivers\usbfilter.sys [5.1.2010 7:36 22072]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;e:\windows\system32\drivers\viahduaa.sys [5.1.2010 7:48 1131264]
S3 CRFILTER;USB Mass Storage Filter;e:\windows\system32\drivers\CRFILTER.sys [7.4.2008 15:00 6656]
S3 ipswuio;ipswuio;e:\windows\system32\drivers\ipswuio.sys [5.1.2010 7:56 41656]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-08 e:\windows\Tasks\MP Scheduled Scan.job
- e:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = hxxp://dt-updates.com/activate?query=IAcf78JLJUy0lZq3FzyOiMC5cpxjJ52%2f5u6hs1p4whME1QnPhQO2CYnyWkiCRCyrJWZSbxtoSJx28%2fleF97fcNeHXzfxkrrhNC8Y6p8n12HLU0hPfan6ntGewAuzl1oQSfa4XZFA3%2bARUiEQroZfXddnBM2kc6MVPvSMQW71Ys4bf0DXlEprtrBT81BLCMwA3Q4rQZW05LkYMHmoJWX73MLaMNQaqGDp98%2bOJYB%2buhVei0rk45MKS7ilTjQO98RbdwRfi7SNpKFlapqJO48bUQYWfKa3IOtm6Dm75vrxPVo%3d
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - e:\documents and settings\Filip\Data aplikací\Mozilla\Firefox\Profiles\0yqd9l43.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - component: e:\program files\Mozilla Firefox\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-08 10:30
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = e:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

skenování skrytých souborů ...


E:\ADSM_PData_0150

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spoe.sys >>UNKNOWN [0x8A4BA938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba0ecf28
\Driver\ACPI -> ACPI.sys @ 0xb9e74cb8
\Driver\atapi -> atapi.sys @ 0xb9e09b40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Atheros AR9285 Wireless Network Adapter -> SendCompleteHandler -> NDIS.sys @ 0xb9d13bd4
PacketIndicateHandler -> NDIS.sys @ 0xb9d01a0d
SendHandler -> NDIS.sys @ 0xb9d15b40
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-527237240-515967899-1417001333-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8e,a5,58,95,86,ac,7b,e8,3f,eb,74,29,1a,7a,ad,a1,b0,fc,5f,8c,c7,c5,87,
e9,14,4d,30,67,53,e5,4a,3a,86,95,d8,e9,e4,60,5d,ed,67,9c,5c,f9,de,8f,c1,09,\
"??"=hex:75,08,08,d0,54,a2,d9,c6,77,67,39,ce,20,66,94,f9
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(740)
e:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
e:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1276)
e:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
e:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
e:\program files\Elantech\ETDApix.dll
e:\windows\system32\wpdshserviceobj.dll
e:\windows\system32\portabledevicetypes.dll
e:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
e:\windows\system32\Ati2evxx.exe
e:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
e:\program files\Alwil Software\Avast4\aswUpdSv.exe
e:\program files\ATKGFNEX\GFNEXSrv.exe
e:\program files\Alwil Software\Avast4\ashServ.exe
e:\windows\system32\Ati2evxx.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
e:\program files\Alwil Software\Avast4\ashMaiSv.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
e:\program files\Alwil Software\Avast4\ashWebSv.exe
e:\windows\system32\wscntfy.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
e:\program files\ASUS\ATK Hotkey\ATKOSD.exe
e:\program files\ASUS\ATK Hotkey\KBFiltr.exe
e:\program files\ASUS\ATK Hotkey\WDC.exe
e:\windows\system32\ACEngSvr.exe
e:\program files\Common Files\Nero\Lib\NMIndexingService.exe
.
**************************************************************************
.
Celkový čas: 2010-01-08 10:33:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-08 09:33

Před spuštěním: Volných bajtů: 43 484 909 568
Po spuštění: Volných bajtů: 44 158 709 760

- - End Of File - - 1999054805D971EB0CD141B9963732C0

přikládám také log z rychlého scanu z aktualizovaného MalwareByte´s Anti-Malware

ComboFix 10-01-04.01 - Filip 08.01.2010 10:25:22.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3327.2789 [GMT 1:00]
Spuštěný z: e:\documents and settings\Filip\Plocha\ComboFix.exe
Použité ovládací přepínače :: e:\documents and settings\Filip\Plocha\CFscript.txt
AV: avast! antivirus 4.8.1356 [VPS 091023-0] *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

E:\data
e:\data\WINDOWSDEFENDER.EXE

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-08 do 2010-01-08 )))))))))))))))))))))))))))))))
.

