VIRY.CZ

ahoj, mám počítač plný virů až mi z toho zmizel cd rom..Prosím o pomoc

log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2011-11-15 14:57:07
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 8 GB (11%) free of 76 GB
Total RAM: 3071 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:57:11, on 15.11.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\BitTorrent\BitTorrent.exe
C:\Users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\DRPU PC Management - Basic\Basic Manage.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Martin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home?AF=100581
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=1&barid={3D ... CF305D9F9D}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: BitTorrentBar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Iexplorer] C:\Users\Martin\AppData\Roaming\Windows\Iexplorer
O4 - HKLM\..\Run: [DRPU PC Management - Basic] "C:\Program Files (x86)\DRPU PC Management - Basic\Basic Manage.exe" "hd"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "D:\steam\Steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKLM\..\Policies\Explorer\Run: [Policies] c:\directory\CyberGate\install\server.exe
O4 - HKCU\..\Policies\Explorer\Run: [Policies] c:\directory\CyberGate\install\server.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ShowAnalyzerMaster - Dragon Global - C:\Program Files (x86)\Dragon Global\ShowAnalyzerSuite\ShowAnalyzerMaster.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Windows\SysWOW64\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13167 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe" -switch-3be2f036c43042cdb03588591c9325c3
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:\Users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
"C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe" /f=srs_premium_sound_nopreset.zip
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\DRPU PC Management - Basic\Basic Manage.exe" "hd"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\System32\spoolsv.exe
taskeng.exe {AFF61CBE-FD3E-4701-A85E-CDD10ACC3D49}
"taskhost.exe"
taskeng.exe {733DE36B-9AD7-497C-A367-A53E12938676}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files\ASUS\Net4Switch\Net4Switch.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\Windows\SysWOW64\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=3824.00CB96E0.542553492 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=3824.00CB9580.2083718068 --ignored=" --type=renderer " /prefetch:3
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll" --lang=cs --channel=3824.06CCF000.238374278 /prefetch:4
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender1/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/SuggestHostPrefix/Default_Prefix/WarmSocketImpact/warmest_socket/ --enable-print-preview --channel=3824.06D10B00.886630810 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\PROGRA~2\Google\Chrome\APPLIC~1\150874~1.120\gcswf32.dll",BrokerMain browser=chrome
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Google\Chrome\Application\15.0.874.120\gcswf32.dll" --lang=cs --channel=3824.04031C40.711682511 --flash-broker=5748 /prefetch:4
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
wmiadap.exe /F /T /R
"C:\Users\Martin\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1504789416-810619661-2310688379-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1504789416-810619661-2310688379-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-09-16 346736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2010-09-16 318960]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
BitTorrentBar Toolbar - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-16 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-09-16 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-09-16 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-07-07 1152776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-31 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-08-24 1299248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-09-16 346736]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2011-09-06 959432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-09-16 256112]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-07-07 1152776]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-08-24 1299248]
{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - BitTorrentBar Toolbar - C:\Program Files (x86)\BitTorrentBar\prxtbBitT.dll [2011-05-09 176936]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-12-11 16414824]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-09-30 621440]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=c:\directory\CyberGate\install\server.exe [2010-11-05 1169224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]
"Steam"=D:\steam\Steam.exe [2011-09-05 1242448]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]
"BitTorrent"=C:\Program Files (x86)\BitTorrent\BitTorrent.exe [2011-09-28 551800]
"Facebook Update"=C:\Users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-18 137536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=c:\directory\CyberGate\install\server.exe [2010-11-05 1169224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2010-09-16 3054136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boingo Wi-Fi]
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-09-16 2429]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-21 9639424]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2009-10-27 6998656]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2009-08-20 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SweetIM"=C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [2011-08-01 114992]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-06-07 421160]
"Iexplorer"=C:\Users\Martin\AppData\Roaming\Windows\Iexplorer [2011-11-14 1355776]
""= []
"DRPU PC Management - Basic"=C:\Program Files (x86)\DRPU PC Management - Basic\Basic Manage.exe [2011-05-06 2738624]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Policies"=c:\directory\CyberGate\install\server.exe [2010-11-05 1169224]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2010-11-20 290304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-11-15 14:57:07 ----D---- C:\rsit
2011-11-14 16:08:06 ----D---- C:\Program Files\Babylon
2011-11-14 16:07:26 ----D---- C:\Program Files (x86)\Your Product
2011-11-14 15:11:20 ----D---- C:\Program Files (x86)\DRPU PC Management - Basic
2011-11-14 14:45:02 ----AH---- C:\ProgramData\emopts.dat
2011-11-14 14:44:57 ----A---- C:\Windows\mfc70.dll
2011-11-14 14:43:18 ----HD---- C:\ProgramData\sacache
2011-11-14 14:43:15 ----A---- C:\msdos.sys
2011-11-14 14:42:41 ----D---- C:\ProgramData\AgentSS
2011-11-14 14:38:23 ----A---- C:\Windows\unvise32.exe
2011-11-14 14:38:13 ----D---- C:\Program Files (x86)\Spytech Software
2011-11-14 14:31:35 ----A---- C:\Windows\slog.dll
2011-11-14 14:24:01 ----A---- C:\Windows\winclfile.dll
2011-11-14 14:24:01 ----A---- C:\Windows\dwatson.dll
2011-11-14 14:17:42 ----A---- C:\Windows\NSTVN.dll
2011-11-14 14:17:42 ----A---- C:\Windows\client.dll
2011-11-14 14:17:36 ----D---- C:\Program Files (x86)\IEServices
2011-11-14 14:17:20 ----D---- C:\Program Files (x86)\Accessories
2011-11-14 13:49:21 ----D---- C:\Users\Martin\AppData\Roaming\GetRightToGo
2011-11-14 13:39:07 ----D---- C:\directory
2011-11-14 13:39:05 ----D---- C:\Users\Martin\AppData\Roaming\Windows
2011-11-13 14:52:21 ----D---- C:\Windows\Sun
2011-11-09 17:27:01 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-09 17:26:58 ----A---- C:\Windows\system32\win32k.sys
2011-11-01 22:41:48 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll
2011-11-01 22:41:48 ----A---- C:\Windows\system32\GEARAspi64.dll
2011-11-01 22:41:48 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-11-01 22:41:21 ----D---- C:\Program Files\iPod
2011-11-01 22:41:20 ----D---- C:\Program Files\iTunes
2011-11-01 22:41:20 ----D---- C:\Program Files (x86)\iTunes
2011-11-01 20:59:56 ----D---- C:\Users\Martin\AppData\Roaming\Downloaded Installations
2011-10-31 23:08:25 ----D---- C:\ProgramData\RegCure
2011-10-31 21:51:53 ----D---- C:\ProgramData\Sun
2011-10-31 21:48:37 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-10-31 21:48:37 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-10-31 21:48:37 ----A---- C:\Windows\SYSWOW64\java.exe
2011-10-31 21:48:37 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2011-10-31 21:48:13 ----D---- C:\Program Files (x86)\Java
2011-10-30 17:46:53 ----D---- C:\Users\Martin\AppData\Roaming\redsn0w
2011-10-30 16:59:45 ----AH---- C:\Windows\SYSWOW64\mlfcache.dat
2011-10-30 13:47:05 ----D---- C:\Program Files (x86)\Safari
2011-10-30 13:08:29 ----D---- C:\Program Files (x86)\QuickTime
2011-10-30 13:01:08 ----D---- C:\Program Files\Bonjour
2011-10-30 13:01:08 ----D---- C:\Program Files (x86)\Bonjour
2011-10-23 23:27:22 ----A---- C:\Windows\SYSWOW64\sho6726.tmp

======List of files/folders modified in the last 1 month======

2011-11-15 14:57:09 ----D---- C:\Program Files\trend micro
2011-11-15 14:57:05 ----D---- C:\Windows\Temp
2011-11-15 14:52:32 ----D---- C:\Windows\system32\config
2011-11-15 14:52:24 ----D---- C:\Windows\system32\Tasks
2011-11-15 14:51:49 ----D---- C:\ProgramData\NVIDIA
2011-11-15 14:50:08 ----D---- C:\Users\Martin\AppData\Roaming\BitTorrent
2011-11-15 14:21:21 ----D---- C:\Windows
2011-11-15 14:10:08 ----D---- C:\Windows\debug
2011-11-15 11:07:31 ----SHD---- C:\System Volume Information
2011-11-14 23:22:34 ----SHD---- C:\Windows\Installer
2011-11-14 23:07:02 ----D---- C:\Users\Martin\AppData\Roaming\SoftGrid Client
2011-11-14 23:03:58 ----RD---- C:\Program Files (x86)
2011-11-14 23:03:58 ----D---- C:\Windows\Tasks
2011-11-14 23:03:43 ----D---- C:\Windows\system
2011-11-14 23:03:23 ----HD---- C:\ProgramData
2011-11-14 23:02:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-11-14 23:01:12 ----D---- C:\Program Files\Zrychleni Pocitace
2011-11-14 23:00:50 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-11-14 21:43:08 ----D---- C:\Windows\System32
2011-11-14 21:43:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-14 21:43:07 ----D---- C:\Windows\inf
2011-11-14 21:37:36 ----A---- C:\Windows\system32\AutoRunFilter.ini
2011-11-14 16:08:06 ----RD---- C:\Program Files
2011-11-14 14:38:17 ----D---- C:\Windows\SYSWOW64\drivers
2011-11-14 14:38:17 ----D---- C:\Windows\SysWOW64
2011-11-14 12:56:56 ----D---- C:\ProgramData\Blizzard Entertainment
2011-11-11 18:22:22 ----D---- C:\Windows\system32\catroot
2011-11-11 18:22:04 ----D---- C:\Windows\system32\catroot2
2011-11-10 20:30:10 ----D---- C:\Windows\winsxs
2011-11-10 14:44:43 ----D---- C:\Windows\system32\drivers
2011-11-10 14:44:43 ----D---- C:\Program Files\Common Files\System
2011-11-10 11:07:51 ----A---- C:\Windows\system32\MRT.exe
2011-11-06 21:08:58 ----D---- C:\Windows\system32\drivers\etc
2011-11-02 21:18:10 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2011-11-02 07:57:17 ----D---- C:\Windows\system32\NDF
2011-11-02 07:50:16 ----A---- C:\Windows\system32\ServiceFilter.ini
2011-11-01 22:41:48 ----DC---- C:\Windows\system32\DRVSTORE
2011-10-31 23:26:30 ----D---- C:\Users\Martin\AppData\Roaming\TS3Client
2011-10-31 23:26:30 ----D---- C:\Users\Martin\AppData\Roaming\Skype
2011-10-31 23:26:30 ----D---- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
2011-10-31 23:26:23 ----D---- C:\Windows\Logs
2011-10-31 23:02:47 ----D---- C:\Windows\Prefetch
2011-10-31 21:51:52 ----D---- C:\Program Files (x86)\Common Files
2011-10-30 13:30:23 ----D---- C:\Program Files\Common Files\Apple
2011-10-30 13:02:33 ----D---- C:\Windows\system32\DriverStore
2011-10-30 10:23:18 ----D---- C:\Windows\system32\drivers\UMDF
2011-10-30 08:22:56 ----D---- C:\Program Files\Internet Explorer
2011-10-30 08:22:56 ----D---- C:\Program Files (x86)\Internet Explorer
2011-10-30 08:04:51 ----D---- C:\Users\Martin\AppData\Roaming\Apple Computer
2011-10-30 08:01:09 ----D---- C:\ProgramData\Apple
2011-10-18 22:16:34 ----D---- C:\Windows\Microsoft.NET
2011-10-18 22:16:32 ----RSD---- C:\Windows\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2011-06-15 35384]
R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys [2010-04-27 244328]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 42328]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 601944]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 301912]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 58200]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-09 270912]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 65368]
R2 ghaio;ghaio; \??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 17464]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-22 2229280]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2009-08-21 84512]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-28 28704]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-08-18 236544]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2010-09-14 760168]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2010-09-14 268648]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2010-09-14 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2010-09-14 22376]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys []
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-09 55144]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-11-10 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-12-11 392296]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Windows\SysWOW64\nvSCPAPISvr.exe [2009-12-11 239208]
R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 934176]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
R3 spmgr;spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-10 136176]
S2 ShowAnalyzerMaster;ShowAnalyzerMaster; C:\Program Files (x86)\Dragon Global\ShowAnalyzerSuite\ShowAnalyzerMaster.exe [2010-02-08 2074112]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-10 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-03-16 407336]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-06-17 1255736]
S4 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-09-16 182768]

-----------------EOF-----------------

Hardwarové zařízení nelze spustit, protože konfigurační informace (uložené v registru) jsou neúplné nebo poškozené. (Kód 19)

Při pokusu o vymazání HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Class/{4d36e965-e325-11ce-bfc1-08002be10318}
nastala chyba, klíč nejde vymazat :/

Dobrý večer

Stáhněte TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- a uložte ho na plochu.
- 2x klikněte na ikonu programu a spusťte
- dejte volbu Spustit kontrolu - pak potvrdte start sken
- pokud program najde infikovaný soubor, ukáže se Vám předvolená akce Cure, v tom případě potvrdte tlačítko Continue
- pokud bude chtít program restartovat počítač, klikněte na tlačítko Reboot Now
- pokud si restart nevyžádá, klikněte na tlačítko Report. Měl vy na Vás vyskočit log, obsah logu zkopírujte do svého topicu.
- pokud se log nezobrazí, je uložený ve Vašem kořenovém adresáři.

08:54:32.0466 5924 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
08:54:32.0482 5924 usbohci - ok
08:54:32.0840 5924 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:54:32.0840 5924 usbprint - ok
08:54:33.0215 5924 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:54:33.0230 5924 USBSTOR - ok
08:54:33.0698 5924 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
08:54:33.0698 5924 usbuhci - ok
08:54:34.0120 5924 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
08:54:34.0120 5924 usbvideo - ok
08:54:34.0494 5924 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:54:34.0510 5924 vdrvroot - ok
08:54:34.0869 5924 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:54:34.0869 5924 vga - ok
08:54:35.0244 5924 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:54:35.0244 5924 VgaSave - ok
08:54:35.0587 5924 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:54:35.0603 5924 vhdmp - ok
08:54:35.0962 5924 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:54:35.0978 5924 viaide - ok
08:54:36.0430 5924 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:54:36.0446 5924 volmgr - ok
08:54:36.0805 5924 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:54:36.0805 5924 volmgrx - ok
08:54:37.0195 5924 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:54:37.0195 5924 volsnap - ok
08:54:37.0554 5924 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
08:54:37.0554 5924 vsmraid - ok
08:54:37.0912 5924 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
08:54:37.0912 5924 vwifibus - ok
08:54:38.0380 5924 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
08:54:38.0396 5924 vwififlt - ok
08:54:38.0755 5924 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
08:54:38.0770 5924 vwifimp - ok
08:54:39.0270 5924 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
08:54:39.0270 5924 WacomPen - ok
08:54:39.0613 5924 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:54:39.0628 5924 WANARP - ok
08:54:39.0628 5924 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:54:39.0644 5924 Wanarpv6 - ok
08:54:40.0081 5924 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
08:54:40.0096 5924 Wd - ok
08:54:40.0486 5924 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:54:40.0518 5924 Wdf01000 - ok
08:54:40.0908 5924 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:54:40.0908 5924 WfpLwf - ok
08:54:41.0282 5924 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
08:54:41.0298 5924 WimFltr - ok
08:54:41.0688 5924 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:54:41.0688 5924 WIMMount - ok
08:54:42.0218 5924 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
08:54:42.0218 5924 WinUsb - ok
08:54:42.0592 5924 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:54:42.0592 5924 WmiAcpi - ok
08:54:42.0998 5924 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:54:43.0014 5924 ws2ifsl - ok
08:54:43.0404 5924 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:54:43.0404 5924 WudfPf - ok
08:54:43.0794 5924 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:54:43.0794 5924 WUDFRd - ok
08:54:43.0872 5924 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:54:43.0903 5924 \Device\Harddisk0\DR0 - ok
08:54:43.0903 5924 Boot (0x1200) (5644aa16a5dc5b26cf858c78da459405) \Device\Harddisk0\DR0\Partition0
08:54:43.0903 5924 \Device\Harddisk0\DR0\Partition0 - ok
08:54:43.0934 5924 Boot (0x1200) (39068c873119d9b0d94381ea5ac6ef7c) \Device\Harddisk0\DR0\Partition1
08:54:43.0934 5924 \Device\Harddisk0\DR0\Partition1 - ok
08:54:43.0934 5924 ============================================================
08:54:43.0934 5924 Scan finished
08:54:43.0934 5924 ============================================================
08:54:43.0950 5620 Detected object count: 0
08:54:43.0950 5620 Actual detected object count: 0


tento program bohužel nic nenašel, avšak Mbam byl šikovnější a našel mi 11virů, přikládám log z mbam


Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Verze databáze: 8173

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

16.11.2011 9:06:14
mbam-log-2011-11-16 (09-06-06).txt

Typ: Rychlá kontrola
Kontrolované objekty: 173126
Uplynulý čas: 5 minut, 36 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 3
Infikované datové položky v registru: 1
Infikované složky: 2
Infikované soubory: 5

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Iexplorer (Trojan.Agent.Gen) -> Value: Iexplorer -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.SpyNet.M) -> Value: Policies -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.SpyNet.M) -> Value: Policies -> No action taken.

Infikované datové položky v registru:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (PUM.Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
c:\directory\cybergate (Trojan.PWS) -> No action taken.
c:\directory\cybergate\install (Trojan.PWS) -> No action taken.

Infikované soubory:
c:\Users\Martin\AppData\Roaming\Windows\iexplorer (Trojan.Agent.Gen) -> No action taken.
c:\Users\Martin\AppData\Local\Temp\installmonetizer.exe (Adware.Agent) -> No action taken.
c:\Windows\imglib.dll (Spyware.NetVizor) -> No action taken.
c:\directory\cybergate\install\server.exe (Backdoor.SpyNet.M) -> No action taken.
c:\Windows\hpvert.dll (Trojan.Agent) -> No action taken.



zatím sem s tím nic nedělal, čekám na Vaše rozhodnutí

Otestujte na www.virustotal.com
c:\Windows\imglib.dll

tento soubor bohužel ve složce windows nemám

našel jsem pouze jimglib

Antivirus Version Last Update Result
AhnLab-V3 2011.07.19.01 2011.07.19
AntiVir 7.11.11.203 2011.07.18 SPR/SpyAgent.by.5
Antiy-AVL 2.0.3.7 2011.07.15
Avast 4.8.1351.0 2011.07.18
Avast5 5.0.677.0 2011.07.18
AVG 10.0.0.1190 2011.07.18
BitDefender 7.2 2011.07.19
CAT-QuickHeal 11.00 2011.07.18
ClamAV 0.97.0.0 2011.07.19
Commtouch 5.3.2.6 2011.07.19
Comodo 9429 2011.07.19 Application.Win32.Monitor.SpyAgent.~FFF
DrWeb 5.0.2.03300 2011.07.19
Emsisoft 5.1.0.8 2011.07.19 Riskware.Keylogger!IK
eSafe 7.0.17.0 2011.07.18
eTrust-Vet 36.1.8450 2011.07.18
F-Prot 4.6.2.117 2011.07.18
F-Secure 9.0.16440.0 2011.07.18
Fortinet 4.2.257.0 2011.07.19
GData 22 2011.07.19
Ikarus T3.1.1.104.0 2011.07.19 not-a-virus.Keylogger
Jiangmin 13.0.900 2011.07.18 -
K7AntiVirus 9.108.4919 2011.07.18 -
Kaspersky 9.0.0.837 2011.07.19 -
McAfee 5.400.0.1158 2011.07.19 -
McAfee-GW-Edition 2010.1D 2011.07.18 -
Microsoft 1.7000 2011.07.18 -
NOD32 6305 2011.07.19 -
Norman 6.07.10 2011.07.18 -
nProtect 2011-07-18.01 2011.07.18 -
Panda 10.0.3.5 2011.07.18 -
PCTools 8.0.0.5 2011.07.13 -
Prevx 3.0 2011.07.19 -
Rising 23.66.04.03 2011.07.15 Trojan.Win32.Generic.1258278B
Sophos 4.67.0 2011.07.19 -
SUPERAntiSpyware 4.40.0.1006 2011.07.19 -
Symantec 20111.1.0.186 2011.07.19 -
TheHacker 6.7.0.1.257 2011.07.18 -
TrendMicro 9.200.0.1012 2011.07.18 -
TrendMicro-HouseCall 9.200.0.1012 2011.07.19 -
VBA32 3.12.16.4 2011.07.18 -
VIPRE 9898 2011.07.19 -
ViRobot 2011.7.18.4575 2011.07.18 -
VirusBuster 14.0.129.0 2011.07.18 -

To je který soubor?

jimglib.dll

V mbamu vše smažte.

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

ComboFix 11-11-16.01 - Martin 16.11.2011 22:30:12.4.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3071.1630 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\program files (x86)\Your Product\lua5.1.dll
c:\program files (x86)\Your Product\Uninstall\IRIMG1.JPG
c:\program files (x86)\Your Product\Uninstall\IRIMG2.JPG
c:\program files (x86)\Your Product\Uninstall\uninstall.dat
c:\program files (x86)\Your Product\Uninstall\uninstall.xml
c:\programdata\AgentSS\sslist.dat
c:\programdata\AgentSS\wincfg1.ssf
c:\programdata\AgentSS\wincfg10.ssf
c:\programdata\AgentSS\wincfg11.ssf
c:\programdata\AgentSS\wincfg12.ssf
c:\programdata\AgentSS\wincfg13.ssf
c:\programdata\AgentSS\wincfg14.ssf
c:\programdata\AgentSS\wincfg15.ssf
c:\programdata\AgentSS\wincfg16.ssf
c:\programdata\AgentSS\wincfg17.ssf
c:\programdata\AgentSS\wincfg18.ssf
c:\programdata\AgentSS\wincfg19.ssf
c:\programdata\AgentSS\wincfg2.ssf
c:\programdata\AgentSS\wincfg20.ssf
c:\programdata\AgentSS\wincfg21.ssf
c:\programdata\AgentSS\wincfg22.ssf
c:\programdata\AgentSS\wincfg23.ssf
c:\programdata\AgentSS\wincfg24.ssf
c:\programdata\AgentSS\wincfg25.ssf
c:\programdata\AgentSS\wincfg3.ssf
c:\programdata\AgentSS\wincfg4.ssf
c:\programdata\AgentSS\wincfg5.ssf
c:\programdata\AgentSS\wincfg6.ssf
c:\programdata\AgentSS\wincfg7.ssf
c:\programdata\AgentSS\wincfg8.ssf
c:\programdata\AgentSS\wincfg9.ssf
c:\programdata\emopts.dat
c:\users\Martin\AppData\Roaming\Martinlog.dat
c:\windows\clfct.dll
c:\windows\client.dll
c:\windows\dwatson.dll
c:\windows\jimglib.dll
c:\windows\NSTVN.dll
c:\windows\sadefs.dat
c:\windows\sassr.dat
c:\windows\slog.dll
c:\windows\SNMPAPI.DLL
c:\windows\svers.dll
c:\windows\sview.exe
c:\windows\sysk32.dll
c:\windows\SysWow64\drivers\npf.sys
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\sinvfct.dll
c:\windows\SysWow64\WanPacket.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\winclfile.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-16 do 2011-11-16 )))))))))))))))))))))))))))))))
.
.
2011-11-16 21:46 . 2011-11-16 21:46 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{75C7FD56-ADF3-4CDC-B7D9-80F3D37C3BB4}\offreg.dll
2011-11-16 21:42 . 2011-11-16 21:42 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-11-16 21:42 . 2011-11-16 21:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-16 13:35 . 2011-11-16 13:38 -------- d-----w- c:\program files (x86)\Counter-Strike 1.6
2011-11-15 14:32 . 2011-11-15 14:32 -------- d-----w- c:\programdata\Malwarebytes
2011-11-15 13:57 . 2011-11-15 13:57 -------- d-----w- C:\rsit
2011-11-15 10:07 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{75C7FD56-ADF3-4CDC-B7D9-80F3D37C3BB4}\mpengine.dll
2011-11-14 15:08 . 2011-08-22 06:12 143360 ----a-w- c:\program files (x86)\Mozilla Firefox\BabyFox.dll
2011-11-14 15:08 . 2011-11-14 22:03 -------- d-----w- c:\program files\Babylon
2011-11-14 15:07 . 2011-11-16 21:06 -------- d-----w- c:\program files (x86)\Your Product
2011-11-14 14:11 . 2011-11-14 22:03 -------- d-----w- c:\program files (x86)\DRPU PC Management - Basic
2011-11-14 13:44 . 2011-11-14 13:45 974848 ----a-w- c:\windows\mfc70.dll
2011-11-14 13:43 . 2011-11-16 21:06 -------- d--h--w- c:\programdata\sacache
2011-11-14 13:38 . 2008-01-30 17:36 90112 ----a-w- c:\windows\unvise32.exe
2011-11-14 13:17 . 2011-11-15 13:24 -------- d-----w- c:\program files (x86)\IEServices
2011-11-14 13:17 . 2011-11-14 13:27 -------- d-----w- c:\program files (x86)\Accessories
2011-11-14 12:49 . 2011-11-14 12:49 -------- d-----w- c:\users\Martin\AppData\Roaming\GetRightToGo
2011-11-14 12:39 . 2011-11-16 20:51 -------- d-----w- C:\directory
2011-11-13 13:52 . 2011-11-13 13:52 -------- d-----w- c:\windows\Sun
2011-11-09 16:27 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 16:27 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 16:27 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 16:26 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
2011-11-01 21:41 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-11-01 21:41 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2011-11-01 21:41 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2011-11-01 21:41 . 2011-11-01 21:41 -------- d-----w- c:\program files\iPod
2011-11-01 21:41 . 2011-11-01 21:41 -------- d-----w- c:\program files\iTunes
2011-11-01 21:41 . 2011-11-01 21:41 -------- d-----w- c:\program files (x86)\iTunes
2011-11-01 19:59 . 2011-11-01 19:59 -------- d-----w- c:\users\Martin\AppData\Roaming\Downloaded Installations
2011-11-01 19:36 . 2011-11-01 19:36 -------- d-----w- c:\users\Martin\shsh
2011-10-31 22:08 . 2011-11-14 22:03 -------- d-----w- c:\programdata\RegCure
2011-10-31 20:52 . 2011-10-31 20:52 -------- d-----w- c:\users\Martin\.shsh
2011-10-31 20:51 . 2011-10-31 20:51 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-10-31 20:48 . 2011-10-31 20:48 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2011-10-31 20:48 . 2011-10-31 20:48 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-10-31 20:48 . 2011-10-31 20:48 -------- d-----w- c:\program files (x86)\Java
2011-10-30 20:13 . 2011-10-30 20:13 -------- d-----w- c:\users\Default\AppData\Local\Power2Go
2011-10-30 16:46 . 2011-10-31 22:54 -------- d-----w- c:\users\Martin\AppData\Roaming\redsn0w
2011-10-30 12:47 . 2011-10-30 12:47 -------- d-----w- c:\program files (x86)\Safari
2011-10-30 12:01 . 2011-10-30 12:01 -------- d-----w- c:\program files\Bonjour
2011-10-30 12:01 . 2011-10-30 12:01 -------- d-----w- c:\program files (x86)\Bonjour
2011-10-26 15:10 . 2011-08-13 05:27 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-26 15:10 . 2011-08-13 04:18 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-23 22:27 . 2011-10-23 22:27 0 ----a-w- c:\windows\SysWow64\sho6726.tmp
2011-10-18 21:17 . 2011-10-18 21:17 -------- d-----w- c:\users\Martin\AppData\Local\Facebook
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-01 03:25 . 2011-10-14 08:31 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-01 02:42 . 2011-10-14 08:31 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-09-06 20:45 . 2011-09-28 09:02 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-09-28 09:02 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-06 20:45 . 2011-06-15 14:58 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-09-28 09:02 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:38 . 2011-09-28 09:02 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-09-28 09:02 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-09-28 09:02 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-09-28 09:02 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2011-09-28 09:02 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-31 16:00 . 2011-08-22 14:15 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-30 22:05 . 2011-08-30 22:05 96104 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-30 22:05 . 2011-08-30 22:05 85864 ----a-w- c:\windows\system32\dnssd.dll
2011-08-30 22:05 . 2011-08-30 22:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-30 22:05 . 2011-08-30 22:05 212840 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-30 22:05 . 2011-08-30 22:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-08-30 22:05 . 2011-08-30 22:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-08-30 22:05 . 2011-08-30 22:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll
2011-08-30 22:05 . 2011-08-30 22:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll
2011-08-27 05:37 . 2011-10-14 08:30 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-27 05:37 . 2011-10-14 08:30 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-08-27 04:26 . 2011-10-14 08:30 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-08-27 04:26 . 2011-10-14 08:30 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-08-20 05:37 . 2011-10-14 08:31 1188864 ----a-w- c:\windows\system32\wininet.dll
2011-08-20 04:31 . 2011-10-14 08:31 981504 ----a-w- c:\windows\SysWow64\wininet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2011-08-24 130864]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\BitTorrentBar\prxtbBitT.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2011-08-24 16:21 1299248 ----a-w- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Steam"="d:\steam\Steam.exe" [2011-09-05 1242448]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2011-09-27 551800]
"Facebook Update"="c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-18 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2011-08-01 114992]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"DRPU PC Management - Basic"="c:\program files (x86)\DRPU PC Management - Basic\Basic Manage.exe" [2011-05-06 2738624]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2010-9-16 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-9-16 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-10 136176]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-10 136176]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 ShowAnalyzerMaster;ShowAnalyzerMaster;c:\program files (x86)\Dragon Global\ShowAnalyzerSuite\ShowAnalyzerMaster.exe [2010-02-08 2074112]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\SysWOW64\nvSCPAPISvr.exe [2009-12-11 239208]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504789416-810619661-2310688379-1000Core.job
- c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-18 21:17]
.
2011-11-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1504789416-810619661-2310688379-1000UA.job
- c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-18 21:17]
.
2011-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-10 15:39]
.
2011-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-10 15:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 14:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-12-11 16414824]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.babylon.com/home?AF=100581
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://home.sweetim.com/?st=1&barid={3D8EDF14-E960-11E0-AA1D-20CF305D9F9D}
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Search the Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
HKLM-Run-combofix - c:\combofix\CF5986.3XE
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
c:\program files\ASUS\Net4Switch\Net4Switch.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
.
**************************************************************************
.
Celkový čas: 2011-11-16 23:04:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-11-16 22:04
.
Před spuštěním: Volných bajtů: 13 843 345 408
Po spuštění: Volných bajtů: 13 554 204 672
.
- - End Of File - - CCDA5E61B61FC9A29E4311D49AE00A1A

Omluva za vstup, odpovídám na výslovnou žádost uživatele.

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Collect::
c:\windows\SysWow64\sho6726.tmp
c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe

Folder::
c:\program files (x86)\SweetIM

Dirlook::
c:\users\Martin\.shsh

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"=-

AtJob::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

ComboFix 11-11-16.01 - Martin 16.11.2011 23:35:14.5.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3071.1648 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SweetIM
c:\program files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files (x86)\SweetIM\Messenger\mgcommon.dll
c:\program files (x86)\SweetIM\Messenger\mgcommunication.dll
c:\program files (x86)\SweetIM\Messenger\mgconfig.dll
c:\program files (x86)\SweetIM\Messenger\mghooking.dll
c:\program files (x86)\SweetIM\Messenger\mgsimcommon.dll
c:\program files (x86)\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files (x86)\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files (x86)\SweetIM\Messenger\msvcp71.dll
c:\program files (x86)\SweetIM\Messenger\msvcr71.dll
c:\program files (x86)\SweetIM\Messenger\SweetIM.exe
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js
c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
c:\users\Martin\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\SysWow64\sho6726.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-10-16 do 2011-11-16 )))))))))))))))))))))))))))))))
.
.
2011-11-16 22:52 . 2011-11-16 22:52 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{75C7FD56-ADF3-4CDC-B7D9-80F3D37C3BB4}\offreg.dll
2011-11-16 22:47 . 2011-11-16 22:47 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-11-16 22:47 . 2011-11-16 22:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-11-16 13:35 . 2011-11-16 13:38 -------- d-----w- c:\program files (x86)\Counter-Strike 1.6
2011-11-15 14:32 . 2011-11-15 14:32 -------- d-----w- c:\programdata\Malwarebytes
2011-11-15 13:57 . 2011-11-15 13:57 -------- d-----w- C:\rsit
2011-11-15 10:07 . 2011-10-07 04:16 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{75C7FD56-ADF3-4CDC-B7D9-80F3D37C3BB4}\mpengine.dll
2011-11-14 15:08 . 2011-08-22 06:12 143360 ----a-w- c:\program files (x86)\Mozilla Firefox\BabyFox.dll
2011-11-14 15:08 . 2011-11-14 22:03 -------- d-----w- c:\program files\Babylon
2011-11-14 15:07 . 2011-11-16 21:06 -------- d-----w- c:\program files (x86)\Your Product
2011-11-14 14:11 . 2011-11-14 22:03 -------- d-----w- c:\program files (x86)\DRPU PC Management - Basic
2011-11-14 13:44 . 2011-11-14 13:45 974848 ----a-w- c:\windows\mfc70.dll
2011-11-14 13:43 . 2011-11-16 21:06 -------- d--h--w- c:\programdata\sacache
2011-11-14 13:38 . 2008-01-30 17:36 90112 ----a-w- c:\windows\unvise32.exe
2011-11-14 13:17 . 2011-11-15 13:24 -------- d-----w- c:\program files (x86)\IEServices
2011-11-14 13:17 . 2011-11-14 13:27 -------- d-----w- c:\program files (x86)\Accessories
2011-11-14 12:49 . 2011-11-14 12:49 -------- d-----w- c:\users\Martin\AppData\Roaming\GetRightToGo
2011-11-14 12:39 . 2011-11-16 20:51 -------- d-----w- C:\directory
2011-11-13 13:52 . 2011-11-13 13:52 -------- d-----w- c:\windows\Sun
2011-11-09 16:27 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-09 16:27 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 16:27 . 2011-09-29 16:29 1923952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-09 16:26 . 2011-09-29 04:03 3144704 ----a-w- c:\windows\system32\win32k.sys
2011-11-01 21:41 . 2009-05-18 12:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-11-01 21:41 . 2008-04-17 11:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2011-11-01 21:41 . 2008-04-17 11:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2011-11-01 21:41 . 2011-11-01 21:41 -------- d-----w- c:\program files\iPod
2011-11-01 21:41 . 2011-11-01 21:41 -------- d-----w- c:\program files\iTunes
2011-11-01 21:41 . 2011-11-01 21:41 -------- d-----w- c:\program files (x86)\iTunes
2011-11-01 19:59 . 2011-11-01 19:59 -------- d-----w- c:\users\Martin\AppData\Roaming\Downloaded Installations
2011-11-01 19:36 . 2011-11-01 19:36 -------- d-----w- c:\users\Martin\shsh
2011-10-31 22:08 . 2011-11-14 22:03 -------- d-----w- c:\programdata\RegCure
2011-10-31 20:52 . 2011-10-31 20:52 -------- d-----w- c:\users\Martin\.shsh
2011-10-31 20:51 . 2011-10-31 20:51 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-10-31 20:48 . 2011-10-31 20:48 476904 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
2011-10-31 20:48 . 2011-10-31 20:48 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-10-31 20:48 . 2011-10-31 20:48 -------- d-----w- c:\program files (x86)\Java
2011-10-30 20:13 . 2011-10-30 20:13 -------- d-----w- c:\users\Default\AppData\Local\Power2Go
2011-10-30 16:46 . 2011-10-31 22:54 -------- d-----w- c:\users\Martin\AppData\Roaming\redsn0w
2011-10-30 12:47 . 2011-10-30 12:47 -------- d-----w- c:\program files (x86)\Safari
2011-10-30 12:01 . 2011-10-30 12:01 -------- d-----w- c:\program files\Bonjour
2011-10-30 12:01 . 2011-10-30 12:01 -------- d-----w- c:\program files (x86)\Bonjour
2011-10-26 15:10 . 2011-08-13 05:27 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-10-26 15:10 . 2011-08-13 04:18 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-10-24 13:29 . 2011-10-24 13:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 13:29 . 2011-10-24 13:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-10-18 21:17 . 2011-10-18 21:17 -------- d-----w- c:\users\Martin\AppData\Local\Facebook
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-01 03:25 . 2011-10-14 08:31 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-01 02:42 . 2011-10-14 08:31 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-09-06 20:45 . 2011-09-28 09:02 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-09-28 09:02 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-09-06 20:45 . 2011-06-15 14:58 254400 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-09-28 09:02 601944 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:38 . 2011-09-28 09:02 301912 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-09-28 09:02 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-09-28 09:02 58200 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-09-28 09:02 65368 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2011-09-28 09:02 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-08-31 16:00 . 2011-08-22 14:15 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-30 22:05 . 2011-08-30 22:05 96104 ----a-w- c:\windows\system32\dns-sd.exe
2011-08-30 22:05 . 2011-08-30 22:05 85864 ----a-w- c:\windows\system32\dnssd.dll
2011-08-30 22:05 . 2011-08-30 22:05 61288 ----a-w- c:\windows\system32\jdns_sd.dll
2011-08-30 22:05 . 2011-08-30 22:05 212840 ----a-w- c:\windows\system32\dnssdX.dll
2011-08-30 22:05 . 2011-08-30 22:05 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-08-30 22:05 . 2011-08-30 22:05 73064 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-08-30 22:05 . 2011-08-30 22:05 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll
2011-08-30 22:05 . 2011-08-30 22:05 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll
2011-08-27 05:37 . 2011-10-14 08:30 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-08-27 05:37 . 2011-10-14 08:30 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-08-27 04:26 . 2011-10-14 08:30 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-08-27 04:26 . 2011-10-14 08:30 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-08-20 05:37 . 2011-10-14 08:31 1188864 ----a-w- c:\windows\system32\wininet.dll
2011-08-20 04:31 . 2011-10-14 08:31 981504 ----a-w- c:\windows\SysWow64\wininet.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\users\Martin\.shsh ----
.
2011-10-31 20:52 . 2011-10-31 20:52 1587847 ----a-w- c:\users\Martin\.shsh\.cache\lib-win.jar
.
.
((((((((((((((((((((((((((((( SnapShot@2011-11-16_21.45.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-11-16 22:48 . 2011-11-16 22:48 13330 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2011-11-16 21:42 . 2011-11-16 21:42 13330 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\SoftGrid Client\Icon Cache\icon_ex.dat
- 2009-07-14 04:54 . 2011-11-16 21:44 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-11-16 22:49 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2011-11-16 21:44 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-16 22:49 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-09-16 19:48 . 2011-11-16 21:46 51944 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-11-16 21:15 42782 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-11-16 21:46 42782 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-06-15 13:54 . 2011-11-16 21:46 12464 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1504789416-810619661-2310688379-1000_UserData.bin
- 2011-06-15 13:59 . 2011-11-16 21:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-06-15 13:59 . 2011-11-16 22:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-06-15 13:59 . 2011-11-16 21:04 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-06-15 13:59 . 2011-11-16 22:10 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-11-16 22:49 . 2011-11-16 22:49 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-11-16 21:43 . 2011-11-16 21:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-11-16 22:49 . 2011-11-16 22:49 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-11-16 21:43 . 2011-11-16 21:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2011-11-16 21:18 616686 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2011-11-16 21:49 616686 c:\windows\system32\perfh009.dat
+ 2009-08-03 20:00 . 2011-11-16 21:49 631970 c:\windows\system32\perfh005.dat
- 2009-08-03 20:00 . 2011-11-16 21:18 631970 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2011-11-16 21:18 106808 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2011-11-16 21:49 106808 c:\windows\system32\perfc009.dat
+ 2009-08-03 20:00 . 2011-11-16 21:49 122334 c:\windows\system32\perfc005.dat
- 2009-08-03 20:00 . 2011-11-16 21:18 122334 c:\windows\system32\perfc005.dat
- 2009-07-14 05:01 . 2011-11-16 21:42 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-11-16 22:48 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 04:54 . 2011-11-16 21:44 2146304 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-11-16 22:49 2146304 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\BitTorrentBar\prxtbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files (x86)\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"Steam"="d:\steam\Steam.exe" [2011-09-05 1242448]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2008-12-02 3882312]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2011-09-27 551800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"DRPU PC Management - Basic"="c:\program files (x86)\DRPU PC Management - Basic\Basic Manage.exe" [2011-05-06 2738624]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe [2010-9-16 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-9-16 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-10 136176]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-10 136176]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
S2 ShowAnalyzerMaster;ShowAnalyzerMaster;c:\program files (x86)\Dragon Global\ShowAnalyzerSuite\ShowAnalyzerMaster.exe [2010-02-08 2074112]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\SysWOW64\nvSCPAPISvr.exe [2009-12-11 239208]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-10 15:39]
.
2011-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-10 15:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 14:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-12-11 16414824]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.babylon.com/home?AF=100581
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://home.sweetim.com/?st=1&barid={3D8EDF14-E960-11E0-AA1D-20CF305D9F9D}
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Search the Web - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files\ASUS\NB Probe\SPM\spmgr.exe
.
**************************************************************************
.
Celkový čas: 2011-11-17 00:07:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-11-16 23:07
ComboFix2.txt 2011-11-16 22:05
.
Před spuštěním: Volných bajtů: 13 629 603 840
Po spuštění: Volných bajtů: 13 553 332 224
.
- - End Of File - - 0F397AFEA136125BA4907DDAB1460687
Nahr nˇ probŘhlo ŁspŘçnŘ

Ted to s počítačem vypadá jak?
Tento program znáte?
c:\programdata\AgentSS