VIRY.CZ

Dobrý den,
už nevím jak dál, mám problém s otevřením webů různých antivirů i microsoftu. Nejspíš to bude nějaký vir ,ale nevím jaký , antivir nemůžu ani nainstalovat protože brání v aktualizaci i stahování souborů potřebných pro instalaci.
prosím pomocte.

tady je log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Eurox at 2012-03-29 19:11:11
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 6 GB (13%) free of 45 GB
Total RAM: 3070 MB (59% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-19 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-07-27 204800]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"SystemKey"= []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2009-08-22 5148672]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-04-10 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop SMS]
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
NDSTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-04-03 509496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpyEmergency]
C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-02-23 202256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2007-02-27 2756608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Eurox^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Connect.lnk]
C:\Windows\System32\connect.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Eurox^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Spc.lnk]
C:\PROGRA~1\SMARTP~1\SMARTP~1\SPC.exe [2008-04-23 239104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.FPS1"=frapsvid.dll

======List of files/folders created in the last 1 month======

2012-03-29 19:11:11 ----D---- C:\rsit
2012-03-29 19:06:07 ----A---- C:\Windows\system32\tmp.txt
2012-03-29 19:06:06 ----A---- C:\rapport.txt
2012-03-29 19:05:54 ----A---- C:\Windows\system32\WS2Fix.exe
2012-03-29 19:05:54 ----A---- C:\Windows\system32\VCCLSID.exe
2012-03-29 19:05:54 ----A---- C:\Windows\system32\VACFix.exe
2012-03-29 19:05:54 ----A---- C:\Windows\system32\swxcacls.exe
2012-03-29 19:05:54 ----A---- C:\Windows\system32\swsc.exe
2012-03-29 19:05:54 ----A---- C:\Windows\system32\swreg.exe
2012-03-29 19:05:54 ----A---- C:\Windows\system32\SrchSTS.exe
2012-03-29 19:05:54 ----A---- C:\Windows\system32\Process.exe
2012-03-29 19:05:54 ----A---- C:\Windows\system32\IEDFix.exe
2012-03-29 19:05:54 ----A---- C:\Windows\system32\IEDFix.C.exe
2012-03-29 19:05:54 ----A---- C:\Windows\system32\dumphive.exe
2012-03-29 19:05:54 ----A---- C:\Windows\system32\404Fix.exe
2012-03-29 18:44:11 ----HD---- C:\ProgramData\Common Files
2012-03-29 18:42:51 ----D---- C:\ProgramData\MFAData
2012-03-29 17:29:19 ----A---- C:\Windows\system32\083EE.tmp
2012-03-29 17:24:14 ----A---- C:\Windows\system32\0BF58.tmp
2012-03-29 15:59:13 ----D---- C:\Program Files\LogMeIn Hamachi
2012-03-29 13:52:30 ----A---- C:\Windows\system32\03571.tmp
2012-03-29 13:50:38 ----A---- C:\Windows\system32\0316B.tmp
2012-03-29 10:47:03 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-03-29 10:46:46 ----A---- C:\Windows\system32\034B6.tmp
2012-03-28 19:04:07 ----A---- C:\Windows\system32\02DE2.tmp
2012-03-28 11:03:03 ----A---- C:\Windows\system32\02BFF.tmp
2012-03-28 11:00:58 ----A---- C:\Windows\system32\03043.tmp
2012-03-27 10:25:08 ----A---- C:\Windows\system32\07915.tmp
2012-03-26 18:59:22 ----A---- C:\Windows\system32\065C4.tmp
2012-03-26 07:15:33 ----A---- C:\Windows\system32\063B1.tmp
2012-03-26 07:12:36 ----A---- C:\Windows\system32\066ED.tmp
2012-03-26 07:10:41 ----A---- C:\Windows\system32\06508.tmp
2012-03-25 19:26:33 ----A---- C:\Windows\system32\05F9C.tmp
2012-03-25 17:37:32 ----A---- C:\Windows\system32\06556.tmp
2012-03-25 16:56:01 ----D---- C:\Users\Eurox\AppData\Roaming\Skype
2012-03-25 16:55:52 ----D---- C:\Program Files\Common Files\Skype
2012-03-25 16:55:51 ----RD---- C:\Program Files\Skype
2012-03-25 16:55:49 ----D---- C:\ProgramData\Skype
2012-03-25 16:46:10 ----A---- C:\Windows\system32\drivers\Cat.DB
2012-03-25 16:45:53 ----D---- C:\Program Files\PC Tools Security
2012-03-25 16:45:53 ----D---- C:\Program Files\Common Files\PC Tools
2012-03-25 16:28:37 ----A---- C:\Windows\system32\06CE5.tmp
2012-03-25 10:01:24 ----A---- C:\Windows\system32\066EC.tmp
2012-03-25 09:57:29 ----D---- C:\ProgramData\Ad-Aware Browsing Protection
2012-03-25 09:57:15 ----A---- C:\Windows\system32\drivers\sbhips.sys
2012-03-25 09:57:14 ----A---- C:\Windows\system32\drivers\sbtis.sys
2012-03-25 09:56:24 ----A---- C:\Windows\system32\drivers\SbFwIm.sys
2012-03-25 09:56:24 ----A---- C:\Windows\system32\drivers\SbFw.sys
2012-03-25 09:50:32 ----A---- C:\Windows\system32\06AE2.tmp
2012-03-25 09:43:27 ----A---- C:\Windows\system32\0640F.tmp
2012-03-24 23:33:31 ----A---- C:\Windows\system32\07186.tmp
2012-03-24 18:55:06 ----A---- C:\Windows\system32\lg.dat
2012-03-24 18:47:00 ----D---- C:\ProgramData\SystemKey
2012-03-24 10:49:36 ----A---- C:\Windows\system32\075F9.tmp
2012-03-24 02:12:15 ----A---- C:\Windows\system32\07D2A.tmp
2012-03-23 12:08:12 ----A---- C:\Windows\system32\08046.tmp
2012-03-23 01:54:00 ----A---- C:\Windows\system32\0782B.tmp
2012-03-22 21:21:59 ----A---- C:\Windows\system32\06537.tmp
2012-03-22 14:51:31 ----A---- C:\Windows\system32\07DA7.tmp
2012-03-21 21:40:10 ----D---- C:\Users\Eurox\AppData\Roaming\TS3Client
2012-03-21 18:17:53 ----D---- C:\Riot Games
2012-03-03 01:02:45 ----A---- C:\Windows\system32\06D71.tmp