2010-01-08 04:14 . 2005-02-25 03:34 22752 ----a-w- e:\windows\system32\spupdsvc.exe
2010-01-08 03:33 . 2009-09-15 11:54 52368 ----a-w- e:\windows\system32\drivers\aswTdi.sys
2010-01-08 03:33 . 2009-09-15 11:54 23152 ----a-w- e:\windows\system32\drivers\aswRdr.sys
2010-01-08 03:33 . 2009-09-15 11:53 27408 ----a-w- e:\windows\system32\drivers\aavmker4.sys
2010-01-08 03:33 . 2009-09-15 11:53 97480 ----a-w- e:\windows\system32\AvastSS.scr
2010-01-08 03:33 . 2009-09-15 11:56 93424 ----a-w- e:\windows\system32\drivers\aswmon.sys
2010-01-08 03:33 . 2009-09-15 11:56 94160 ----a-w- e:\windows\system32\drivers\aswmon2.sys
2010-01-08 03:33 . 2009-09-15 11:55 114768 ----a-w- e:\windows\system32\drivers\aswSP.sys
2010-01-08 03:33 . 2009-09-15 11:55 20560 ----a-w- e:\windows\system32\drivers\aswFsBlk.sys
2010-01-08 03:32 . 2009-09-15 11:59 1279968 ----a-w- e:\windows\system32\aswBoot.exe
2010-01-08 03:32 . 2003-03-18 21:20 1060864 ----a-w- e:\windows\system32\MFC71.dll
2010-01-08 03:32 . 2003-03-18 20:14 499712 ----a-w- e:\windows\system32\MSVCP71.dll
2010-01-08 03:32 . 2003-02-21 04:42 348160 ----a-w- e:\windows\system32\MSVCR71.dll
2010-01-08 03:32 . 2010-01-08 03:32 -------- d-----w- e:\program files\Alwil Software
2010-01-07 21:54 . 2010-01-07 21:54 -------- d-----w- e:\program files\trend micro
2010-01-07 21:54 . 2010-01-07 22:21 -------- d-----w- E:\rsit
2010-01-07 20:45 . 2010-01-07 15:07 38224 ----a-w- e:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 20:45 . 2010-01-08 09:11 -------- d-----w- e:\program files\Malwarebytes' Anti-Malware
2010-01-07 20:45 . 2010-01-07 15:07 19160 ----a-w- e:\windows\system32\drivers\mbam.sys
2010-01-07 20:30 . 2010-01-07 20:30 -------- d-----w- e:\program files\Common Files\Nero
2010-01-07 20:30 . 2010-01-07 20:30 -------- d-----w- e:\program files\Nero
2010-01-07 19:58 . 2005-05-26 14:34 2297552 ----a-w- e:\windows\system32\d3dx9_26.dll
2010-01-07 19:27 . 2010-01-07 19:27 -------- d-----w- e:\program files\Microsoft Works
2010-01-07 19:26 . 2010-01-07 19:26 -------- d-----w- e:\program files\Microsoft.NET
2010-01-07 19:24 . 2010-01-07 19:24 -------- d-----w- e:\windows\SHELLNEW
2010-01-07 19:23 . 2010-01-07 19:23 -------- d-----r- E:\MSOCache
2010-01-07 19:13 . 2010-01-07 19:13 -------- d-----w- e:\program files\VideoLAN
2010-01-07 18:51 . 2010-01-07 18:51 107888 ----a-w- e:\windows\system32\CmdLineExt.dll
2010-01-07 18:39 . 2010-01-07 18:39 0 ----a-w- e:\windows\nsreg.dat
2010-01-07 18:36 . 2010-01-07 18:36 -------- d-----w- e:\program files\Winamp Detect
2010-01-07 18:36 . 2010-01-07 18:36 -------- d-----w- e:\program files\Winamp
2010-01-07 18:32 . 2010-01-07 20:07 -------- d-----w- e:\program files\Google
2010-01-07 18:30 . 2007-03-15 15:57 443752 ----a-w- e:\windows\system32\d3dx10_33.dll
