Rootkit mbr physicaldrive0

[funnerno1]

Dobrý den, Avast mi už delší dobu hlásí tenhle rootkit, ale nedaří se mu jej odstranit. Pročítal jsem to tu a podle těchto příspěvků jsem se pokusil to vyřešit:
http://www.viry.cz/forum/viewtopic.php?f=13&t=110130
http://www.viry.cz/forum/viewtopic.php? ... icaldrive0

Provedl jsem postup s TDSSKiller. Combofix jsem vůbec nespouštěl (ale mám ho v PC).
Prosím tedy o kontrolu logů, přikládám jak z TDSSKilleru, tak z RSITu a zda mám spustit i Combofix, nebo už je vše hotovo.

V tom logu z TDSSKilleru by mě ještě zajímalo, co je tohle za neřáda:
11:24:21.0431 2744 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505

Mám totiž nějaký problém s ovladači USB portů, tak jestli to s tím nějak nesouvisí.

a tohle

11:25:21.0744 1320 sptd ( LockedFile.Multi.Generic ) - skipped by user
11:25:21.0744 1320 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

Děkuji za pomoc.

11:23:49.0603 3964 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
11:23:49.0900 3964 ============================================================
11:23:49.0900 3964 Current date / time: 2012/01/01 11:23:49.0900
11:23:49.0900 3964 SystemInfo:
11:23:49.0900 3964
11:23:49.0900 3964 OS Version: 5.1.2600 ServicePack: 3.0
11:23:49.0900 3964 Product type: Workstation
11:23:49.0900 3964 ComputerName: EEEPC
11:23:49.0900 3964 UserName: Pavel
11:23:49.0900 3964 Windows directory: C:\WINDOWS
11:23:49.0900 3964 System windows directory: C:\WINDOWS
11:23:49.0900 3964 Processor architecture: Intel x86
11:23:49.0900 3964 Number of processors: 2
11:23:49.0900 3964 Page size: 0x1000
11:23:49.0900 3964 Boot type: Normal boot
11:23:49.0900 3964 ============================================================
11:23:52.0150 3964 Initialize success
11:24:09.0603 2744 ============================================================
11:24:09.0603 2744 Scan started
11:24:09.0603 2744 Mode: Manual;
11:24:09.0603 2744 ============================================================
11:24:10.0213 2744 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
11:24:10.0213 2744 Aavmker4 - ok
11:24:10.0228 2744 Abiosdsk - ok
11:24:10.0244 2744 abp480n5 - ok
11:24:10.0322 2744 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:24:10.0338 2744 ACPI - ok
11:24:10.0384 2744 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
11:24:10.0384 2744 ACPIEC - ok
11:24:10.0400 2744 adpu160m - ok
11:24:10.0463 2744 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:24:10.0478 2744 aec - ok
11:24:10.0525 2744 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:24:10.0556 2744 AFD - ok
11:24:10.0588 2744 Aha154x - ok
11:24:10.0619 2744 aic78u2 - ok
11:24:10.0666 2744 aic78xx - ok
11:24:10.0775 2744 AliIde - ok
11:24:10.0806 2744 amsint - ok
11:24:10.0947 2744 AR5211 (6d5f95602b8d0d994d31a864872b38ef) C:\WINDOWS\system32\DRIVERS\ar5211.sys
11:24:10.0978 2744 AR5211 - ok
11:24:10.0994 2744 asc - ok
11:24:11.0025 2744 asc3350p - ok
11:24:11.0056 2744 asc3550 - ok
11:24:11.0150 2744 AsusACPI (12415a4b61ded200fe9932b47a35fa42) C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys
11:24:11.0150 2744 AsusACPI - ok
11:24:11.0228 2744 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
11:24:11.0228 2744 aswFsBlk - ok
11:24:11.0259 2744 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
11:24:11.0259 2744 aswMon2 - ok
11:24:11.0291 2744 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
11:24:11.0291 2744 aswRdr - ok
11:24:11.0369 2744 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
11:24:11.0384 2744 aswSnx - ok
11:24:11.0416 2744 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
11:24:11.0431 2744 aswSP - ok
11:24:11.0463 2744 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
11:24:11.0463 2744 aswTdi - ok
11:24:11.0525 2744 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:24:11.0525 2744 AsyncMac - ok
11:24:11.0572 2744 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:24:11.0572 2744 atapi - ok
11:24:11.0588 2744 Atdisk - ok
11:24:11.0650 2744 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:24:11.0650 2744 Atmarpc - ok
11:24:11.0681 2744 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:24:11.0681 2744 audstub - ok
11:24:11.0744 2744 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:24:11.0744 2744 Beep - ok
11:24:11.0822 2744 btaudio (4b43dfe1c1fbb305a1dc5504ef9bb34e) C:\WINDOWS\system32\drivers\btaudio.sys
11:24:11.0853 2744 btaudio - ok
11:24:11.0869 2744 BTDriver (2f9f111d31aa3fbbe5781d829a4524e6) C:\WINDOWS\system32\DRIVERS\btport.sys
11:24:11.0884 2744 BTDriver - ok
11:24:12.0025 2744 BTKRNL (70455baffc078b6152d1e52376296467) C:\WINDOWS\system32\DRIVERS\btkrnl.sys
11:24:12.0072 2744 BTKRNL - ok
11:24:12.0103 2744 BTWDNDIS (485020a1e1fc5c51a800ca69c618d881) C:\WINDOWS\system32\DRIVERS\btwdndis.sys
11:24:12.0103 2744 BTWDNDIS - ok
11:24:12.0150 2744 BTWUSB (2cfc2bd8785f82a42fcad83de1fa5a36) C:\WINDOWS\system32\Drivers\btwusb.sys
11:24:12.0166 2744 BTWUSB - ok
11:24:12.0353 2744 catchme - ok
11:24:12.0509 2744 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:24:12.0509 2744 cbidf2k - ok
11:24:12.0556 2744 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:24:12.0556 2744 CCDECODE - ok
11:24:12.0572 2744 cd20xrnt - ok
11:24:12.0634 2744 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:24:12.0650 2744 Cdaudio - ok
11:24:12.0666 2744 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:24:12.0681 2744 Cdfs - ok
11:24:12.0759 2744 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:24:12.0775 2744 Cdrom - ok
11:24:12.0791 2744 Changer - ok
11:24:12.0838 2744 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
11:24:12.0838 2744 CmBatt - ok
11:24:12.0869 2744 CmdIde - ok
11:24:12.0963 2744 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
11:24:12.0978 2744 Compbatt - ok
11:24:13.0009 2744 Cpqarray - ok
11:24:13.0041 2744 dac2w2k - ok
11:24:13.0056 2744 dac960nt - ok
11:24:13.0088 2744 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:24:13.0103 2744 Disk - ok
11:24:13.0181 2744 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
11:24:13.0213 2744 dmboot - ok
11:24:13.0259 2744 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
11:24:13.0275 2744 dmio - ok
11:24:13.0306 2744 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:24:13.0322 2744 dmload - ok
11:24:13.0369 2744 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:24:13.0384 2744 DMusic - ok
11:24:13.0400 2744 dpti2o - ok
11:24:13.0431 2744 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:24:13.0447 2744 drmkaud - ok
11:24:13.0556 2744 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:24:13.0572 2744 Fastfat - ok
11:24:13.0603 2744 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
11:24:13.0603 2744 Fdc - ok
11:24:13.0634 2744 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
11:24:13.0650 2744 Fips - ok
11:24:13.0744 2744 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
11:24:13.0759 2744 Flpydisk - ok
11:24:13.0822 2744 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:24:13.0838 2744 FltMgr - ok
11:24:13.0916 2744 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
11:24:13.0931 2744 FsUsbExDisk - ok
11:24:13.0963 2744 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:24:13.0963 2744 Fs_Rec - ok
11:24:14.0041 2744 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:24:14.0056 2744 Ftdisk - ok
11:24:14.0134 2744 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:24:14.0134 2744 Gpc - ok
11:24:14.0244 2744 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:24:14.0259 2744 HDAudBus - ok
11:24:14.0291 2744 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:24:14.0291 2744 HidUsb - ok
11:24:14.0306 2744 hpn - ok
11:24:14.0416 2744 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:24:14.0416 2744 HTTP - ok
11:24:14.0447 2744 i2omgmt - ok
11:24:14.0463 2744 i2omp - ok
11:24:14.0541 2744 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:24:14.0556 2744 i8042prt - ok
11:24:14.0884 2744 ialm (0f68e2ec713f132ffb19e45415b09679) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
11:24:15.0119 2744 ialm - ok
11:24:15.0181 2744 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:24:15.0197 2744 Imapi - ok
11:24:15.0213 2744 ini910u - ok
11:24:15.0478 2744 IntcAzAudAddService (c73a4a48fbb3d00c7dbc6fe4f5e3675f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:24:15.0650 2744 IntcAzAudAddService - ok
11:24:15.0666 2744 IntelIde - ok
11:24:15.0728 2744 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:24:15.0744 2744 intelppm - ok
11:24:15.0775 2744 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:24:15.0791 2744 Ip6Fw - ok
11:24:15.0806 2744 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:24:15.0822 2744 IpFilterDriver - ok
11:24:15.0853 2744 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:24:15.0853 2744 IpInIp - ok
11:24:15.0884 2744 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:24:15.0900 2744 IpNat - ok
11:24:15.0978 2744 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:24:15.0978 2744 IPSec - ok
11:24:16.0056 2744 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:24:16.0056 2744 IRENUM - ok
11:24:16.0134 2744 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:24:16.0134 2744 isapnp - ok
11:24:16.0228 2744 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:24:16.0244 2744 Kbdclass - ok
11:24:16.0322 2744 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:24:16.0338 2744 kmixer - ok
11:24:16.0463 2744 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:24:16.0509 2744 KSecDD - ok
11:24:16.0744 2744 Ktp (6e775ade642556c6d43450d16d763fc2) C:\WINDOWS\system32\DRIVERS\ETD.sys
11:24:16.0759 2744 Ktp - ok
11:24:16.0853 2744 L1e (303627228dd739d98289679901a38c8f) C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
11:24:16.0853 2744 L1e - ok
11:24:16.0884 2744 lbrtfdc - ok
11:24:16.0947 2744 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:24:16.0947 2744 mnmdd - ok
11:24:17.0009 2744 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
11:24:17.0009 2744 Modem - ok
11:24:17.0056 2744 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:24:17.0056 2744 Mouclass - ok
11:24:17.0119 2744 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:24:17.0119 2744 mouhid - ok
11:24:17.0150 2744 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:24:17.0150 2744 MountMgr - ok
11:24:17.0166 2744 mraid35x - ok
11:24:17.0259 2744 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
11:24:17.0259 2744 MREMP50 - ok
11:24:17.0291 2744 MREMP50a64 - ok
11:24:17.0306 2744 MREMPR5 - ok
11:24:17.0322 2744 MRENDIS5 - ok
11:24:17.0369 2744 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
11:24:17.0369 2744 MRESP50 - ok
11:24:17.0384 2744 MRESP50a64 - ok
11:24:17.0447 2744 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:24:17.0494 2744 MRxDAV - ok
11:24:17.0603 2744 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:24:17.0681 2744 MRxSmb - ok
11:24:17.0775 2744 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:24:17.0775 2744 Msfs - ok
11:24:17.0853 2744 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:24:17.0869 2744 MSKSSRV - ok
11:24:17.0931 2744 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:24:17.0931 2744 MSPCLOCK - ok
11:24:17.0963 2744 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:24:17.0963 2744 MSPQM - ok
11:24:18.0025 2744 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:24:18.0025 2744 mssmbios - ok
11:24:18.0088 2744 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
11:24:18.0088 2744 MSTEE - ok
11:24:18.0181 2744 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:24:18.0181 2744 Mup - ok
11:24:18.0259 2744 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:24:18.0259 2744 NABTSFEC - ok
11:24:18.0338 2744 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:24:18.0353 2744 NDIS - ok
11:24:18.0384 2744 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:24:18.0384 2744 NdisIP - ok
11:24:18.0416 2744 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:24:18.0416 2744 NdisTapi - ok
11:24:18.0478 2744 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:24:18.0494 2744 Ndisuio - ok
11:24:18.0588 2744 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:24:18.0588 2744 NdisWan - ok
11:24:18.0634 2744 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:24:18.0650 2744 NDProxy - ok
11:24:18.0697 2744 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:24:18.0713 2744 NetBIOS - ok
11:24:18.0775 2744 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:24:18.0791 2744 NetBT - ok
11:24:18.0838 2744 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:24:18.0853 2744 Npfs - ok
11:24:18.0900 2744 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:24:18.0931 2744 Ntfs - ok
11:24:18.0994 2744 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:24:18.0994 2744 Null - ok
11:24:19.0041 2744 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:24:19.0041 2744 NwlnkFlt - ok
11:24:19.0072 2744 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:24:19.0088 2744 NwlnkFwd - ok
11:24:19.0181 2744 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
11:24:19.0181 2744 Parport - ok
11:24:19.0259 2744 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:24:19.0275 2744 PartMgr - ok
11:24:19.0338 2744 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
11:24:19.0338 2744 ParVdm - ok
11:24:19.0416 2744 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
11:24:19.0431 2744 pccsmcfd - ok
11:24:19.0463 2744 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
11:24:19.0463 2744 PCI - ok
11:24:19.0494 2744 PCIDump - ok
11:24:19.0525 2744 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
11:24:19.0525 2744 PCIIde - ok
11:24:19.0572 2744 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:24:19.0588 2744 Pcmcia - ok
11:24:19.0603 2744 PDCOMP - ok
11:24:19.0619 2744 PDFRAME - ok
11:24:19.0650 2744 PDRELI - ok
11:24:19.0666 2744 PDRFRAME - ok
11:24:19.0681 2744 perc2 - ok
11:24:19.0713 2744 perc2hib - ok
11:24:19.0806 2744 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:24:19.0806 2744 PptpMiniport - ok
11:24:19.0838 2744 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:24:19.0853 2744 PSched - ok
11:24:19.0884 2744 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:24:19.0884 2744 Ptilink - ok
11:24:19.0916 2744 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
11:24:19.0931 2744 PxHelp20 - ok
11:24:19.0947 2744 ql1080 - ok
11:24:19.0963 2744 Ql10wnt - ok
11:24:19.0994 2744 ql12160 - ok
11:24:20.0009 2744 ql1240 - ok
11:24:20.0025 2744 ql1280 - ok
11:24:20.0072 2744 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:24:20.0072 2744 RasAcd - ok
11:24:20.0150 2744 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:24:20.0166 2744 Rasl2tp - ok
11:24:20.0322 2744 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:24:20.0322 2744 RasPppoe - ok
11:24:20.0353 2744 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:24:20.0353 2744 Raspti - ok
11:24:20.0431 2744 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:24:20.0431 2744 Rdbss - ok
11:24:20.0494 2744 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:24:20.0494 2744 RDPCDD - ok
11:24:20.0572 2744 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:24:20.0588 2744 RDPWD - ok
11:24:20.0650 2744 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:24:20.0666 2744 redbook - ok
11:24:20.0791 2744 RT80x86 (162d6aee49372b9ce17c418cc5cde7b5) C:\WINDOWS\system32\DRIVERS\RT2860.sys
11:24:20.0822 2744 RT80x86 - ok
11:24:20.0916 2744 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:24:20.0931 2744 Secdrv - ok
11:24:21.0041 2744 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
11:24:21.0041 2744 Serial - ok
11:24:21.0103 2744 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:24:21.0119 2744 Sfloppy - ok
11:24:21.0181 2744 Simbad - ok
11:24:21.0275 2744 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:24:21.0275 2744 SLIP - ok
11:24:21.0291 2744 Sparrow - ok
11:24:21.0369 2744 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:24:21.0369 2744 splitter - ok
11:24:21.0431 2744 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
11:24:21.0431 2744 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
11:24:21.0431 2744 sptd ( LockedFile.Multi.Generic ) - warning
11:24:21.0431 2744 sptd - detected LockedFile.Multi.Generic (1)
11:24:21.0509 2744 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
11:24:21.0603 2744 sr - ok
11:24:21.0650 2744 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:24:21.0666 2744 Srv - ok
11:24:21.0728 2744 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:24:21.0728 2744 streamip - ok
11:24:21.0775 2744 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:24:21.0775 2744 swenum - ok
11:24:21.0838 2744 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:24:21.0853 2744 swmidi - ok
11:24:21.0869 2744 symc810 - ok
11:24:21.0900 2744 symc8xx - ok
11:24:21.0916 2744 sym_hi - ok
11:24:21.0947 2744 sym_u3 - ok
11:24:21.0994 2744 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:24:21.0994 2744 sysaudio - ok
11:24:22.0103 2744 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:24:22.0119 2744 Tcpip - ok
11:24:22.0181 2744 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:24:22.0197 2744 TDPIPE - ok
11:24:22.0213 2744 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:24:22.0228 2744 TDTCP - ok
11:24:22.0259 2744 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:24:22.0259 2744 TermDD - ok
11:24:22.0306 2744 TosIde - ok
11:24:22.0400 2744 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:24:22.0416 2744 Udfs - ok
11:24:22.0431 2744 ultra - ok
11:24:22.0525 2744 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:24:22.0572 2744 Update - ok
11:24:22.0666 2744 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:24:22.0681 2744 usbccgp - ok
11:24:22.0759 2744 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:24:22.0759 2744 usbehci - ok
11:24:22.0806 2744 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:24:22.0822 2744 usbhub - ok
11:24:22.0884 2744 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:24:22.0900 2744 usbstor - ok
11:24:22.0947 2744 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:24:22.0963 2744 usbuhci - ok
11:24:23.0025 2744 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
11:24:23.0025 2744 usbvideo - ok
11:24:23.0088 2744 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
11:24:23.0103 2744 usb_rndisx - ok
11:24:23.0134 2744 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:24:23.0150 2744 VgaSave - ok
11:24:23.0181 2744 ViaIde - ok
11:24:23.0244 2744 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
11:24:23.0244 2744 VolSnap - ok
11:24:23.0306 2744 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:24:23.0306 2744 Wanarp - ok
11:24:23.0353 2744 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
11:24:23.0353 2744 wceusbsh - ok
11:24:23.0369 2744 WDICA - ok
11:24:23.0447 2744 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:24:23.0463 2744 wdmaud - ok
11:24:23.0603 2744 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:24:23.0619 2744 WSTCODEC - ok
11:24:23.0728 2744 MBR (0x1B8) (9c603bc3977968c891de319283e1e7af) \Device\Harddisk0\DR0
11:24:23.0775 2744 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
11:24:23.0775 2744 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a (0)
11:24:23.0775 2744 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR5
11:24:25.0994 2744 \Device\Harddisk1\DR5 - ok
11:24:25.0994 2744 Boot (0x1200) (047abb5e67ce526106b41200a29ab57f) \Device\Harddisk0\DR0\Partition0
11:24:25.0994 2744 \Device\Harddisk0\DR0\Partition0 - ok
11:24:26.0244 2744 Boot (0x1200) (b2423d7a2cde6ddb7e7faca375397b0e) \Device\Harddisk0\DR0\Partition1
11:24:26.0244 2744 \Device\Harddisk0\DR0\Partition1 - ok
11:24:26.0244 2744 Boot (0x1200) (f6be2c589fb7408292b7ec372f8ada33) \Device\Harddisk1\DR5\Partition0
11:24:26.0244 2744 \Device\Harddisk1\DR5\Partition0 - ok
11:24:26.0259 2744 ============================================================
11:24:26.0259 2744 Scan finished
11:24:26.0259 2744 ============================================================
11:24:26.0275 1320 Detected object count: 2
11:24:26.0275 1320 Actual detected object count: 2
11:25:21.0744 1320 sptd ( LockedFile.Multi.Generic ) - skipped by user
11:25:21.0744 1320 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
11:25:21.0838 1320 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - will be cured on reboot
11:25:21.0838 1320 \Device\Harddisk0\DR0 - ok
11:25:21.0838 1320 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Cure
11:25:30.0056 3668 Deinitialize success

[funnerno1]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Pavel at 2012-01-01 11:52:45
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 12 GB (15%) free of 82 GB
Total RAM: 1015 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:52:59, on 1.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Elantech\ETDDect.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\Program Files\Common Files\Lingea Shared\luc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Pavel\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Pavel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eeepc.asus.com/global
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://eeepc.asus.com/global
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [ETDWareDetect] C:\Program Files\Elantech\ETDDect.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Pavel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat do zařízení Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10063 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3086602011-2446779318-483012309-1006Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3086602011-2446779318-483012309-1006UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\kiywdfii.default

prefs.js - "extensions.enabledItems" - "{DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10, {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.23, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.24"

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeploytk.dll
NPOFF12.DLL
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Pavel\Data aplikací\Mozilla\Firefox\Profiles\kiywdfii.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-02-12 1372160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-22 342192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll [2011-11-30 1003576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-08-01 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-08-01 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-22 342192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2007-12-19 135168]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2007-12-19 159744]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2007-12-19 131072]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-08-01 148888]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2008-09-03 335872]
"ETDWareDetect"=C:\Program Files\Elantech\ETDDect.exe [2008-08-22 204800]
"AsusTray"=C:\Program Files\EeePC\ACPI\AsTray.exe [2008-09-02 106496]
"AsusACPIServer"=C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe [2008-09-02 593920]
"AsusEPCMonitor"=C:\Program Files\EeePC\ACPI\AsEPCMon.exe [2008-05-21 94208]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-07-31 16806912]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-11-10 417792]
"NPSStartup"= []
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2011-11-28 3744552]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-03-21 1230704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"Google Update"=C:\Documents and Settings\Pavel\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2009-05-18 133104]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"AutoStartNPSAgent"=C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-11-05 116056]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-10-24 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
SuperHybridEngine.lnk - C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe

C:\Documents and Settings\Pavel\Nabídka Start\Programy\Po spuštění
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-12-19 208896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0
"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=0
"NoDriveTypeAutoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Java\jre1.6.0_03\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre1.6.0_03\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"
"C:\Program Files\Samsung\Samsung New PC Studio\NPSMediaManager.exe"="C:\Program Files\Samsung\Samsung New PC Studio\NPSMediaManager.exe:*:Enabled:TODO: <파일 설명>"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe"="C:\Program Files\Microsoft Games\Flight Simulator 9\fs9.exe:*:Enabled:Microsoft Flight Simulator"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"C:\Documents and Settings\Pavel\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe"="C:\Documents and Settings\Pavel\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe:*:Enabled:Octoshape add-in for Adobe Flash Player"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.siren"=sirenacm.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2013-08-25 23:27:58 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2013-08-25 23:27:58 ----A---- C:\WINDOWS\SkyTel.exe
2013-08-25 23:27:58 ----A---- C:\WINDOWS\RtlUpd.exe
2013-08-25 23:27:57 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2013-08-25 23:27:57 ----A---- C:\WINDOWS\RTLCPL.EXE
2013-08-25 23:27:55 ----A---- C:\WINDOWS\RTHDCPL.EXE
2013-08-25 23:27:55 ----A---- C:\WINDOWS\MicCal.exe
2013-08-25 23:27:54 ----D---- C:\Program Files\Realtek
2013-08-25 23:27:54 ----A---- C:\WINDOWS\ALCWZRD.EXE
2013-08-25 23:27:54 ----A---- C:\WINDOWS\ALCMTR.EXE
2013-08-25 23:27:39 ----A---- C:\WINDOWS\RtlExUpd.dll
2013-08-17 21:22:50 ----A---- C:\WINDOWS\system32\DetectDevice.txt
2013-08-11 23:14:29 ----A---- C:\WINDOWS\system32\wmpns.dll
2013-08-11 23:13:05 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2013-08-11 23:13:02 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2013-08-11 23:13:01 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2013-08-11 23:12:59 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2013-08-11 23:12:57 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2013-08-11 23:12:55 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2013-08-11 23:12:53 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2013-08-11 23:12:48 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2013-08-11 23:12:48 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys
2013-08-11 23:12:46 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2012-09-18 09:11:00 ----A---- C:\WINDOWS\system32\drivers\btwusb.sys
2012-09-18 09:11:00 ----A---- C:\WINDOWS\system32\drivers\btwdndis.sys
2012-09-18 09:11:00 ----A---- C:\WINDOWS\system32\btw_ci.dll
2012-09-18 09:10:59 ----A---- C:\WINDOWS\system32\drivers\btport.sys
2012-09-18 09:10:59 ----A---- C:\WINDOWS\system32\drivers\btkrnl.sys
2012-09-18 09:10:59 ----A---- C:\WINDOWS\system32\drivers\btaudio.sys
2012-09-18 09:10:54 ----D---- C:\Program Files\WIDCOMM
2012-01-01 11:23:49 ----A---- C:\TDSSKiller.2.6.25.0_01.01.2012_11.23.49_log.txt
2011-12-19 03:20:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-19 03:20:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-19 03:10:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-19 03:09:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-19 03:07:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-19 03:04:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-19 03:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2011-12-11 20:31:03 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys

======List of files/folders modified in the last 1 month======

2013-08-25 23:28:10 ----D---- C:\WINDOWS\system32\RTCOM
2013-08-25 23:27:39 ----A---- C:\WINDOWS\HideWin.exe
2013-08-13 03:29:47 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-09-18 10:32:30 ----D---- C:\WINDOWS\repair
2012-09-18 09:18:16 ----A---- C:\WINDOWS\oemver.txt
2012-01-01 11:52:50 ----D---- C:\Program Files\trend micro
2012-01-01 11:52:46 ----D---- C:\WINDOWS\Prefetch
2012-01-01 11:42:01 ----D---- C:\WINDOWS\Temp
2012-01-01 11:37:14 ----D---- C:\WINDOWS
2012-01-01 11:25:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-01 11:25:51 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-01 11:23:51 ----D---- C:\WINDOWS\system32\drivers
2011-12-25 15:44:56 ----HD---- C:\WINDOWS\inf
2011-12-25 15:42:48 ----D---- C:\WINDOWS\Minidump
2011-12-22 11:26:11 ----SHD---- C:\WINDOWS\Installer
2011-12-19 10:04:20 ----D---- C:\WINDOWS\system32
2011-12-19 03:22:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-12-19 03:22:10 ----RSD---- C:\WINDOWS\assembly
2011-12-19 03:20:55 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-12-19 03:20:35 ----A---- C:\WINDOWS\imsins.BAK
2011-12-19 03:19:51 ----D---- C:\Program Files\Internet Explorer
2011-12-19 03:19:17 ----D---- C:\WINDOWS\ie8updates
2011-12-19 03:18:58 ----HD---- C:\WINDOWS\$hf_mig$
2011-12-19 03:14:16 ----A---- C:\WINDOWS\system32\MRT.exe
2011-12-19 01:05:09 ----D---- C:\Documents and Settings\Pavel\Data aplikací\dvdcss
2011-12-03 14:58:33 ----D---- C:\Program Files\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-13 691696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R3 AsusACPI;ASUS ACPI Driver; C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys [2008-04-08 10752]
R3 BTDriver;Ovladač virtuálních komunikací Bluetooth; C:\WINDOWS\system32\DRIVERS\btport.sys [2008-02-04 37160]
R3 BTKRNL;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2008-08-19 991656]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-12-19 5854688]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-08-12 4751360]
R3 Ktp;Elantech Smart-Pad; C:\WINDOWS\system32\DRIVERS\ETD.sys [2008-08-25 26112]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-03-11 36864]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984]
S3 ahthu7vk;ahthu7vk; C:\WINDOWS\system32\drivers\ahthu7vk.sys []
S3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2007-05-03 546976]
S3 btaudio;Zvukové zařízení Bluetooth; C:\WINDOWS\system32\drivers\btaudio.sys [2008-05-30 534568]
S3 BTWDNDIS;Server pro přístup k síti LAN Bluetooth; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2008-07-24 156816]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2008-08-19 47272]
S3 catchme;catchme; \??\C:\DOCUME~1\Pavel\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 RT80x86;Ralink 802.11n Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2860.sys [2008-03-28 625024]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-11-28 44768]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-09-02 346720]
R2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-11-05 238952]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-08-01 152984]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-24 136176]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-24 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-10-24 182768]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[cernohous13]

Zdravím v novém roce,

TDSSKiller odvedl svou práci
11:25:21.0838 1320 \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Cure
11:25:30.0056 3668 Deinitialize success

sptd.sys je ovladač viruálních mechanik (Daemon, Alcohol...) - bez nebezpečí

ComboFix necháme zatím v klidu - zkusíme

Stáhni a nainstaluj MBAM zde http://www.download.com/Malwarebytes-An ... tag=button
Spustit > na 3.záložce "Aktualizace" > Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení a program nech spuštěný

[funnerno1]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.60.0.1800
www.malwarebytes.org

Verze databáze: v2012.01.01.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Pavel :: EEEPC [administrátor]

Ochrana: Povolena

1.1.2012 13:14:44
mbam-log-2012-01-01 (19-24-06).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 336528
Uplynulý čas: 4 hodin, 31 minut, 31 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Documents and Settings\Pavel\Data aplikací\wiaserva.log (Malware.Trace) -> Žádná instrukce nebyla provedena.

(konec)

[cernohous13]

nález v MBAM nech Odstranit a proveď novou kontrolu Avastem

[funnerno1]

vyjelo mi tohle

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.60.0.1800
www.malwarebytes.org

Verze databáze: v2012.01.01.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Pavel :: EEEPC [administrátor]

Ochrana: Povolena

1.1.2012 13:14:44
mbam-log-2012-01-01 (13-14-44).txt

Typ: Úplná kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 336528
Uplynulý čas: 4 hodin, 31 minut, 31 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Documents and Settings\Pavel\Data aplikací\wiaserva.log (Malware.Trace) -> Umístnění do karantény a smazání se zdařilo.

(konec)

Provedu sken avastem a jestli už nic nebude hlásit, tak je hotovo?
Děkuji za pomoc.

[cernohous13]

Máš zřejmě problém se systémovým časem.

Jestli bude Avast mlčet, tak musíme ještě uklízet.

[funnerno1]

Máš zřejmě problém se systémovým časem.

Jestli bude Avast mlčet, tak musíme ještě uklízet.

tak avast mlčí

[cernohous13]

Drží ti nastavení systémového času?

zdá se, že máš čisto
a jestli už nenacházíš nic podivného, tak po sobě uklidím

ComboFix odinstalujeme
jdi Start -> Spustit... a zkopíruj ComboFix /Uninstall (pozor, za x je mezera) -> OK

Stáhni a spusť T-cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe - uklidí po použitých čističích.
Po spuštění ignoruj případné varování antiviru - je to v pořádku
Po provedení akce T-cleaner smažeš

Stáhni TempFolderCleaner http://oldtimer.geekstogo.com/TFC.exe
Zavři všechny programy a spusť. Po ukončení akce bude PC restartován.
Pokud ne, restartuj sám.
(čistí Temp složky , nečistí URL, historii, prefetch ani cookies)

stáhni program OTC tady: http://oldtimer.geekstogo.com/OTC.exe - spusť ho -> "CleanUp" (smaže dříve použité čističe)

Vypni Obnovení systému -> restartuj -> zapni Obnovení systému http://www.viry.cz/forum/viewtopic.php?t=47040

Mohu doporučit kontrolu a vyčištění Ccleanerem

Stáhni Ccleaner - http://www.slunecnice.cz/sw/ccleaner/
Při instalaci vyhodit fajfku u "Instalovat Yahoo! Toolbar"

zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.

Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

Kdyby něco z návodu nefungovalo, pokračuj dalším krokem.

Nakonec mi dej současný RSIT log

Po vyčištění by se hodila defragmentace
doporučuji http://www.slunecnice.cz/sw/defraggler/ + čeština