VIRY.CZ

Zdravím, na počítači přítelkyně se objevil virus, vyústilo to až v BSOD. Poté počítač nešel spustit, ale nakonec se podařilo, proběhla kontrola disku před spuštěním Windows (která trvala podezřele dlouho). Počítač byl stále zasekaný, tak jsem nechal proběhnout Combofix a poté RSIT, logy níže. Notebook je v záruce, tak se dá kdyžtak reklamovat. Děkuji za pomoc

Combofix:

ComboFix 11-07-19.03 - Veruna 19.07.2011 21:44:45.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3003.1908 [GMT 2:00]
Spuštěný z: c:\users\Veruna\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\s.bat
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-19 do 2011-07-19 )))))))))))))))))))))))))))))))
.
.
2011-07-19 19:56 . 2011-07-19 19:57 -------- d-----w- c:\users\Veruna\AppData\Local\temp
2011-07-19 19:56 . 2011-07-19 19:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-19 19:42 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CBEA0987-5514-43E4-8566-A46986F0636A}\mpengine.dll
2011-07-13 19:40 . 2011-06-03 06:01 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-07-13 19:40 . 2011-06-03 05:56 271872 ----a-w- c:\windows\system32\conhost.exe
2011-07-13 19:39 . 2011-06-11 02:29 2334208 ----a-w- c:\windows\system32\win32k.sys
2011-07-10 07:21 . 2011-07-10 07:21 -------- d-----w- c:\program files\Common Files\Java
2011-06-29 11:02 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 11:01 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 11:01 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 11:01 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 11:01 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 11:01 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 11:01 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 11:01 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 11:01 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 11:01 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-28 13:03 . 2011-06-28 13:04 -------- d-----w- c:\program files\trend micro
2011-06-28 13:03 . 2011-06-28 13:13 -------- d-----w- C:\rsit
2011-06-28 12:50 . 2011-06-28 12:50 -------- d-----w- c:\programdata\SimCity Societies
2011-06-28 12:20 . 2011-07-19 19:38 -------- d-----w- c:\program files\Electronic Arts
2011-06-28 12:20 . 2007-04-04 16:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2011-06-28 12:20 . 2007-04-04 16:55 261480 ----a-w- c:\windows\system32\xactengine2_7.dll
2011-06-28 12:20 . 2007-03-15 14:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2011-06-28 12:20 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2011-06-28 12:20 . 2007-03-12 14:42 1123696 ----a-w- c:\windows\system32\D3DCompiler_33.dll
2011-06-28 12:20 . 2007-01-24 13:27 255848 ----a-w- c:\windows\system32\xactengine2_6.dll
2011-06-28 12:20 . 2006-12-08 10:02 251672 ----a-w- c:\windows\system32\xactengine2_5.dll
2011-06-28 12:20 . 2006-11-29 11:06 440080 ----a-w- c:\windows\system32\d3dx10.dll
2011-06-28 12:20 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-06-28 12:20 . 2007-03-05 10:42 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll
2011-06-26 18:19 . 2011-06-26 18:19 -------- d-----w- c:\users\Veruna\AppData\Local\Electronic Arts
2011-06-26 18:03 . 2006-09-28 14:05 237848 ----a-w- c:\windows\system32\xactengine2_4.dll
2011-06-26 18:03 . 2006-07-28 07:30 236824 ----a-w- c:\windows\system32\xactengine2_3.dll
2011-06-26 18:03 . 2006-07-28 07:30 62744 ----a-w- c:\windows\system32\xinput1_2.dll
2011-06-26 16:58 . 2011-06-26 16:58 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-25 23:23 . 2011-06-25 23:23 -------- d-----w- C:\0226f9ac67f0f273ec9181
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-17 18:56 . 2011-06-17 18:56 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2011-06-07 15:55 . 2010-08-04 19:43 7074640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-05-04 02:52 . 2010-12-05 08:45 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-03 04:30 . 2011-06-17 07:53 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 02:46 . 2011-06-17 07:56 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:46 . 2011-06-17 07:56 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:46 . 2011-06-17 07:56 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 02:17 . 2011-06-17 07:52 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-27 02:17 . 2011-06-17 07:52 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-27 02:17 . 2011-06-17 07:52 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 04:31 . 2011-06-17 07:55 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-25 02:18 . 2011-06-17 07:55 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-24 08:39 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-04-24 08:27 . 2011-04-24 08:27 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-24 08:27 . 2011-04-24 08:27 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-24 08:27 . 2011-04-24 08:27 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-24 08:27 . 2011-04-24 08:27 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-24 08:27 . 2011-04-24 08:27 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-24 08:27 . 2011-04-24 08:27 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-24 08:27 . 2011-04-24 08:27 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-24 08:27 . 2011-04-24 08:27 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-24 08:27 . 2011-04-24 08:27 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-24 08:27 . 2011-04-24 08:27 367104 ----a-w- c:\windows\system32\html.iec
2011-04-24 08:27 . 2011-04-24 08:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-24 08:27 . 2011-04-24 08:27 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-24 08:27 . 2011-04-24 08:27 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-24 08:27 . 2011-04-24 08:27 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-24 08:27 . 2011-04-24 08:27 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-24 08:27 . 2011-04-24 08:27 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-24 08:27 . 2011-04-24 08:27 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-24 08:27 . 2011-04-24 08:27 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-24 08:27 . 2011-04-24 08:27 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-22 23:35 . 2011-06-17 21:37 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-22 23:25 . 2011-06-17 21:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-22 19:14 . 2011-05-25 09:21 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Veruna\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Veruna\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Veruna\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2009-08-20 16:55 5062920 ----a-w- c:\program files\Lenovo\LenovoSecuritySolution FP\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2009-08-20 16:55 5062920 ----a-w- c:\program files\Lenovo\LenovoSecuritySolution FP\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2009-11-06 18:12 1410312 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-11 7739936]
"IndicatorListener"="c:\program files\Motorola\Bluetooth\mkil.dll" [2009-08-12 107784]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2009-07-22 17753352]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-09-03 1557800]
"PSQLLauncher"="c:\program files\Lenovo\LenovoSecuritySolution FP\launcher.exe" [2009-08-20 55048]
"UpdateP2GShortCut"="c:\program files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-09-01 4114288]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-06-25 5064520]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"NetFxUpdate_v1.1.4322"="c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" [2004-08-10 106496]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
c:\users\Veruna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Veruna\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2009-08-20 16:28 100616 ----a-w- c:\program files\Lenovo\LenovoSecuritySolution FP\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\LenovoSecuritySolution FP\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
2009-11-06 18:12 3122440 ----a-w- c:\program files\Lenovo\VeriFace\PManage.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-06-17 11:44 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2009-07-09 40448]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2011-06-17 23456]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-03 1343400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
S1 funfrm;funfrm; [x]
S1 MpKsl0252a06c;MpKsl0252a06c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{10F4F7A8-5167-4D0E-A474-87ACB4014E39}\MpKsl0252a06c.sys [x]
S1 MpKsl310b9932;MpKsl310b9932;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{10F4F7A8-5167-4D0E-A474-87ACB4014E39}\MpKsl310b9932.sys [x]
S1 MpKsl3f1792a8;MpKsl3f1792a8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{10F4F7A8-5167-4D0E-A474-87ACB4014E39}\MpKsl3f1792a8.sys [x]
S1 MpKslc93a8cd8;MpKslc93a8cd8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0888C445-B8CC-42C4-916A-534250CF9166}\MpKslc93a8cd8.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2009-07-22 474888]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 IGRS;IGRS;c:\program files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S2 UpekSrvc;Upek Service;c:\program files\Lenovo\LenovoSecuritySolution FP\upeksrvc.exe [2009-08-20 44808]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2009-07-22 3473672]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2009-07-22 709384]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2009-07-13 516608]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-19 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 15:54]
.
2011-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2039659266-156336464-1702984616-1003Core.job
- c:\users\Veruna\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-02 16:05]
.
2011-07-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2039659266-156336464-1702984616-1003UA.job
- c:\users\Veruna\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-02 16:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
mStart Page = hxxp://lenovo.live.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
Toolbar-Locked - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(596)
c:\program files\Lenovo\LenovoSecuritySolution FP\psqlpwd.dll
c:\program files\Lenovo\LenovoSecuritySolution FP\homefus2.dll
c:\program files\Lenovo\LenovoSecuritySolution FP\infql2.dll
.
Celkový čas: 2011-07-19 22:09:01
ComboFix-quarantined-files.txt 2011-07-19 20:08
.
Před spuštěním: Volných bajtů: 148 398 772 224
Po spuštění: Volných bajtů: 148 220 719 104
.
- - End Of File - - 6D9E015BAE8D98AF0B49608883359CA3


RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Veruna at 2011-07-19 22:11:46
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 141 GB (55%) free of 259 GB
Total RAM: 3003 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:11:49, on 19.7.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\LenovoSecuritySolution FP\psqltray.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Veruna\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\windows\System32\rundll32.exe
C:\windows\explorer.exe
C:\Users\Veruna\Downloads\RSIT.exe
C:\Program Files\trend micro\Veruna.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IndicatorListener] rundll32.exe "C:\Program Files\Motorola\Bluetooth\mkil.dll",StartNotification
O4 - HKLM\..\Run: [BTMTrayAgent] rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Lenovo\LenovoSecuritySolution FP\launcher.exe" /startup
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [NetFxUpdate_v1.1.4322] "C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" 1 v1.1.4322 GAC + NI NID
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Startup: Dropbox.lnk = Veruna\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Upek Service (UpekSrvc) - UPEK Inc. - C:\Program Files\Lenovo\LenovoSecuritySolution FP\upeksrvc.exe

--
End of file - 8451 bytes

======Scheduled tasks folder======

C:\windows\tasks\Check Updates for Windows Live Toolbar.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2039659266-156336464-1702984616-1003Core.job
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-2039659266-156336464-1702984616-1003UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - c:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - c:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-09-06 1048888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-09-11 7739936]
"IndicatorListener"=C:\Program Files\Motorola\Bluetooth\mkil.dll [2009-08-12 107784]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2009-07-22 17753352]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-03 1557800]
"PSQLLauncher"=C:\Program Files\Lenovo\LenovoSecuritySolution FP\launcher.exe [2009-08-20 55048]
"UpdateP2GShortCut"=C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-09-01 4114288]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-06-25 5064520]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
"NetFxUpdate_v1.1.4322"=C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [2004-08-10 106496]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-02-11 137752]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-02-11 171032]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-02-11 172568]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files\Lenovo\VeriFace\PManage.exe [2009-11-06 3122440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-06-17 85160]

