VIRY.CZ

dobry den,

manzelce po pripojeni meho externiho hdd vyhodil antivir varovani pred: trojsky kun generic21.cfpt, projel jsem hdd avastem a nic nenasel, ale ted uz blbne i pocitac - pomaly internet a obcas se sam restartuje. log z rsitu nelze poridit - vyhazuje to nejaky eror. prikladam alespon log z dds. dekuju


.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.7600.16385
Run by Robin at 9:15:03 on 2011-07-28
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.2047.816 [GMT 2:00]
.
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\System32\svchost.exe -k Cognizance
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\StkCSrv.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Users\Robin\Program Files\DNA\btdna.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: H - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GR469A~1.DLL
BHO: ASUS Security Protect Manager: {df21f1db-80c6-11d3-9483-b03d0ec10000} - c:\program files\asus security center\asus security protect manager\bin\ItIEAddIn.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [BitTorrent DNA] "c:\users\robin\program files\dna\btdna.exe"
uRun: [<NO NAME>]
mRun: [CognizanceTS] rundll32.exe c:\progra~1\asusse~1\asusse~1\bin\ASTSVCC.dll,RegisterModule
mRun: [SMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles startup
StartupFolder: c:\users\robin\appdata\roaming\micros~1\windows\startm~1\programs\startup\CCC.lnk -
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{91ED0002-67A4-4171-9908-86447C749729} : DhcpNameServer = 10.0.0.138
TCP: Interfaces\{CD92E3E8-F3AE-44CE-ADCD-F2AB3356671F} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{CD92E3E8-F3AE-44CE-ADCD-F2AB3356671F}\B616C6564716 : DhcpNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GRA32A~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GR469A~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\robin\appdata\roaming\mozilla\firefox\profiles\rwjgpqa7.default\
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSeymour.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll
FF - component: c:\program files\mozilla firefox\extensions\{ab2ce124-6272-4b12-94a9-7303c7397bd1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\plugins\nphpclipbook.dll
FF - plugin: c:\users\robin\program files\dna\plugins\npbtdna.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-7-13 64512]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-7-13 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-7-15 309848]
R1 cdrblock;cdrblock;c:\windows\system32\drivers\cdrblock.sys [2010-2-3 27704]
R2 ASBroker;Logon Session Broker;c:\windows\system32\svchost.exe -k Cognizance [2009-7-14 20992]
R2 ASChannel;Local Communication Channel;c:\windows\system32\svchost.exe -k Cognizance [2009-7-14 20992]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-7-15 19544]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-7-15 54104]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-7-13 42184]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-6-20 2151640]
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\system32\StkCSrv.exe [2007-4-19 24576]
R2 WDDMService;WDDMService;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2010-9-8 237056]
R2 WDFME;WD File Management Engine;c:\program files\western digital\wd smartware\front parlor\wdfme\WDFME.exe [2010-9-8 1034752]
R2 WDSC;WD File Management Shadow Engine;c:\program files\western digital\wd smartware\front parlor\WDSC.exe [2010-9-8 484352]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l160x86.sys [2009-6-25 47104]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\drivers\BthAvrcp.sys [2009-8-13 22528]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [2007-6-6 1260672]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-6-20 15232]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520]
.
=============== Created Last 30 ================
.
2011-07-13 18:09:47 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-07-13 14:03:33 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-07-13 12:57:39 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-06 13:00:31 16856 ----a-w- c:\program files\mozilla firefox\plugin-container.exe
2011-07-06 13:00:29 719832 ----a-w- c:\program files\mozilla firefox\mozcpp19.dll
.
==================== Find3M ====================
.
2011-07-13 14:06:11 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-07-04 11:43:53 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:32:20 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
.
============= FINISH: 9:17:18,45 ===============

Zdravím!
Poprosím o log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

log zde:

ComboFix 11-07-28.01 - Robin 28.07.2011 14:41:11.5.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1033.18.2047.981 [GMT 2:00]
Spuštěný z: c:\users\Robin\Documents\instal\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Robin\AppData\Local\Temp\{D5878294-C113-43c5-A24F-FC333C52015A}\NokiaOviSuite2Installer.exe
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Program Files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\IInstallHook.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\SSE\SQLEXPR.EXE
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\SSE\SSEInstallHook.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\System32\BCMMS32.DLL
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\System32\en-US\BCMMS32.Resources.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\mfc80.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\mfc80d.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\mfc80u.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\mfc80ud.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\mfcm80.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\mfcm80d.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\mfcm80u.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\mfcm80ud.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\msvcm80.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\msvcm80d.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\msvcp80.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\msvcp80d.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\msvcr80.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\system32\msvcr80d.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\1cdbtngr.lm8\mfc80d.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\1cdbtngr.lm8\mfc80ud.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\1cdbtngr.lm8\mfcm80d.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\1cdbtngr.lm8\mfcm80ud.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\3cdbtngr.lm8\mfc80d.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\3cdbtngr.lm8\mfc80ud.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\3cdbtngr.lm8\mfcm80d.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\3cdbtngr.lm8\mfcm80ud.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\9ql1q2cs.lm8\mfc80.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\9ql1q2cs.lm8\mfc80u.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\9ql1q2cs.lm8\mfcm80.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\9ql1q2cs.lm8\mfcm80u.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\bql1q2cs.lm8\mfc80.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\bql1q2cs.lm8\mfc80u.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\bql1q2cs.lm8\mfcm80.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\bql1q2cs.lm8\mfcm80u.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\dtayqj2r.lm8\msvcm80d.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\dtayqj2r.lm8\msvcp80d.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\dtayqj2r.lm8\msvcr80d.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\ftayqj2r.lm8\msvcm80d.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\ftayqj2r.lm8\msvcp80d.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\ftayqj2r.lm8\msvcr80d.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\p6hpravq.lm8\msvcm80.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\p6hpravq.lm8\msvcp80.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\p6hpravq.lm8\msvcr80.dll
c:\users\Robin\AppData\Local\Temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\r6hpravq.lm8\msvcm80.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\r6hpravq.lm8\msvcp80.dll
c:\users\Robin\AppData\Local\temp\Temp1_microsoft-office-outlook-2007-with-business-contact-manager.zip\Microsoft Office Outlook 2007 with Business Contact Manager\Windows\winsxs\r6hpravq.lm8\msvcr80.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-28 do 2011-07-28 )))))))))))))))))))))))))))))))
.
.
2011-07-28 12:56 . 2011-07-28 12:58 -------- d-----w- c:\users\Robin\AppData\Local\temp
2011-07-28 12:56 . 2011-07-28 12:56 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-07-28 12:56 . 2011-07-28 12:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-28 12:38 . 2011-07-28 12:39 -------- d-----w- C:\32788R22FWJFW
2011-07-13 18:09 . 2011-07-13 14:06 16432 ----a-w- c:\windows\system32\lsdelete.exe
2011-07-13 14:03 . 2011-06-20 08:31 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys
2011-07-13 12:57 . 2011-07-04 11:36 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-07-06 13:00 . 2011-07-06 13:00 16856 ----a-w- c:\program files\Mozilla Firefox\plugin-container.exe
2011-07-06 13:00 . 2011-07-06 13:00 719832 ----a-w- c:\program files\Mozilla Firefox\mozcpp19.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-13 14:06 . 2011-04-20 18:56 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-07-04 11:43 . 2010-07-15 12:57 40112 ----a-w- c:\windows\avastSS.scr
2011-07-04 11:43 . 2010-07-15 12:57 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-07-04 11:36 . 2010-07-15 12:58 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-07-04 11:35 . 2010-07-15 12:58 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-07-04 11:32 . 2010-07-15 12:58 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-07-04 11:32 . 2010-07-15 12:58 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-07-04 11:32 . 2010-07-15 12:58 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\users\Robin\Program Files\DNA\btdna.exe" [2010-01-24 323392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2010-01-24 17920]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2010-01-24 630784]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
.
c:\users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CCC.lnk - [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-9-8 5185536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-06-20 15232]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-06-20 64512]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cdrblock;cdrblock;c:\windows\system32\DRIVERS\cdrblock.sys [2008-05-30 27704]
S2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2011-06-28 2151640]
S2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;c:\windows\System32\StkCSrv.exe [2007-04-19 24576]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-09-08 237056]
S2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2010-09-08 1034752]
S2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2010-09-08 484352]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x86.sys [2009-07-13 47104]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 22528]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\Drivers\StkCMini.sys [2007-06-06 1260672]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel
GPSvcGroup REG_MULTI_SZ GPSvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-28 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-06-20 11:19]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\rwjgpqa7.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-CrystalDiskInfo_is1 - c:\program files\CrystalDiskInfo\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Celkový čas: 2011-07-28 15:05:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-28 13:05
.
Před spuštěním: 36 607 995 904 bytes free
Po spuštění: 36 739 960 832 bytes free
.
- - End Of File - - C67D981809B1523DEB82FAA3FE30AF81

Několik položek bylo smazáno, zbytek logu vypadá čistý. Nastala nějaká změna?

ano, problem ktery jsem mel predtim uz nemam. jak muzu vycistit jeste ten externi hdd?

dik moc

Pokud myslíte od virů, použijte úplný sken MBAM: http://www.malwarebytes.org/mbam.php . Disk připojte, proveďte sken a dejte log. Předem nic nemažte.

log zde:

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Verze databáze: 7311

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

28.7.2011 21:10:54
mbam-log-2011-07-28 (21-10-39).txt

Typ: Úplná kontrola (F:\|)
Kontrolované objekty: 203169
Uplynulý čas: 37 minut, 3 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
f:\zaloha\instal\sony vegas pro 9.0c (build 896)\Keygen.exe (Trojan.Agent.CK) -> No action taken.

Nalezenou položku smažte.

provedeno, moc dekuju za pomoc.

Nemáte zač!