Nelze spustit Centrum Zabezpečení

Zpráva

BlazaP · #1 Příspěvek od **BlazaP** » 04 črc 2011 17:02

Dobrý den.
Jistou dobu mi centrum akcí hlásí, že centrum zabezpeč. je vypnuté a je třeba ho zapnout, ačkoliv zapnout nejde. Hledal jsem příčinu všude možně, až jsem nakonec skončil zde, kde jsem pochopil, že jde pravděpodobně o malware a že nejsem jediný, kdo s tím má problém. Windows 7 jsem instaloval zhruba před rokem. Kromě tohoto problému se zdá, že PC jinak šlape jako hodinky. Prosím tedy o pomoc s vyřešením tohoto problému a případné zrychlení systému, bude-li to možné. Předem děkuji.

BlazaP · #2 Příspěvek od **BlazaP** » 04 črc 2011 17:04

Logfile of random's system information tool 1.08 (written by random/random)
Run by Bláža at 2011-07-04 17:46:00
Microsoft Windows 7 Professional
System drive C: has 6 GB (15%) free of 40 GB
Total RAM: 3069 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:46:18, on 4.7.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16800)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Programy\Avast5\AvastUI.exe
C:\Program Files\Programy\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Programy\Winamp\winampa.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\MSTMON_Q.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Programy\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Programy\DAEMON Tools Lite\DTLite.exe
D:\Miranda\miranda32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\taskhost.exe
D:\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Bláža.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Programy\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\Programy\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Programy\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Programy\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KONICA MINOLTA PagePro 1350WStatusDisplay] C:\Windows\system32\MSTMON_Q.EXE
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [eplight1.0.exe] C:\
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [MirandaIM] "D:\Miranda\miranda32.exe" "D:\Miranda\Profile\dbase-v6.8\dbase-v6.8.dat"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\Programy\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Programy\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\aestsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Programy\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Programy\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Programy\Avast5\AvastSvc.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011 (mitsijm2011) - Unknown owner - C:\Program Files\Programy\Inventor 2011 Professional\Moldflow\bin\mitsijm.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\STacSV.exe
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

--
End of file - 6686 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Ctmik.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-12-01 1256512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2010-07-28 1267024]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Programy\Avast5\avastUI.exe [2010-09-07 2838912]
"StartCCC"=C:\Program Files\Programy\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-10-26 98304]
"WinampAgent"=C:\Program Files\Programy\Winamp\winampa.exe [2010-06-28 74752]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2009-07-21 458844]
"Adobe Reader Speed Launcher"=C:\Program Files\Programy\Reader 9.0\Reader\Reader_sl.exe [2011-06-08 37296]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-30 937920]
"KONICA MINOLTA PagePro 1350WStatusDisplay"=C:\Windows\system32\MSTMON_Q.EXE [2004-11-26 167936]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-14 1541416]
"DpAgent"=C:\Program Files\DigitalPersona\Bin\dpagent.exe [2009-12-01 842816]
"eplight1.0.exe"=C:\ []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\Programy\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"MirandaIM"=D:\Miranda\miranda32.exe [2010-11-17 816224]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-07-04 17:46:00 ----D---- C:\rsit
2011-07-04 17:46:00 ----D---- C:\Program Files\trend micro
2011-06-29 09:11:23 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-06-29 09:11:20 ----A---- C:\Windows\system32\tquery.dll
2011-06-29 09:11:20 ----A---- C:\Windows\system32\SearchIndexer.exe
2011-06-29 09:11:20 ----A---- C:\Windows\system32\mssrch.dll
2011-06-29 09:11:19 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2011-06-29 09:11:19 ----A---- C:\Windows\system32\SearchFilterHost.exe
2011-06-29 09:11:19 ----A---- C:\Windows\system32\mssvp.dll
2011-06-29 09:11:19 ----A---- C:\Windows\system32\mssphtb.dll
2011-06-29 09:11:19 ----A---- C:\Windows\system32\mssph.dll
2011-06-29 09:11:19 ----A---- C:\Windows\system32\msscntrs.dll
2011-06-22 20:10:56 ----A---- C:\Users\Bláža\AppData\Roaming\PnkBstrK.sys
2011-06-22 20:10:18 ----A---- C:\Windows\game.ini
2011-06-22 20:00:50 ----SHD---- C:\Windows\ftpcache
2011-06-21 15:48:54 ----A---- C:\Windows\iun6002.exe
2011-06-16 11:51:03 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-16 11:51:02 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-16 11:51:02 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-16 11:51:00 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-06-16 11:50:59 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-16 11:50:56 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-16 11:50:56 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-06-16 11:50:55 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-16 11:50:54 ----A---- C:\Windows\system32\d3d10_1.dll
2011-06-16 11:50:51 ----A---- C:\Windows\system32\mshtml.dll
2011-06-16 11:50:50 ----A---- C:\Windows\system32\iertutil.dll
2011-06-16 11:50:50 ----A---- C:\Windows\system32\ieframe.dll
2011-06-16 11:50:49 ----A---- C:\Windows\system32\urlmon.dll
2011-06-16 11:50:48 ----A---- C:\Windows\system32\msfeeds.dll
2011-06-16 11:50:47 ----A---- C:\Windows\system32\wininet.dll
2011-06-16 11:50:47 ----A---- C:\Windows\system32\mstime.dll
2011-06-16 11:50:47 ----A---- C:\Windows\system32\mshtmled.dll
2011-06-16 11:50:47 ----A---- C:\Windows\system32\msfeedssync.exe
2011-06-16 11:50:47 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-06-16 11:50:47 ----A---- C:\Windows\system32\licmgr10.dll
2011-06-16 11:50:47 ----A---- C:\Windows\system32\jsproxy.dll
2011-06-16 11:50:47 ----A---- C:\Windows\system32\ieui.dll
2011-06-16 11:50:47 ----A---- C:\Windows\system32\iepeers.dll
2011-06-16 11:50:47 ----A---- C:\Windows\system32\iedkcs32.dll
2011-06-16 11:50:44 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-16 11:50:44 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-16 11:50:44 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-06-12 13:17:56 ----A---- C:\eplight1.0.exe
2011-06-12 13:01:15 ----D---- C:\Users\Bláža\AppData\Roaming\Hamachi
2011-06-12 13:01:01 ----A---- C:\Windows\system32\drivers\hamachi.sys
2011-06-12 11:08:38 ----A---- C:\Windows\system32\CmdLineExt03.dll
2011-06-12 10:46:34 ----A---- C:\Windows\DIIUnin.pif
2011-06-12 10:46:34 ----A---- C:\Windows\DIIUnin.exe