C:\Users\Veruna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Veruna\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\Lenovo\LenovoSecuritySolution FP\psqlpwd.dll [2009-08-20 100616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2011-04-24 203776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\Lenovo\LenovoSecuritySolution FP\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-07-19 22:09:23 ----SHD---- C:\$RECYCLE.BIN
2011-07-19 22:09:15 ----D---- C:\windows\temp
2011-07-19 22:09:07 ----A---- C:\ComboFix.txt
2011-07-19 21:42:19 ----A---- C:\windows\zip.exe
2011-07-19 21:42:19 ----A---- C:\windows\SWSC.exe
2011-07-19 21:42:19 ----A---- C:\windows\SWREG.exe
2011-07-19 21:42:19 ----A---- C:\windows\sed.exe
2011-07-19 21:42:19 ----A---- C:\windows\PEV.exe
2011-07-19 21:42:19 ----A---- C:\windows\NIRCMD.exe
2011-07-19 21:42:19 ----A---- C:\windows\MBR.exe
2011-07-19 21:42:19 ----A---- C:\windows\grep.exe
2011-07-19 21:42:09 ----D---- C:\windows\ERDNT
2011-07-19 21:42:05 ----D---- C:\Qoobox
2011-07-13 21:42:59 ----A---- C:\windows\system32\drivers\bthport.sys
2011-07-13 21:42:58 ----A---- C:\windows\system32\drivers\BTHUSB.SYS
2011-07-13 21:42:11 ----A---- C:\windows\system32\KernelBase.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-07-13 21:42:10 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-07-13 21:42:09 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-13 21:42:09 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-13 21:42:09 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-13 21:42:09 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-07-13 21:42:09 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-07-13 21:42:09 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-07-13 21:42:09 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-07-13 21:42:09 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-07-13 21:42:09 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-07-13 21:42:09 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-07-13 21:42:09 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-07-13 21:42:09 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-07-13 21:40:57 ----A---- C:\windows\system32\kernel32.dll
2011-07-13 21:40:56 ----A---- C:\windows\system32\winsrv.dll
2011-07-13 21:40:56 ----A---- C:\windows\system32\conhost.exe
2011-07-13 21:39:51 ----A---- C:\windows\system32\win32k.sys
2011-07-10 09:21:52 ----D---- C:\Program Files\Common Files\Java
2011-07-10 09:21:12 ----A---- C:\windows\system32\javaws.exe
2011-07-10 09:21:12 ----A---- C:\windows\system32\javaw.exe
2011-07-10 09:21:12 ----A---- C:\windows\system32\java.exe
2011-06-29 13:02:27 ----A---- C:\windows\system32\umpnpmgr.dll
2011-06-29 13:01:40 ----A---- C:\windows\system32\mssrch.dll
2011-06-29 13:01:39 ----A---- C:\windows\system32\tquery.dll
2011-06-29 13:01:39 ----A---- C:\windows\system32\SearchIndexer.exe
2011-06-29 13:01:38 ----A---- C:\windows\system32\SearchProtocolHost.exe
2011-06-29 13:01:38 ----A---- C:\windows\system32\mssvp.dll
2011-06-29 13:01:38 ----A---- C:\windows\system32\mssph.dll
2011-06-29 13:01:37 ----A---- C:\windows\system32\SearchFilterHost.exe
2011-06-29 13:01:37 ----A---- C:\windows\system32\mssphtb.dll
2011-06-29 13:01:36 ----A---- C:\windows\system32\msscntrs.dll
2011-06-28 15:03:29 ----D---- C:\Program Files\trend micro
2011-06-28 15:03:28 ----D---- C:\rsit
2011-06-28 14:50:19 ----D---- C:\ProgramData\SimCity Societies
2011-06-28 14:20:23 ----D---- C:\Program Files\Electronic Arts
2011-06-28 14:20:21 ----A---- C:\windows\system32\xinput1_3.dll
2011-06-28 14:20:20 ----A---- C:\windows\system32\xactengine2_7.dll
2011-06-28 14:20:19 ----A---- C:\windows\system32\d3dx9_33.dll
2011-06-28 14:20:19 ----A---- C:\windows\system32\d3dx10_33.dll
2011-06-28 14:20:19 ----A---- C:\windows\system32\D3DCompiler_33.dll
2011-06-28 14:20:18 ----A---- C:\windows\system32\xactengine2_6.dll
2011-06-28 14:20:18 ----A---- C:\windows\system32\xactengine2_5.dll
2011-06-28 14:20:18 ----A---- C:\windows\system32\d3dx10.dll
2011-06-28 14:20:17 ----A---- C:\windows\system32\d3dx9_32.dll
2011-06-28 14:20:16 ----A---- C:\windows\system32\x3daudio1_1.dll
2011-06-26 20:03:53 ----A---- C:\windows\system32\xactengine2_4.dll
2011-06-26 20:03:52 ----A---- C:\windows\system32\xinput1_2.dll
2011-06-26 20:03:52 ----A---- C:\windows\system32\xactengine2_3.dll
2011-06-26 01:23:09 ----D---- C:\0226f9ac67f0f273ec9181

======List of files/folders modified in the last 1 months======

2011-07-19 22:09:15 ----D---- C:\Windows
2011-07-19 21:57:28 ----A---- C:\windows\system.ini
2011-07-19 21:57:00 ----D---- C:\windows\system32\drivers\etc
2011-07-19 21:53:39 ----D---- C:\windows\system32\config
2011-07-19 21:49:37 ----D---- C:\windows\system32\drivers
2011-07-19 21:49:37 ----D---- C:\windows\System32
2011-07-19 21:49:36 ----D---- C:\windows\AppPatch
2011-07-19 21:49:34 ----D---- C:\Program Files\Common Files
2011-07-19 21:39:35 ----SHD---- C:\windows\Installer
2011-07-19 21:30:50 ----SHD---- C:\System Volume Information
2011-07-19 21:26:45 ----D---- C:\Users\Veruna\AppData\Roaming\Dropbox
2011-07-17 08:35:05 ----D---- C:\windows\Prefetch
2011-07-16 13:12:23 ----D---- C:\windows\inf
2011-07-16 13:12:23 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-07-14 09:23:46 ----D---- C:\windows\winsxs
2011-07-14 09:21:38 ----D---- C:\windows\system32\DriverStore
2011-07-14 01:40:33 ----D---- C:\windows\debug
2011-07-14 01:40:31 ----A---- C:\windows\system32\MRT.exe
2011-07-13 21:39:13 ----D---- C:\windows\system32\catroot
2011-07-13 21:39:12 ----D---- C:\windows\system32\catroot2
2011-07-10 16:07:13 ----D---- C:\windows\system32\NDF
2011-07-10 14:24:28 ----D---- C:\Program Files\JDownloader
2011-07-10 09:20:55 ----D---- C:\Program Files\Java
2011-07-03 22:01:33 ----D---- C:\windows\Minidump
2011-06-30 15:19:50 ----RSD---- C:\windows\assembly
2011-06-30 15:19:50 ----D---- C:\windows\Microsoft.NET
2011-06-29 15:40:35 ----RSD---- C:\windows\Fonts
2011-06-28 22:13:04 ----D---- C:\Users\Veruna\AppData\Roaming\Skype
2011-06-28 16:05:32 ----D---- C:\Users\Veruna\AppData\Roaming\skypePM
2011-06-28 15:22:21 ----HD---- C:\Program Files\InstallShield Installation Information
2011-06-28 15:03:29 ----RD---- C:\Program Files
2011-06-28 14:50:19 ----D---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2009-12-18 26024]
R1 funfrm;funfrm; C:\windows\system32\drivers\funfrm.sys [2009-11-06 54800]
R1 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsl0252a06c;MpKsl0252a06c; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{10F4F7A8-5167-4D0E-A474-87ACB4014E39}\MpKsl0252a06c.sys []
R1 MpKsl310b9932;MpKsl310b9932; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{10F4F7A8-5167-4D0E-A474-87ACB4014E39}\MpKsl310b9932.sys []
R1 MpKsl3f1792a8;MpKsl3f1792a8; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{10F4F7A8-5167-4D0E-A474-87ACB4014E39}\MpKsl3f1792a8.sys []
R1 MpKslc93a8cd8;MpKslc93a8cd8; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0888C445-B8CC-42C4-916A-534250CF9166}\MpKslc93a8cd8.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-07-07 2506232]
R3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2009-07-13 516608]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-09-11 2769120]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2009-08-10 1759744]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-09-03 228912]
R3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2009-08-09 29696]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
R3 WinUsb;WinUSB Driver; C:\windows\system32\DRIVERS\WinUSB.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2009-07-09 40448]
S3 catchme;catchme; \??\C:\Users\Veruna\AppData\Local\Temp\catchme.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\windows\system32\Drivers\DrvAgent32.sys [2011-06-17 23456]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-14 229888]
S3 mbr;mbr; \??\C:\ComboFix\mbr.sys []
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
S3 nmwcd;Nokia USB Phone Parent; C:\windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2010-11-20 27648]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2009-07-22 474888]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 86880]
R2 UpekSrvc;Upek Service; C:\Program Files\Lenovo\LenovoSecuritySolution FP\upeksrvc.exe [2009-08-20 44808]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2009-07-22 3473672]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2009-07-22 709384]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-11-06 647680]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-10-20 630272]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-08-03 1343400]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]

-----------------EOF-----------------

Také zdravím!
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Driver::
funfrm

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu comboFix a pusťte. CF se spustí a vykoná příkaz ze skriptu.

Pěkný večer, zde je log z Combofixu po proběhnutí scriptu:
děkuji

ComboFix 11-07-20.05 - Veruna 20.07.2011 22:28:09.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3003.2062 [GMT 2:00]
Spuštěný z: c:\users\Veruna\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Veruna\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_funfrm
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-20 do 2011-07-20 )))))))))))))))))))))))))))))))
.
.
2011-07-20 20:40 . 2011-07-20 20:40 -------- d-----w- c:\users\Visitor\AppData\Local\temp
2011-07-20 20:40 . 2011-07-20 20:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-19 20:09 . 2011-07-20 20:43 -------- d-----w- c:\users\Veruna\AppData\Local\temp
2011-07-19 19:42 . 2011-06-07 15:55 7074640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CBEA0987-5514-43E4-8566-A46986F0636A}\mpengine.dll
2011-07-13 19:40 . 2011-06-03 06:01 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-07-13 19:40 . 2011-06-03 05:56 271872 ----a-w- c:\windows\system32\conhost.exe
2011-07-13 19:39 . 2011-06-11 02:29 2334208 ----a-w- c:\windows\system32\win32k.sys
2011-07-10 07:21 . 2011-07-10 07:21 -------- d-----w- c:\program files\Common Files\Java
2011-06-29 11:02 . 2011-05-24 10:44 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 11:01 . 2011-05-04 04:32 1401344 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 11:01 . 2011-05-04 04:34 1549312 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 11:01 . 2011-05-04 04:28 427520 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 11:01 . 2011-05-04 04:32 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 11:01 . 2011-05-04 04:32 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 11:01 . 2011-05-04 04:28 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-29 11:01 . 2011-05-04 04:32 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 11:01 . 2011-05-04 04:28 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 11:01 . 2011-05-04 04:32 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-28 13:03 . 2011-07-19 20:11 -------- d-----w- c:\program files\trend micro
2011-06-28 13:03 . 2011-07-19 20:11 -------- d-----w- C:\rsit
2011-06-28 12:50 . 2011-06-28 12:50 -------- d-----w- c:\programdata\SimCity Societies
2011-06-28 12:20 . 2011-07-19 19:38 -------- d-----w- c:\program files\Electronic Arts
2011-06-28 12:20 . 2007-04-04 16:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2011-06-28 12:20 . 2007-04-04 16:55 261480 ----a-w- c:\windows\system32\xactengine2_7.dll
2011-06-28 12:20 . 2007-03-15 14:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2011-06-28 12:20 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2011-06-28 12:20 . 2007-03-12 14:42 1123696 ----a-w- c:\windows\system32\D3DCompiler_33.dll
2011-06-28 12:20 . 2007-01-24 13:27 255848 ----a-w- c:\windows\system32\xactengine2_6.dll
2011-06-28 12:20 . 2006-12-08 10:02 251672 ----a-w- c:\windows\system32\xactengine2_5.dll
2011-06-28 12:20 . 2006-11-29 11:06 440080 ----a-w- c:\windows\system32\d3dx10.dll
2011-06-28 12:20 . 2006-11-29 11:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-06-28 12:20 . 2007-03-05 10:42 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll
2011-06-26 18:19 . 2011-06-26 18:19 -------- d-----w- c:\users\Veruna\AppData\Local\Electronic Arts
2011-06-26 18:03 . 2006-09-28 14:05 237848 ----a-w- c:\windows\system32\xactengine2_4.dll
2011-06-26 18:03 . 2006-07-28 07:30 236824 ----a-w- c:\windows\system32\xactengine2_3.dll
2011-06-26 18:03 . 2006-07-28 07:30 62744 ----a-w- c:\windows\system32\xinput1_2.dll
2011-06-26 16:58 . 2011-06-26 16:58 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-25 23:23 . 2011-06-25 23:23 -------- d-----w- C:\0226f9ac67f0f273ec9181
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-17 18:56 . 2011-06-17 18:56 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys
2011-06-07 15:55 . 2010-08-04 19:43 7074640 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-05-04 02:52 . 2010-12-05 08:45 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-03 04:30 . 2011-06-17 07:53 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 02:46 . 2011-06-17 07:56 311808 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-29 02:46 . 2011-06-17 07:56 310272 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-29 02:46 . 2011-06-17 07:56 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-27 02:17 . 2011-06-17 07:52 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-27 02:17 . 2011-06-17 07:52 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-27 02:17 . 2011-06-17 07:52 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 04:31 . 2011-06-17 07:55 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-04-25 02:18 . 2011-06-17 07:55 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2011-04-24 08:39 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-04-24 08:27 . 2011-04-24 08:27 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-24 08:27 . 2011-04-24 08:27 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-24 08:27 . 2011-04-24 08:27 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-24 08:27 . 2011-04-24 08:27 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-24 08:27 . 2011-04-24 08:27 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-24 08:27 . 2011-04-24 08:27 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-24 08:27 . 2011-04-24 08:27 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-24 08:27 . 2011-04-24 08:27 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-24 08:27 . 2011-04-24 08:27 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-24 08:27 . 2011-04-24 08:27 367104 ----a-w- c:\windows\system32\html.iec
2011-04-24 08:27 . 2011-04-24 08:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-24 08:27 . 2011-04-24 08:27 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-24 08:27 . 2011-04-24 08:27 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-24 08:27 . 2011-04-24 08:27 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-24 08:27 . 2011-04-24 08:27 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-24 08:27 . 2011-04-24 08:27 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-24 08:27 . 2011-04-24 08:27 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-24 08:27 . 2011-04-24 08:27 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-24 08:27 . 2011-04-24 08:27 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-22 23:35 . 2011-06-17 21:37 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-22 23:25 . 2011-06-17 21:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-22 19:14 . 2011-05-25 09:21 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-19_19.57.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:55 . 2011-07-20 20:44 46092 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-08-02 15:57 . 2011-07-20 20:44 13488 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2039659266-156336464-1702984616-1003_UserData.bin
- 2011-07-17 06:34 . 2011-07-19 19:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-20 20:21 . 2011-07-20 20:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-17 06:34 . 2011-07-19 19:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-07-20 20:21 . 2011-07-20 20:41 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 04:47 . 2011-07-17 00:24 406256 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 04:47 . 2011-07-19 20:13 406256 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-11-06 18:21 . 2011-07-17 00:24 2816040 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-11-06 18:21 . 2011-07-19 20:13 2816040 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-04-24 22:00 . 2011-07-19 20:13 2191996 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2039659266-156336464-1702984616-1003-8192.dat
- 2011-04-24 22:00 . 2011-07-17 00:24 2191996 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2039659266-156336464-1702984616-1003-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Veruna\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Veruna\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Veruna\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2009-08-20 16:55 5062920 ----a-w- c:\program files\Lenovo\LenovoSecuritySolution FP\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2009-08-20 16:55 5062920 ----a-w- c:\program files\Lenovo\LenovoSecuritySolution FP\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2009-11-06 18:12 1410312 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-11 7739936]
"IndicatorListener"="c:\program files\Motorola\Bluetooth\mkil.dll" [2009-08-12 107784]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2009-07-22 17753352]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-09-03 1557800]
"PSQLLauncher"="c:\program files\Lenovo\LenovoSecuritySolution FP\launcher.exe" [2009-08-20 55048]
"UpdateP2GShortCut"="c:\program files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-09-01 4114288]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-06-25 5064520]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"NetFxUpdate_v1.1.4322"="c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe" [2004-08-10 106496]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 172568]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
c:\users\Veruna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Veruna\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2009-08-20 16:28 100616 ----a-w- c:\program files\Lenovo\LenovoSecuritySolution FP\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\LenovoSecuritySolution FP\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
2009-11-06 18:12 3122440 ----a-w- c:\program files\Lenovo\VeriFace\PManage.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
2009-06-17 11:44 85160 ----a-w- c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2009-07-22 709384]
R3 Bridge0;Bridge0;c:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2009-07-09 40448]
R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2011-06-17 23456]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-02-26 137344]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-02-26 8320]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-03 1343400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2009-07-22 474888]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 IGRS;IGRS;c:\program files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S2 UpekSrvc;Upek Service;c:\program files\Lenovo\LenovoSecuritySolution FP\upeksrvc.exe [2009-08-20 44808]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2009-07-22 3473672]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2009-07-13 516608]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-20 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 15:54]
.
2011-07-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2039659266-156336464-1702984616-1003Core.job
- c:\users\Veruna\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-02 16:05]
.
2011-07-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2039659266-156336464-1702984616-1003UA.job
- c:\users\Veruna\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-02 16:05]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
mStart Page = hxxp://lenovo.live.com/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - c:\program files\ICQ7.4\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(588)
c:\program files\Lenovo\LenovoSecuritySolution FP\psqlpwd.dll
c:\program files\Lenovo\LenovoSecuritySolution FP\homefus2.dll
c:\program files\Lenovo\LenovoSecuritySolution FP\infql2.dll
.
- - - - - - - > 'Explorer.exe'(684)
c:\users\Veruna\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\program files\Lenovo\LenovoSecuritySolution FP\farchns.dll
c:\program files\Lenovo\LenovoSecuritySolution FP\infql2.dll
c:\program files\Lenovo\LenovoSecuritySolution FP\qlbase.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Lenovo\LenovoSecuritySolution FP\upeksvr.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-07-20 22:56:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-20 20:56
ComboFix2.txt 2011-07-19 20:09
.
Před spuštěním: Volných bajtů: 148 273 356 800
Po spuštění: Volných bajtů: 148 015 927 296
.
- - End Of File - - BEC1750998FAD615F6D8DF21C2FB78E2

Smazáno. Log již vypadá čistý. Nastala nějaká změna?