2010-01-07 18:30 . 2007-03-12 15:42 1123696 ----a-w- e:\windows\system32\D3DCompiler_33.dll
2010-01-07 18:30 . 2007-03-12 15:42 3495784 ----a-w- e:\windows\system32\d3dx9_33.dll
2010-01-07 18:28 . 2010-01-07 18:28 -------- d-sh--w- e:\windows\ftpcache
2010-01-07 17:09 . 2010-01-07 17:09 -------- d-----w- e:\documents and settings\Guest
2010-01-07 17:09 . 2010-01-07 17:09 -------- d-----w- e:\documents and settings\Guest\Data aplikací
2010-01-07 16:26 . 2010-01-07 16:26 691696 ----a-w- e:\windows\system32\drivers\sptd.sys
2010-01-07 16:26 . 2010-01-07 17:34 -------- d-----w- e:\program files\DAEMON Tools Lite
2010-01-07 16:25 . 2010-01-07 16:25 -------- d-----w- e:\program files\7-Zip
2010-01-07 16:25 . 2010-01-07 16:25 -------- d-----w- e:\program files\CCleaner
2010-01-05 08:53 . 2001-10-24 08:54 12160 -c--a-w- e:\windows\system32\dllcache\mouhid.sys
2010-01-05 08:53 . 2001-10-24 08:54 12160 ----a-w- e:\windows\system32\drivers\mouhid.sys
2010-01-05 08:53 . 2008-04-13 21:15 10368 -c--a-w- e:\windows\system32\dllcache\hidusb.sys
2010-01-05 08:53 . 2008-04-13 21:15 10368 ----a-w- e:\windows\system32\drivers\hidusb.sys
2010-01-05 08:22 . 2008-04-13 21:15 26368 -c--a-w- e:\windows\system32\dllcache\usbstor.sys
2010-01-05 06:59 . 2010-01-05 06:59 -------- d-----w- e:\program files\Common Files\Adobe AIR
2010-01-05 06:58 . 2010-01-05 06:59 -------- d-----w- e:\program files\Common Files\Adobe
2010-01-05 06:58 . 2010-01-05 06:58 47672 ----a-w- e:\windows\AsScrProlog.exe
2010-01-05 06:58 . 2010-01-05 06:58 4814371 ----a-w- e:\windows\ASUS Camera ScreenSaver.exe
2010-01-05 06:58 . 2010-01-05 06:58 281144 ----a-w- e:\windows\ASUS Camera ScreenSaver Uninstaller.exe
2010-01-05 06:58 . 2010-01-05 07:35 -------- d-----w- e:\windows\system32\Asus_Camera_ScreenSaver dir
2010-01-05 06:58 . 2010-01-05 06:58 520192 ----a-w- e:\windows\system32\Asus_Camera_ScreenSaver.scr
2010-01-05 06:58 . 2010-01-05 06:58 3054136 ----a-w- e:\windows\AsScrPro.exe
2010-01-05 06:58 . 2005-07-06 14:43 155648 ----a-w- e:\windows\system32\ACEngSvr.exe
2010-01-05 06:57 . 2009-04-01 13:12 233128 ----a-r- e:\windows\system32\drivers\SRS_PremiumSound_i386.sys
2010-01-05 06:57 . 2010-01-05 06:57 -------- d-----w- e:\program files\SRS Labs
2010-01-05 06:56 . 2007-08-10 19:19 29752 ----a-w- e:\windows\system32\drivers\AsDsm.sys
2010-01-05 06:56 . 2007-08-01 13:51 41656 ------w- e:\windows\system32\drivers\ipswuio.sys
2010-01-05 06:55 . 2010-01-05 06:55 -------- d-----w- e:\program files\ATKGFNEX
2010-01-05 06:53 . 2010-01-05 06:53 -------- d-----w- e:\program files\Wireless Console 2
2010-01-05 06:51 . 2008-08-26 10:02 1580 ----a-r- e:\windows\Uninstsxga.bat
2010-01-05 06:51 . 2008-06-25 19:38 2052 ----a-r- e:\windows\Uninstvga.bat
2010-01-05 06:51 . 2008-06-25 19:00 1682 ----a-r- e:\windows\Uninstuxga.bat
2010-01-05 06:51 . 2008-05-22 09:52 294912 ----a-r- e:\windows\system32\vsnp2uvc.dll