======List of files/folders modified in the last 1 months======

2011-07-04 17:46:00 ----RD---- C:\Program Files
2011-07-04 17:44:23 ----D---- C:\Users\Bláža\AppData\Roaming\Skype
2011-07-04 17:06:38 ----D---- C:\Windows\Prefetch
2011-07-04 14:13:28 ----D---- C:\Windows\Temp
2011-07-04 10:10:32 ----D---- C:\Windows\system32\config
2011-07-02 10:35:14 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-02 10:33:32 ----SHD---- C:\Windows\Installer
2011-07-02 10:31:52 ----D---- C:\Windows\system32\drivers
2011-07-02 10:31:52 ----D---- C:\Windows\System32
2011-07-01 16:23:25 ----D---- C:\Program Files\Opera
2011-06-30 08:22:16 ----D---- C:\Windows\winsxs
2011-06-30 08:21:35 ----RSD---- C:\Windows\Fonts
2011-06-29 11:18:57 ----RSD---- C:\Windows\assembly
2011-06-29 11:18:57 ----D---- C:\Windows\Microsoft.NET
2011-06-29 09:11:16 ----D---- C:\Windows\system32\catroot2
2011-06-29 09:11:16 ----D---- C:\Windows\system32\catroot
2011-06-29 00:21:26 ----D---- C:\Windows\inf
2011-06-29 00:21:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-22 20:10:18 ----D---- C:\Windows
2011-06-22 19:44:55 ----D---- C:\ProgramData\Solidshield
2011-06-22 09:48:45 ----SD---- C:\Users\Bláža\AppData\Roaming\Microsoft
2011-06-21 15:48:53 ----D---- C:\Program Files\Programy
2011-06-17 08:42:07 ----D---- C:\Windows\system32\migration
2011-06-17 08:42:07 ----D---- C:\Program Files\Internet Explorer
2011-06-17 00:40:32 ----D---- C:\ProgramData\Microsoft Help
2011-06-17 00:39:52 ----A---- C:\Windows\system32\MRT.exe
2011-06-12 15:12:41 ----D---- C:\Windows\system32\Tasks
2011-06-12 15:12:33 ----D---- C:\ProgramData\Skype
2011-06-08 19:10:08 ----D---- C:\Program Files\Common Files\Microsoft Games

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 25656]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-11-19 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2010-01-27 50704]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 35896]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-27 6573568]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-10-27 229888]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2009-05-22 284928]
R3 BCM43XX;Broadcom 802.11 – ovladač síťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-14 1131008]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-28 59904]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2011-06-12 25280]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-07-21 409088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-07-14 212656]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944]
S2 MLPTDR_Q;MLPTDR_Q; \??\C:\Windows\system32\MLPTDR_Q.SYS [2003-07-22 18848]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 aj5a4ump;aj5a4ump; C:\Windows\system32\drivers\aj5a4ump.sys []
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-27 6573568]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\aestsrv.exe [2009-03-01 81920]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-10-27 176128]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Programy\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DpHost;@C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files\DigitalPersona\Bin\DpHostW.exe [2009-12-01 322624]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 26168]
R2 mitsijm2011;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011; C:\Program Files\Programy\Inventor 2011 Professional\Moldflow\bin\mitsijm.exe [2010-01-23 462336]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\STacSV.exe [2009-07-21 221266]
R2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2009-06-03 599344]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Programy\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Programy\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-15 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-03-17 1045256]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-15 136176]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-20 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#3 Příspěvek od **stell** » 04 črc 2011 18:22

Zdravim. PROSIM CITAJTE POZORNE NAVOD!!!,

Použij ComboFix podle tohoto návodu: http://www.bleepingcomputer.com/combofi ... t-combofix
Log znej vloz sem.

BlazaP · #4 Příspěvek od **BlazaP** » 05 črc 2011 08:25

Akorát, když jsem spouštěl Combofix, tak mi hlásil, že Avast je stále zapnutý, přičemž jsem jej vypínal přesně podle návodu na stránkách s combofixem.

