VIRY.CZ

Dobrý den,
mám problém Avira při skenu celého noťasu nenajde nic. Ale občas mi hlási, že ve složce temp je Malware: TR/Rootkit.Gen2 [trojan]
Prosím tedy o radu. Děkuji

PS: přikládam log z Rsit
*******************

Logfile of random's system information tool 1.08 (written by random/random)
Run by BokyCZ at 2010-07-21 23:01:14
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 210 GB (88%) free of 238 GB
Total RAM: 3070 MB (59% free)

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}]
Partner BHO Class - C:\ProgramData\Partner\partner.dll [2009-06-13 157168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-21 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-07-21 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-07-21 278192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"AsDIPM"=C:\Preload\Others\Intel\IMSM_disable_oobe\XP32_Vista32_8.5.0.1032\Reg\AsDIPM.exe []
"HControlUser"=C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [2008-08-18 98304]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-04-21 540576]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2009-03-04 8392704]
"AmIcoSinglun"=C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe [2009-04-03 237568]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-04-14 7416352]
"Wireless Console 3"=C:\Program Files\ASUS\Wireless Console 3\wcourier.exe [2009-04-18 1593344]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"ADSMTray"=C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe [2008-04-01 266240]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2008-10-01 851968]
"ASUS Screen Saver Protector"=C:\Windows\AsScrPro.exe [2009-06-13 3054136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-12-03 35184]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-02 13789728]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-06-13 39408]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
FancyStart daemon.lnk - C:\Windows\Installer\{A9FEB6D7-9C52-49FC-B956-7AB275B78890}\_5598CE641C54B66A23693F.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-07-22 01:36:06 ----SHD---- C:\System Volume Information
2010-07-22 01:35:40 ----A---- C:\Pass.txt
2010-07-22 00:39:10 ----ASH---- C:\hiberfil.sys
2010-07-22 00:39:09 ----ASH---- C:\pagefile.sys
2010-07-21 22:57:23 ----D---- C:\Program Files\trend micro
2010-07-21 22:57:22 ----D---- C:\rsit
2010-07-21 22:52:39 ----SHD---- C:\Config.Msi
2010-07-21 22:51:24 ----A---- C:\Windows\system32\psisdecd.dll
2010-07-21 22:51:24 ----A---- C:\Windows\system32\EncDec.dll
2010-07-21 20:09:35 ----A---- C:\Windows\system32\drivers\SBREDrv.sys
2010-07-21 20:05:00 ----A---- C:\Windows\system32\browserchoice.exe
2010-07-21 20:04:18 ----D---- C:\ProgramData\Lavasoft
2010-07-21 19:58:30 ----D---- C:\Program Files\Microsoft Silverlight
2010-07-21 19:48:37 ----A---- C:\Windows\system32\infocardapi.dll
2010-07-21 19:48:36 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-07-21 19:48:36 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-07-21 19:48:36 ----A---- C:\Windows\system32\icardres.dll
2010-07-21 19:48:36 ----A---- C:\Windows\system32\icardagt.exe
2010-07-21 19:48:35 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-07-21 19:48:33 ----A---- C:\Windows\system32\PresentationHost.exe
2010-07-21 19:45:08 ----A---- C:\Windows\system32\dfshim.dll
2010-07-21 19:45:07 ----A---- C:\Windows\system32\mscoree.dll
2010-07-21 19:45:06 ----A---- C:\Windows\system32\netfxperf.dll
2010-07-21 19:45:02 ----A---- C:\Windows\system32\mscorier.dll
2010-07-21 19:45:00 ----A---- C:\Windows\system32\mscories.dll
2010-07-21 19:44:04 ----A---- C:\Windows\system32\nshhttp.dll
2010-07-21 19:44:03 ----A---- C:\Windows\system32\httpapi.dll
2010-07-21 19:44:03 ----A---- C:\Windows\system32\drivers\http.sys
2010-07-21 19:42:30 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-07-21 19:42:30 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-07-21 19:42:30 ----A---- C:\Windows\system32\secproc_isv.dll
2010-07-21 19:42:30 ----A---- C:\Windows\system32\secproc.dll
2010-07-21 19:42:30 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-07-21 19:42:30 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-07-21 19:42:30 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-07-21 19:42:30 ----A---- C:\Windows\system32\RMActivate.exe
2010-07-21 19:42:30 ----A---- C:\Windows\system32\msdrm.dll
2010-07-21 19:42:28 ----A---- C:\Windows\system32\rpcrt4.dll
2010-07-21 19:42:26 ----A---- C:\Windows\system32\asycfilt.dll
2010-07-21 19:42:20 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-07-21 19:42:20 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-07-21 19:42:20 ----A---- C:\Windows\system32\netiohlp.dll
2010-07-21 19:42:20 ----A---- C:\Windows\system32\MRINFO.EXE
2010-07-21 19:42:20 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-07-21 19:42:20 ----A---- C:\Windows\system32\finger.exe
2010-07-21 19:42:20 ----A---- C:\Windows\system32\ARP.EXE
2010-07-21 19:42:19 ----A---- C:\Windows\system32\ROUTE.EXE
2010-07-21 19:42:19 ----A---- C:\Windows\system32\netevent.dll
2010-07-21 19:41:08 ----A---- C:\Windows\system32\vbscript.dll
2010-07-21 19:41:08 ----A---- C:\Windows\system32\jscript.dll
2010-07-21 19:41:07 ----A---- C:\Windows\system32\atl.dll
2010-07-21 19:41:04 ----A---- C:\Windows\system32\wlansvc.dll
2010-07-21 19:41:04 ----A---- C:\Windows\system32\wlansec.dll
2010-07-21 19:41:04 ----A---- C:\Windows\system32\wlanmsm.dll
2010-07-21 19:41:04 ----A---- C:\Windows\system32\L2SecHC.dll
2010-07-21 19:41:02 ----A---- C:\Windows\system32\msv1_0.dll
2010-07-21 19:40:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-07-21 19:40:38 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-07-21 19:40:30 ----A---- C:\Windows\system32\drivers\srv.sys
2010-07-21 19:40:29 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-07-21 19:39:40 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-07-21 19:39:40 ----A---- C:\Windows\system32\mf.dll
2010-07-21 19:39:37 ----A---- C:\Windows\system32\msxml6.dll
2010-07-21 19:39:37 ----A---- C:\Windows\system32\msxml3.dll
2010-07-21 19:39:33 ----A---- C:\Windows\system32\inetcomm.dll
2010-07-21 19:39:31 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-07-21 19:39:31 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-07-21 19:39:31 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-07-21 19:39:27 ----A---- C:\Windows\system32\tzres.dll
2010-07-21 19:38:46 ----A---- C:\Windows\system32\wkssvc.dll
2010-07-21 19:38:14 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-07-21 19:38:13 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-07-21 19:38:11 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-07-21 19:38:10 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-07-21 19:38:10 ----A---- C:\Windows\system32\drivers\tunnel.sys
2010-07-21 19:31:57 ----A---- C:\Windows\system32\win32k.sys
2010-07-21 19:29:59 ----A---- C:\Windows\system32\rastls.dll
2010-07-21 19:29:59 ----A---- C:\Windows\system32\raschap.dll
2010-07-21 19:29:28 ----A---- C:\Windows\system32\wdigest.dll
2010-07-21 19:29:28 ----A---- C:\Windows\system32\schannel.dll
2010-07-21 19:29:28 ----A---- C:\Windows\system32\lsasrv.dll
2010-07-21 19:29:28 ----A---- C:\Windows\system32\kerberos.dll
2010-07-21 19:29:27 ----A---- C:\Windows\system32\secur32.dll
2010-07-21 19:29:27 ----A---- C:\Windows\system32\lsass.exe
2010-07-21 19:29:27 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2010-07-21 19:29:18 ----A---- C:\Windows\system32\wmp.dll
2010-07-21 19:29:17 ----A---- C:\Windows\system32\unregmp2.exe
2010-07-21 19:29:16 ----A---- C:\Windows\system32\spwmp.dll
2010-07-21 19:29:16 ----A---- C:\Windows\system32\dxmasf.dll
2010-07-21 19:29:15 ----A---- C:\Windows\system32\wmploc.DLL
2010-07-21 19:28:47 ----A---- C:\Windows\system32\mstscax.dll
2010-07-21 19:28:40 ----A---- C:\Windows\system32\wmpdxm.dll
2010-07-21 19:28:36 ----A---- C:\Windows\system32\localspl.dll
2010-07-21 19:28:30 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-07-21 19:28:27 ----A---- C:\Windows\system32\wersvc.dll
2010-07-21 19:28:27 ----A---- C:\Windows\system32\Faultrep.dll
2010-07-21 19:28:26 ----A---- C:\Windows\system32\quartz.dll
2010-07-21 19:28:24 ----A---- C:\Windows\system32\tsbyuv.dll
2010-07-21 19:28:24 ----A---- C:\Windows\system32\msyuv.dll
2010-07-21 19:28:24 ----A---- C:\Windows\system32\msvidc32.dll
2010-07-21 19:28:24 ----A---- C:\Windows\system32\msvfw32.dll
2010-07-21 19:28:24 ----A---- C:\Windows\system32\msrle32.dll
2010-07-21 19:28:24 ----A---- C:\Windows\system32\mciavi32.dll
2010-07-21 19:28:24 ----A---- C:\Windows\system32\iyuv_32.dll
2010-07-21 19:28:24 ----A---- C:\Windows\system32\avifil32.dll
2010-07-21 19:28:24 ----A---- C:\Windows\system32\avicap32.dll
2010-07-21 19:28:21 ----A---- C:\Windows\system32\WSDApi.dll
2010-07-21 19:28:20 ----A---- C:\Windows\system32\msasn1.dll
2010-07-21 19:28:17 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2010-07-21 19:23:12 ----D---- C:\Users\BokyCZ\AppData\Roaming\GHISLER
2010-07-21 19:23:12 ----D---- C:\Program Files\Total commander
2010-07-21 19:23:12 ----A---- C:\Windows\UC.PIF
2010-07-21 19:23:12 ----A---- C:\Windows\RAR.PIF
2010-07-21 19:23:12 ----A---- C:\Windows\PKZIP.PIF
2010-07-21 19:23:12 ----A---- C:\Windows\PKUNZIP.PIF
2010-07-21 19:23:12 ----A---- C:\Windows\NOCLOSE.PIF
2010-07-21 19:23:12 ----A---- C:\Windows\LHA.PIF
2010-07-21 19:23:12 ----A---- C:\Windows\ARJ.PIF
2010-07-21 19:01:38 ----D---- C:\Program Files\JDownloader
2010-07-21 19:01:30 ----A---- C:\Windows\system32\javaws.exe
2010-07-21 19:01:30 ----A---- C:\Windows\system32\javaw.exe
2010-07-21 19:01:30 ----A---- C:\Windows\system32\java.exe
2010-07-21 19:01:30 ----A---- C:\Windows\system32\deploytk.dll
2010-07-21 19:01:20 ----D---- C:\Program Files\Java
2010-07-21 16:57:23 ----D---- C:\ProgramData\Seznam DVD 2008
2010-07-21 16:57:21 ----D---- C:\Program Files\Seznam DVD 2008
2010-07-21 16:46:48 ----D---- C:\Users\BokyCZ\AppData\Roaming\Avira
2010-07-21 16:42:21 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2010-07-21 16:42:19 ----A---- C:\Windows\system32\drivers\avipbb.sys
2010-07-21 16:42:19 ----A---- C:\Windows\system32\drivers\avgntmgr.sys
2010-07-21 16:42:19 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2010-07-21 16:42:19 ----A---- C:\Windows\system32\drivers\avgntdd.sys
2010-07-21 16:42:19 ----A---- C:\Windows\system32\drivers\avfwot.sys
2010-07-21 16:42:19 ----A---- C:\Windows\system32\drivers\avfwim.sys
2010-07-21 16:42:18 ----D---- C:\ProgramData\Avira
2010-07-21 16:42:18 ----D---- C:\Program Files\Avira
2010-07-21 16:39:42 ----D---- C:\Users\BokyCZ\AppData\Roaming\WinRAR
2010-07-21 16:39:10 ----D---- C:\Program Files\WinRAR
2010-07-21 16:37:48 ----D---- C:\Users\BokyCZ\AppData\Roaming\Macromedia
2010-07-21 16:37:48 ----D---- C:\Users\BokyCZ\AppData\Roaming\Adobe
2010-07-21 16:32:57 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-07-21 16:32:55 ----D---- C:\Program Files\DAEMON Tools Lite
2010-07-21 16:32:29 ----D---- C:\Users\BokyCZ\AppData\Roaming\DAEMON Tools Lite
2010-07-21 16:32:27 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-07-21 16:32:01 ----A---- C:\Windows\system32\wintrust.dll
2010-07-21 16:32:01 ----A---- C:\Windows\system32\cabview.dll
2010-07-21 16:22:09 ----A---- C:\Windows\system32\occache.dll
2010-07-21 16:22:09 ----A---- C:\Windows\system32\mstime.dll
2010-07-21 16:22:09 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-07-21 16:22:09 ----A---- C:\Windows\system32\msfeeds.dll
2010-07-21 16:22:09 ----A---- C:\Windows\system32\jsproxy.dll
2010-07-21 16:22:09 ----A---- C:\Windows\system32\iepeers.dll
2010-07-21 16:22:08 ----A---- C:\Windows\system32\wininet.dll
2010-07-21 16:22:08 ----A---- C:\Windows\system32\msfeedssync.exe
2010-07-21 16:22:08 ----A---- C:\Windows\system32\ieUnatt.exe
2010-07-21 16:22:08 ----A---- C:\Windows\system32\ieui.dll
2010-07-21 16:22:08 ----A---- C:\Windows\system32\iesetup.dll
2010-07-21 16:22:08 ----A---- C:\Windows\system32\iertutil.dll
2010-07-21 16:22:08 ----A---- C:\Windows\system32\iernonce.dll
2010-07-21 16:22:08 ----A---- C:\Windows\system32\iedkcs32.dll
2010-07-21 16:22:08 ----A---- C:\Windows\system32\ie4uinit.exe
2010-07-21 16:22:07 ----A---- C:\Windows\system32\urlmon.dll
2010-07-21 16:22:07 ----A---- C:\Windows\system32\iesysprep.dll
2010-07-21 16:22:06 ----A---- C:\Windows\system32\mshtml.dll
2010-07-21 16:22:06 ----A---- C:\Windows\system32\ieframe.dll
2010-07-21 16:16:32 ----A---- C:\Windows\system32\msls31.dll
2010-07-21 16:16:32 ----A---- C:\Windows\system32\mshtmler.dll
2010-07-21 16:16:32 ----A---- C:\Windows\system32\mshtmled.dll
2010-07-21 16:16:32 ----A---- C:\Windows\system32\icardie.dll
2010-07-21 16:16:32 ----A---- C:\Windows\system32\corpol.dll
2010-07-21 16:16:32 ----A---- C:\Windows\system32\admparse.dll
2010-07-21 16:16:31 ----A---- C:\Windows\system32\webcheck.dll
2010-07-21 16:16:31 ----A---- C:\Windows\system32\msrating.dll
2010-07-21 16:16:31 ----A---- C:\Windows\system32\licmgr10.dll
2010-07-21 16:16:31 ----A---- C:\Windows\system32\inseng.dll
2010-07-21 16:16:31 ----A---- C:\Windows\system32\imgutil.dll
2010-07-21 16:16:31 ----A---- C:\Windows\system32\ieaksie.dll
2010-07-21 16:16:31 ----A---- C:\Windows\system32\ieakeng.dll
2010-07-21 16:16:31 ----A---- C:\Windows\system32\dxtrans.dll
2010-07-21 16:16:31 ----A---- C:\Windows\system32\dxtmsft.dll
2010-07-21 16:16:30 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-07-21 16:16:30 ----A---- C:\Windows\system32\wextract.exe
2010-07-21 16:16:30 ----A---- C:\Windows\system32\pngfilt.dll
2010-07-21 16:16:30 ----A---- C:\Windows\system32\ieapfltr.dll
2010-07-21 16:16:30 ----A---- C:\Windows\system32\ieakui.dll
2010-07-21 16:16:30 ----A---- C:\Windows\system32\advpack.dll
2010-07-21 16:16:29 ----A---- C:\Windows\system32\url.dll
2010-07-21 16:16:29 ----A---- C:\Windows\system32\mshta.exe
2010-07-21 16:16:29 ----A---- C:\Windows\system32\iexpress.exe
2010-07-21 16:16:28 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-07-21 16:16:28 ----A---- C:\Windows\system32\SetDepNx.exe
2010-07-21 16:16:28 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-07-21 16:16:28 ----A---- C:\Windows\system32\PDMSetup.exe
2010-07-21 16:13:27 ----D---- C:\Program Files\VS Revo Group
2010-07-21 16:12:30 ----N---- C:\Windows\system32\MpSigStub.exe
2010-07-21 16:09:57 ----D---- C:\Program Files\uTorrent
2010-07-21 16:09:28 ----D---- C:\Users\BokyCZ\AppData\Roaming\uTorrent
2010-07-21 16:07:55 ----A---- C:\Windows\system32\drivers\pcouffin.sys
2010-07-21 16:07:55 ----A---- C:\Users\BokyCZ\AppData\Roaming\pcouffin.sys
2010-07-21 16:07:55 ----A---- C:\Users\BokyCZ\AppData\Roaming\inst.exe
2010-07-21 16:07:54 ----D---- C:\Users\BokyCZ\AppData\Roaming\Vso
2010-07-21 16:07:50 ----A---- C:\Windows\system32\sipr3260.dll
2010-07-21 16:07:49 ----A---- C:\Windows\system32\wvc1dmod.dll
2010-07-21 16:07:49 ----A---- C:\Windows\system32\vp7vfw.dll
2010-07-21 16:07:49 ----A---- C:\Windows\system32\Pncrt.dll
2010-07-21 16:07:49 ----A---- C:\Windows\system32\drv43260.dll
2010-07-21 16:07:49 ----A---- C:\Windows\system32\drv33260.dll
2010-07-21 16:07:49 ----A---- C:\Windows\system32\drv23260.dll
2010-07-21 16:07:49 ----A---- C:\Windows\system32\cook3260.dll
2010-07-21 16:07:47 ----D---- C:\Program Files\VSO
2010-07-21 16:07:10 ----D---- C:\Program Files\SMPlayer
2010-07-21 16:06:01 ----D---- C:\Users\BokyCZ\AppData\Roaming\Ashampoo
2010-07-21 16:05:59 ----D---- C:\Users\BokyCZ\AppData\Roaming\Mozilla
2010-07-21 16:05:56 ----D---- C:\ProgramData\ashampoo
2010-07-21 16:05:53 ----D---- C:\Program Files\Ashampoo
2010-07-21 16:05:13 ----D---- C:\Program Files\Mozilla Firefox
2010-07-21 16:01:49 ----A---- C:\Windows\system32\wups2.dll
2010-07-21 16:01:49 ----A---- C:\Windows\system32\wuauclt.exe
2010-07-21 16:01:48 ----A---- C:\Windows\system32\wucltux.dll
2010-07-21 16:01:48 ----A---- C:\Windows\system32\wuaueng.dll
2010-07-21 16:01:42 ----A---- C:\Windows\system32\wups.dll
2010-07-21 16:01:42 ----A---- C:\Windows\system32\wudriver.dll
2010-07-21 16:01:42 ----A---- C:\Windows\system32\wuapi.dll
2010-07-21 16:01:41 ----A---- C:\Windows\system32\wuwebv.dll
2010-07-21 16:01:41 ----A---- C:\Windows\system32\wuapp.exe
2010-07-21 15:59:55 ----D---- C:\Users\BokyCZ\AppData\Roaming\Google
2010-07-21 15:56:11 ----D---- C:\Users\BokyCZ\AppData\Roaming\Identities
2010-07-21 15:52:41 ----DC---- C:\Windows\system32\DRVSTORE
2010-07-21 15:52:41 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2010-07-21 15:52:04 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-07-21 15:52:01 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-07-21 15:51:09 ----D---- C:\Program Files\Microsoft
2010-07-21 15:50:55 ----D---- C:\Program Files\Windows Live SkyDrive
2010-07-21 15:50:50 ----D---- C:\Program Files\Windows Live
2010-07-21 15:50:04 ----D---- C:\Program Files\Common Files\Windows Live
2010-07-21 15:48:27 ----D---- C:\ProgramData\Adobe
2010-07-21 15:48:25 ----D---- C:\Program Files\Common Files\Adobe
2010-07-21 15:48:25 ----D---- C:\Program Files\Adobe
2010-07-21 15:46:21 ----SD---- C:\Users\BokyCZ\AppData\Roaming\Microsoft
2010-07-21 15:46:21 ----D---- C:\Users\BokyCZ\AppData\Roaming\Media Center Programs

======List of files/folders modified in the last 1 months======

2010-07-21 23:01:14 ----D---- C:\Windows\Temp
2010-07-21 22:57:23 ----RD---- C:\Program Files
2010-07-21 22:54:51 ----D---- C:\Windows\System32
2010-07-21 22:54:51 ----D---- C:\Windows\inf
2010-07-21 22:54:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-07-21 22:53:49 ----D---- C:\Windows
2010-07-21 22:53:38 ----SHD---- C:\Windows\Installer
2010-07-21 22:52:19 ----D---- C:\Windows\Microsoft.NET
2010-07-21 22:52:17 ----D---- C:\ProgramData\NVIDIA
2010-07-21 22:52:11 ----D---- C:\Windows\system32\drivers
2010-07-21 22:52:09 ----D---- C:\Windows\system32\catroot
2010-07-21 22:51:44 ----D---- C:\Windows\winsxs
2010-07-21 22:51:44 ----D---- C:\Windows\ehome
2010-07-21 22:51:37 ----D---- C:\Windows\system32\catroot2
2010-07-21 22:42:06 ----RSD---- C:\Windows\assembly
2010-07-21 22:40:27 ----A---- C:\Windows\system32\acovcnt.exe
2010-07-21 22:36:59 ----D---- C:\Windows\system32\en-US
2010-07-21 22:36:59 ----D---- C:\Windows\system32\el-GR
2010-07-21 22:36:59 ----D---- C:\Windows\system32\cs-CZ
2010-07-21 22:36:57 ----D---- C:\Program Files\Windows Mail
2010-07-21 22:36:56 ----D---- C:\Windows\system32\sk-SK
2010-07-21 22:36:56 ----D---- C:\Windows\system32\ro-RO
2010-07-21 22:36:56 ----D---- C:\Windows\AppPatch
2010-07-21 22:36:56 ----D---- C:\Program Files\Movie Maker
2010-07-21 22:36:39 ----D---- C:\Windows\system32\XPSViewer
2010-07-21 22:36:39 ----D---- C:\Windows\system32\wbem
2010-07-21 22:36:26 ----RSD---- C:\Windows\Fonts
2010-07-21 22:36:23 ----D---- C:\Program Files\Windows Media Player
2010-07-21 20:28:03 ----D---- C:\ProgramData\Microsoft Help
2010-07-21 20:22:17 ----HD---- C:\ProgramData
2010-07-21 20:13:17 ----D---- C:\Windows\system32\Tasks
2010-07-21 20:09:52 ----D---- C:\Windows\Debug
2010-07-21 20:02:42 ----D---- C:\Program Files\Common Files\microsoft shared
2010-07-21 20:02:28 ----D---- C:\Program Files\Microsoft Works
2010-07-21 20:00:50 ----A---- C:\Windows\win.ini
2010-07-21 17:16:43 ----D---- C:\Windows\system32\WDI
2010-07-21 16:52:12 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-21 16:51:54 ----D---- C:\Program Files\CyberLink
2010-07-21 16:49:30 ----D---- C:\Program Files\Common Files
2010-07-21 16:43:08 ----D---- C:\ProgramData\Norton
2010-07-21 16:29:36 ----D---- C:\Windows\Prefetch
2010-07-21 16:24:46 ----D---- C:\Windows\system32\migration
2010-07-21 16:24:46 ----D---- C:\Program Files\Internet Explorer
2010-07-21 16:24:43 ----D---- C:\Windows\PolicyDefinitions
2010-07-21 16:13:12 ----D---- C:\Windows\Tasks
2010-07-21 16:13:07 ----D---- C:\Program Files\Google
2010-07-21 16:01:57 ----D---- C:\Windows\SoftwareDistribution
2010-07-21 16:01:33 ----SD---- C:\ProgramData\Microsoft
2010-07-21 15:56:28 ----SHD---- C:\$RECYCLE.BIN
2010-07-21 15:46:21 ----RD---- C:\Users
2010-07-21 15:42:13 ----D---- C:\Windows\rescache
2010-07-02 12:39:06 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2009-06-13 30264]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-07-20 324120]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-21 691696]
R1 avfwot;avfwot; C:\Windows\system32\DRIVERS\avfwot.sys [2010-02-18 102856]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-02-18 1093632]
R3 avfwim;AvFw Packet Filter Miniport; C:\Windows\system32\DRIVERS\avfwim.sys [2010-02-15 79432]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-04-21 90112]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-04-14 2358560]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-11-03 13880]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2009-04-01 50176]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2009-01-22 52768]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-02 9786752]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-07-21 47360]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-08-11 1752704]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound; C:\Windows\system32\drivers\srs_PremiumSound_i386.sys [2009-04-01 233128]
S1 SRTSP;SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS []
S1 SRTSPX;SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS []
S3 al4k90uw;al4k90uw; C:\Windows\system32\drivers\al4k90uw.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-04-17 23040]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-17 507904]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-07-09 81960]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2008-05-13 100392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-01-29 29736]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-05-13 17320]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-04-17 149504]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 131000]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ADSMService;ADSM Service; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 AntiVirFirewallService;Avira FireWall; C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [2010-04-01 536232]
R2 AntiVirMailService;Avira AntiVir MailGuard; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [2010-03-30 337064]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirWebService;Avira AntiVir WebGuard; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2010-04-01 405672]
R2 ASLDRService;ASLDR Service; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [2008-08-14 100920]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2008-07-30 522792]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-02 211488]
R2 SRS_VolSync_Service;SRS Volume Sync Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [2009-04-07 70880]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-21 135664]
S2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 []
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-07-21 182768]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Partner Service;Partner Service; C:\ProgramData\Partner\partner.exe [2009-06-13 110576]

-----------------EOF-----------------

Log vypadá čistý. Obsah toho adresáře můžete kompletně smazat.

Mno, Avira se vykazuje akcí přístup zamítnut. Ale mam podezření, že hláška o viru naskakuje vždy při stahování určité aktualizace přes Windows update

OK. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

ok, zde je log
**********************

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4336

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.18928

22.7.2010 0:28:41
mbam-log-2010-07-22 (00-28-41).txt

Typ skenu: Úplný sken (C:\|D:\|)
Skenované objekty: 264405
Uplynulý čas: 1 hodina(y), 1 minuta(y), 13 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Nic to nenašlo. Zkuste ještě ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

VIRY.CZ

Malware: TR/Rootkit.Gen2 [trojan] - Avira

Malware: TR/Rootkit.Gen2 [trojan] - Avira

Re: Malware: TR/Rootkit.Gen2 [trojan] - Avira

Re: Malware: TR/Rootkit.Gen2 [trojan] - Avira

Re: Malware: TR/Rootkit.Gen2 [trojan] - Avira

Re: Malware: TR/Rootkit.Gen2 [trojan] - Avira

Re: Malware: TR/Rootkit.Gen2 [trojan] - Avira