2010-01-05 06:51 . 2008-05-12 11:20 28672 ----a-r- e:\windows\system32\drivers\sncduvc.sys
2010-01-05 06:51 . 2008-03-21 21:44 384 ----a-r- e:\windows\Uninstvga.reg
2010-01-05 06:51 . 2008-03-21 21:44 386 ----a-r- e:\windows\Uninstsxga.reg
2010-01-05 06:51 . 2008-03-21 21:38 386 ----a-r- e:\windows\Uninstuxga.reg
2010-01-05 06:51 . 2006-11-23 22:20 11776 ----a-r- e:\windows\DrvInst.exe
2010-01-05 06:51 . 2008-08-11 10:14 1752704 ----a-r- e:\windows\system32\drivers\snp2uvc.sys
2010-01-05 06:51 . 2010-01-05 06:51 -------- d-----w- e:\program files\Multimedia Card Reader
2010-01-05 06:50 . 2010-01-05 06:50 -------- d-----w- e:\program files\Atheros
2010-01-05 06:50 . 2009-02-13 17:00 1503840 ----a-w- e:\windows\system32\drivers\athw.sys
2010-01-05 06:50 . 2009-02-13 17:00 1503840 ----a-w- e:\windows\system32\athw.sys
2010-01-05 06:49 . 2008-10-30 21:14 117888 ----a-r- e:\windows\system32\drivers\Rtenicxp.sys
2010-01-05 06:49 . 2008-07-16 22:35 9728 ----a-r- e:\windows\system32\RtNicProp32.dll
2010-01-05 06:49 . 2010-01-05 06:49 -------- d-----w- e:\windows\OPTIONS
2010-01-05 06:49 . 2010-01-05 06:49 -------- d-----w- e:\program files\Realtek
2010-01-05 06:47 . 2010-01-05 06:47 -------- d-----w- e:\program files\Elantech
2010-01-05 06:47 . 2009-04-21 18:42 89856 ----a-r- e:\windows\system32\drivers\ETD.sys
2010-01-05 06:46 . 2010-01-05 06:46 -------- d-----w- e:\program files\ATKOSD2
2010-01-05 06:46 . 2008-11-03 15:03 13880 ----a-r- e:\windows\system32\drivers\kbfiltr.sys
2010-01-05 06:46 . 2010-01-05 06:58 -------- d-----w- e:\program files\ASUS
2010-01-05 06:45 . 2010-01-05 06:45 0 ----a-w- e:\windows\ativpsrm.bin
2010-01-05 06:42 . 2009-04-10 01:59 311296 ----a-r- e:\windows\system32\atiiiexx.dll
2010-01-05 06:42 . 2009-04-10 02:17 442368 ----a-r- e:\windows\system32\ATIDEMGX.dll
2010-01-05 06:42 . 2009-04-10 01:42 887724 ----a-r- e:\windows\system32\ativva6x.dat
2010-01-05 06:42 . 2009-04-10 01:42 3107788 ----a-r- e:\windows\system32\ativva5x.dat
2010-01-05 06:42 . 2009-04-01 19:59 188348 ----a-r- e:\windows\system32\atiicdxx.dat
2010-01-05 06:42 . 2010-01-05 06:44 -------- d-----w- e:\program files\ATI Technologies
2010-01-05 06:42 . 2010-01-07 19:59 -------- d--h--w- e:\program files\InstallShield Installation Information
2010-01-05 06:41 . 2010-01-05 06:48 -------- d-----w- e:\program files\Common Files\InstallShield
2010-01-05 06:38 . 2007-08-24 11:46 5760 ----a-r- e:\windows\system32\drivers\ATKACPI.sys
2010-01-05 06:36 . 2010-01-05 06:36 -------- d-----w- e:\program files\DIFX
2010-01-05 06:36 . 2010-01-05 06:36 -------- dc----w- e:\windows\system32\DRVSTORE
2010-01-05 06:36 . 2008-05-28 16:54 22072 ----a-w- e:\windows\system32\drivers\usbfilter.sys
2010-01-05 06:36 . 2010-01-05 06:36 -------- d-----w- e:\program files\AMD