ComboFix 11-07-04.02 - Bláža 05.07.2011 9:08.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3069.2102 [GMT 2:00]
Spuštěný z: c:\users\Blß×a\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\system32\no
c:\windows\system32\no\DPCrProv.dll.mui
c:\windows\system32\no\DPSDApi.dll.mui
c:\windows\system32\SV
c:\windows\system32\SV\DPCrProv.dll.mui
c:\windows\system32\SV\DPSDApi.dll.mui
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-05 do 2011-07-05 )))))))))))))))))))))))))))))))
.
.
2011-07-05 07:14 . 2011-07-05 07:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-05 07:14 . 2011-07-05 07:14 -------- d-----w- c:\users\Bláža\AppData\Local\temp
2011-07-04 15:46 . 2011-07-04 15:46 -------- d-----w- C:\rsit
2011-07-04 15:46 . 2011-07-04 15:46 -------- d-----w- c:\program files\trend micro
2011-06-29 07:11 . 2011-05-24 10:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 07:11 . 2011-05-04 04:53 1553920 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 07:11 . 2011-05-04 04:52 1401856 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 07:11 . 2011-05-04 04:52 428032 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 07:11 . 2011-05-04 04:52 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 07:11 . 2011-05-04 04:52 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 07:11 . 2011-05-04 04:52 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 07:11 . 2011-05-04 04:52 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 07:11 . 2011-05-04 04:52 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 07:11 . 2011-05-04 04:52 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-22 19:36 . 2011-07-01 17:24 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-06-22 18:24 . 2011-06-22 18:24 -------- d-----w- c:\users\Bláža\AppData\Local\PunkBuster
2011-06-22 18:10 . 2011-06-22 18:10 22328 ----a-w- c:\users\Bláža\AppData\Roaming\PnkBstrK.sys
2011-06-22 18:00 . 2011-06-22 18:00 -------- d-sh--w- c:\windows\ftpcache
2011-06-21 13:48 . 2011-06-21 13:48 720896 ----a-w- c:\windows\iun6002.exe
2011-06-16 09:51 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-16 09:51 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-16 09:51 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-16 09:51 . 2011-04-25 04:56 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-12 11:17 . 2011-06-12 11:17 6292557 ----a-w- C:\eplight1.0.exe
2011-06-12 11:01 . 2011-07-04 15:44 -------- d-----w- c:\users\Bláža\AppData\Roaming\Hamachi
2011-06-12 11:01 . 2011-06-12 11:01 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-06-12 09:08 . 2011-06-12 09:11 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2011-06-12 08:46 . 2011-06-12 08:46 2829 ----a-w- c:\windows\DIIUnin.pif
2011-06-12 08:46 . 2011-06-12 08:46 94208 ----a-w- c:\windows\DIIUnin.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 16:47 . 2011-03-23 16:39 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-06-29 18:59 . 2010-11-27 16:17 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-06-22 18:10 . 2011-06-22 18:10 22328 ----a-w- c:\users\Bláža\AppData\Roaming\PnkBstrK.sys
2011-06-22 18:10 . 2011-06-22 18:10 22328 ----a-w- c:\users\Bláža\AppData\Roaming\PnkBstrK.sys
2011-06-18 16:41 . 2010-11-19 17:42 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-06-02 12:58 . 2011-06-02 12:58 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-06-02 12:58 . 2011-06-02 12:58 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-13 16:57 . 2011-05-13 16:57 14392 ----a-w- c:\windows\system32\HPMDPCoInst12.dll
2011-05-13 16:57 . 2011-05-13 16:57 25656 ----a-w- c:\windows\system32\drivers\hpdskflt.sys
2011-05-13 16:57 . 2011-05-13 16:57 26168 ----a-w- c:\windows\system32\hpservice.exe
2011-05-13 16:57 . 2011-05-13 16:57 16952 ----a-w- c:\windows\system32\accelerometerdll.DLL
2011-05-13 16:57 . 2011-05-13 16:57 35896 ----a-w- c:\windows\system32\drivers\Accelerometer.sys
2011-04-22 19:36 . 2011-05-25 05:15 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-15 23:40 . 2011-06-02 12:58 809496 ----a-r- c:\windows\system32\tmp57A2.tmp
2011-04-15 23:40 . 2011-04-15 23:40 809496 ----a-r- c:\windows\system32\tmp5791.tmp
2011-04-11 07:04 . 2011-05-13 05:41 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B7D6F517-72AA-4871-88F7-792330B6A1F4}\mpengine.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\system32\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2011-04-09 06:13 . 2011-05-12 01:50 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-12 01:50 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-15 11:44 123904 ----a-w- c:\windows\system32\poqexec.exe
2010-01-26 08:11 . 2011-04-17 09:15 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\Programy\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"MirandaIM"="d:\miranda\miranda32.exe" [2010-11-17 816224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eplight1.0.exe"="C:\" [X]
"avast5"="c:\program files\Programy\Avast5\avastUI.exe" [2010-09-07 2838912]
"StartCCC"="c:\program files\Programy\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-26 98304]
"WinampAgent"="c:\program files\Programy\Winamp\winampa.exe" [2010-06-28 74752]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]
"Adobe Reader Speed Launcher"="c:\program files\Programy\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"KONICA MINOLTA PagePro 1350WStatusDisplay"="c:\windows\system32\MSTMON_Q.EXE" [2004-11-26 167936]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-13 1541416]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-12-01 842816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 136176]
R2 MLPTDR_Q;MLPTDR_Q;c:\windows\system32\MLPTDR_Q.SYS [2003-07-22 18848]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 136176]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-20 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-19 691696]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\aestsrv.exe [2009-03-01 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 176128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 26168]
S2 mitsijm2011;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011;c:\program files\Programy\Inventor 2011 Professional\Moldflow\bin\mitsijm.exe [2010-01-23 462336]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-01-27 50704]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2009-06-03 599344]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-10-27 6573568]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-27 229888]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys [2009-05-22 284928]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-28 59904]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 10:29]
.
2011-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 10:29]
.
.
------- Doplňkový sken -------
.
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\Programy\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 82.114.192.15 82.114.192.6
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1024)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\program files\DigitalPersona\Bin\DpoSet.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\STacSV.exe
c:\windows\system32\atieclxx.exe
c:\program files\Programy\Avast5\AvastSvc.exe
c:\program files\DigitalPersona\Bin\DpHostW.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\WUDFHost.exe
c:\windows\PEV.exe
c:\program files\Programy\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Programy\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-07-05 09:21:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-05 07:21
.
Před spuštěním: 6 353 637 376
Po spuštění: 9 803 243 520
.
- - End Of File - - 36E8827F645FF6F9E04672A1A32EF459

#5 Příspěvek od **stell** » 05 črc 2011 10:29

Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex:

Kód: Vybrat vše

KILLALL::
File::
c:\windows\system32\tmp57A2.tmp
c:\windows\system32\tmp5791.tmp
DDS::
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eplight1.0.exe"=-
SysTrayApp"=-
"WinampAgent"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-

Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :
Obrázek

Po skonceni skenu vlož log čo ComboFix vytvorí

BlazaP · #6 Příspěvek od **BlazaP** » 05 črc 2011 14:00

ComboFix 11-07-04.02 - Bláža 05.07.2011 13:49:16.2.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3069.1882 [GMT 2:00]
Spuštěný z: c:\users\Blß×a\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Blß×a\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-05 do 2011-07-05 )))))))))))))))))))))))))))))))
.
.
2011-07-05 12:10 . 2011-07-05 12:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-05 07:21 . 2011-07-05 07:21 -------- d-----w- c:\users\Blá\AppData
2011-07-05 07:14 . 2011-07-05 12:10 -------- d-----w- c:\users\Bláža\AppData\Local\temp
2011-07-04 15:46 . 2011-07-04 15:46 -------- d-----w- C:\rsit
2011-07-04 15:46 . 2011-07-04 15:46 -------- d-----w- c:\program files\trend micro
2011-06-29 07:11 . 2011-05-24 10:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 07:11 . 2011-05-04 04:53 1553920 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 07:11 . 2011-05-04 04:52 1401856 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 07:11 . 2011-05-04 04:52 428032 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 07:11 . 2011-05-04 04:52 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 07:11 . 2011-05-04 04:52 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 07:11 . 2011-05-04 04:52 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 07:11 . 2011-05-04 04:52 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 07:11 . 2011-05-04 04:52 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 07:11 . 2011-05-04 04:52 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-22 19:36 . 2011-07-01 17:24 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-06-22 18:24 . 2011-06-22 18:24 -------- d-----w- c:\users\Bláža\AppData\Local\PunkBuster
2011-06-22 18:10 . 2011-06-22 18:10 22328 ----a-w- c:\users\Bláža\AppData\Roaming\PnkBstrK.sys
2011-06-22 18:00 . 2011-06-22 18:00 -------- d-sh--w- c:\windows\ftpcache
2011-06-21 13:48 . 2011-06-21 13:48 720896 ----a-w- c:\windows\iun6002.exe
2011-06-16 09:51 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-16 09:51 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-16 09:51 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-16 09:51 . 2011-04-25 04:56 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-12 11:01 . 2011-07-04 15:44 -------- d-----w- c:\users\Bláža\AppData\Roaming\Hamachi
2011-06-12 11:01 . 2011-06-12 11:01 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-06-12 09:08 . 2011-06-12 09:11 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2011-06-12 08:46 . 2011-06-12 08:46 2829 ----a-w- c:\windows\DIIUnin.pif
2011-06-12 08:46 . 2011-06-12 08:46 94208 ----a-w- c:\windows\DIIUnin.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 16:47 . 2011-03-23 16:39 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-06-29 18:59 . 2010-11-27 16:17 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-06-22 18:10 . 2011-06-22 18:10 22328 ----a-w- c:\users\Bláža\AppData\Roaming\PnkBstrK.sys
2011-06-22 18:10 . 2011-06-22 18:10 22328 ----a-w- c:\users\Bláža\AppData\Roaming\PnkBstrK.sys
2011-06-18 16:41 . 2010-11-19 17:42 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-06-02 12:58 . 2011-06-02 12:58 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-06-02 12:58 . 2011-06-02 12:58 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-13 16:57 . 2011-05-13 16:57 14392 ----a-w- c:\windows\system32\HPMDPCoInst12.dll
2011-05-13 16:57 . 2011-05-13 16:57 25656 ----a-w- c:\windows\system32\drivers\hpdskflt.sys
2011-05-13 16:57 . 2011-05-13 16:57 26168 ----a-w- c:\windows\system32\hpservice.exe
2011-05-13 16:57 . 2011-05-13 16:57 16952 ----a-w- c:\windows\system32\accelerometerdll.DLL
2011-05-13 16:57 . 2011-05-13 16:57 35896 ----a-w- c:\windows\system32\drivers\Accelerometer.sys
2011-04-22 19:36 . 2011-05-25 05:15 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-15 23:40 . 2011-06-02 12:58 809496 ----a-r- c:\windows\system32\tmp57A2.tmp
2011-04-15 23:40 . 2011-04-15 23:40 809496 ----a-r- c:\windows\system32\tmp5791.tmp
2011-04-11 07:04 . 2011-05-13 05:41 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B7D6F517-72AA-4871-88F7-792330B6A1F4}\mpengine.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\system32\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2011-04-09 06:13 . 2011-05-12 01:50 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-12 01:50 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-15 11:44 123904 ----a-w- c:\windows\system32\poqexec.exe
2010-01-26 08:11 . 2011-04-17 09:15 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\Programy\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"MirandaIM"="d:\miranda\miranda32.exe" [2010-11-17 816224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eplight1.0.exe"="C:\" [X]
"avast5"="c:\program files\Programy\Avast5\avastUI.exe" [2010-09-07 2838912]
"StartCCC"="c:\program files\Programy\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-26 98304]
"WinampAgent"="c:\program files\Programy\Winamp\winampa.exe" [2010-06-28 74752]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]
"Adobe Reader Speed Launcher"="c:\program files\Programy\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"KONICA MINOLTA PagePro 1350WStatusDisplay"="c:\windows\system32\MSTMON_Q.EXE" [2004-11-26 167936]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-13 1541416]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-12-01 842816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 136176]
R2 mitsijm2011;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011;c:\program files\Programy\Inventor 2011 Professional\Moldflow\bin\mitsijm.exe [2010-01-23 462336]
R2 MLPTDR_Q;MLPTDR_Q;c:\windows\system32\MLPTDR_Q.SYS [2003-07-22 18848]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 136176]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-20 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-19 691696]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\aestsrv.exe [2009-03-01 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 176128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 26168]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-01-27 50704]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2009-06-03 599344]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-10-27 6573568]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-27 229888]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys [2009-05-22 284928]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-28 59904]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 10:29]
.
2011-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 10:29]
.
.
------- Doplňkový sken -------
.
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\Programy\MICROS~1\Office12\EXCEL.EXE/3000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(41928)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\program files\DigitalPersona\Bin\DpoSet.dll
.
Celkový čas: 2011-07-05 14:58:51
ComboFix-quarantined-files.txt 2011-07-05 12:58
ComboFix2.txt 2011-07-05 07:21
.
Před spuštěním: 9 441 951 744
Po spuštění: 9 382 981 632
.
- - End Of File - - 91C97F22216A17D72342C6D317779EB5

#7 Příspěvek od **stell** » 05 črc 2011 15:05

Hm, combofix, nevykonal akciu.
Sprav to este raz v nudzovom rezime, s pracou v sieti

BlazaP · #8 Příspěvek od **BlazaP** » 05 črc 2011 15:30

Myslíte, že by mohlo být chybou, že jsem CFScript uložil do poznámkového bloku bez přípony .txt?

BlazaP · #9 Příspěvek od **BlazaP** » 05 črc 2011 15:41

Přejmenoval jsem ten CFScript a vyhodilo mi to tohle:
Centrum akcí ukazuje, že Centrum Zabezpečení pravděpodobně běží...

ComboFix 11-07-04.02 - Bláža 05.07.2011 16:27:00.3.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.3069.2078 [GMT 2:00]
Spuštěný z: c:\users\Blß×a\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Blß×a\Desktop\CFScript.txt.txt
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-05 do 2011-07-05 )))))))))))))))))))))))))))))))
.
.
2011-07-05 14:33 . 2011-07-05 14:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-05 07:21 . 2011-07-05 07:21 -------- d-----w- c:\users\Blá\AppData
2011-07-05 07:14 . 2011-07-05 14:33 -------- d-----w- c:\users\Bláža\AppData\Local\temp
2011-07-04 15:46 . 2011-07-04 15:46 -------- d-----w- C:\rsit
2011-07-04 15:46 . 2011-07-04 15:46 -------- d-----w- c:\program files\trend micro
2011-06-29 07:11 . 2011-05-24 10:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-06-29 07:11 . 2011-05-04 04:53 1553920 ----a-w- c:\windows\system32\tquery.dll
2011-06-29 07:11 . 2011-05-04 04:52 1401856 ----a-w- c:\windows\system32\mssrch.dll
2011-06-29 07:11 . 2011-05-04 04:52 428032 ----a-w- c:\windows\system32\SearchIndexer.exe
2011-06-29 07:11 . 2011-05-04 04:52 666624 ----a-w- c:\windows\system32\mssvp.dll
2011-06-29 07:11 . 2011-05-04 04:52 59392 ----a-w- c:\windows\system32\msscntrs.dll
2011-06-29 07:11 . 2011-05-04 04:52 337408 ----a-w- c:\windows\system32\mssph.dll
2011-06-29 07:11 . 2011-05-04 04:52 197120 ----a-w- c:\windows\system32\mssphtb.dll
2011-06-29 07:11 . 2011-05-04 04:52 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
2011-06-29 07:11 . 2011-05-04 04:52 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2011-06-22 19:36 . 2011-07-01 17:24 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2011-06-22 18:24 . 2011-06-22 18:24 -------- d-----w- c:\users\Bláža\AppData\Local\PunkBuster
2011-06-22 18:10 . 2011-06-22 18:10 22328 ----a-w- c:\users\Bláža\AppData\Roaming\PnkBstrK.sys
2011-06-22 18:00 . 2011-06-22 18:00 -------- d-sh--w- c:\windows\ftpcache
2011-06-21 13:48 . 2011-06-21 13:48 720896 ----a-w- c:\windows\iun6002.exe
2011-06-16 09:51 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-16 09:51 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-16 09:51 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-16 09:51 . 2011-04-25 04:56 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-12 11:01 . 2011-07-04 15:44 -------- d-----w- c:\users\Bláža\AppData\Roaming\Hamachi
2011-06-12 11:01 . 2011-06-12 11:01 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2011-06-12 09:08 . 2011-06-12 09:11 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2011-06-12 08:46 . 2011-06-12 08:46 2829 ----a-w- c:\windows\DIIUnin.pif
2011-06-12 08:46 . 2011-06-12 08:46 94208 ----a-w- c:\windows\DIIUnin.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-01 16:47 . 2011-03-23 16:39 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2011-06-29 18:59 . 2010-11-27 16:17 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-06-22 18:10 . 2011-06-22 18:10 22328 ----a-w- c:\users\Bláža\AppData\Roaming\PnkBstrK.sys
2011-06-22 18:10 . 2011-06-22 18:10 22328 ----a-w- c:\users\Bláža\AppData\Roaming\PnkBstrK.sys
2011-06-18 16:41 . 2010-11-19 17:42 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2011-06-02 12:58 . 2011-06-02 12:58 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-06-02 12:58 . 2011-06-02 12:58 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-05-13 16:57 . 2011-05-13 16:57 14392 ----a-w- c:\windows\system32\HPMDPCoInst12.dll
2011-05-13 16:57 . 2011-05-13 16:57 25656 ----a-w- c:\windows\system32\drivers\hpdskflt.sys
2011-05-13 16:57 . 2011-05-13 16:57 26168 ----a-w- c:\windows\system32\hpservice.exe
2011-05-13 16:57 . 2011-05-13 16:57 16952 ----a-w- c:\windows\system32\accelerometerdll.DLL
2011-05-13 16:57 . 2011-05-13 16:57 35896 ----a-w- c:\windows\system32\drivers\Accelerometer.sys
2011-04-22 19:36 . 2011-05-25 05:15 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-04-15 23:40 . 2011-06-02 12:58 809496 ----a-r- c:\windows\system32\tmp57A2.tmp
2011-04-15 23:40 . 2011-04-15 23:40 809496 ----a-r- c:\windows\system32\tmp5791.tmp
2011-04-11 07:04 . 2011-05-13 05:41 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B7D6F517-72AA-4871-88F7-792330B6A1F4}\mpengine.dll
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\system32\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2011-04-09 06:13 . 2011-05-12 01:50 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-12 01:50 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-15 11:44 123904 ----a-w- c:\windows\system32\poqexec.exe
2010-01-26 08:11 . 2011-04-17 09:15 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\Programy\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"MirandaIM"="d:\miranda\miranda32.exe" [2010-11-17 816224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eplight1.0.exe"="C:\" [X]
"avast5"="c:\program files\Programy\Avast5\avastUI.exe" [2010-09-07 2838912]
"StartCCC"="c:\program files\Programy\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-26 98304]
"WinampAgent"="c:\program files\Programy\Winamp\winampa.exe" [2010-06-28 74752]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-07-21 458844]
"Adobe Reader Speed Launcher"="c:\program files\Programy\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"KONICA MINOLTA PagePro 1350WStatusDisplay"="c:\windows\system32\MSTMON_Q.EXE" [2004-11-26 167936]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-13 1541416]
"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2009-12-01 842816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 136176]
R2 mitsijm2011;Správce úloh aplikace Autodesk Moldflow Inventor Tool Suite Integration 2011;c:\program files\Programy\Inventor 2011 Professional\Moldflow\bin\mitsijm.exe [2010-01-23 462336]
R2 MLPTDR_Q;MLPTDR_Q;c:\windows\system32\MLPTDR_Q.SYS [2003-07-22 18848]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 136176]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-11-20 1343400]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-19 691696]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\aestsrv.exe [2009-03-01 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 176128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2011-05-13 26168]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-01-27 50704]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2009-06-03 599344]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-10-27 6573568]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-27 229888]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys [2009-05-22 284928]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-28 59904]
S3 RTL8167;Ovladač Realtek 8167 NT;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 10:29]
.
2011-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 10:29]
.
.
------- Doplňkový sken -------
.
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\Programy\MICROS~1\Office12\EXCEL.EXE/3000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3648)
c:\program files\DigitalPersona\Bin\DpoFeedb.dll
c:\program files\DigitalPersona\Bin\DpoSet.dll
.
Celkový čas: 2011-07-05 16:35:42
ComboFix-quarantined-files.txt 2011-07-05 14:35
ComboFix2.txt 2011-07-05 12:59
ComboFix3.txt 2011-07-05 07:21
.
Před spuštěním: 9 563 340 800
Po spuštění: 9 510 989 824
.
- - End Of File - - 2AB075303F0D6A266B59E49F6FC6B09C

#10 Příspěvek od **stell** » 05 črc 2011 16:15

Takto, darmo si premenoval ,ak si to zle premenoval.
CFScript.txt.txt
ma byt takto CFScript.txt

Centrum zabezpecenia, ak nebezi tak potom to zapneme.

BlazaP · #11 Příspěvek od **BlazaP** » 05 črc 2011 16:19

Každopádně po druhém průběhu combofixu už mi to nevyhazuje. Navíc, ta první oprava se špatným skriptem běžela asi 2 hodiny. Ta druhá už jenom pár minut.

BlazaP · #12 Příspěvek od **BlazaP** » 05 črc 2011 16:22

Ale jestli to teda opravilo to co mělo, tak to nevím... To víte asi vy

#13 Příspěvek od **stell** » 05 črc 2011 16:23

Neopravilo
Takto, nechaj combofix tak, nakolko mas dajaky divny Nick.

Stahni OTListIt2>> OTL
Označ položku Pro všechny uživatele.
Označ položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Klikn na tlačítko Prohledat
Po dokončení, sem vlož logy OTL.Txt

BlazaP · #14 Příspěvek od **BlazaP** » 05 črc 2011 16:30

OTL logfile created on: 5.7.2011 17:27:40 - Run 1
OTL by OldTimer - Version 3.2.26.0 Folder = C:\Users\Bláža\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,00 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 71,96% Memory free
5,99 Gb Paging File | 5,02 Gb Available in Paging File | 83,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 38,96 Gb Total Space | 8,90 Gb Free Space | 22,84% Space Free | Partition Type: NTFS
Drive D: | 259,03 Gb Total Space | 84,48 Gb Free Space | 32,61% Space Free | Partition Type: NTFS
Drive H: | 1,84 Gb Total Space | 0,38 Gb Free Space | 20,91% Space Free | Partition Type: FAT

Computer Name: BLÁŽA-PC | User Name: Bláža | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.07.05 17:25:23 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bláža\Desktop\OTL.exe
PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.17 04:09:46 | 000,816,224 | ---- | M] ( ) -- D:\Miranda\miranda32.exe
PRC - [2010.10.27 04:51:54 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2010.10.27 04:51:26 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2010.09.07 18:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Programy\Avast5\AvastUI.exe
PRC - [2010.09.07 18:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Programy\Avast5\AvastSvc.exe
PRC - [2010.06.28 23:39:02 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Programy\Winamp\winampa.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files\Programy\DAEMON Tools Lite\DTLite.exe
PRC - [2010.01.23 06:12:06 | 000,462,336 | ---- | M] () -- C:\Program Files\Programy\Inventor 2011 Professional\Moldflow\bin\mitsijm.exe
PRC - [2009.12.01 14:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe
PRC - [2009.12.01 14:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpAgent.exe
PRC - [2009.07.21 03:33:32 | 000,458,844 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2009.07.21 03:33:32 | 000,221,266 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\stacsv.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.06.03 03:12:50 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) -- C:\Windows\System32\vfsFPService.exe
PRC - [2009.03.01 23:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\AEstSrv.exe
PRC - [2004.11.26 19:21:48 | 000,167,936 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) -- C:\Windows\System32\MSTMON_Q.EXE

========== Modules (SafeList) ==========

MOD - [2011.07.05 17:25:23 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bláža\Desktop\OTL.exe
MOD - [2011.02.09 23:56:10 | 000,069,745 | ---- | M] () -- D:\Miranda\Plugins\AdvancedAutoAway.dll
MOD - [2010.08.21 07:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.12.01 14:37:48 | 000,502,848 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpOFeedb.dll
MOD - [2009.12.01 14:37:48 | 000,363,584 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpOSet.dll

========== Win32 Services (SafeList) ==========

SRV - [2011.03.17 12:12:43 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.11.20 10:34:05 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.10.27 04:51:26 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.09.07 18:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Programy\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 18:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Programy\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 18:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Programy\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.01.23 06:12:06 | 000,462,336 | ---- | M] () [Auto | Running] -- C:\Program Files\Programy\Inventor 2011 Professional\Moldflow\bin\mitsijm.exe -- (mitsijm2011)
SRV - [2009.12.01 14:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2009.07.21 03:33:32 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\stacsv.exe -- (STacSV)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.06.03 03:12:50 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\System32\vfsFPService.exe -- (vfsFPService)
SRV - [2009.03.01 23:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_8e7d5b9d3a91d8c5\AEstSrv.exe -- (AESTFilters)

========== Driver Services (SafeList) ==========

DRV - [2011.06.12 13:01:01 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2011.05.13 18:57:42 | 000,025,656 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2011.05.13 18:57:20 | 000,035,896 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2010.11.19 22:23:31 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.10.27 05:59:14 | 006,573,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2010.10.27 05:59:14 | 006,573,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2010.10.27 04:14:02 | 000,229,888 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.09.07 17:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 17:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 17:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 17:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010.09.07 17:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.01.27 04:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\npf.sys -- (npf)
DRV - [2009.07.21 03:33:32 | 000,409,088 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.06.28 20:17:00 | 000,059,904 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2009.05.22 08:32:56 | 000,284,928 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVerAF15.sys -- (AVerAF15)
DRV - [2003.07.22 17:44:18 | 000,018,848 | ---- | M] (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.) [Kernel | Auto | Stopped] -- C:\Windows\System32\MLPTDR_Q.SYS -- (MLPTDR_Q)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2840713006-4081737350-2584303040-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Programy\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2011.01.18 11:46:13 | 000,000,000 | ---D | M]
FF - HKCU\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files\DigitalPersona\Bin\FirefoxExt\ [2011.01.18 11:46:13 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2011.07.05 09:16:35 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKU\S-1-5-21-2840713006-4081737350-2584303040-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Programy\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Programy\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [eplight1.0.exe] C:\ [2011.07.05 17:25:19 | 000,000,000 | R--D | M]
O4 - HKLM..\Run: [KONICA MINOLTA PagePro 1350WStatusDisplay] C:\Windows\System32\MSTMON_Q.EXE (KONICA MINOLTA BUSINESS TECHNOLOGIES, INC.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\Programy\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Programy\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-2840713006-4081737350-2584303040-1000..\Run: [DAEMON Tools Lite] C:\Program Files\Programy\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2840713006-4081737350-2584303040-1000..\Run: [MirandaIM] D:\Miranda\miranda32.exe ( )
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2840713006-4081737350-2584303040-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2840713006-4081737350-2584303040-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2840713006-4081737350-2584303040-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Programy\Microsoft Office 2007\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Programy\Microsoft Office 2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.07.05 17:25:19 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Bláža\Desktop\OTL.exe
[2011.07.05 16:38:48 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.07.05 16:34:41 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011.07.05 16:25:22 | 000,000,000 | ---D | C] -- C:\ComboFix
[2011.07.05 09:14:55 | 000,000,000 | ---D | C] -- C:\Users\Bláža\AppData\Local\temp
[2011.07.05 09:07:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011.07.05 09:07:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011.07.05 09:07:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011.07.05 09:06:52 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011.07.05 09:05:19 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011.07.05 08:59:54 | 004,131,183 | R--- | C] (Swearware) -- C:\Users\Bláža\Desktop\ComboFix.exe
[2011.07.04 17:52:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.07.04 17:46:00 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2011.07.04 17:46:00 | 000,000,000 | ---D | C] -- C:\rsit
[2011.06.29 09:11:20 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011.06.29 09:11:20 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011.06.29 09:11:19 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011.06.29 09:11:19 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011.06.29 09:11:19 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011.06.29 09:11:19 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011.06.22 20:24:57 | 000,000,000 | ---D | C] -- C:\Users\Bláža\AppData\Local\PunkBuster
[2011.06.22 20:00:50 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2011.06.21 15:48:54 | 000,720,896 | ---- | C] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2011.06.21 15:48:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiViON Player
[2011.06.16 11:50:54 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.06.16 11:50:48 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.06.16 11:50:47 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.06.16 11:50:47 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.06.16 11:50:47 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.06.16 11:50:47 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.06.16 11:50:47 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.06.16 11:50:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.06.16 11:50:47 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.06.16 11:50:47 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.06.16 11:50:47 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.06.16 11:50:47 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.06.16 08:37:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Company
[2011.06.12 13:01:15 | 000,000,000 | ---D | C] -- C:\Users\Bláža\AppData\Roaming\Hamachi
[2011.06.12 13:01:01 | 000,025,280 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\hamachi.sys
[2011.06.12 13:01:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hamachi
[2011.06.12 10:53:53 | 000,000,000 | ---D | C] -- C:\Users\Bláža\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Diablo II
[2011.06.12 10:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo II
[2011.06.12 10:46:34 | 000,094,208 | ---- | C] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.07.05 17:25:23 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Bláža\Desktop\OTL.exe
[2011.07.05 16:46:02 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.05 16:46:02 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.05 16:44:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.05 16:39:04 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.05 16:38:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.05 16:38:43 | 2413,707,264 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.05 16:24:05 | 000,014,206 | ---- | M] () -- C:\Windows\MSTMON_Q.INI
[2011.07.05 09:16:35 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011.07.05 09:00:53 | 004,131,183 | R--- | M] (Swearware) -- C:\Users\Bláža\Desktop\ComboFix.exe
[2011.07.01 19:24:50 | 000,271,200 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2011.07.01 18:47:03 | 000,271,200 | ---- | M] () -- C:\Windows\System32\PnkBstrB.ex0
[2011.06.30 08:22:04 | 000,439,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.06.29 00:21:26 | 000,665,944 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2011.06.29 00:21:26 | 000,651,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.06.29 00:21:26 | 000,139,608 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2011.06.29 00:21:26 | 000,120,580 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.26 08:45:56 | 000,256,000 | ---- | M] () -- C:\Windows\PEV.exe
[2011.06.22 20:10:56 | 000,022,328 | ---- | M] () -- C:\Users\Bláža\AppData\Roaming\PnkBstrK.sys
[2011.06.22 20:10:18 | 000,000,294 | ---- | M] () -- C:\Windows\game.ini
[2011.06.21 15:48:41 | 000,720,896 | ---- | M] (Indigo Rose Corporation) -- C:\Windows\iun6002.exe
[2011.06.18 19:58:01 | 000,007,605 | ---- | M] () -- C:\Users\Bláža\AppData\Local\Resmon.ResmonCfg
[2011.06.12 13:01:01 | 000,025,280 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\hamachi.sys
[2011.06.12 11:22:26 | 000,031,515 | ---- | M] () -- C:\Windows\DIIUnin.dat
[2011.06.12 11:11:20 | 000,043,520 | ---- | M] () -- C:\Windows\System32\CmdLineExt03.dll
[2011.06.12 10:46:35 | 000,002,829 | ---- | M] () -- C:\Windows\DIIUnin.pif
[2011.06.12 10:46:34 | 000,094,208 | ---- | M] (Blizzard Entertainment) -- C:\Windows\DIIUnin.exe
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.07.05 09:07:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.07.05 09:07:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.07.05 09:07:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.07.05 09:07:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.07.05 09:07:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.06.22 21:36:52 | 000,271,200 | ---- | C] () -- C:\Windows\System32\PnkBstrB.xtr
[2011.06.22 20:10:56 | 000,022,328 | ---- | C] () -- C:\Users\Bláža\AppData\Roaming\PnkBstrK.sys
[2011.06.22 20:10:18 | 000,000,294 | ---- | C] () -- C:\Windows\game.ini
[2011.06.18 19:58:01 | 000,007,605 | ---- | C] () -- C:\Users\Bláža\AppData\Local\Resmon.ResmonCfg
[2011.06.12 11:08:38 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2011.06.12 10:46:36 | 000,031,515 | ---- | C] () -- C:\Windows\DIIUnin.dat
[2011.06.12 10:46:34 | 000,002,829 | ---- | C] () -- C:\Windows\DIIUnin.pif
[2011.05.21 10:13:16 | 000,023,056 | ---- | C] () -- C:\Windows\System32\Pkwdcl.dll
[2011.05.16 11:25:59 | 000,068,096 | RHS- | C] () -- C:\Windows\System32\taskeng7.dll
[2011.04.17 11:15:59 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.03.01 22:54:08 | 000,004,608 | ---- | C] () -- C:\Users\Bláža\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.15 13:39:35 | 000,212,992 | ---- | C] () -- C:\Windows\System32\WMIMPLEX.dll
[2010.12.15 13:39:35 | 000,040,960 | ---- | C] () -- C:\Windows\System32\maplec.dll
[2010.12.15 13:39:35 | 000,020,480 | ---- | C] () -- C:\Windows\System32\maplecompat.dll
[2010.11.28 14:53:10 | 000,014,206 | ---- | C] () -- C:\Windows\MSTMON_Q.INI
[2010.11.28 14:53:10 | 000,011,521 | ---- | C] () -- C:\Windows\MSUMLT_Q.INI
[2010.11.21 20:50:03 | 000,000,350 | ---- | C] () -- C:\Windows\System32\AP6RMHV.BIN
[2010.11.21 20:50:03 | 000,000,308 | ---- | C] () -- C:\Windows\System32\AP6RMKV.BIN
[2010.11.21 20:50:03 | 000,000,252 | ---- | C] () -- C:\Windows\System32\AP6RMJH.BIN
[2010.11.21 20:50:03 | 000,000,238 | ---- | C] () -- C:\Windows\System32\AP6RMFP.BIN
[2010.11.21 20:50:03 | 000,000,189 | ---- | C] () -- C:\Windows\System32\AP6RMKS.BIN
[2010.11.21 20:50:03 | 000,000,126 | ---- | C] () -- C:\Windows\System32\AP6RMHR.BIN
[2010.11.19 19:33:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.09.22 20:27:52 | 000,223,990 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.09.17 20:17:00 | 000,002,888 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2010.01.27 04:09:02 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009.07.14 10:44:22 | 000,665,944 | ---- | C] () -- C:\Windows\System32\perfh005.dat
[2009.07.14 10:44:22 | 000,292,004 | ---- | C] () -- C:\Windows\System32\perfi005.dat
[2009.07.14 10:44:22 | 000,139,608 | ---- | C] () -- C:\Windows\System32\perfc005.dat
[2009.07.14 10:44:22 | 000,036,232 | ---- | C] () -- C:\Windows\System32\perfd005.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,439,088 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,651,648 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,120,580 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.11.14 17:17:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CogentBioSDK.dll
[2006.11.06 16:30:38 | 000,262,144 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2006.06.29 12:19:26 | 000,135,168 | ---- | C] () -- C:\Windows\System32\id3vx_ocx.dll
[2005.11.05 21:34:52 | 000,331,776 | ---- | C] () -- C:\Windows\System32\lame.exe
[2004.09.10 19:34:26 | 000,220,160 | ---- | C] () -- C:\Windows\System32\WnASPI32.dll
[2002.07.19 11:48:22 | 000,157,696 | ---- | C] () -- C:\Windows\System32\OggEnc.exe
[1997.06.14 04:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll

========== LOP Check ==========

[2011.03.17 14:04:44 | 000,000,000 | ---D | M] -- C:\Users\Bláža\AppData\Roaming\Autodesk
[2011.01.05 15:58:27 | 000,000,000 | ---D | M] -- C:\Users\Bláža\AppData\Roaming\Canon
[2010.11.19 23:35:06 | 000,000,000 | ---D | M] -- C:\Users\Bláža\AppData\Roaming\DAEMON Tools Lite
[2011.04.18 13:17:57 | 000,000,000 | ---D | M] -- C:\Users\Bláža\AppData\Roaming\Design Science
[2010.11.22 18:35:26 | 000,000,000 | ---D | M] -- C:\Users\Bláža\AppData\Roaming\DigitalPersona
[2011.06.01 07:07:21 | 000,000,000 | ---D | M] -- C:\Users\Bláža\AppData\Roaming\Opera
[2011.03.23 18:38:58 | 000,000,000 | ---D | M] -- C:\Users\Bláža\AppData\Roaming\PunkBuster
[2011.03.08 20:40:31 | 000,000,000 | ---D | M] -- C:\Users\Bláža\AppData\Roaming\Softland
[2011.04.17 11:16:08 | 000,000,000 | ---D | M] -- C:\Users\Bláža\AppData\Roaming\VDownloader
[2011.03.29 00:36:17 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

#15 Příspěvek od **stell** » 05 črc 2011 16:54

spust OTL>.do okna svloz teto script>>klikni na opravit, log po restarte vloz sem.,,napis ako je na tom pocitac.

Kód: Vybrat vše

:OTL

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"eplight1.0.exe"=-
SysTrayApp"=-
"WinampAgent"=-
"Adobe Reader Speed Launcher"=-
"Adobe ARM"=-
:Commands 
[emptytemp] 
[start explorer]
[Reboot]

VIRY.CZ

Nelze spustit Centrum Zabezpečení

Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení

Re: Nelze spustit Centrum Zabezpečení