======List of files/folders modified in the last 1 month======

2012-03-29 19:11:04 ----RD---- C:\Program Files
2012-03-29 19:08:18 ----SD---- C:\Windows\Downloaded Program Files
2012-03-29 19:07:16 ----D---- C:\Windows\System32
2012-03-29 19:06:25 ----D---- C:\Windows\Prefetch
2012-03-29 19:02:29 ----D---- C:\Windows\system32\drivers
2012-03-29 18:44:11 ----HD---- C:\ProgramData
2012-03-29 18:44:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-29 17:25:00 ----D---- C:\Windows\Temp
2012-03-29 17:22:44 ----D---- C:\Users\Eurox\AppData\Roaming\uTorrent
2012-03-29 15:59:37 ----SHD---- C:\Windows\Installer
2012-03-29 15:59:09 ----SHD---- C:\System Volume Information
2012-03-29 13:53:10 ----D---- C:\Windows
2012-03-29 10:47:03 ----D---- C:\Windows\Tasks
2012-03-29 10:47:03 ----D---- C:\Windows\system32\Tasks
2012-03-27 21:10:31 ----D---- C:\Users\Eurox\AppData\Roaming\Hamachi
2012-03-27 17:58:21 ----RSD---- C:\Windows\assembly
2012-03-27 01:14:55 ----D---- C:\ProgramData\PMB Files
2012-03-25 22:38:28 ----D---- C:\Program Files\Common Files\Adobe
2012-03-25 22:38:27 ----D---- C:\ProgramData\Adobe
2012-03-25 22:38:26 ----D---- C:\Program Files\Adobe
2012-03-25 16:55:52 ----D---- C:\Program Files\Common Files
2012-03-25 16:49:17 ----AD---- C:\ProgramData\TEMP
2012-03-25 13:04:39 ----D---- C:\Windows\system32\catroot2
2012-03-25 09:57:00 ----D---- C:\Windows\system32\catroot
2012-03-25 09:56:59 ----D---- C:\Windows\inf
2012-03-25 09:56:23 ----D---- C:\Program Files\Common Files\microsoft shared
2012-03-23 13:55:15 ----D---- C:\found.000
2012-03-23 12:52:47 ----D---- C:\Program Files\uTorrent
2012-03-21 18:17:51 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-02-12 277784]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2006-07-28 19456]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-05-05 717296]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2007-07-26 285184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2006-10-05 16768]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2011-04-05 221784]
R1 SbTis;SbTis; C:\Windows\system32\drivers\sbtis.sys [2011-04-05 78936]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-05-10 278984]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-05-10 25416]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-10 3483648]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-04-26 2216448]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 69208]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-07-27 188336]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 athrusb;TP-LINK Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2007-08-17 891392]
S3 awd7uix6;awd7uix6; C:\Windows\system32\drivers\awd7uix6.sys []
S3 dpqkzt;dpqkzt; \??\C:\Windows\system32\0A092.tmp [2011-04-22 4096]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 mvvdjq;mvvdjq; \??\C:\Windows\system32\08381.tmp [2011-04-22 4096]
S3 npkcrypt;npkcrypt; \??\E:\Hry\Lineage II\system\npkcrypt.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-18 8192]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service; C:\Windows\system32\DRIVERS\sbfwim.sys [2011-02-08 69208]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-04-05 94040]
S3 srnkowql;srnkowql; \??\C:\Windows\system32\0DD91.tmp [2011-04-22 4096]
S3 tap0801;TAP-Win32 Adapter V8; C:\Windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-02-22 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-02-28 41344]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 ucyyuxcgl;ucyyuxcgl; \??\C:\Windows\system32\02C7C.tmp [2011-04-22 4096]
S3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
S3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2008-04-30 32128]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S4 CplIR;Embedded IR Driver; C:\Windows\system32\DRIVERS\CplIR.SYS [2007-03-06 14848]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-01-09 643072]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 1373576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2007-09-19 77824]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-10-03 603904]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S2 gupdate1c9f96546e6d43b;Služba Google Update (gupdate1c9f96546e6d43b); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-30 133104]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 253600]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-30 133104]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-10-03 360192]
S3 usnjsvc;Služba Čtení deníku USN sdílených složek programu Messenger; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]

-----------------EOF-----------------

Zdravím!
Váš PC je silně nakažen. Poprosím o log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

tady je výpis z combofixu. Děkuji

ComboFix 12-03-29.02 - Eurox 29.03.2012 20:26:32.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1029.18.3070.2018 [GMT 2:00]
Spuštěný z: c:\users\Eurox\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\InternetSecurity2010
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
c:\users\Eurox\AppData\Roaming\Desktopicon
c:\users\Eurox\AppData\Roaming\Desktopicon\eBayShortcuts.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\404Fix.exe
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\lowsec
c:\windows\system32\lowsec\local.ds
c:\windows\system32\lowsec\user.ds
c:\windows\system32\paypal.url
c:\windows\system32\Process.exe
c:\windows\system32\shsvcs.dll.vgorg
c:\windows\system32\SrchSTS.exe
c:\windows\system32\themeui.dll.vgorg
c:\windows\system32\tmp.reg
c:\windows\system32\uxtheme.dll.vgorg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\winx.url
c:\windows\system32\WS2Fix.exe
c:\windows\XSxS
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_usnjsvc
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-28 do 2012-03-29 )))))))))))))))))))))))))))))))
.
.
2012-03-29 18:58 . 2012-03-29 18:58 4096 ----a-w- c:\windows\system32\091B3.tmp
2012-03-29 18:56 . 2012-03-29 18:58 -------- d-----w- c:\users\Eurox\AppData\Local\temp
2012-03-29 18:56 . 2012-03-29 18:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-29 17:11 . 2012-03-29 17:11 -------- d-----w- C:\rsit
2012-03-29 16:44 . 2012-03-29 16:44 -------- d--h--w- c:\programdata\Common Files
2012-03-29 16:42 . 2012-03-29 16:44 -------- d-----w- c:\programdata\MFAData
2012-03-29 15:29 . 2012-03-29 15:29 4096 ----a-w- c:\windows\system32\083EE.tmp
2012-03-29 15:24 . 2012-03-29 15:24 4096 ----a-w- c:\windows\system32\0BF58.tmp
2012-03-29 14:01 . 2012-03-29 15:31 -------- d-----w- c:\users\Eurox\AppData\Local\LogMeIn Hamachi
2012-03-29 13:59 . 2012-03-29 13:59 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-03-29 11:52 . 2012-03-29 11:52 4096 ----a-w- c:\windows\system32\03571.tmp
2012-03-29 11:50 . 2012-03-29 11:50 4096 ----a-w- c:\windows\system32\0316B.tmp
2012-03-29 08:47 . 2012-03-29 08:47 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-29 08:46 . 2012-03-29 08:46 4096 ----a-w- c:\windows\system32\034B6.tmp
2012-03-28 17:04 . 2012-03-28 17:04 4096 ----a-w- c:\windows\system32\02DE2.tmp
2012-03-28 09:03 . 2012-03-28 09:03 4096 ----a-w- c:\windows\system32\02BFF.tmp
2012-03-28 09:00 . 2012-03-28 09:00 4096 ----a-w- c:\windows\system32\03043.tmp
2012-03-27 08:25 . 2012-03-27 08:25 4096 ----a-w- c:\windows\system32\07915.tmp
2012-03-26 16:59 . 2012-03-26 16:59 4096 ----a-w- c:\windows\system32\065C4.tmp
2012-03-26 05:15 . 2012-03-26 05:15 4096 ----a-w- c:\windows\system32\063B1.tmp
2012-03-26 05:12 . 2012-03-26 05:12 4096 ----a-w- c:\windows\system32\066ED.tmp
2012-03-26 05:10 . 2012-03-26 05:10 4096 ----a-w- c:\windows\system32\06508.tmp
2012-03-25 17:26 . 2012-03-25 17:26 4096 ----a-w- c:\windows\system32\05F9C.tmp
2012-03-25 15:37 . 2012-03-25 15:37 4096 ----a-w- c:\windows\system32\06556.tmp
2012-03-25 14:56 . 2012-03-29 18:20 -------- d-----w- c:\users\Eurox\AppData\Roaming\Skype
2012-03-25 14:55 . 2012-03-25 14:55 -------- d-----w- c:\program files\Common Files\Skype
2012-03-25 14:55 . 2012-03-25 14:55 -------- d-----r- c:\program files\Skype
2012-03-25 14:55 . 2012-03-25 14:55 -------- d-----w- c:\programdata\Skype
2012-03-25 14:45 . 2012-03-25 15:37 -------- d-----w- c:\program files\PC Tools Security
2012-03-25 14:45 . 2012-03-25 15:37 -------- d-----w- c:\program files\Common Files\PC Tools
2012-03-25 14:28 . 2012-03-25 14:28 4096 ----a-w- c:\windows\system32\06CE5.tmp
2012-03-25 08:01 . 2012-03-25 08:01 4096 ----a-w- c:\windows\system32\066EC.tmp
2012-03-25 07:57 . 2012-03-25 07:57 -------- d-----w- c:\users\Eurox\AppData\Local\adaware
2012-03-25 07:57 . 2012-03-25 14:29 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2012-03-25 07:57 . 2011-04-05 15:35 94040 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-03-25 07:57 . 2011-04-05 15:35 78936 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-03-25 07:56 . 2011-04-05 15:35 221784 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-03-25 07:56 . 2011-02-08 07:14 69208 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-03-25 07:50 . 2012-03-25 07:50 4096 ----a-w- c:\windows\system32\06AE2.tmp
2012-03-25 07:43 . 2012-03-25 07:43 4096 ----a-w- c:\windows\system32\0640F.tmp
2012-03-24 21:33 . 2012-03-24 21:33 4096 ----a-w- c:\windows\system32\07186.tmp
2012-03-24 16:47 . 2012-03-24 16:50 -------- d-----w- c:\programdata\SystemKey
2012-03-24 08:49 . 2012-03-24 08:49 4096 ----a-w- c:\windows\system32\075F9.tmp
2012-03-24 00:12 . 2012-03-24 00:12 4096 ----a-w- c:\windows\system32\07D2A.tmp
2012-03-23 10:08 . 2012-03-23 10:08 4096 ----a-w- c:\windows\system32\08046.tmp
2012-03-22 23:54 . 2012-03-22 23:54 4096 ----a-w- c:\windows\system32\0782B.tmp
2012-03-22 19:21 . 2012-03-22 19:21 4096 ----a-w- c:\windows\system32\06537.tmp
2012-03-22 12:51 . 2012-03-22 12:51 4096 ----a-w- c:\windows\system32\07DA7.tmp
2012-03-21 19:40 . 2012-03-21 20:04 -------- d-----w- c:\users\Eurox\AppData\Roaming\TS3Client
2012-03-21 19:40 . 2012-03-21 19:40 -------- d-----w- c:\users\Eurox\AppData\Local\TeamSpeak 3 Client
2012-03-21 17:00 . 2012-03-26 21:09 -------- d-----w- c:\users\Eurox\riotsGamesLogs
2012-03-21 16:17 . 2012-03-21 16:17 -------- d-----w- C:\Riot Games
2012-03-02 23:02 . 2012-03-02 23:02 4096 ----a-w- c:\windows\system32\06D71.tmp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-29 08:47 . 2012-02-21 01:03 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-21 09:45 . 2012-02-21 09:45 4096 ----a-w- c:\windows\system32\07444.tmp
2012-02-21 09:32 . 2012-02-21 09:32 4096 ----a-w- c:\windows\system32\06EF7.tmp
2012-02-21 09:31 . 2012-02-21 09:31 4096 ----a-w- c:\windows\system32\06FB2.tmp
2012-02-21 00:51 . 2012-02-21 00:51 4096 ----a-w- c:\windows\system32\02490.tmp
2012-02-20 23:58 . 2012-02-20 23:58 4096 ----a-w- c:\windows\system32\029AE.tmp
2012-02-20 23:44 . 2012-02-20 23:44 4096 ----a-w- c:\windows\system32\04C7A.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2009-08-22 5148672]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-07-27 204800]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-22 438272]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 538744]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
backup=c:\windows\pss\Bluetooth Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Eurox^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Connect.lnk]
path=c:\users\Eurox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Connect.lnk
backup=c:\windows\pss\Connect.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Eurox^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Spc.lnk]
backup=c:\windows\pss\Spc.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 08:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-01-03 20:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
2007-04-10 14:40 413696 ----a-w- c:\program files\Camera Assistant Software for Toshiba\traybar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-04-01 09:39 486856 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop SMS]
2007-06-18 08:51 1507328 ----a-w- c:\program files\IDM\Desktop SMS\DesktopSMS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2012-02-28 15:38 1987976 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2007-10-18 09:34 5724184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 14:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
2007-04-03 14:52 509496 ----a-w- c:\program files\TOSHIBA\SmoothView\SmoothView.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-02-22 22:19 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
2007-07-10 07:24 581632 ----a-w- c:\program files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
2007-02-19 14:00 571024 ----a-w- c:\program files\TOSHIBA\Registration\ToshibaRegistration.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-473734820-815038978-2971271164-1000]
"EnableNotificationsRef"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 253600]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
mvfthfwo
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-29 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36]
.
2012-03-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 08:47]
.
2012-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-30 09:29]
.
2012-03-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-30 09:29]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-SITEguard - (no file)
HKLM-Run-SystemKey - (no file)
MSConfigStartUp-NDSTray - NDSTray.exe
MSConfigStartUp-SpyEmergency - c:\program files\NETGATE\Spy Emergency\SpyEmergency.exe
AddRemove-AoWSM_UPatch - e:\hry\Age of Wonders II\Age of Wonders Shadow Magic\UPatchV14Uninstall.exe
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-JFDuke3D - c:\users\Eurox\Desktop\JFDuke3D\uninst.exe
.
.
.
**************************************************************************
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory:
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\dpqkzt]
"ImagePath"="\??\c:\windows\system32\0A092.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\mvvdjq]
"ImagePath"="\??\c:\windows\system32\08381.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\srnkowql]
"ImagePath"="\??\c:\windows\system32\0DD91.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\ucyyuxcgl]
"ImagePath"="\??\c:\windows\system32\02C7C.tmp"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\mvfthfwo]
"ServiceDll"="c:\windows\system32\ctyrrq.dll"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-473734820-815038978-2971271164-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:de,0a,4a,34,aa,4d,c2,39,dd,64,95,e1,6e,b2,f9,46,1b,0e,0c,8f,2f,9b,5c,
5e,9a,4e,b9,ec,c6,92,c1,86,f9,16,10,b4,5e,1e,47,36,1c,38,64,b4,77,9d,b4,08,\
"??"=hex:1a,8a,7e,89,a5,ca,5c,52,59,bc,9d,8b,02,0c,0e,56
.
[HKEY_USERS\S-1-5-21-473734820-815038978-2971271164-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:53,92,a4,75,e3,9b,38,2b,6c,7b,63,21,51,ca,47,cd,1a,e0,de,0e,6d,
a3,db,b8,2a,28,b5,6c,aa,89,ac,83,ee,e6,64,1a,81,7e,44,cb,2e,4d,34,99,c5,7a,\
"rkeysecu"=hex:8f,59,57,bd,21,22,c6,52,f6,20,93,d5,e7,1b,76,f3
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2856)
c:\windows\system32\ieframe.dll
c:\program files\Bonjour\mdnsNSP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\LogMeIn Hamachi\hamachi-2.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\System32\TUProgSt.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\program files\Synaptics\SynTP\SynTPEnh.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2012-03-29 21:02:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-29 19:02
.
Před spuštěním: 5 862 338 560
Po spuštění: 5 657 899 008
.
- - End Of File - - FA2D7A7EDE4CF6963F79ACB506E78F97

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

File::
c:\windows\system32\091B3.tmp
c:\windows\system32\083EE.tmp
c:\windows\system32\0BF58.tmp
c:\windows\system32\03571.tmp
C:\windows\system32\0316B.tmp
c:\windows\system32\034B6.tmp
c:\windows\system32\02DE2.tmp
c:\windows\system32\02BFF.tmp
c:\windows\system32\03043.tmp
c:\windows\system32\07915.tmp
c:\windows\system32\065C4.tmp
c:\windows\system32\063B1.tmp
c:\windows\system32\066ED.tmp
c:\windows\system32\06508.tmp
c:\windows\system32\05F9C.tmp
c:\windows\system32\06556.tmp
c:\windows\system32\06CE5.tmp
c:\windows\system32\066EC.tmp
c:\windows\system32\06AE2.tmp
c:\windows\system32\0640F.tmp
c:\windows\system32\07186.tmp
c:\windows\system32\075F9.tmp
c:\windows\system32\07D2A.tmp
c:\windows\system32\08046.tmp
c:\windows\system32\0782B.tmp
c:\windows\system32\07444.tmp
c:\windows\system32\06EF7.tmp
c:\windows\system32\06FB2.tmp
c:\windows\system32\02490.tmp
c:\windows\system32\029AE.tmp
c:\windows\system32\04C7A.tmp
c:\windows\system32\06537.tmp
c:\windows\system32\07DA7.tmp
c:\windows\system32\06D71.tmp
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Regnull::
[HKEY_USERS\S-1-5-21-473734820-815038978-2971271164-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-473734820-815038978-2971271164-1000\Software\SecuROM\License information*]

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

děkuji, má to ještě pokračování ? problémy stále přetrvávají

Které problémy?

ty všechny co jsem popsal na začátku , nejdou zobrazit stránky microsoftu , nebo jiných antivirových webů jako je třeba esset, atd , nestahují se aktualizace pro tyto programy , nevidím počitače v siti a nikdo si na mě nemůže pingnout už nevím jak dál, jediné co se po těchto kontrolách změnilo je že mi zmizel wallpaper z pozadí i ze složky...

prosil bych ještě jednou o kontrolu logu. děkuji

tady je z rsitu:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Eurox at 2012-03-30 11:49:52
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 5 GB (12%) free of 45 GB
Total RAM: 3070 MB (71% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-19 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-07-27 204800]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2009-08-22 5148672]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-04-10 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop SMS]
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-04-03 509496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-02-23 202256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2007-02-27 2756608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Eurox^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Connect.lnk]
C:\Windows\System32\connect.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Eurox^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Spc.lnk]
C:\PROGRA~1\SMARTP~1\SMARTP~1\SPC.exe [2008-04-23 239104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.FPS1"=frapsvid.dll

======List of files/folders created in the last 1 month======

2012-03-30 11:30:55 ----A---- C:\Windows\system32\078F6.tmp
2012-03-30 10:05:12 ----A---- C:\Windows\system32\08738.tmp
2012-03-29 22:44:20 ----A---- C:\Windows\system32\08AC1.tmp
2012-03-29 22:24:17 ----D---- C:\Windows\temp
2012-03-29 22:24:16 ----A---- C:\ComboFix.txt
2012-03-29 22:23:44 ----SHD---- C:\$RECYCLE.BIN
2012-03-29 22:00:41 ----A---- C:\Windows\system32\07A2E.tmp
2012-03-29 21:41:25 ----D---- C:\ComboFix
2012-03-29 21:08:21 ----A---- C:\Windows\system32\07A6C.tmp
2012-03-29 20:24:36 ----A---- C:\Windows\zip.exe
2012-03-29 20:24:36 ----A---- C:\Windows\SWSC.exe
2012-03-29 20:24:36 ----A---- C:\Windows\SWREG.exe
2012-03-29 20:24:36 ----A---- C:\Windows\sed.exe
2012-03-29 20:24:36 ----A---- C:\Windows\PEV.exe
2012-03-29 20:24:36 ----A---- C:\Windows\NIRCMD.exe
2012-03-29 20:24:36 ----A---- C:\Windows\MBR.exe
2012-03-29 20:24:36 ----A---- C:\Windows\grep.exe
2012-03-29 20:24:26 ----D---- C:\Windows\ERDNT
2012-03-29 20:24:20 ----D---- C:\Qoobox
2012-03-29 19:11:11 ----D---- C:\rsit
2012-03-29 19:06:07 ----A---- C:\Windows\system32\tmp.txt
2012-03-29 19:06:06 ----A---- C:\rapport.txt
2012-03-29 19:05:54 ----A---- C:\Windows\system32\swsc.exe
2012-03-29 18:44:11 ----HD---- C:\ProgramData\Common Files
2012-03-29 18:42:51 ----D---- C:\ProgramData\MFAData
2012-03-29 15:59:13 ----D---- C:\Program Files\LogMeIn Hamachi
2012-03-29 10:47:03 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-03-25 16:56:01 ----D---- C:\Users\Eurox\AppData\Roaming\Skype
2012-03-25 16:55:52 ----D---- C:\Program Files\Common Files\Skype
2012-03-25 16:55:51 ----RD---- C:\Program Files\Skype
2012-03-25 16:55:49 ----D---- C:\ProgramData\Skype
2012-03-25 16:46:10 ----A---- C:\Windows\system32\drivers\Cat.DB
2012-03-25 16:45:53 ----D---- C:\Program Files\PC Tools Security
2012-03-25 16:45:53 ----D---- C:\Program Files\Common Files\PC Tools
2012-03-25 09:57:29 ----D---- C:\ProgramData\Ad-Aware Browsing Protection
2012-03-25 09:57:15 ----A---- C:\Windows\system32\drivers\sbhips.sys
2012-03-25 09:57:14 ----A---- C:\Windows\system32\drivers\sbtis.sys
2012-03-25 09:56:24 ----A---- C:\Windows\system32\drivers\SbFwIm.sys
2012-03-25 09:56:24 ----A---- C:\Windows\system32\drivers\SbFw.sys
2012-03-24 18:55:06 ----A---- C:\Windows\system32\lg.dat
2012-03-24 18:47:00 ----D---- C:\ProgramData\SystemKey
2012-03-21 21:40:10 ----D---- C:\Users\Eurox\AppData\Roaming\TS3Client
2012-03-21 18:17:53 ----D---- C:\Riot Games

======List of files/folders modified in the last 1 month======

2012-03-30 11:49:53 ----D---- C:\Windows\Prefetch
2012-03-30 11:37:01 ----D---- C:\Windows\System32
2012-03-30 11:37:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-29 22:24:18 ----D---- C:\Windows\system32\drivers
2012-03-29 22:24:17 ----D---- C:\Windows
2012-03-29 22:22:49 ----A---- C:\Windows\system.ini
2012-03-29 22:22:43 ----D---- C:\Windows\system32\drivers\etc
2012-03-29 21:59:06 ----D---- C:\Windows\Tasks
2012-03-29 21:50:50 ----D---- C:\Windows\AppPatch
2012-03-29 21:50:49 ----D---- C:\Program Files\Common Files
2012-03-29 20:57:00 ----D---- C:\Windows\system32\config
2012-03-29 20:56:19 ----RD---- C:\Program Files
2012-03-29 20:56:19 ----D---- C:\ProgramData
2012-03-29 19:08:18 ----SD---- C:\Windows\Downloaded Program Files
2012-03-29 17:22:44 ----D---- C:\Users\Eurox\AppData\Roaming\uTorrent
2012-03-29 15:59:37 ----SHD---- C:\Windows\Installer
2012-03-29 15:59:09 ----SHD---- C:\System Volume Information
2012-03-29 10:47:03 ----D---- C:\Windows\system32\Tasks
2012-03-27 21:10:31 ----D---- C:\Users\Eurox\AppData\Roaming\Hamachi
2012-03-27 17:58:21 ----RSD---- C:\Windows\assembly
2012-03-27 01:14:55 ----D---- C:\ProgramData\PMB Files
2012-03-25 22:38:28 ----D---- C:\Program Files\Common Files\Adobe
2012-03-25 22:38:27 ----D---- C:\ProgramData\Adobe
2012-03-25 22:38:26 ----D---- C:\Program Files\Adobe
2012-03-25 16:49:17 ----AD---- C:\ProgramData\TEMP
2012-03-25 13:04:39 ----D---- C:\Windows\system32\catroot2
2012-03-25 09:57:00 ----D---- C:\Windows\system32\catroot
2012-03-25 09:56:59 ----D---- C:\Windows\inf
2012-03-25 09:56:23 ----D---- C:\Program Files\Common Files\microsoft shared
2012-03-23 13:55:15 ----D---- C:\found.000
2012-03-23 12:52:47 ----D---- C:\Program Files\uTorrent
2012-03-21 18:17:51 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-02-12 277784]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2006-07-28 19456]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-05-05 717296]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2007-07-26 285184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2006-10-05 16768]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2011-04-05 221784]
R1 SbTis;SbTis; C:\Windows\system32\drivers\sbtis.sys [2011-04-05 78936]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-05-10 278984]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-05-10 25416]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-10 3483648]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-04-26 2216448]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 69208]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-07-27 188336]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
S3 aorigm16;aorigm16; C:\Windows\system32\drivers\aorigm16.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 athrusb;TP-LINK Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2007-08-17 891392]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dpqkzt;dpqkzt; \??\C:\Windows\system32\0A092.tmp [2011-04-22 4096]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 mvvdjq;mvvdjq; \??\C:\Windows\system32\08381.tmp [2011-04-22 4096]
S3 npkcrypt;npkcrypt; \??\E:\Hry\Lineage II\system\npkcrypt.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-18 8192]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service; C:\Windows\system32\DRIVERS\sbfwim.sys [2011-02-08 69208]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-04-05 94040]
S3 srnkowql;srnkowql; \??\C:\Windows\system32\0DD91.tmp [2011-04-22 4096]
S3 tap0801;TAP-Win32 Adapter V8; C:\Windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-02-22 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-02-28 41344]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 ucyyuxcgl;ucyyuxcgl; \??\C:\Windows\system32\02C7C.tmp [2011-04-22 4096]
S3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
S3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2008-04-30 32128]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 CplIR;Embedded IR Driver; C:\Windows\system32\DRIVERS\CplIR.SYS [2007-03-06 14848]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-01-09 643072]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 1373576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2007-09-19 77824]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-10-03 603904]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S2 gupdate1c9f96546e6d43b;Služba Google Update (gupdate1c9f96546e6d43b); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-30 133104]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 253600]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-30 133104]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-10-03 360192]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]

-----------------EOF-----------------

zaskocim - pokial sa kolega objavi zopakuj akciu s CFScriptom - novy:

po provedení operace a automatickém restartu , nejde pustit žádná aplikace ani otevřít dokument, hlásí to: Pokus o neplatnou operaci na klíč registru, který je označen pro odstranění.. Jediné co jsem mohl byl restart , po restartu už jdou pouštět aplikace, ale základní problémy výše popsané stále přetrvávají.

ak combofix vytvoril log - vloz ho, ak nie vloz aktualny log RSIT

ještě jsem se chtěl zepata kam combofix logy ukládá, ten aktualně vytvořený jsem nemohlo nakopírovat, protože jak už jsem psal mi nešla spustit žádná aplikace a musel jsem jedině restartovat,

Tady je aktualní log z rsitu:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Eurox at 2012-03-30 14:06:28
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 7 GB (16%) free of 45 GB
Total RAM: 3070 MB (67% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-19 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-07-27 204800]
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-22 438272]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"=C:\Program Files\Rainlendar2\Rainlendar2.exe [2009-08-22 5148672]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2007-04-10 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-04-01 486856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop SMS]
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-02-28 1987976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2009-01-05 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-04-03 509496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-02-23 202256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-07-10 581632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2007-02-27 2756608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Eurox^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Connect.lnk]
C:\Windows\System32\connect.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Eurox^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Spc.lnk]
C:\PROGRA~1\SMARTP~1\SMARTP~1\SPC.exe [2008-04-23 239104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.dvacm"=C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.FPS1"=frapsvid.dll

======List of files/folders created in the last 1 month======

2012-03-30 13:52:56 ----A---- C:\Windows\system32\08989.tmp
2012-03-30 13:40:43 ----D---- C:\Windows\temp
2012-03-30 13:40:42 ----A---- C:\ComboFix.txt
2012-03-30 13:40:09 ----SHD---- C:\$RECYCLE.BIN
2012-03-30 13:35:15 ----A---- C:\Windows\system32\07FF8.tmp
2012-03-30 13:16:13 ----D---- C:\ComboFix
2012-03-30 11:30:55 ----A---- C:\Windows\system32\078F6.tmp
2012-03-30 10:05:12 ----A---- C:\Windows\system32\08738.tmp
2012-03-29 22:44:20 ----A---- C:\Windows\system32\08AC1.tmp
2012-03-29 22:00:41 ----A---- C:\Windows\system32\07A2E.tmp
2012-03-29 21:08:21 ----A---- C:\Windows\system32\07A6C.tmp
2012-03-29 20:24:36 ----A---- C:\Windows\zip.exe
2012-03-29 20:24:36 ----A---- C:\Windows\SWSC.exe
2012-03-29 20:24:36 ----A---- C:\Windows\SWREG.exe
2012-03-29 20:24:36 ----A---- C:\Windows\sed.exe
2012-03-29 20:24:36 ----A---- C:\Windows\PEV.exe
2012-03-29 20:24:36 ----A---- C:\Windows\NIRCMD.exe
2012-03-29 20:24:36 ----A---- C:\Windows\MBR.exe
2012-03-29 20:24:36 ----A---- C:\Windows\grep.exe
2012-03-29 20:24:26 ----D---- C:\Windows\ERDNT
2012-03-29 20:24:20 ----D---- C:\Qoobox
2012-03-29 19:11:11 ----D---- C:\rsit
2012-03-29 19:06:07 ----A---- C:\Windows\system32\tmp.txt
2012-03-29 19:06:06 ----A---- C:\rapport.txt
2012-03-29 19:05:54 ----A---- C:\Windows\system32\swsc.exe
2012-03-29 18:44:11 ----HD---- C:\ProgramData\Common Files
2012-03-29 18:42:51 ----D---- C:\ProgramData\MFAData
2012-03-29 15:59:13 ----D---- C:\Program Files\LogMeIn Hamachi
2012-03-29 10:47:03 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2012-03-25 16:56:01 ----D---- C:\Users\Eurox\AppData\Roaming\Skype
2012-03-25 16:55:52 ----D---- C:\Program Files\Common Files\Skype
2012-03-25 16:55:51 ----RD---- C:\Program Files\Skype
2012-03-25 16:55:49 ----D---- C:\ProgramData\Skype
2012-03-25 16:46:10 ----A---- C:\Windows\system32\drivers\Cat.DB
2012-03-25 16:45:53 ----D---- C:\Program Files\PC Tools Security
2012-03-25 16:45:53 ----D---- C:\Program Files\Common Files\PC Tools
2012-03-25 09:57:29 ----D---- C:\ProgramData\Ad-Aware Browsing Protection
2012-03-25 09:57:15 ----A---- C:\Windows\system32\drivers\sbhips.sys
2012-03-25 09:57:14 ----A---- C:\Windows\system32\drivers\sbtis.sys
2012-03-25 09:56:24 ----A---- C:\Windows\system32\drivers\SbFwIm.sys
2012-03-25 09:56:24 ----A---- C:\Windows\system32\drivers\SbFw.sys
2012-03-24 18:55:06 ----A---- C:\Windows\system32\lg.dat
2012-03-24 18:47:00 ----D---- C:\ProgramData\SystemKey
2012-03-21 21:40:10 ----D---- C:\Users\Eurox\AppData\Roaming\TS3Client
2012-03-21 18:17:53 ----D---- C:\Riot Games

======List of files/folders modified in the last 1 month======

2012-03-30 13:59:16 ----D---- C:\Windows\System32
2012-03-30 13:59:16 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-30 13:40:44 ----D---- C:\Windows\system32\drivers
2012-03-30 13:40:43 ----D---- C:\Windows
2012-03-30 13:38:59 ----A---- C:\Windows\system.ini
2012-03-30 13:38:52 ----D---- C:\Windows\system32\drivers\etc
2012-03-30 13:34:12 ----D---- C:\Windows\system32\config
2012-03-30 13:25:27 ----D---- C:\Windows\AppPatch
2012-03-30 13:25:26 ----D---- C:\Program Files\Common Files
2012-03-30 12:03:19 ----D---- C:\Windows\Prefetch
2012-03-29 21:59:06 ----D---- C:\Windows\Tasks
2012-03-29 20:56:19 ----RD---- C:\Program Files
2012-03-29 20:56:19 ----D---- C:\ProgramData
2012-03-29 19:08:18 ----SD---- C:\Windows\Downloaded Program Files
2012-03-29 17:22:44 ----D---- C:\Users\Eurox\AppData\Roaming\uTorrent
2012-03-29 15:59:37 ----SHD---- C:\Windows\Installer
2012-03-29 15:59:09 ----SHD---- C:\System Volume Information
2012-03-29 10:47:03 ----D---- C:\Windows\system32\Tasks
2012-03-27 21:10:31 ----D---- C:\Users\Eurox\AppData\Roaming\Hamachi
2012-03-27 17:58:21 ----RSD---- C:\Windows\assembly
2012-03-27 01:14:55 ----D---- C:\ProgramData\PMB Files
2012-03-25 22:38:28 ----D---- C:\Program Files\Common Files\Adobe
2012-03-25 22:38:27 ----D---- C:\ProgramData\Adobe
2012-03-25 22:38:26 ----D---- C:\Program Files\Adobe
2012-03-25 16:49:17 ----AD---- C:\ProgramData\TEMP
2012-03-25 13:04:39 ----D---- C:\Windows\system32\catroot2
2012-03-25 09:57:00 ----D---- C:\Windows\system32\catroot
2012-03-25 09:56:59 ----D---- C:\Windows\inf
2012-03-25 09:56:23 ----D---- C:\Program Files\Common Files\microsoft shared
2012-03-23 13:55:15 ----D---- C:\found.000
2012-03-23 12:52:47 ----D---- C:\Program Files\uTorrent
2012-03-21 18:17:51 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-02-12 277784]
R0 LPCFilter;LPC Lower Filter Driver; C:\Windows\system32\DRIVERS\LPCFilter.sys [2006-07-28 19456]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-05-05 717296]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2007-07-26 285184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2006-10-05 16768]
R1 SbFw;SbFw; C:\Windows\system32\drivers\SbFw.sys [2011-04-05 221784]
R1 SbTis;SbTis; C:\Windows\system32\drivers\sbtis.sys [2011-04-05 78936]
R1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2008-05-10 278984]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2008-05-10 25416]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-01-10 3483648]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-04-26 2216448]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\Windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 69208]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-07-27 188336]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S1 SBRE;SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys []
S3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
S3 aqck15ss;aqck15ss; C:\Windows\system32\drivers\aqck15ss.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 athrusb;TP-LINK Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2007-08-17 891392]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 npkcrypt;npkcrypt; \??\E:\Hry\Lineage II\system\npkcrypt.sys []
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-18 8192]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service; C:\Windows\system32\DRIVERS\sbfwim.sys [2011-02-08 69208]
S3 sbhips;sbhips; C:\Windows\system32\drivers\sbhips.sys [2011-04-05 94040]
S3 tap0801;TAP-Win32 Adapter V8; C:\Windows\system32\DRIVERS\tap0801.sys [2006-10-01 26624]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-02-22 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-02-28 41344]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
S3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2008-04-30 32128]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S4 CplIR;Embedded IR Driver; C:\Windows\system32\DRIVERS\CplIR.SYS [2007-03-06 14848]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-01-09 643072]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 1373576]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2007-09-19 77824]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-10-03 603904]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S2 gupdate1c9f96546e6d43b;Služba Google Update (gupdate1c9f96546e6d43b); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-30 133104]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 253600]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-06-30 133104]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-10-03 360192]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-18 21504]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S4 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]

-----------------EOF-----------------

ComboFix 12-03-29.02 - Eurox 30.03.2012 13:17:33.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1029.18.3070.2191 [GMT 2:00]
Spuštěný z: c:\users\Eurox\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Eurox\Desktop\CFScript.txt
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_SRNKOWQL
-------\Service_dpqkzt
-------\Service_mvvdjq
-------\Service_srnkowql
-------\Service_ucyyuxcgl
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-28 do 2012-03-30 )))))))))))))))))))))))))))))))
.
.
2012-03-30 11:35 . 2012-03-30 11:35 4096 ----a-w- c:\windows\system32\07FF8.tmp
2012-03-30 11:33 . 2012-03-30 11:39 -------- d-----w- c:\users\Eurox\AppData\Local\temp
2012-03-30 11:33 . 2012-03-30 11:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-30 09:30 . 2012-03-30 09:30 4096 ----a-w- c:\windows\system32\078F6.tmp
2012-03-30 08:05 . 2012-03-30 08:05 4096 ----a-w- c:\windows\system32\08738.tmp
2012-03-29 20:44 . 2012-03-29 20:44 4096 ----a-w- c:\windows\system32\08AC1.tmp
2012-03-29 20:00 . 2012-03-29 20:00 4096 ----a-w- c:\windows\system32\07A2E.tmp
2012-03-29 19:08 . 2012-03-29 19:08 4096 ----a-w- c:\windows\system32\07A6C.tmp
2012-03-29 17:11 . 2012-03-29 17:11 -------- d-----w- C:\rsit
2012-03-29 16:44 . 2012-03-29 16:44 -------- d--h--w- c:\programdata\Common Files
2012-03-29 16:42 . 2012-03-29 16:44 -------- d-----w- c:\programdata\MFAData
2012-03-29 14:01 . 2012-03-30 11:03 -------- d-----w- c:\users\Eurox\AppData\Local\LogMeIn Hamachi
2012-03-29 13:59 . 2012-03-29 13:59 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-03-29 08:47 . 2012-03-29 08:47 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-25 14:56 . 2012-03-29 18:20 -------- d-----w- c:\users\Eurox\AppData\Roaming\Skype
2012-03-25 14:55 . 2012-03-25 14:55 -------- d-----w- c:\program files\Common Files\Skype
2012-03-25 14:55 . 2012-03-25 14:55 -------- d-----r- c:\program files\Skype
2012-03-25 14:55 . 2012-03-25 14:55 -------- d-----w- c:\programdata\Skype
2012-03-25 14:45 . 2012-03-25 15:37 -------- d-----w- c:\program files\PC Tools Security
2012-03-25 14:45 . 2012-03-25 15:37 -------- d-----w- c:\program files\Common Files\PC Tools
2012-03-25 07:57 . 2012-03-25 07:57 -------- d-----w- c:\users\Eurox\AppData\Local\adaware
2012-03-25 07:57 . 2012-03-25 14:29 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
2012-03-25 07:57 . 2011-04-05 15:35 94040 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-03-25 07:57 . 2011-04-05 15:35 78936 ----a-w- c:\windows\system32\drivers\sbtis.sys
2012-03-25 07:56 . 2011-04-05 15:35 221784 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-03-25 07:56 . 2011-02-08 07:14 69208 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-03-24 16:47 . 2012-03-24 16:50 -------- d-----w- c:\programdata\SystemKey
2012-03-21 19:40 . 2012-03-21 20:04 -------- d-----w- c:\users\Eurox\AppData\Roaming\TS3Client
2012-03-21 19:40 . 2012-03-21 19:40 -------- d-----w- c:\users\Eurox\AppData\Local\TeamSpeak 3 Client
2012-03-21 17:00 . 2012-03-26 21:09 -------- d-----w- c:\users\Eurox\riotsGamesLogs
2012-03-21 16:17 . 2012-03-21 16:17 -------- d-----w- C:\Riot Games
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-29 08:47 . 2012-02-21 01:03 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Rainlendar2"="c:\program files\Rainlendar2\Rainlendar2.exe" [2009-08-22 5148672]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-07-27 204800]
"SVPWUTIL"="c:\program files\TOSHIBA\Utilities\SVPWUTIL.exe" [2006-03-22 438272]
"RtHDVCpl"="RtHDVCpl.exe" [2007-09-03 4702208]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-22 538744]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer6"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
backup=c:\windows\pss\Bluetooth Manager.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Eurox^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Connect.lnk]
path=c:\users\Eurox\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Connect.lnk
backup=c:\windows\pss\Connect.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Eurox^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Spc.lnk]
backup=c:\windows\pss\Spc.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 08:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-01-03 20:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
2007-04-10 14:40 413696 ----a-w- c:\program files\Camera Assistant Software for Toshiba\traybar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-04-01 09:39 486856 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop SMS]
2007-06-18 08:51 1507328 ----a-w- c:\program files\IDM\Desktop SMS\DesktopSMS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 22:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2012-02-28 15:38 1987976 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2007-10-18 09:34 5724184 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-01-05 14:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
2007-04-03 14:52 509496 ----a-w- c:\program files\TOSHIBA\SmoothView\SmoothView.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 10:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-02-22 22:19 202256 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
2007-07-10 07:24 581632 ----a-w- c:\program files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toshiba Registration]
2007-02-19 14:00 571024 ----a-w- c:\program files\TOSHIBA\Registration\ToshibaRegistration.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-473734820-815038978-2971271164-1000]
"EnableNotificationsRef"=dword:00000001
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 253600]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
mvfthfwo
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-30 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 19:36]
.
2012-03-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 08:47]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-30 13:38
Windows 6.0.6001 Service Pack 1 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Services\mvfthfwo]
"ServiceDll"="c:\windows\system32\ctyrrq.dll"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe
c:\program files\LogMeIn Hamachi\hamachi-2.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\windows\system32\TODDSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\windows\System32\TUProgSt.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2012-03-30 13:40:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-30 11:40
ComboFix2.txt 2012-03-29 20:24
ComboFix3.txt 2012-03-29 19:02
.
Před spuštěním: 5 601 755 136
Po spuštění: 7 438 520 320
.
- - End Of File - - B17C4E738600649B0C1B364172F67840

dalsi CFScript: