Avast našel Win32:Jeefo

[vaclavka83]

Dobrý den Avast mi nahlásil tuto nákazu.Spyware terminátor nahlásil nakažení Win32:Jeefo-3 . Nevím jak správně postupovat. V truhle avasta už mám asi zkoro všechny exe soubory. Počítač sem raději ani nevypínal.Jen sem zapnul úplnou kontrolu systému avastem. Poradte mi prosím jak dále postupovat a zdali je šance na zotavení nakažených souborů? předem moc děkuji.

[Caroprd111]

Zdravím

Dejte log z RSIT.

[vaclavka83]

Logfile of random's system information tool 1.07 (written by random/random)
Run by Miluji Tě at 2010-06-14 16:15:39
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 13 GB (33%) free of 40 GB
Total RAM: 3326 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:17:17, on 14.6.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\snmp.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Tiskarna\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SAMSUNG\Samsung Multimedia Keyboard\gpkbd.exe
C:\Program Files\ATI Tray Tools\atitray.exe
C:\Program Files\ASUS\AASP\1.01.02\aaCenter.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\svchost.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Miluji Tě\Plocha\RSIT.exe
C:\Program Files\trend micro\Miluji Tě.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: CrowdStar Gamebar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\Tiskarna\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: ATI Tray Tools.lnk = C:\Program Files\ATI Tray Tools\atitray.exe
O4 - Global Startup: Samsung Multimedia Keyboard.lnk = ?
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Přeložit - {230D1201-7607-4CF6-A11F-9E4BF0A333E0} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra 'Tools' menuitem: Internetový překladač... - {2C73F784-D2DE-4422-B070-2E3332FE5744} - C:\Program Files\Verdict Free\etnxp.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5177877609
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Prime95 Service - Unknown owner - C:\Program Files\Prime95\prime95.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 9564 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{1A8E86E7-CA55-42CD-A2E6-39BDF2F60382}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-06-18 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
CrowdStar Gamebar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-04-15 1375624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-08-16 962808]
{D4027C7F-154A-4066-A1AD-4243D8127440} - CrowdStar Gamebar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-04-15 1375624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2006-11-23 56928]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2006-12-05 54832]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"OpwareSE4"=C:\Program Files\Tiskarna\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-03-26 19522592]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-05-06 2815192]
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd []
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-04-08 2176512]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"fsm"= []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Samsung Multimedia Keyboard.lnk - C:\Program Files\SAMSUNG\Samsung Multimedia Keyboard\gpkbd.exe

C:\Documents and Settings\Miluji Tě\Nabídka Start\Programy\Po spuštění
ATI Tray Tools.lnk - C:\Program Files\ATI Tray Tools\atitray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-04-07 159744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Participatory Culture Foundation\Miro\xulrunner\python\Miro_Downloader.exe"="C:\Program Files\Participatory Culture Foundation\Miro\xulrunner\python\Miro_Downloader.exe:*:Disabled:Miro_Downloader"
"C:\Program Files\Participatory Culture Foundation\Miro\xulrunner\Miro.exe"="C:\Program Files\Participatory Culture Foundation\Miro\xulrunner\Miro.exe:*:Disabled:Miro"
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe"="C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\Documents and Settings\Miluji Tě\Local Settings\Temp\Nero Web\SetupXu.exe"="C:\Documents and Settings\Miluji Tě\Local Settings\Temp\Nero Web\SetupXu.exe:*:Enabled:Nero ProductSetup"
"C:\Documents and Settings\Miluji Tě\Plocha\sdc221\StrongDC.exe"="C:\Documents and Settings\Miluji Tě\Plocha\sdc221\StrongDC.exe:*:Enabled:StrongDC++"
"D:\Games\Empire Earth\Empire Earth.exe"="D:\Games\Empire Earth\Empire Earth.exe:*:Disabled:Empire Earth"
"D:\Games\F-22 Lightning 3\Update.exe"="D:\Games\F-22 Lightning 3\Update.exe:*:Enabled:Update"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Disabled:Microsoft DirectPlay Helper"
"D:\Games\Enemy Engaged 2\cohokum\ee2.exe"="D:\Games\Enemy Engaged 2\cohokum\ee2.exe:*:Enabled:ee2"
"D:\Games\Bang\bge.exe"="D:\Games\Bang\bge.exe:*:Disabled:bge"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Pidgin\pidgin.exe"="C:\Program Files\Pidgin\pidgin.exe:*:Enabled:Pidgin"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe"="C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe:*:Enabled:mRouterRuntime"
"C:\Program Files\TeamViewer\Version4\TeamViewer.exe"="C:\Program Files\TeamViewer\Version4\TeamViewer.exe:*:Enabled:TeamViewer Remote Control Application"
"C:\Documents and Settings\Miluji Tě\temp\TeamViewer\Version4\TeamViewer.exe"="C:\Documents and Settings\Miluji Tě\temp\TeamViewer\Version4\TeamViewer.exe:*:Disabled:TeamViewer Remote Control Application"
"C:\Documents and Settings\Miluji Tě\Plocha\CryptLoad_1.1.6\CryptLoad_1.1.6\RouterClient.exe"="C:\Documents and Settings\Miluji Tě\Plocha\CryptLoad_1.1.6\CryptLoad_1.1.6\RouterClient.exe:*:Enabled:RouterClient"
"C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"="C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe"="C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:PowerDVD"
"D:\Games\Call Of Dutty 1CZ\CoDMP.exe"="D:\Games\Call Of Dutty 1CZ\CoDMP.exe:*:Disabled:CoDMP"
"C:\Documents and Settings\Miluji Tě\Plocha\Call of Duty\Call of Duty\CoDMP.exe"="C:\Documents and Settings\Miluji Tě\Plocha\Call of Duty\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"C:\Documents and Settings\Miluji Tě\Plocha\Call of Duty\Call of Duty\CoDUOMP.exe"="C:\Documents and Settings\Miluji Tě\Plocha\Call of Duty\Call of Duty\CoDUOMP.exe:*:Enabled:CoDUOMP"
"D:\Games\Call of Duty 1.1\Call of Duty\CoDMP.exe"="D:\Games\Call of Duty 1.1\Call of Duty\CoDMP.exe:*:Enabled:CoDMP"
"D:\Games\Call of Duty 1.1\Call of Duty\CoDUOMP.exe"="D:\Games\Call of Duty 1.1\Call of Duty\CoDUOMP.exe:*:Enabled:CoDUOMP"
"D:\Games\Call OF Duty 2\CoD2MP_s.exe"="D:\Games\Call OF Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Games\Call of Duty4\iw3mp.exe"="D:\Games\Call of Duty4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"D:\Games\Far Cry2\Far Cry 2\bin\FarCry2.exe"="D:\Games\Far Cry2\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"D:\Games\Far Cry2\Far Cry 2\bin\FC2Launcher.exe"="D:\Games\Far Cry2\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"D:\Games\Far Cry2\Far Cry 2\bin\FC2Editor.exe"="D:\Games\Far Cry2\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{663782a7-d8ea-11dd-b6eb-001d60755435}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{663782a8-d8ea-11dd-b6eb-001d60755435}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6a66ccfe-4f43-11de-8788-001d60755435}]
shell\AutoRun\command - K:\setup\rsrc\Autorun.exe
shell\dinstall\command - K:\Directx\dxsetup.exe