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-07 17:54 . 2010-01-07 17:54 0 ----a-w- e:\windows\system32\drivers\1043_ASUSTeK_K50AB.alu
2010-01-07 14:33 . 2009-12-20 04:09 86327 ----a-w- e:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-01-07 14:33 . 2009-12-20 04:09 2426 ----a-w- e:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-01-07 14:30 . 2009-12-20 04:09 8972 ----a-w- e:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-01-05 06:51 . 2001-10-25 16:00 68934 ----a-w- e:\windows\system32\perfc005.dat
2010-01-05 06:51 . 2001-10-25 16:00 389902 ----a-w- e:\windows\system32\perfh005.dat
2010-01-05 06:48 . 2010-01-05 06:48 -------- d-----w- e:\program files\VIA
2009-12-20 04:20 . 2009-12-20 04:20 -------- d-----w- e:\program files\Windows Defender
2009-12-20 04:10 . 2009-12-20 04:10 -------- d-----w- e:\program files\microsoft frontpage
2009-12-20 04:06 . 2009-12-20 04:06 21812 ----a-w- e:\windows\system32\emptyregdb.dat
2009-12-20 04:05 . 2009-12-20 04:05 -------- d-----w- e:\program files\Windows Media Connect 2
.

------- Sigcheck -------

[-] 2008-04-27 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . e:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- e:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="e:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"SRS Premium Sound"="e:\program files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe" [2009-04-07 3405048]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="e:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"MSMSGS"="e:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"ctfmon.exe"="e:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="e:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"StartCCC"="e:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-04-09 61440]
"HControlUser"="e:\program files\ASUS\ATK Hotkey\HControlUser.exe" [2009-04-01 98304]
"ATKHOTKEY"="e:\program files\ASUS\ATK Hotkey\HControl.exe" [2009-04-23 178744]
"ATKOSD2"="e:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"ETDWare"="e:\program files\Elantech\ETDCtrl.exe" [2009-04-21 534528]
"HDAudDeck"="e:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-04-30 33619968]
"ATKMEDIA"="e:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-24 159744]
"Wireless Console 2"="e:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ASUS Live Update"="e:\program files\ASUS\ASUS Live Update\ALU.exe" [2007-11-30 51768]
"Power_Gear"="c:\program files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 90112]
"Net4Switch"="c:\program files\ASUS\Net4Switch\Net4Switch.exe" [2007-11-20 1145400]
"ADSMTray"="e:\program files\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2008-03-31 266240]
"ACMON"="e:\program files\ASUS\Splendid\ACMON.exe" [2009-06-16 540672]
"ASUS Screen Saver Protector"="e:\windows\AsScrPro.exe" [2010-01-05 3054136]
"ASUS Camera ScreenSaver"="e:\windows\AsScrProlog.exe" [2010-01-05 47672]
"Adobe Reader Speed Launcher"="e:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-12-03 35184]
"NeroFilterCheck"="e:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"avast!"="e:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-09-15 81000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="e:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

e:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
FancyStart daemon.lnk - e:\windows\Installer\{567C654B-7FE9-4970-8323-56E8191D1941}\_71A97E24F422AA49EDBF39.exe [2010-1-5 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Aspwdflt]
2008-04-19 22:11 1556480 ----a-w- e:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"e:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

R0 sptd;sptd;e:\windows\system32\drivers\sptd.sys [7.1.2010 17:26 691696]
R1 aswSP;avast! Self Protection;e:\windows\system32\drivers\aswSP.sys [8.1.2010 4:33 114768]
R2 aswFsBlk;aswFsBlk;e:\windows\system32\drivers\aswFsBlk.sys [8.1.2010 4:33 20560]
R2 SRS_VolSync_Service;SRS Volume Sync Service;e:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [7.4.2009 10:04 70880]
R2 WinDefend;Windows Defender;e:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
R3 ETD;ELAN PS/2 Port Input Device;e:\windows\system32\drivers\ETD.sys [5.1.2010 7:47 89856]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;e:\windows\system32\drivers\SRS_PremiumSound_i386.sys [5.1.2010 7:57 233128]
R3 usbfilter;AMD USB Filter Driver;e:\windows\system32\drivers\usbfilter.sys [5.1.2010 7:36 22072]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;e:\windows\system32\drivers\viahduaa.sys [5.1.2010 7:48 1131264]
S3 CRFILTER;USB Mass Storage Filter;e:\windows\system32\drivers\CRFILTER.sys [7.4.2008 15:00 6656]
S3 ipswuio;ipswuio;e:\windows\system32\drivers\ipswuio.sys [5.1.2010 7:56 41656]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-08 e:\windows\Tasks\MP Scheduled Scan.job
- e:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = hxxp://dt-updates.com/activate?query=IAcf78JLJUy0lZq3FzyOiMC5cpxjJ52%2f5u6hs1p4whME1QnPhQO2CYnyWkiCRCyrJWZSbxtoSJx28%2fleF97fcNeHXzfxkrrhNC8Y6p8n12HLU0hPfan6ntGewAuzl1oQSfa4XZFA3%2bARUiEQroZfXddnBM2kc6MVPvSMQW71Ys4bf0DXlEprtrBT81BLCMwA3Q4rQZW05LkYMHmoJWX73MLaMNQaqGDp98%2bOJYB%2buhVei0rk45MKS7ilTjQO98RbdwRfi7SNpKFlapqJO48bUQYWfKa3IOtm6Dm75vrxPVo%3d
IE: E&xportovat do aplikace Microsoft Excel - e:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - e:\documents and settings\Filip\Data aplikací\Mozilla\Firefox\Profiles\0yqd9l43.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - component: e:\program files\Mozilla Firefox\extensions\{463F6CA5-EE3C-4be1-B7E6-7FEE11953374}\platform\WINNT\components\FoxyTunes.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-08 10:30
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = e:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

skenování skrytých souborů ...


E:\ADSM_PData_0150

sken byl úspešně dokončen
skryté soubory: 1

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spoe.sys >>UNKNOWN [0x8A4BA938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba0ecf28
\Driver\ACPI -> ACPI.sys @ 0xb9e74cb8
\Driver\atapi -> atapi.sys @ 0xb9e09b40
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Atheros AR9285 Wireless Network Adapter -> SendCompleteHandler -> NDIS.sys @ 0xb9d13bd4
PacketIndicateHandler -> NDIS.sys @ 0xb9d01a0d
SendHandler -> NDIS.sys @ 0xb9d15b40
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-527237240-515967899-1417001333-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:8e,a5,58,95,86,ac,7b,e8,3f,eb,74,29,1a,7a,ad,a1,b0,fc,5f,8c,c7,c5,87,
e9,14,4d,30,67,53,e5,4a,3a,86,95,d8,e9,e4,60,5d,ed,67,9c,5c,f9,de,8f,c1,09,\
"??"=hex:75,08,08,d0,54,a2,d9,c6,77,67,39,ce,20,66,94,f9
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(740)
e:\program files\ASUS\ASUS Data Security Manager\ASPWDFLT.dll
e:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1276)
e:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll
e:\program files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll
e:\program files\Elantech\ETDApix.dll
e:\windows\system32\wpdshserviceobj.dll
e:\windows\system32\portabledevicetypes.dll
e:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
e:\windows\system32\Ati2evxx.exe
e:\program files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
e:\program files\Alwil Software\Avast4\aswUpdSv.exe
e:\program files\ATKGFNEX\GFNEXSrv.exe
e:\program files\Alwil Software\Avast4\ashServ.exe
e:\windows\system32\Ati2evxx.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
e:\program files\Alwil Software\Avast4\ashMaiSv.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
e:\program files\Alwil Software\Avast4\ashWebSv.exe
e:\windows\system32\wscntfy.exe
e:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
e:\program files\ASUS\ATK Hotkey\ATKOSD.exe
e:\program files\ASUS\ATK Hotkey\KBFiltr.exe
e:\program files\ASUS\ATK Hotkey\WDC.exe
e:\windows\system32\ACEngSvr.exe
e:\program files\Common Files\Nero\Lib\NMIndexingService.exe
.
**************************************************************************
.
Celkový čas: 2010-01-08 10:33:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-08 09:33

Před spuštěním: Volných bajtů: 43 484 909 568
Po spuštění: Volných bajtů: 44 158 709 760

- - End Of File - - 1999054805D971EB0CD141B9963732C0

Děkuju za váš čas, nechci skákat dokud jsem nepřeskočil, ale máme už vyhráno?
S díky,
Karel Novotný

[cernohous13]

Zkus dát ten log z MBAM (pokud je tam nějaký nález) a nový RSIT

[loucak]

Zdravím, mám taky problém s tímto virem a je možné, aby změnil nastavení BIOSU, nebo že by blokoval pokyny z něj? Myslel jsem, že přeinstaluji system z Recovery DVD, ale PC nejde nabutovat z DVD !! Poraďte co s tím. Děkuji

[cernohous13]

loucak vítej na fóru, ale založ si vlastní téma - byl by zmatek