preventivka po vyčištění Anti-Malware a Avastem
Napsal: 09 pro 2010 22:51
Ahoj.
Prosím o kontrolu logu.
Kamarád přinesl Notebook v zuboženém stavu.
Malwarebytes odstranilo asi 1050 položek, Avast asi 100.
Přikládám log a děkuji předem.
Logfile of random's system information tool 1.08 (written by random/random)
Run by refaski at 2010-12-09 22:49:44
Microsoft® Windows Vista™ Home Premium
System drive C: has 19 GB (21%) free of 92 GB
Total RAM: 1918 MB (45% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{51B39AA9-BCB6-4887-933E-8D569C6781BB}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-05-30 1410344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll [2007-09-28 521528]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-09-01 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-02-26 153136]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-03-30 1232896]
""= []
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"BitComet"=C:\Program Files\BitComet\BitComet.exe [2007-10-08 6338872]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-05-30 21718312]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe -NoStart []
C:\Users\refaski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výrezy obrazovky a spuštení aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2010-12-09 22:38:38 ----D---- C:\Program Files\trend micro
2010-12-09 22:38:37 ----D---- C:\rsit
2010-12-09 22:19:16 ----D---- C:\Users\refaski\AppData\Roaming\Auslogics
2010-12-09 22:18:02 ----D---- C:\Program Files\Auslogics
2010-12-08 20:18:49 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-12-08 20:18:48 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-12-08 20:18:46 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-12-08 20:18:44 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-12-08 20:18:40 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-12-08 20:17:29 ----A---- C:\Windows\system32\aswBoot.exe
2010-12-08 20:16:42 ----D---- C:\ProgramData\Alwil Software
2010-12-08 20:16:42 ----D---- C:\Program Files\Alwil Software
2010-12-08 18:51:57 ----D---- C:\Users\refaski\AppData\Roaming\Malwarebytes
2010-12-08 18:51:45 ----D---- C:\ProgramData\Malwarebytes
2010-12-08 18:51:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-08 18:20:22 ----RA---- C:\Users\refaski\AppData\Roaming\idgGK7ljd7.txt
2010-11-24 08:25:03 ----RA---- C:\Users\refaski\AppData\Roaming\nK6Nk.txt
2010-11-23 06:46:55 ----RA---- C:\Users\refaski\AppData\Roaming\hDlkH.txt
2010-11-22 07:16:53 ----RA---- C:\Users\refaski\AppData\Roaming\k6jLC.txt
2010-11-15 09:44:39 ----D---- C:\Program Files\ICQ7.2
2010-11-10 16:10:12 ----A---- C:\Windows\system32\MRT.INI
======List of files/folders modified in the last 1 months======
2010-12-09 22:49:43 ----D---- C:\Windows\Temp
2010-12-09 22:38:38 ----RD---- C:\Program Files
2010-12-09 22:37:46 ----D---- C:\Users\refaski\AppData\Roaming\Skype
2010-12-09 22:21:50 ----D---- C:\Program Files\Mozilla Firefox
2010-12-09 21:24:19 ----SHD---- C:\Windows\Installer
2010-12-09 21:16:21 ----D---- C:\Program Files\Common Files
2010-12-09 21:15:52 ----SHD---- C:\System Volume Information
2010-12-09 21:04:11 ----D---- C:\Windows\system32\drivers
2010-12-09 21:03:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-09 20:54:37 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2010-12-09 20:54:37 ----D---- C:\Windows
2010-12-09 20:53:27 ----D---- C:\Windows\system32\catroot
2010-12-09 20:50:33 ----DC---- C:\Windows\system32\DRVSTORE
2010-12-09 20:50:33 ----D---- C:\Windows\inf
2010-12-09 20:40:10 ----SD---- C:\Users\refaski\AppData\Roaming\Microsoft
2010-12-09 20:32:29 ----D---- C:\Program Files\OLYMPUS
2010-12-09 20:25:21 ----D---- C:\Users\refaski\AppData\Roaming\Samsung
2010-12-09 20:21:49 ----D---- C:\Windows\winsxs
2010-12-09 20:18:03 ----D---- C:\Users\refaski\AppData\Roaming\skypePM
2010-12-09 20:16:28 ----D---- C:\Windows\LiveKernelReports
2010-12-08 23:33:35 ----D---- C:\Program Files\DAEMON Tools
2010-12-08 22:02:04 ----D---- C:\Windows\Debug
2010-12-08 21:51:50 ----D---- C:\Downloads
2010-12-08 21:30:05 ----D---- C:\Windows\system32\catroot2
2010-12-08 21:23:02 ----D---- C:\Program Files\EA Sports
2010-12-08 21:16:53 ----D---- C:\Users\refaski\AppData\Roaming\BSplayer
2010-12-08 20:17:29 ----D---- C:\Windows\System32
2010-12-08 20:16:42 ----HD---- C:\ProgramData
2010-12-08 19:40:28 ----D---- C:\Program Files\VoipCheapCom
2010-12-08 19:34:29 ----D---- C:\Windows\ServiceProfiles
2010-12-08 18:56:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-08 18:45:31 ----D---- C:\Program Files\Google
2010-12-08 18:22:24 ----D---- C:\ProgramData\Google
2010-12-05 22:21:48 ----D---- C:\Users\refaski\AppData\Roaming\ICQ
2010-11-23 18:43:23 ----RSHD---- C:\RECYCLER
2010-11-15 09:45:31 ----D---- C:\Program Files\ICQ6.5
2010-11-15 09:45:28 ----D---- C:\ProgramData\ICQ
2010-11-12 18:47:31 ----D---- C:\Windows\Prefetch
2010-11-10 16:11:24 ----D---- C:\ProgramData\Microsoft Help
2010-11-10 16:08:09 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-03-16 682232]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-02-01 690176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-08 2313216]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 a9vslcdb;a9vslcdb; C:\Windows\system32\drivers\a9vslcdb.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2006-11-02 14848]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2006-11-02 31616]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-05-11 247808]
S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-01-08 557056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-02-26 267824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Prosím o kontrolu logu.
Kamarád přinesl Notebook v zuboženém stavu.
Malwarebytes odstranilo asi 1050 položek, Avast asi 100.
Přikládám log a děkuji předem.
Logfile of random's system information tool 1.08 (written by random/random)
Run by refaski at 2010-12-09 22:49:44
Microsoft® Windows Vista™ Home Premium
System drive C: has 19 GB (21%) free of 92 GB
Total RAM: 1918 MB (45% free)
HijackThis download failed
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{51B39AA9-BCB6-4887-933E-8D569C6781BB}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-05-30 1410344]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll [2007-09-28 521528]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-09-01 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-02-26 153136]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-03-30 1232896]
""= []
"StartCCC"=c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"BitComet"=C:\Program Files\BitComet\BitComet.exe [2007-10-08 6338872]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-05-30 21718312]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe -NoStart []
C:\Users\refaski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výrezy obrazovky a spuštení aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2010-12-09 22:38:38 ----D---- C:\Program Files\trend micro
2010-12-09 22:38:37 ----D---- C:\rsit
2010-12-09 22:19:16 ----D---- C:\Users\refaski\AppData\Roaming\Auslogics
2010-12-09 22:18:02 ----D---- C:\Program Files\Auslogics
2010-12-08 20:18:49 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-12-08 20:18:48 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-12-08 20:18:46 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-12-08 20:18:44 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-12-08 20:18:40 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-12-08 20:17:29 ----A---- C:\Windows\system32\aswBoot.exe
2010-12-08 20:16:42 ----D---- C:\ProgramData\Alwil Software
2010-12-08 20:16:42 ----D---- C:\Program Files\Alwil Software
2010-12-08 18:51:57 ----D---- C:\Users\refaski\AppData\Roaming\Malwarebytes
2010-12-08 18:51:45 ----D---- C:\ProgramData\Malwarebytes
2010-12-08 18:51:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-08 18:20:22 ----RA---- C:\Users\refaski\AppData\Roaming\idgGK7ljd7.txt
2010-11-24 08:25:03 ----RA---- C:\Users\refaski\AppData\Roaming\nK6Nk.txt
2010-11-23 06:46:55 ----RA---- C:\Users\refaski\AppData\Roaming\hDlkH.txt
2010-11-22 07:16:53 ----RA---- C:\Users\refaski\AppData\Roaming\k6jLC.txt
2010-11-15 09:44:39 ----D---- C:\Program Files\ICQ7.2
2010-11-10 16:10:12 ----A---- C:\Windows\system32\MRT.INI
======List of files/folders modified in the last 1 months======
2010-12-09 22:49:43 ----D---- C:\Windows\Temp
2010-12-09 22:38:38 ----RD---- C:\Program Files
2010-12-09 22:37:46 ----D---- C:\Users\refaski\AppData\Roaming\Skype
2010-12-09 22:21:50 ----D---- C:\Program Files\Mozilla Firefox
2010-12-09 21:24:19 ----SHD---- C:\Windows\Installer
2010-12-09 21:16:21 ----D---- C:\Program Files\Common Files
2010-12-09 21:15:52 ----SHD---- C:\System Volume Information
2010-12-09 21:04:11 ----D---- C:\Windows\system32\drivers
2010-12-09 21:03:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-12-09 20:54:37 ----D---- C:\Windows\system32\Samsung_USB_Drivers
2010-12-09 20:54:37 ----D---- C:\Windows
2010-12-09 20:53:27 ----D---- C:\Windows\system32\catroot
2010-12-09 20:50:33 ----DC---- C:\Windows\system32\DRVSTORE
2010-12-09 20:50:33 ----D---- C:\Windows\inf
2010-12-09 20:40:10 ----SD---- C:\Users\refaski\AppData\Roaming\Microsoft
2010-12-09 20:32:29 ----D---- C:\Program Files\OLYMPUS
2010-12-09 20:25:21 ----D---- C:\Users\refaski\AppData\Roaming\Samsung
2010-12-09 20:21:49 ----D---- C:\Windows\winsxs
2010-12-09 20:18:03 ----D---- C:\Users\refaski\AppData\Roaming\skypePM
2010-12-09 20:16:28 ----D---- C:\Windows\LiveKernelReports
2010-12-08 23:33:35 ----D---- C:\Program Files\DAEMON Tools
2010-12-08 22:02:04 ----D---- C:\Windows\Debug
2010-12-08 21:51:50 ----D---- C:\Downloads
2010-12-08 21:30:05 ----D---- C:\Windows\system32\catroot2
2010-12-08 21:23:02 ----D---- C:\Program Files\EA Sports
2010-12-08 21:16:53 ----D---- C:\Users\refaski\AppData\Roaming\BSplayer
2010-12-08 20:17:29 ----D---- C:\Windows\System32
2010-12-08 20:16:42 ----HD---- C:\ProgramData
2010-12-08 19:40:28 ----D---- C:\Program Files\VoipCheapCom
2010-12-08 19:34:29 ----D---- C:\Windows\ServiceProfiles
2010-12-08 18:56:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-08 18:45:31 ----D---- C:\Program Files\Google
2010-12-08 18:22:24 ----D---- C:\ProgramData\Google
2010-12-05 22:21:48 ----D---- C:\Users\refaski\AppData\Roaming\ICQ
2010-11-23 18:43:23 ----RSHD---- C:\RECYCLER
2010-11-15 09:45:31 ----D---- C:\Program Files\ICQ6.5
2010-11-15 09:45:28 ----D---- C:\ProgramData\ICQ
2010-11-12 18:47:31 ----D---- C:\Windows\Prefetch
2010-11-10 16:11:24 ----D---- C:\ProgramData\Microsoft Help
2010-11-10 16:08:09 ----A---- C:\Windows\system32\mrt.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-03-16 682232]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-02-01 690176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
R3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-08 2313216]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-02 47104]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 a9vslcdb;a9vslcdb; C:\Windows\system32\drivers\a9vslcdb.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2006-11-02 14848]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2006-11-02 31616]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-05-11 247808]
S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-01-08 557056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-02-26 267824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Spusťte combofix podle tohoto návodu
záložka 
Před stažením vypněte rezidentní štít antiviru, má na Usbfix falešnou detekci