======List of files/folders created in the last 1 months======

2010-06-14 16:16:28 ----D---- C:\Program Files\trend micro
2010-06-14 16:15:39 ----D---- C:\rsit
2010-06-14 15:18:33 ----N---- C:\WINDOWS\trzBD.tmp
2010-06-14 15:00:13 ----D---- C:\WINDOWS\LastGood
2010-06-11 15:37:27 ----D---- C:\Program Files\Common Files\DirectX
2010-06-11 15:07:20 ----A---- C:\WINDOWS\system32\Remover.ini
2010-06-11 15:07:20 ----A---- C:\WINDOWS\system32\Remove.exe
2010-06-11 15:07:19 ----A---- C:\WINDOWS\system32\CoInst_071029.dll
2010-06-11 15:07:17 ----A---- C:\WINDOWS\system32\SP7302.INI
2010-06-11 15:07:16 ----D---- C:\WINDOWS\PixArt
2010-06-11 15:07:16 ----D---- C:\Program Files\Common Files\iLook 300
2010-06-11 03:27:04 ----D---- C:\Program Files\Ask.com
2010-06-09 17:44:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-09 17:43:43 ----HDC---- C:\WINDOWS\$NtUninstallKB979332_WM9L$
2010-06-09 17:41:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-09 17:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-09 17:38:21 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-09 17:35:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-09 17:34:57 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-06 17:28:29 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-06-06 17:28:13 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-06-06 17:28:09 ----A---- C:\WINDOWS\game.ini
2010-05-29 16:32:26 ----A---- C:\WINDOWS\Burnout(TM) Paradise The Ultimate Box Patch Log.txt
2010-05-28 18:01:20 ----D---- C:\Program Files\AMD
2010-05-26 21:07:10 ----D---- C:\WINDOWS\Downloaded Installations
2010-05-26 15:32:44 ----A---- C:\GPU-Z Sensor Log.txt
2010-05-25 20:57:39 ----A---- C:\WINDOWS\imsins.BAK
2010-05-25 20:57:35 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-05-25 20:01:48 ----D---- C:\Program Files\ATI Tray Tools
2010-05-24 16:15:41 ----D---- C:\Documents and Settings\Miluji Tě\Data aplikací\atitray
2010-05-20 17:34:46 ----D---- C:\Documents and Settings\Miluji Tě\Data aplikací\InstallShield
2010-05-20 17:19:30 ----D---- C:\WINDOWS\system32\Futuremark
2010-05-20 17:17:58 ----D---- C:\Program Files\3DMark06
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\atitvo32.dll
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\atioglxx.dll
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\atimpc32.dll
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\aticalrt.dll
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\aticaldd.dll
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\aticalcl.dll
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2010-05-20 15:05:11 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2010-05-20 15:05:10 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2010-05-20 15:05:10 ----A---- C:\WINDOWS\system32\ATIODE.exe
2010-05-20 15:05:10 ----A---- C:\WINDOWS\system32\atikvmag.dll
2010-05-20 15:05:10 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2010-05-20 14:45:35 ----A---- C:\WINDOWS\WININIT.INI
2010-05-17 19:00:42 ----D---- C:\WINDOWS\MRLH

======List of files/folders modified in the last 1 months======

2010-06-14 16:17:13 ----D---- C:\WINDOWS\Temp
2010-06-14 16:16:28 ----RD---- C:\Program Files
2010-06-14 16:15:31 ----D---- C:\WINDOWS\Prefetch
2010-06-14 16:15:03 ----D---- C:\Program Files\Spyware Terminator
2010-06-14 16:15:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2010-06-14 16:01:06 ----A---- C:\WINDOWS\system32\sun_debug1.txt
2010-06-14 16:01:06 ----A---- C:\WINDOWS\system32\sun_debug.txt
2010-06-14 15:18:37 ----D---- C:\WINDOWS
2010-06-14 15:17:42 ----D---- C:\WINDOWS\system32
2010-06-14 15:02:12 ----D---- C:\WINDOWS\system32\CatRoot
2010-06-14 15:00:17 ----HD---- C:\WINDOWS\inf
2010-06-14 04:02:23 ----D---- C:\Program Files\Mozilla Firefox
2010-06-13 20:59:15 ----SHD---- C:\WINDOWS\Installer
2010-06-13 20:56:33 ----D---- C:\WINDOWS\system32\XPSViewer
2010-06-13 20:55:57 ----D---- C:\WINDOWS\system32\usmt
2010-06-13 20:55:05 ----D---- C:\Documents and Settings\Miluji Tě\Data aplikací\Spyware Terminator
2010-06-13 19:43:47 ----D---- C:\WINDOWS\network diagnostic
2010-06-13 19:40:42 ----HDC---- C:\WINDOWS\ie8
2010-06-13 19:38:30 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-06-13 19:37:36 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-06-13 19:36:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-06-13 19:13:19 ----D---- C:\Program Files\WinRAR 3.8
2010-06-13 19:12:25 ----D---- C:\Program Files\Windows Media Player
2010-06-13 19:11:13 ----D---- C:\Program Files\Verdict Free
2010-06-13 19:11:00 ----D---- C:\Program Files\total commander 7.04
2010-06-13 19:09:32 ----D---- C:\Program Files\Software Informer
2010-06-13 19:09:02 ----D---- C:\Program Files\Real
2010-06-13 19:08:10 ----D---- C:\Program Files\QuickTime
2010-06-13 19:07:52 ----D---- C:\Program Files\OpenOffice2.4
2010-06-13 19:06:49 ----D---- C:\Program Files\OpenAL
2010-06-13 19:05:03 ----D---- C:\Program Files\Messenger
2010-06-13 19:04:22 ----D---- C:\Program Files\K-Lite Codec Pack 5.0.5
2010-06-13 19:01:41 ----D---- C:\Program Files\Internet Explorer
2010-06-13 19:01:15 ----D---- C:\Program Files\ImgBurn
2010-06-13 19:00:32 ----D---- C:\Program Files\ICQ6Toolbar
2010-06-13 19:00:29 ----D---- C:\Program Files\ICQ6.5
2010-06-13 19:00:29 ----D---- C:\Program Files\HD Tune
2010-06-13 19:00:29 ----D---- C:\Program Files\GoldWave
2010-06-13 18:59:23 ----D---- C:\Program Files\Free WMA to MP3 Converter
2010-06-13 18:59:21 ----D---- C:\Program Files\Free Download Manager
2010-06-13 18:58:25 ----D---- C:\Program Files\DivX
2010-06-13 18:58:23 ----D---- C:\Program Files\DAEMON Tools Lite
2010-06-13 18:50:41 ----D---- C:\Program Files\CCleaner
2010-06-13 18:41:23 ----D---- C:\Documents and Settings\Miluji Tě\Data aplikací\Free Download Manager
2010-06-13 18:33:15 ----D---- C:\Program Files\Apple Software Update
2010-06-13 18:33:13 ----D---- C:\Program Files\AMDAGP
2010-06-13 17:53:18 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-13 12:35:49 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-13 12:35:47 ----SD---- C:\WINDOWS\Tasks
2010-06-13 12:31:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-12 18:37:11 ----A---- C:\WINDOWS\win.ini
2010-06-12 14:41:38 ----A---- C:\WINDOWS\NeroDigital.ini
2010-06-11 15:37:27 ----D---- C:\Program Files\Common Files
2010-06-11 15:29:25 ----D---- C:\Documents and Settings\Miluji Tě\Data aplikací\Skype
2010-06-11 15:17:40 ----D---- C:\Documents and Settings\Miluji Tě\Data aplikací\skypePM
2010-06-11 15:10:09 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-06-11 15:09:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-11 15:09:42 ----D---- C:\WINDOWS\twain_32
2010-06-11 15:09:42 ----D---- C:\WINDOWS\system32\drivers
2010-06-10 16:38:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-10 16:23:44 ----D---- C:\Program Files\Common Files\ATI Technologies
2010-06-10 16:14:37 ----D---- C:\Program Files\ASUS
2010-06-10 03:31:53 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-10 03:31:50 ----RSD---- C:\WINDOWS\assembly
2010-06-09 17:43:52 ----D---- C:\WINDOWS\ie8updates
2010-06-09 17:43:50 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-09 17:41:51 ----D---- C:\WINDOWS\Debug
2010-06-09 17:40:23 ----D---- C:\WINDOWS\WinSxS
2010-06-08 16:20:55 ----D---- C:\WINDOWS\system32\DirectX
2010-06-06 17:28:13 ----D---- C:\WINDOWS\system32\LogFiles
2010-06-04 17:38:14 ----D---- C:\WINDOWS\Minidump
2010-05-28 21:37:34 ----A---- C:\WINDOWS\system32\MRT.exe
2010-05-28 18:02:15 ----RSH---- C:\boot.ini
2010-05-28 18:01:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-05-25 19:45:14 ----D---- C:\Documents and Settings\Miluji Tě\Data aplikací\ATI
2010-05-25 17:53:14 ----D---- C:\Documents and Settings\Miluji Tě\Data aplikací\Help
2010-05-25 17:36:54 ----D---- C:\WINDOWS\system32\config
2010-05-20 17:19:49 ----A---- C:\WINDOWS\system32\OpenAL32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-05-06 28880]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-18 43008]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2009-08-04 11296]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-05-06 164048]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-05-06 46672]
R1 atitray;atitray; \??\C:\Program Files\ATI Tray Tools\atitray.sys []
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-05-06 100432]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-08-31 278984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-08-31 25416]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-05-06 23376]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-04-07 4687872]
R3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2009-05-20 1872192]
R3 gMouPS2;PS2 Scroll Mouse Device; C:\WINDOWS\system32\DRIVERS\gMouPS2.sys [2006-07-12 17408]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-03-26 5883936]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 PAC7302;iLook 300; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2009-04-28 461824]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-08-15 83200]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 abu50h6b;abu50h6b; C:\WINDOWS\system32\drivers\abu50h6b.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 AMDPCI;AMDPCI; \??\C:\DOCUME~1\MILUJI~1\LOCALS~1\Temp\AMDPCI.sys []
S3 AmdTools;AMD Special Tools Driver; C:\WINDOWS\system32\DRIVERS\AmdTools.sys []
S3 atgfjlbz;atgfjlbz; C:\WINDOWS\system32\drivers\atgfjlbz.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 gHidPnp;USB Device Enhanced Function Driver; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [2006-07-14 14848]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2010-04-16 21120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 se58bus;Sony Ericsson Device 088 driver (WDM); C:\WINDOWS\system32\DRIVERS\se58bus.sys [2006-09-05 61536]
S3 se58mdfl;Sony Ericsson Device 088 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se58mdfl.sys [2006-09-05 9360]
S3 se58mdm;Sony Ericsson Device 088 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se58mdm.sys [2006-09-05 97088]
S3 se58mgmt;Sony Ericsson Device 088 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se58mgmt.sys [2006-09-05 88624]
S3 se58nd5;Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (NDIS); C:\WINDOWS\system32\DRIVERS\se58nd5.sys [2006-09-05 18704]
S3 se58obex;Sony Ericsson Device 088 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se58obex.sys [2006-09-05 86432]
S3 se58unic;Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (WDM); C:\WINDOWS\system32\DRIVERS\se58unic.sys [2006-09-05 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 teamviewervpn;TeamViewer VPN Adapter; C:\WINDOWS\system32\DRIVERS\teamviewervpn.sys [2008-01-25 25088]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3); C:\WINDOWS\system32\drivers\wfeaglxt.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-04-07 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-08-16 222968]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-06-13 66872]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-07 167936]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\PROGRA~1\SPYWAR~1\sp_rsser.exe [2010-04-08 488960]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S2 Prime95 Service;Prime95 Service; C:\Program Files\Prime95\prime95.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Caroprd111]

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.


Stáhněte na plochu UsbFix http://pagesperso-orange.fr/NosTools/Ch ... UsbFix.exe

• Spusťte, poté klikněte na Deletion.
• Po dokončení na Vás vyskočí log, vložte mi ho sem, případně ho najdete v C:\UsbFix.txt

Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

• Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary
• Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrazí stránka s licenčními podmínkami, pokračujte stisknutím tlačítka "Ano"
• Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna
• Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.
• Během skenování může být počítač restartován.

[vaclavka83]

Tak jsem odinstaloval ASK toolbar. Ale ICQ toolbar mi napsalo chyba odinstalace. Dneska mam asi smůlu. Když jsem chtěl stáhnout usbfix z vašeho odkazu, tak mě avast nahlásil trojského koně a připojení zrušil.

[Caroprd111]

Avast dočasně vypněte, je to falešná detekce. ICQ Toolbar smažu později pomocí ComboFixu.

[vaclavka83]

############################## | Usbfix 7.009 | [Deletion]

User: Miluji Tě (Administrator) # VACLAVIK-4CCC27 [ ]
Updated 12/06/10 by El Desaparecido / C_XX
Started at 17:12:50 | 14/06/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
CPU 2: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Microsoft Windows XP Home Edition (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702

Windows Firewall: Enabled
Antivirus: avast! Antivirus 5.0.83886625 [(!) Disabled | Updated]
RAM -> 3326 Mb
C:\ (%systemdrive%) -> Fixed drive # 39 Gb (13 Mb free - 33%) [] # NTFS
D:\ -> Fixed drive # 110 Gb (85 Mb free - 78%) [] # NTFS
E:\ -> CD-ROM
K:\ -> CD-ROM

################## | Files # Infected Folders |

Deleted ! C:\Recycler\S-1-5-21-1708537768-1123561945-725345543-1004
Deleted ! D:\Recycler\S-1-5-21-1708537768-1123561945-725345543-1004

################## | Registry |


################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{663782a8-d8ea-11dd-b6eb-001d60755435}

################## | Listing |

[02/07/2008 - 20:55:33 | A | 0] C:\AUTOEXEC.BAT
[28/05/2010 - 18:02:15 | RSH | 223] C:\boot.ini
[02/03/2006 - 14:00:00 | RASH | 4952] C:\Bootfont.bin
[02/07/2008 - 20:55:33 | A | 0] C:\CONFIG.SYS
[30/06/2009 - 17:05:11 | D ] C:\Documents and Settings
[28/03/2010 - 20:48:01 | A | 0] C:\FileIn.Cns
[28/03/2010 - 20:48:01 | A | 0] C:\FileOut.Cns
[10/06/2010 - 16:51:55 | A | 513828] C:\GPU-Z Sensor Log.txt
[13/06/2010 - 12:32:34 | ASH | 3488075776] C:\hiberfil.sys
[02/07/2008 - 20:55:33 | RASH | 0] C:\IO.SYS
[02/07/2008 - 20:55:33 | RASH | 0] C:\MSDOS.SYS
[02/03/2006 - 14:00:00 | RASH | 47564] C:\NTDETECT.COM
[03/07/2008 - 21:01:43 | RASH | 250576] C:\ntldr
[12/06/2010 - 14:39:10 | A | 921636] C:\PA7302.DAT
[13/06/2010 - 12:32:32 | ASH | 1409286144] C:\pagefile.sys
[14/06/2010 - 16:37:40 | RD ] C:\Program Files
[14/06/2010 - 17:13:17 | SHD ] C:\RECYCLER
[31/12/2009 - 14:51:48 | A | 1365] C:\RHDSetup.log
[14/06/2010 - 16:17:22 | D ] C:\rsit
[02/07/2008 - 20:59:22 | SHD ] C:\System Volume Information
[14/06/2010 - 17:13:17 | D ] C:\UsbFix
[14/06/2010 - 17:13:18 | A | 1007] C:\Usbfix.txt
[14/06/2010 - 15:18:37 | D ] C:\WINDOWS
[27/03/2010 - 12:28:15 | D ] D:\12ab6f96c645bcaa4ac0ae
[17/02/2009 - 19:28:50 | D ] D:\34b26f2e0d02c6d3c3a463134d
[14/06/2010 - 16:42:17 | D ] D:\Dovnload
[13/06/2010 - 20:59:16 | D ] D:\Games
[13/06/2010 - 20:58:18 | D ] D:\Games 2
[24/04/2010 - 18:05:22 | D ] D:\Hudba
[20/04/2009 - 19:59:48 | D ] D:\Lenka
[26/09/2009 - 12:04:38 | D ] D:\MyWorks
[09/05/2009 - 07:12:03 | D ] D:\Písmo
[14/06/2010 - 17:13:17 | SHD ] D:\RECYCLER
[03/07/2008 - 14:57:18 | SHD ] D:\System Volume Information
[03/05/2010 - 15:50:49 | D ] D:\Video

################## | Vaccin |

[Caroprd111]

Ještě log z ComboFixu.

[vaclavka83]

ComboFix 10-06-13.04 - Miluji Tě 14.06.2010 18:47:24.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3326.2778 [GMT 2:00]
Spuštěný z: c:\documents and settings\Miluji Tě\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_POWERMANAGER


((((((((((((((((((((((((( Soubory vytvořené od 2010-05-14 do 2010-06-14 )))))))))))))))))))))))))))))))
.

2010-06-14 15:04 . 2010-06-14 15:13 -------- d-----w- C:\UsbFix
2010-06-14 14:16 . 2010-06-14 14:30 -------- d-----w- c:\program files\trend micro
2010-06-14 14:15 . 2010-06-14 14:17 -------- d-----w- C:\rsit
2010-06-12 12:38 . 2010-06-12 12:39 921636 ----a-w- C:\PA7302.DAT
2010-06-11 13:37 . 2010-06-11 13:37 -------- d-----w- c:\program files\Common Files\DirectX
2010-06-11 13:07 . 2008-04-24 03:05 47616 ----a-w- c:\windows\system32\Remove.exe
2010-06-11 13:07 . 2009-04-28 08:08 461824 ----a-w- c:\windows\system32\drivers\PAC7302.SYS
2010-06-11 13:07 . 2007-11-02 09:07 6656 ----a-w- c:\windows\system32\CoInst_071029.dll
2010-06-11 13:07 . 2010-06-13 16:55 -------- d-----w- c:\program files\Common Files\iLook 300
2010-06-11 13:07 . 2010-06-11 13:09 -------- d-----w- c:\windows\PixArt
2010-06-10 14:14 . 2008-01-04 11:34 11832 ----a-w- c:\windows\system32\drivers\AsInsHelp64.sys
2010-06-10 14:14 . 2008-01-04 11:34 10216 ----a-w- c:\windows\system32\drivers\AsInsHelp32.sys
2010-06-09 15:34 . 2010-05-06 10:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-06 15:28 . 2010-06-13 16:16 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-06-06 15:28 . 2010-06-13 16:16 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-06-06 15:28 . 2010-06-13 15:53 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-05-28 16:02 . 2007-06-29 12:47 34304 ----a-w- c:\windows\system32\drivers\AmdLLD.sys
2010-05-28 16:01 . 2010-05-28 16:02 -------- d-----w- c:\program files\AMD
2010-05-26 19:07 . 2010-05-26 19:07 -------- d-----w- c:\windows\Downloaded Installations
2010-05-25 19:02 . 2010-05-25 19:02 552 ----a-w- c:\windows\system32\d3d8caps.dat
2010-05-25 18:01 . 2010-06-13 16:42 -------- d-----w- c:\program files\ATI Tray Tools
2010-05-20 15:19 . 2010-05-20 15:19 -------- d-----w- c:\windows\system32\Futuremark
2010-05-20 15:19 . 2007-08-20 08:05 27672 ----a-r- c:\windows\system32\drivers\Entech.sys
2010-05-20 15:19 . 2004-06-22 13:44 5632 ----a-w- c:\windows\system32\drivers\Entech64.sys
2010-05-20 15:19 . 2001-11-19 17:05 3972 ----a-w- c:\windows\system32\drivers\PciBus.sys
2010-05-20 15:17 . 2010-06-13 16:26 -------- d-----w- c:\program files\3DMark06
2010-05-19 13:22 . 2010-06-10 15:25 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-17 17:00 . 2010-05-17 17:45 -------- d-----w- c:\windows\MRLH

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-14 14:15 . 2008-07-04 13:18 -------- d-----w- c:\program files\Spyware Terminator
2010-06-13 17:13 . 2009-04-18 09:58 -------- d-----w- c:\program files\WinRAR 3.8
2010-06-13 17:11 . 2009-02-19 16:36 -------- d-----w- c:\program files\Verdict Free
2010-06-13 17:11 . 2009-06-19 15:28 -------- d-----w- c:\program files\total commander 7.04
2010-06-13 17:09 . 2008-10-20 15:33 -------- d-----w- c:\program files\Software Informer
2010-06-13 17:09 . 2008-09-11 13:56 -------- d-----w- c:\program files\Real
2010-06-13 17:08 . 2008-07-10 19:27 -------- d-----w- c:\program files\QuickTime
2010-06-13 17:07 . 2008-09-15 17:51 -------- d-----w- c:\program files\OpenOffice2.4
2010-06-13 17:06 . 2009-02-07 22:01 -------- d-----w- c:\program files\OpenAL
2010-06-13 17:04 . 2009-08-23 10:43 -------- d-----w- c:\program files\K-Lite Codec Pack 5.0.5
2010-06-13 17:01 . 2009-06-08 08:10 -------- d-----w- c:\program files\ImgBurn
2010-06-13 17:00 . 2009-10-20 17:59 -------- d-----w- c:\program files\ICQ6Toolbar
2010-06-13 17:00 . 2010-04-16 16:54 -------- d-----w- c:\program files\GoldWave
2010-06-13 17:00 . 2009-10-20 17:50 -------- d-----w- c:\program files\ICQ6.5
2010-06-13 17:00 . 2009-08-15 18:56 -------- d-----w- c:\program files\HD Tune
2010-06-13 16:59 . 2008-11-21 15:47 -------- d-----w- c:\program files\Free WMA to MP3 Converter
2010-06-13 16:59 . 2008-10-20 15:33 -------- d-----w- c:\program files\Free Download Manager
2010-06-13 16:58 . 2009-03-09 17:25 -------- d-----w- c:\program files\DivX
2010-06-13 16:58 . 2009-06-01 20:46 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-06-13 16:50 . 2009-07-26 13:22 -------- d-----w- c:\program files\CCleaner
2010-06-13 16:33 . 2009-05-20 11:37 -------- d-----w- c:\program files\Apple Software Update
2010-06-13 16:33 . 2010-02-12 15:44 -------- d-----w- c:\program files\AMDAGP
2010-06-13 15:53 . 2008-07-02 19:08 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-10 14:38 . 2006-03-02 12:00 77872 ----a-w- c:\windows\system32\perfc005.dat
2010-06-10 14:38 . 2006-03-02 12:00 428750 ----a-w- c:\windows\system32\perfh005.dat
2010-06-10 14:23 . 2010-04-29 12:04 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-06-10 14:14 . 2008-07-02 19:47 -------- d-----w- c:\program files\ASUS
2010-05-20 15:19 . 2009-02-07 22:01 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2010-05-06 20:59 . 2008-07-03 16:44 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-05-06 20:39 . 2008-07-03 16:44 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-05-06 20:39 . 2008-07-03 16:44 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-05-06 20:34 . 2008-07-03 16:44 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-05-06 20:33 . 2008-07-03 16:44 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-05-06 20:33 . 2008-07-03 16:44 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-05-06 20:33 . 2008-07-03 16:44 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-05-06 20:33 . 2008-07-03 16:44 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-05-06 10:35 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:09 . 2006-03-02 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-22 13:44 . 2008-07-04 13:21 -------- d-----w- c:\program files\WinClamAVShield
2010-04-20 05:32 . 2006-03-02 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-20 01:05 . 2008-07-03 17:35 -------- d-----w- c:\program files\Java
2010-04-16 14:42 . 2010-04-16 14:42 21120 ----a-w- c:\windows\system32\drivers\nchssvad.sys
2010-04-14 16:47 . 2008-07-03 16:44 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-12 15:29 . 2010-04-20 01:05 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-07 02:42 . 2007-02-02 20:03 4687872 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-04-07 02:02 . 2010-05-20 13:05 45056 ----a-w- c:\windows\system32\aticalrt.dll
2010-04-07 02:02 . 2010-05-20 13:05 45056 ----a-w- c:\windows\system32\aticalcl.dll
2010-04-07 02:01 . 2010-05-20 13:05 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-04-07 02:00 . 2010-05-20 13:05 3981312 ----a-w- c:\windows\system32\aticaldd.dll
2010-04-07 01:52 . 2010-05-20 13:05 14356480 ----a-w- c:\windows\system32\atioglxx.dll
2010-04-07 01:46 . 2010-05-20 13:05 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-04-07 01:45 . 2007-02-02 20:03 300544 ----a-w- c:\windows\system32\ati2dvag.dll
2010-04-07 01:41 . 2007-02-02 19:46 3620288 ----a-w- c:\windows\system32\ati3duag.dll
2010-04-07 01:31 . 2010-05-20 13:05 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-04-07 01:30 . 2010-05-20 13:05 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-04-07 01:30 . 2010-05-20 13:05 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-04-07 01:30 . 2010-05-20 13:05 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-04-07 01:30 . 2010-05-20 13:05 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-04-07 01:28 . 2010-05-20 13:05 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2010-04-07 01:28 . 2007-02-02 19:40 2220928 ----a-w- c:\windows\system32\ativvaxx.dll
2010-04-07 01:27 . 2010-05-20 13:05 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-04-07 01:27 . 2010-05-20 13:05 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-04-07 01:27 . 2010-05-20 13:05 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-04-07 01:26 . 2010-05-20 13:05 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-04-07 01:23 . 2010-05-20 13:05 585728 ----a-w- c:\windows\system32\atikvmag.dll
2010-04-07 01:21 . 2010-05-20 13:05 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-04-07 01:21 . 2010-05-20 13:05 184320 ----a-w- c:\windows\system32\atiadlxx.dll
2010-04-07 01:20 . 2010-05-20 13:05 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-04-07 01:15 . 2007-02-02 19:20 638976 ----a-w- c:\windows\system32\ati2cqag.dll
2010-04-07 01:15 . 2010-05-20 13:05 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-04-07 01:14 . 2010-05-20 13:05 65024 ----a-w- c:\windows\system32\atimpc32.dll
2010-04-07 01:14 . 2010-05-20 13:05 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2010-03-28 16:46 . 2010-03-28 16:46 0 ----a-w- c:\windows\ativpsrm.bin
2010-03-26 16:21 . 2010-04-04 08:59 5883936 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys
2010-03-26 16:01 . 2010-04-04 08:59 84512 ----a-w- c:\windows\SOUNDMAN.EXE
2010-03-26 16:01 . 2010-04-04 08:59 9721888 ----a-w- c:\windows\RTLCPL.EXE
2010-03-26 16:01 . 2010-04-04 08:59 19522592 ----a-w- c:\windows\RTHDCPL.EXE
2010-03-26 16:01 . 2009-12-31 06:23 129568 ----a-w- c:\windows\RtkAudioService.exe
2010-03-26 16:01 . 2010-04-04 08:59 64032 ----a-w- c:\windows\ALCMTR.EXE
2010-03-26 16:01 . 2010-04-04 08:59 2815520 ----a-w- c:\windows\ALCWZRD.EXE
2010-03-20 13:52 . 2008-08-26 13:15 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-03-17 15:06 . 2010-05-20 13:05 202234 ----a-w- c:\windows\system32\atiicdxx.dat
2008-07-02 19:02 . 2008-08-26 12:12 67696 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2008-07-02 19:02 . 2008-08-26 12:12 54376 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2008-07-02 19:02 . 2008-08-26 12:12 34952 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2008-07-02 19:02 . 2008-08-26 12:12 46720 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2008-07-02 19:02 . 2008-08-26 12:12 172144 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
2008-11-26 18:18 . 2008-11-26 18:17 24 --sh--w- c:\windows\S6E5A2265.tmp
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-03 866584]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872]
"OpwareSE4"="c:\program files\Tiskarna\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"RTHDCPL"="RTHDCPL.EXE" [2010-03-26 19522592]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-04-08 2176512]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-13 39264]

c:\documents and settings\Miluji TŘ\Nabˇdka Start\Programy\Po spuçtŘnˇ\
ATI Tray Tools.lnk - c:\program files\ATI Tray Tools\atitray.exe [2010-4-22 883200]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Samsung Multimedia Keyboard.lnk - c:\program files\SAMSUNG\Samsung Multimedia Keyboard\gpkbd.exe [2008-7-2 585728]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\docume~1\ALLUSE~1\DATAAP~1\SPYWAR~1\sp_rsdel.exe \??\c:\docume~1\ALLUSE~1\DATAAP~1\SPYWAR~1\sp_rsdel.dat

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Games\\Far Cry2\\Far Cry 2\\bin\\FarCry2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
"AllowInboundTimestampRequest"= 1 (0x1)
"AllowInboundMaskRequest"= 1 (0x1)
"AllowInboundRouterRequest"= 1 (0x1)
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundParameterProblem"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)
"AllowOutboundPacketTooBig"= 1 (0x1)

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [23.1.2009 16:37 721904]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [3.7.2008 18:44 164048]
R1 atitray;atitray;c:\program files\ATI Tray Tools\atitray.sys [22.4.2010 6:15 19232]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [4.7.2008 15:18 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [3.7.2008 18:44 19024]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [20.10.2009 19:59 222968]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\drivers\gMouPS2.sys [2.7.2008 22:49 17408]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [31.12.2009 8:23 1691480]
S3 AmdTools;AMD Special Tools Driver;c:\windows\system32\DRIVERS\AmdTools.sys --> c:\windows\system32\DRIVERS\AmdTools.sys [?]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\drivers\gHidPnp.sys [2.7.2008 22:49 14848]
S3 NCHSSVAD;SoundTap Recorder;c:\windows\system32\drivers\nchssvad.sys [16.4.2010 16:42 21120]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [25.1.2008 11:12 25088]
S3 WFIOCTL;WFIOCTL;\??\c:\program files\WinFast\WFTVFM\WFIOCTL.SYS --> c:\program files\WinFast\WFTVFM\WFIOCTL.SYS [?]
S3 WFLR6654;WinFast TV2000 XP Expert (FM1216MK3);c:\windows\system32\drivers\wfeaglxt.sys --> c:\windows\system32\drivers\wfeaglxt.sys [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-06-14 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]

2010-06-14 c:\windows\Tasks\User_Feed_Synchronization-{1A8E86E7-CA55-42CD-A2E6-39BDF2F60382}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Doplňkový sken -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - c:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - c:\program files\Verdict Free\etnxp.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-fsm - (no file)
HKLM-Run-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe
HKLM-Run-CmPCIaudio - CMICNFG3.cpl
AddRemove-AMD AGP Driver - c:\progra~1\AMDAGP\UNWISE.EXE
AddRemove-C-Media PCI Audio Driver - c:\windows\System32\cmeaupci.exe
AddRemove-DivX Plus DirectShow Filters - c:\program files\DivX\DivXDSFiltersUninstall.exe
AddRemove-Easy-LayoutPrint - c:\program files\Canon MP140\Easy-LayoutPrint\uninst.exe
AddRemove-Easy-PhotoPrint - c:\program files\Canon MP140\Easy-PhotoPrint\uninst.exe
AddRemove-Free CD to MP3 Converter - d:\hudba\CDTOMP~1\UNWISE.EXE
AddRemove-Free Download Manager_is1 - c:\program files\Free Download Manager\unins000.exe
AddRemove-Free WMA to MP3 Converter_is1 - c:\program files\Free WMA to MP3 Converter\unins000.exe
AddRemove-GoldWave v5.25 - c:\program files\GoldWave\unstall.exe
AddRemove-HD Tune_is1 - c:\program files\HD Tune\unins000.exe
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
AddRemove-InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C} - c:\program files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe
AddRemove-InstallShield_{65B09E79-0187-4813-8258-03991132E5A5} - c:\progra~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe
AddRemove-InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE} - c:\program files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe
AddRemove-InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498} - c:\program files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe
AddRemove-InstallShield_{D1B7EF59-A3E2-452A-882E-076E1A18D94A} - c:\program files\InstallShield Installation Information\{D1B7EF59-A3E2-452A-882E-076E1A18D94A}\setup.exe
AddRemove-jet_fighter_2015_usa - d:\games\JetFighter 2015\Uninstall.exe
AddRemove-KLiteCodecPack_is1 - c:\program files\K-Lite Codec Pack 5.0.5\unins000.exe
AddRemove-Microsoft .NET Framework 3.5 Language Pack SP1 - csy - c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
AddRemove-Microsoft .NET Framework 3.5 SP1 - c:\windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
AddRemove-Mozilla Firefox (2.0.0.16) - c:\program files\Mozilla Firefox\uninstall\helper.exe
AddRemove-MP Navigator 3.1 - c:\program files\Canon\MP Navigator 3.1\Maint.exe
AddRemove-Nero - Burning Rom!UninstallKey - c:\program files\Nero\Nero 7\\nero\uninstall\UNNERO.exe
AddRemove-NeroBackItUp!UninstallKey - c:\windows\UNNeroBackItUp.exe
AddRemove-NeroMediaHome!UninstallKey - c:\windows\UNNeroMediaHome.exe
AddRemove-NeroRecode!UninstallKey - c:\windows\UNRecode.exe
AddRemove-NeroShowTime!UninstallKey - c:\windows\UNNeroShowTime.exe
AddRemove-NeroVision!UninstallKey - c:\windows\UNNeroVision.exe
AddRemove-OpenAL - c:\program files\OpenAL\oalinst.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-RealJukebox 1.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe
AddRemove-RealPlayer 6.0 - c:\program files\Common Files\Real\Update_OB\r1puninst.exe
AddRemove-Software Informer_is1 - c:\program files\Software Informer\unins000.exe
AddRemove-Spyware Terminator_is1 - c:\program files\Spyware Terminator\unins000.exe
AddRemove-Zoner Photo Studio 9_is1 - c:\program files\Zoner\Photo Studio 9\unins000.exe
AddRemove-{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series - c:\windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP140_series\DelDrv.exe
AddRemove-{60DE4033-9503-48D1-A483-7846BD217CA9} - c:\program files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe
AddRemove-{7585478E9D9B42108671C12F8714CEFE} - c:\program files\DivX\DivXConverterUninstall.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
AddRemove-{7EF900F4-61A8-4D95-8A65-488D3BECA206} - c:\program files\InstallShield Installation Information\{7EF900F4-61A8-4D95-8A65-488D3BECA206}\setup.exe
AddRemove-{8ADFC4160D694100B5B8A22DE9DCABD9} - c:\program files\DivX\DivXPlayerUninstall.exe
AddRemove-{B13A7C41581B411290FBC0395694E2A9} - c:\program files\DivX\DivXConverterUninstall.exe
AddRemove-{B7050CBDB2504B34BC2A9CA0A692CC29} - c:\program files\DivX\DivXWebPlayerUninstall.exe
AddRemove-{C151CE54-E7EA-4804-854B-F515368B0798} - c:\program files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe
AddRemove-{D4006E71-FF32-44FF-AD5A-B5EE4389B825}_is1 - d:\games\FlatOut2\unins000.exe
AddRemove-{F2835483-37F2-4123-B4FE-0E77D58447F2} - c:\program files\InstallShield Installation Information\{F2835483-37F2-4123-B4FE-0E77D58447F2}\setup.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-14 18:52
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync02.sys atapi.sys splr.sys >>UNKNOWN [0x8B0FA938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xba0ecf28
\Driver\ACPI -> ACPI.sys @ 0xb9e66cb8
\Driver\atapi -> sfsync02.sys @ 0xba338d60
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
ParseProcedure -> ntkrnlpa.exe @ 0x805827e8
NDIS: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xb9d17bb0
PacketIndicateHandler -> NDIS.sys @ 0xb9d24a21
SendHandler -> NDIS.sys @ 0xb9d0287b
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1708537768-1123561945-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1708537768-1123561945-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{E58BE9AB-719F-00EB-A408-4E798BB7A8EA}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-1708537768-1123561945-725345543-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:d3,9c,9a,75,79,6f,81,10,05,08,eb,c5,15,f0,15,55,6a,e8,fe,41,a0,66,f6,
49,88,be,91,4d,0e,28,65,8c,39,25,20,58,ca,41,6c,f0,61,41,aa,1a,54,06,84,48,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50

[HKEY_USERS\S-1-5-21-1708537768-1123561945-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:e3,bf,30,4f,36,25,0c,88,a9,50,8a,28,de,40,6c,c5,04,fe,aa,90,8a,
8c,95,5c,95,ae,e6,20,f6,59,cc,65,dd,3e,1c,4c,43,a5,a6,58,c5,a8,ab,2e,b3,49,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(716)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll

- - - - - - - > 'explorer.exe'(4048)
c:\program files\ATI Tray Tools\raphook.dll
c:\program files\Tiskarna\ScanSoft\OmniPageSE4\OpHookSE4.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\rundll32.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RunDll32.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\System32\snmp.exe
c:\progra~1\SPYWAR~1\sp_rsser.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2010-06-14 18:57:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-06-14 16:57

Před spuštěním: Volných bajtů: 13 918 040 064
Po spuštění: Volných bajtů: 13 904 842 752

Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 9AE8ABBB05EF66D05582D3701EA17B37

[Caroprd111]

Odinstalujte všechny emulátory virtuálních mechanik.

Stáhněte SPTD http://www.duplexsecure.com/en/downloads

• Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
• zvolte možnost Uninstall a restartujte PC.

Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe

• Klikněte na "Disable" a restartujte PC.

Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Start > Spustit (Win + R)

• Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

• Klikněte na OK

• Vytvoří se log s názvem mbr.log, vložte ho sem.

Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

[vaclavka83]

Mam tam Daemon tools lite. Odinstalace nefunguje. Jak mam pokračovat?

[Caroprd111]

Stáhněte si jeho instalátor a pomocí instalátoru se ho pokuste odinstalovat. Případně ho přeinstalujte a poté se ho pokuste odinstalovat.

[vaclavka83]

U toho SPTD. Když na ten stáhnutý soubor dvakrát kliknu. Tak mi napíše,že není platná aplikace typu Win32. A nespustí se. Všechny antiviry mam vypnuté.

[Caroprd111]

SPTD vynechte a pokračujte dalšími kroky.

[vaclavka83]

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync02.sys atapi.sys pciide.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK