nedostupné USB/DVD a nefunkční běžný režim v XP(SP3)

[radekhujergmailcom]

Prosím o kontrolu logu.
Problém: nejdříve přestali reagovat všechny Usb porty a DVD/cd mechanika.Tak jsem zkusil AVAST Free a ten pořád nachází nějaký Win32:Adware-gen[Adw]
A nyní už XP jdou POUZE v Nouzovém režimu.
Nevíte zda je to tou havětí nebo je problém jinde.
Díky.Radek

Tady je log.



Logfile of random's system information tool 1.06 (written by random/random)
Run by Lubos Hujer at 2013-05-17 18:59:46
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 15 GB (22%) free of 68 GB
Total RAM: 3036 MB (86% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Master CD_DVD Creator.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-15 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [2013-01-15 1000984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-07 1224568]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-15 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\HDAShCut.exe [2005-01-07 61952]
"DetectorApp"=C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe [2005-10-20 102400]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup []
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -start []
"PCMService"=c:\APPS\Powercinema\PCMService.exe [2006-02-23 147456]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"openvpn-gui"=C:\Program Files\OpenVPN\bin\openvpn-gui.exe [2005-08-18 99328]
"Adobe Photo Downloader"=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-06 57344]
"Maple_S2P"=C:\Program Files\Samsung\Samsung CLX-216x Series\SPanel\PSU\Scan2pc.exe [2007-01-16 253952]
"Samsung PanelMgr"=C:\WINDOWS\samsung\panelmgr\SSMMgr.exe [2011-04-05 692224]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-02-25 18791456]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-07-08 1753192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-07-09 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-07-09 13923432]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2010-04-23 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2010-04-23 174104]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2010-04-23 144920]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2010-12-17 332288]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-07 4767304]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"SmpcSys"=C:\APPS\SMP\SmpSys.exe [2005-12-08 975360]
"Skype"=C:\APPS\SKYPE\PHONE\SKYPE.EXE [2006-01-18 19417640]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SmsDiscount"=C:\Program Files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe -nosplash -minimized []
"Akamai NetSession Interface"=C:\Documents and Settings\Lubos Hujer\Local Settings\Data aplikací\Akamai\netsession_win.exe []
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-11-13 39408]
"SlimDrivers"=C:\Program Files\SlimDrivers\SlimDrivers.exe [2013-04-24 29374784]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
BDARemote.lnk - C:\Program Files\USB TV\EM28XX\BDARemote.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2010-04-21 213504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe"="C:\Program Files\SmsDiscount.com\SmsDiscount\SmsDiscount.exe:*:Enabled:SmsDiscount"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\Documents and Settings\Lubos Hujer\Plocha\Odorik.exe"="C:\Documents and Settings\Lubos Hujer\Plocha\Odorik.exe:*:Enabled:Odorik.exe"
"C:\WINDOWS\twain_32\Samsung\SCX472x\SCNSearch\USDAgent.exe"="C:\WINDOWS\twain_32\Samsung\SCX472x\SCNSearch\USDAgent.exe:*:Enabled:Samsung Scanner Discovery Module V2"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"="C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe:*:Enabled:CDA Server"
"C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe"="C:\Program Files\Samsung\Easy Printer Manager\IDS.Application.exe:*:Enabled:Easy Printer Manager"
"C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe"="C:\Program Files\Samsung\Easy Printer Manager\OrderSupplies.exe:*:Enabled:EPM Order Supplies"
"C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe"="C:\Program Files\Samsung\Easy Printer Manager\IDSAlert.exe:*:Enabled:EPM Alert"
"C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe"="C:\Program Files\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe:*:Enabled:CDA Scan2PC"
"C:\Program Files\Scan Assistant\USDAgent.exe"="C:\Program Files\Scan Assistant\USDAgent.exe:*:Enabled:Samsung Scan Assistant - USDAgent.exe"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxMon.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxMon.exe:LocalSubNet:Enabled:Samsung Network PC Fax Monitor"
"C:\Documents and Settings\Lubos Hujer\Local Settings\Data aplikací\Akamai\netsession_win.exe"="C:\Documents and Settings\Lubos Hujer\Local Settings\Data aplikací\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface"
"C:\APPS\skype\phone\Skype.exe"="C:\APPS\skype\phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{098cbe20-593d-11df-9abb-0016e6969485}]
shell\AutoRun\command - J:\canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{098cbe21-593d-11df-9abb-0016e6969485}]
shell\AutoRun\command - K:\canaba.exe
shell\Canaba\command - K:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{10fb2186-36f9-11de-99f9-0016e6969485}]
shell\AutoRun\command - J:\canaba.exe
shell\Canaba\command - J:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1d8edcb6-6022-11de-9a14-0016e6969485}]
shell\AutoRun\command - E:\canaba.exe
shell\Canaba\command - E:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{496e20fd-df77-11de-9a77-0016e6969485}]
shell\AutoRun\command - E:\canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{496e20fe-df77-11de-9a77-0016e6969485}]
shell\AutoRun\command - J:\canaba.exe
shell\Canaba\command - J:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5735f191-a612-11de-9a4f-0016e6969485}]
shell\AutoRun\command - E:\canaba.exe
shell\Canaba\command - E:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5885d1ec-a41c-11dd-99ba-0016e6969485}]
shell\AutoRun\command - J:\canaba.exe
shell\Canaba\command - J:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5f05b078-e326-11df-9b45-0016e6969485}]
shell\AutoRun\command - E:\canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64644d2b-ead0-11dd-99cc-0016e6969485}]
shell\AutoRun\command - J:\canaba.exe
shell\Canaba\command - J:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{64d85f3c-b1b7-11df-9b14-0016e6969485}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6ae99104-07d6-11de-99e2-0016e6969485}]
shell\AutoRun\command - J:\canaba.exe
shell\Canaba\command - J:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6b1d1ac4-62ff-11df-9aca-0016e6969485}]
shell\AutoRun\command - E:\canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6b1d1ac5-62ff-11df-9aca-0016e6969485}]
shell\AutoRun\command - J:\canaba.exe
shell\Canaba\command - J:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c6394f5-4315-11de-9a07-0016e6969485}]
shell\AutoRun\command - E:\canaba.exe
shell\Canaba\command - E:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c639514-4315-11de-9a07-0016e6969485}]
shell\AutoRun\command - E:\canaba.exe
shell\Canaba\command - E:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b192b55e-72af-11de-9a21-0016e6969485}]
shell\AutoRun\command - E:\canaba.exe
shell\Canaba\command - E:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b192b561-72af-11de-9a21-0016e6969485}]
shell\AutoRun\command - E:\canaba.exe
shell\Canaba\command - E:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bb1f2e9f-bac9-11dd-99c3-0016e6969485}]
shell\AutoRun\command - J:\canaba.exe
shell\Canaba\command - J:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e79d61d4-9e7b-11dd-99b8-0016e6969485}]
shell\AutoRun\command - E:\canaba.exe
shell\Canaba\command - E:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eac9effe-c06a-11dd-99c6-0016e6969485}]
shell\AutoRun\command - J:\canaba.exe
shell\Canaba\command - J:\Canaba.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eac9efff-c06a-11dd-99c6-0016e6969485}]
shell\AutoRun\command - J:\canaba.exe
shell\Canaba\command - J:\Canaba.exe


======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2013-05-17 18:59:47 ----D---- C:\Program Files\trend micro
2013-05-17 18:59:46 ----D---- C:\rsit
2013-05-17 18:22:08 ----D---- C:\WINDOWS\LastGood.Tmp
2013-05-17 13:44:59 ----D---- C:\WINDOWS\pss
2013-05-16 20:13:49 ----A---- C:\WINDOWS\system32\CSVer.dll
2013-05-16 20:09:26 ----D---- C:\Program Files\SlimDrivers
2013-05-15 16:33:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2820197$
2013-05-15 16:30:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2829361$
2013-04-18 22:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2447961_WM9L$

======List of files/folders modified in the last 1 months======

2013-05-17 19:51:07 ----RASH---- C:\boot.ini
2013-05-17 18:59:47 ----RD---- C:\Program Files
2013-05-17 18:55:11 ----D---- C:\WINDOWS\system32\CatRoot2
2013-05-17 18:47:48 ----D---- C:\Program Files\Mozilla Firefox
2013-05-17 18:35:17 ----A---- C:\WINDOWS\ntbtlog.txt
2013-05-17 18:33:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-05-17 18:30:49 ----D---- C:\WINDOWS\Temp
2013-05-17 18:22:21 ----D---- C:\WINDOWS\system32\drivers
2013-05-17 18:22:09 ----D---- C:\WINDOWS
2013-05-17 17:14:53 ----A---- C:\WINDOWS\win.ini
2013-05-17 17:14:53 ----A---- C:\WINDOWS\system.ini
2013-05-17 14:58:54 ----SHD---- C:\WINDOWS\Installer
2013-05-17 13:22:21 ----D---- C:\WINDOWS\Prefetch
2013-05-17 11:59:13 ----D---- C:\Documents and Settings\Lubos Hujer\Data aplikací\Skype
2013-05-17 10:04:49 ----HD---- C:\WINDOWS\inf
2013-05-17 09:59:12 ----D---- C:\WINDOWS\Registration
2013-05-16 20:14:39 ----RSHD---- C:\WINDOWS\system32\dllcache
2013-05-16 20:14:35 ----AD---- C:\WINDOWS\system32
2013-05-16 20:14:32 ----D---- C:\WINDOWS\system32\ReinstallBackups
2013-05-16 20:14:02 ----DC---- C:\WINDOWS\system32\DRVSTORE
2013-05-16 20:13:49 ----D---- C:\Program Files\Intel
2013-05-15 19:06:57 ----D---- C:\Program Files\Google
2013-05-15 19:06:08 ----D---- C:\Program Files\Java
2013-05-15 19:02:26 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-05-15 18:47:56 ----D---- C:\WINDOWS\Microsoft.NET
2013-05-15 18:47:55 ----RSD---- C:\WINDOWS\assembly
2013-05-15 18:24:40 ----D---- C:\Documents and Settings\Lubos Hujer\Data aplikací\602XML
2013-05-15 18:18:48 ----D---- C:\WINDOWS\system32\NtmsData
2013-05-15 17:08:10 ----D---- C:\Program Files\Common Files
2013-05-15 16:37:59 ----D---- C:\Program Files\Internet Explorer
2013-05-15 16:37:33 ----D---- C:\WINDOWS\ie8updates
2013-05-15 16:36:34 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-05-15 16:36:02 ----D---- C:\WINDOWS\WinSxS
2013-05-15 16:33:47 ----A---- C:\WINDOWS\imsins.BAK
2013-05-15 16:33:21 ----HD---- C:\WINDOWS\$hf_mig$
2013-05-15 16:30:41 ----A---- C:\WINDOWS\system32\MRT.exe
2013-05-07 06:22:16 ----A---- C:\WINDOWS\system32\mshtml.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-03-07 49760]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 tidnet;TID NDIS Protocol Driver; C:\WINDOWS\system32\DRIVERS\tidnet.sys [2009-09-15 19200]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2010-03-08 220112]
R3 tap0801;TAP-Win32 Adapter V8; C:\WINDOWS\system32\DRIVERS\tap0801.sys [2004-06-24 23552]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-03-07 765736]
S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-03-07 368176]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-03-07 62376]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-03-07 29816]
S2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
S2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
S2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
S2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
S2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-03-07 164736]
S3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2009-12-15 24448]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-12-15 102528]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-12-15 100736]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2010-04-21 1917344]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-02-25 5864480]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys []
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys []
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys []
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys []
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-07-10 10604128]
S3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-02-27 81408]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2013-05-17 13464]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2009-12-12 25984]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
S2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-07 45248]
S2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 CLCapSvc;CyberLink Background Capture Service (CBCS); c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe [2006-02-23 266338]
S2 CLSched;CyberLink Task Scheduler (CTS); c:\APPS\Powercinema\Kernel\TV\CLSched.exe [2006-02-23 114784]
S2 CyberLink Media Library Service;CyberLink Media Library Service; c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe [2006-02-23 1073152]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-13 136176]
S2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
S2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-07-09 155752]
S2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 Samsung Network Fax Server;Samsung Network Fax Server; C:\WINDOWS\system32\spool\drivers\w32x86\3\NetFaxServer.exe [2011-06-20 175104]
S2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]
S2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2005-01-31 49152]
S2 USBDeviceService;USBDeviceService; C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe [2005-10-20 90112]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-15 256904]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-13 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-13 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-11 129976]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2005-08-25 16384]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Zdravím!
Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[radekhujergmailcom]

Log z combofixu.




ComboFix 13-05-16.02 - Administrator 17.05.2013 20:19:50.1.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3036.2322 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Explorer 9\IE9-Windows7-x86-csy.exe
c:\windows\EventSystem.log
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\SET9B.tmp
c:\windows\system32\SETA7.tmp
c:\windows\system32\SETB0.tmp
c:\windows\system32\SETB1.tmp
c:\windows\system32\SETB2.tmp
c:\windows\system32\SETB4.tmp
c:\windows\system32\SETB5.tmp
c:\windows\system32\Thumbs.db
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-17 do 2013-05-17 )))))))))))))))))))))))))))))))
.
.
2013-05-17 16:59 . 2013-05-17 16:59 -------- d-----w- c:\program files\trend micro
2013-05-17 16:59 . 2013-05-17 16:59 -------- d-----w- C:\rsit
2013-05-17 16:22 . 2013-05-17 16:22 -------- d-----w- c:\windows\LastGood.Tmp
2013-05-17 13:23 . 2013-05-17 13:25 17488 ----a-w- c:\windows\gdrv.sys
2013-05-17 13:23 . 2013-05-17 13:23 -------- d-----w- c:\documents and settings\Administrator\AppData
2013-05-17 13:17 . 2013-05-17 13:17 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2013-05-17 13:17 . 2013-05-17 13:17 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\SlimWare Utilities Inc
2013-05-17 11:47 . 2013-05-17 11:47 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2013-05-16 18:13 . 2000-01-01 00:00 53248 ----a-w- c:\windows\system32\CSVer.dll
2013-05-16 18:09 . 2013-05-17 11:12 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-05-16 18:09 . 2013-05-16 18:09 -------- d-----w- c:\program files\SlimDrivers
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 17:02 . 2012-11-18 18:42 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 17:02 . 2012-11-18 18:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-16 22:26 . 2005-07-05 14:52 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:26 . 2005-07-05 14:52 43520 ------w- c:\windows\system32\licmgr10.dll
2013-04-16 22:26 . 2005-07-05 14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2005-07-05 14:52 385024 ------w- c:\windows\system32\html.iec
2013-04-12 14:01 . 2005-07-05 14:52 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-03-08 08:36 . 2005-07-05 14:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2005-07-05 14:52 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 15:56 . 2004-08-17 14:45 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-06 23:33 . 2013-03-30 06:12 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-06 23:33 . 2013-03-30 06:12 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-06 23:33 . 2012-09-13 08:32 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-09-13 08:32 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-09-13 08:32 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2012-09-13 08:32 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2013-03-30 06:12 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:33 . 2012-09-13 08:32 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2012-09-13 08:31 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-09-13 08:31 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-27 07:58 . 2005-07-05 15:13 2067456 ----a-w- c:\windows\system32\mstscax.dll
2012-09-11 18:54 . 2012-09-11 18:54 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SlimDrivers"="c:\program files\SlimDrivers\SlimDrivers.exe" [2013-04-24 29374784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"DetectorApp"="c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 102400]
"PCMService"="c:\apps\Powercinema\PCMService.exe" [2006-02-23 147456]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"openvpn-gui"="c:\program files\OpenVPN\bin\openvpn-gui.exe" [2005-08-18 99328]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"Maple_S2P"="c:\program files\Samsung\Samsung CLX-216x Series\SPanel\PSU\Scan2pc.exe" [2007-01-16 253952]
"Samsung PanelMgr"="c:\windows\samsung\panelmgr\SSMMgr.exe" [2011-04-05 692224]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"RTHDCPL"="RTHDCPL.EXE" [2010-02-25 18791456]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-23 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-23 144920]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2010-12-17 332288]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2011-10-04 220992]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
BDARemote.lnk - c:\program files\USB TV\EM28XX\BDARemote.exe [2011-3-27 81997]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\SCX472x\\SCNSearch\\USDAgent.exe"=
"c:\\Program Files\\Common Files\\Common Desktop Agent\\CDASrv.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"=
"c:\\Program Files\\Scan Assistant\\USDAgent.exe"=
"c:\\APPS\\skype\\phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [30.3.2013 8:12 49248]
R1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\drivers\tidnet.sys [15.9.2009 11:51 19200]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [25.8.2005 17:55 23552]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [13.9.2012 10:32 765736]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13.9.2012 10:32 368176]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [10.10.2011 12:55 85344]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.9.2012 10:32 29816]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [30.3.2013 8:12 66336]
S2 Samsung Network Fax Server;Samsung Network Fax Server;c:\windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [23.5.2012 17:10 175104]
S2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [5.4.2011 13:31 5120]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [4.11.2010 13:14 2011944]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.2.2011 12:08 1691480]
S3 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [30.3.2013 8:12 164736]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\drivers\ewdcsc.sys [27.8.2010 10:53 24448]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [27.8.2010 10:53 100736]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [16.5.2013 20:09 13464]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-18 17:02]
.
2013-05-17 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-09-13 23:32]
.
2013-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-13 07:46]
.
2013-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-11-13 07:46]
.
2013-05-17 c:\windows\Tasks\Master CD_DVD Creator.job
- c:\apps\SMP\MCDCHECK.EXE [2005-11-08 13:26]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\2u879tra.default\
FF - ExtSQL: 2013-03-30 07:12; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-05-17 15:20; {20a82645-c095-46ed-80e3-08825760534b}; c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\2u879tra.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF - ExtSQL: !HIDDEN! 2009-09-02 03:02; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-ISUSPM Startup - c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
HKLM-Run-ISUSScheduler - c:\program files\Common Files\InstallShield\UpdateService\issch.exe
Notify-AtiExtEvent - (no file)
Notify-WgaLogon - (no file)
AddRemove-Azbuka_is1 - e:\ludynka - download\Azbuka\Azbuka2\Azbuka\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-17 20:25
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
"ImagePath"="\"c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe\"\00\00\00\00\02\00\00\00€
[%\00«Ô‘|\00\00\00\00Ŕ\01\15\00\00\00\00\00ˆj;\03\00\002\03\01\00\00\00pč\13\00Ŕ\01"
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-768207136-3992341312-1691357561-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b9,02,8b,64,70,60,3e,47,8b,5d,7b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b9,02,8b,64,70,60,3e,47,8b,5d,7b,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-05-17 20:26:46
ComboFix-quarantined-files.txt 2013-05-17 18:26
.
Před spuštěním: Volných bajtů: 15 532 052 480
Po spuštění: Volných bajtů: 15 911 845 888
.
- - End Of File - - D991634D1DA9800C8BBEBC28094B7733

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-

RegLock::
[HKEY_USERS\S-1-5-21-768207136-3992341312-1691357561-500\Software\Microsoft\Internet Explorer\User Preferences]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[radekhujergmailcom]

Po scriptu a naslednem restartu combofix vyhodil tento LOG>



ComboFix 13-05-16.02 - Administrator 17.05.2013 21:12:57.2.2 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3036.2736 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-04-17 do 2013-05-17 )))))))))))))))))))))))))))))))
.
.
2013-05-17 16:59 . 2013-05-17 16:59 -------- d-----w- c:\program files\trend micro
2013-05-17 16:59 . 2013-05-17 16:59 -------- d-----w- C:\rsit
2013-05-17 16:22 . 2013-05-17 16:22 -------- d-----w- c:\windows\LastGood.Tmp
2013-05-17 13:23 . 2013-05-17 13:25 17488 ----a-w- c:\windows\gdrv.sys
2013-05-17 13:23 . 2013-05-17 13:23 -------- d-----w- c:\documents and settings\Administrator\AppData
2013-05-17 13:17 . 2013-05-17 13:17 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE
2013-05-17 13:17 . 2013-05-17 13:17 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\SlimWare Utilities Inc
2013-05-17 11:47 . 2013-05-17 11:47 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2013-05-16 18:13 . 2000-01-01 00:00 53248 ----a-w- c:\windows\system32\CSVer.dll
2013-05-16 18:09 . 2013-05-17 11:12 13464 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2013-05-16 18:09 . 2013-05-16 18:09 -------- d-----w- c:\program files\SlimDrivers
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2013-05-11 10:37 . 2013-05-11 10:37 209472 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 17:02 . 2012-11-18 18:42 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-15 17:02 . 2012-11-18 18:42 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-04-16 22:26 . 2005-07-05 14:52 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:26 . 2005-07-05 14:52 43520 ------w- c:\windows\system32\licmgr10.dll
2013-04-16 22:26 . 2005-07-05 14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2005-07-05 14:52 385024 ------w- c:\windows\system32\html.iec
2013-04-12 14:01 . 2005-07-05 14:52 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-03-08 08:36 . 2005-07-05 14:52 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 15:56 . 2005-07-05 14:52 2151936 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 15:56 . 2004-08-17 14:45 2030592 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-06 23:32 . 2012-09-13 08:31 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-27 07:58 . 2005-07-05 15:13 2067456 ----a-w- c:\windows\system32\mstscax.dll
2012-09-11 18:54 . 2012-09-11 18:54 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SlimDrivers"="c:\program files\SlimDrivers\SlimDrivers.exe" [2013-04-24 29374784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
"DetectorApp"="c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe" [2005-10-20 102400]
"PCMService"="c:\apps\Powercinema\PCMService.exe" [2006-02-23 147456]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"openvpn-gui"="c:\program files\OpenVPN\bin\openvpn-gui.exe" [2005-08-18 99328]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"Maple_S2P"="c:\program files\Samsung\Samsung CLX-216x Series\SPanel\PSU\Scan2pc.exe" [2007-01-16 253952]
"Samsung PanelMgr"="c:\windows\samsung\panelmgr\SSMMgr.exe" [2011-04-05 692224]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"RTHDCPL"="RTHDCPL.EXE" [2010-02-25 18791456]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-23 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-23 144920]
"CDAServer"="c:\program files\Common Files\Common Desktop Agent\CDASrv.exe" [2010-12-17 332288]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Print2PDF Print Monitor"="c:\program files\Software602\Print2PDF\Print2PDF.exe" [2011-10-04 220992]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
BDARemote.lnk - c:\program files\USB TV\EM28XX\BDARemote.exe [2011-3-27 81997]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer_Service.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\WINDOWS\\twain_32\\Samsung\\SCX472x\\SCNSearch\\USDAgent.exe"=
"c:\\Program Files\\Common Files\\Common Desktop Agent\\CDASrv.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"=
"c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"=
"c:\\Program Files\\Scan Assistant\\USDAgent.exe"=
"c:\\APPS\\skype\\phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\drivers\tidnet.sys [15.9.2009 11:51 19200]
R3 tap0801;TAP-Win32 Adapter V8;c:\windows\system32\drivers\tap0801.sys [25.8.2005 17:55 23552]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [10.10.2011 12:55 85344]
S2 Samsung Network Fax Server;Samsung Network Fax Server;c:\windows\system32\spool\drivers\w32x86\3\NetFaxServer.exe [23.5.2012 17:10 175104]
S2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.sys [5.4.2011 13:31 5120]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [4.11.2010 13:14 2011944]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [3.2.2011 12:08 1691480]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\drivers\ewdcsc.sys [27.8.2010 10:53 24448]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [27.8.2010 10:53 100736]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [16.5.2013 20:09 13464]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-18 17:02]
.
2013-05-17 c:\windows\Tasks\Master CD_DVD Creator.job
- c:\apps\SMP\MCDCHECK.EXE [2005-11-08 13:26]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\2u879tra.default\
FF - ExtSQL: 2013-03-30 07:12; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-05-17 15:20; {20a82645-c095-46ed-80e3-08825760534b}; c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\2u879tra.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF - ExtSQL: !HIDDEN! 2009-09-02 03:02; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-05-17 21:33
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
"ImagePath"="\"c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe\"\00\00\00\00\02\00\00\00€
[%\00«Ô‘|\00\00\00\00Ŕ\01\15\00\00\00\00\00ˆj;\03\00\002\03\01\00\00\00pč\13\00Ŕ\01"
.
.
Celkový čas: 2013-05-17 21:38:45 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-05-17 19:38
ComboFix2.txt 2013-05-17 18:26
.
Před spuštěním: Volných bajtů: 16 113 131 520
Po spuštění: Volných bajtů: 16 088 690 688
.
- - End Of File - - A5D3D0D5B3A9B5E1DE161F561B27C96A

[Rudy]

Log je již OK. CF odinstalujte T-Cleanerem: http://vyosek.ic.cz/pro_usery/T-Cleaner.exe . Nastala nějaká změna?

[radekhujergmailcom]

Díky za pomoc ,ale bohužel ,pořád můžu comp spustit pouze v "nouzovem řežimu" a mechanika a USB ,ač nehlásí problém a zobrazují se (jejich ikony) tak nereagují.Jediné co funguje je "vysunout" pres contextové menu.
ALE děkuji vám moc!!! Alespoň ted můžu udělat novou NEZÁVADNOU zálohu dat a "to se počítá". A potom asi re-instalovat os.
Tak se nezlobte že jsem nešel rovnou jinam.
Radek

[Rudy]

Můžete se ještě pokusit o opravu systému z instal. média.