prosím o kontrolu preventivky

[Milda86]

Logfile of random's system information tool 1.08 (written by random/random)
Run by Milda at 2011-11-06 12:21:28
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 20 GB (26%) free of 76 GB
Total RAM: 2037 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:22:32, on 6.11.2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Labtec\Desktop\6.0\KbdAp32A.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Labtec\Desktop\6.0\Mouse32V.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Users\Milda\Desktop\Programy\RSIT.exe
C:\Program Files\trend micro\Milda.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Cole2k Media Toolbar Helper - {5499BCB1-5641-4A4C-9F75-462D4D8D0DA0} - C:\Program Files\Cole2k Media Toolbar\v3.3.0.1\Cole2k_Media_Toolbar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O3 - Toolbar: &S-Rank - {B71B15CF-3093-459C-B764-AEB2486F2273} - C:\Program Files\Seznam\Postak\SRank.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [LWBKEYBOARD] "C:\Program Files\Labtec\Desktop\6.0\KbdAp32A.exe"
O4 - HKCU\..\Run: [LWBMOUSE] "C:\Program Files\Labtec\Desktop\6.0\MOffice.exe"
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7295 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{B974D97D-0002-44B7-8CF0-447B48DFBC6C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5499BCB1-5641-4A4C-9F75-462D4D8D0DA0}]
Cole2k Media Toolbar Helper - C:\Program Files\Cole2k Media Toolbar\v3.3.0.1\Cole2k_Media_Toolbar.dll [2008-12-08 806912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-06-17 848376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B71B15CF-3093-459C-B764-AEB2486F2273} - &S-Rank - C:\Program Files\Seznam\Postak\SRank.dll [2005-05-17 266240]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-06-17 848376]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-06-28 2837864]
"NeroFilterCheck"=C:\Windows\system32\NeroCheck.exe [2001-07-09 155648]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-10-25 2424560]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2010-10-27 1861944]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"Steam"=C:\Program Files\Steam\Steam.exe [2011-08-22 1242448]
"LWBKEYBOARD"=C:\Program Files\Labtec\Desktop\6.0\KbdAp32A.exe [2007-03-26 395264]
"LWBMOUSE"=C:\Program Files\Labtec\Desktop\6.0\MOffice.exe [2007-04-11 457728]
"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2011-11-06 12:21:28 ----DC---- C:\rsit
2011-11-02 11:56:33 ----DC---- C:\Program Files\KONAMI
2011-10-26 20:47:36 ----DC---- C:\ProgramData\Electronic Arts
2011-10-25 08:49:17 ----DC---- C:\Program Files\Labtec
2011-10-24 13:28:35 ----AC---- C:\crtdbg.txt
2011-10-13 10:13:49 ----A---- C:\Windows\system32\psisdecd.dll
2011-10-13 10:13:45 ----A---- C:\Windows\system32\mshtml.dll
2011-10-13 10:13:44 ----A---- C:\Windows\system32\urlmon.dll
2011-10-13 10:13:44 ----A---- C:\Windows\system32\jsproxy.dll
2011-10-13 10:13:44 ----A---- C:\Windows\system32\ieui.dll
2011-10-13 10:13:43 ----A---- C:\Windows\system32\wininet.dll
2011-10-13 10:13:43 ----A---- C:\Windows\system32\mstime.dll
2011-10-13 10:13:43 ----A---- C:\Windows\system32\mshtmled.dll
2011-10-13 10:13:43 ----A---- C:\Windows\system32\ieframe.dll
2011-10-13 10:13:42 ----A---- C:\Windows\system32\url.dll
2011-10-13 10:13:42 ----A---- C:\Windows\system32\msfeeds.dll
2011-10-13 10:13:42 ----A---- C:\Windows\system32\iertutil.dll
2011-10-13 10:13:42 ----A---- C:\Windows\system32\iepeers.dll
2011-10-13 10:13:42 ----A---- C:\Windows\system32\ieapfltr.dll
2011-10-13 10:13:40 ----A---- C:\Windows\system32\win32k.sys
2011-10-13 10:13:12 ----A---- C:\Windows\system32\UIAutomationCore.dll
2011-10-13 10:13:12 ----A---- C:\Windows\system32\oleacc.dll
2011-10-13 10:13:11 ----A---- C:\Windows\system32\oleaut32.dll
2011-10-13 10:13:11 ----A---- C:\Windows\system32\oleaccrc.dll

======List of files/folders modified in the last 1 months======

2011-11-06 12:21:44 ----D---- C:\Windows\Prefetch
2011-11-06 12:21:35 ----DC---- C:\Program Files\trend micro
2011-11-06 12:21:25 ----DC---- C:\Windows\temp
2011-11-06 12:15:48 ----DC---- C:\Windows
2011-11-06 12:15:31 ----DC---- C:\Program Files\Steam
2011-11-05 21:44:43 ----DC---- C:\Program Files\Common Files\Steam
2011-11-05 14:28:22 ----SHD---- C:\System Volume Information
2011-11-05 12:29:52 ----D---- C:\Windows\tracing
2011-11-04 21:04:44 ----D---- C:\Windows\System32
2011-11-04 21:04:44 ----D---- C:\Windows\inf
2011-11-04 21:04:44 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-02 13:04:24 ----DC---- C:\Program Files\EA SPORTS
2011-11-02 13:02:45 ----SHD---- C:\Windows\Installer
2011-11-02 13:02:45 ----HDC---- C:\Config.Msi
2011-11-02 12:53:49 ----DC---- C:\Program Files
2011-11-02 12:06:14 ----HDC---- C:\Program Files\InstallShield Installation Information
2011-10-31 12:41:34 ----D---- C:\Windows\Minidump
2011-10-31 08:02:12 ----DC---- C:\Program Files\Opera
2011-10-30 10:16:19 ----RSDC---- C:\Windows\assembly
2011-10-29 14:42:12 ----D---- C:\Windows\winsxs
2011-10-29 14:39:44 ----D---- C:\Windows\system32\catroot2
2011-10-28 10:07:51 ----D---- C:\Windows\system32\Tasks
2011-10-26 20:47:36 ----DC---- C:\ProgramData
2011-10-25 08:46:19 ----D---- C:\Windows\system32\drivers
2011-10-14 14:14:27 ----D---- C:\Windows\Debug
2011-10-13 12:58:15 ----D---- C:\Windows\Microsoft.NET
2011-10-13 11:27:38 ----D---- C:\Windows\rescache
2011-10-13 11:10:07 ----D---- C:\Windows\system32\catroot
2011-10-13 11:05:37 ----DC---- C:\Program Files\Microsoft Silverlight
2011-10-13 11:04:06 ----DC---- C:\Program Files\Windows Mail
2011-10-13 11:04:06 ----DC---- C:\Program Files\Internet Explorer
2011-10-13 11:04:06 ----D---- C:\Windows\system32\migration
2011-10-13 11:04:06 ----D---- C:\Windows\system32\cs-CZ
2011-10-13 10:34:50 ----A---- C:\Windows\system32\mrt.exe
2011-10-13 10:34:39 ----DC---- C:\ProgramData\Microsoft Help

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-01-03 691696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-06-28 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-06-28 165456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-06-28 46672]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-06-28 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-06-28 50256]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 8192]
R3 b57nd60x;%SvcDispName%; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-18 179712]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-18 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-18 206848]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-01-09 47360]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-18 659968]
S3 aoow8r3z;aoow8r3z; C:\Windows\system32\drivers\aoow8r3z.sys []
S3 awhkiw29;awhkiw29; C:\Windows\system32\drivers\awhkiw29.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-12-19 534016]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-18 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-18 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-18 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys [2009-10-06 136704]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2008-08-12 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\system32\PnkBstrB.exe [2008-08-12 103736]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-04 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-06-28 40384]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-05 135664]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-07-27 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-05 135664]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-11-05 419624]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

-----------------EOF-----------------

[Mc_Murphy]

Zdravím.

Dej mi minutku, hnedle se na to mrknu.

[Milda86]

paráda, děkuju

[Mc_Murphy]

Není zač.

Jako první v nabídce Přidat nebo odebrat programy odinstaluj všechny nepotřebné toolbary! Jsou to veliká "zdržovadla" systému a v případě například Ask.com Toolbar, Conduit Engine a dalších se dá hovořit už i o havěti.
Aktualizuj MS Internet Explorer na poslední verzi. I když používáš prohlížeč Mozilla Firefox, aktualizace řeší spoustu problémů v systému samotném.
Jako antivir máš Avast!, takže odinstaluj McAfee - dva antiviry v PC způsobují kolizi.
Program SUPERAntiSpyware odeber ze spouštění po startu systému a ponech pouze na občasné scany.
To samé platí o programu CCleaner.

Stáhni a ulož na Plochu http://jpshortstuff.247fixes.com/SystemLook.exe nebo http://images.malwareremoval.com/jpshor ... emLook.exe

• Dvojklikem na ikonu program spusť.
• Do bílého okénka zkopíruj text z následujícího bílého pole.

Kód: Vybrat vše

:filefind
Inbox.dll

• Klikni na Look, po dokončení skenu na Tebe vyskočí log, zkopíruj mi ho sem.
• Log se také bude nacházet na Ploše, v souboru SystemLook.txt

Až to všechno provedeš, fixni v HJT tyto položky:

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Cole2k Media Toolbar Helper - {5499BCB1-5641-4A4C-9F75-462D4D8D0DA0} - C:\Program Files\Cole2k Media Toolbar\v3.3.0.1\Cole2k_Media_Toolbar.dll
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

"Fixnout" znamená, že spustíš HJT, zvolíš možnost [Do a system scan only] a zaškrtneš čtvereček vlevo od mnou vypsaných položek. Poté klikneš na [Fix checked] a odsouhlasíš [ANO].
HJT najdeš zde: C:\Program Files\trend micro\Milda.exe

Dále stáhni utilitu OTM z jednoho z těchto odkazů:

• http://oldtimer.geekstogo.com/OTM.exe
  http://oldtimer.geekstogo.com/OTM.com
  http://oldtimer.geekstogo.com/OTM.scr

Ulož ji na Plochu a dvojklikem spusť.

Do levého okna Paste Instructions for Items to be Moved zkopíruj tento script:

Kód: Vybrat vše

:Services
Adobe LM Service
gupdate
gupdatem

:Files
%windir%\*.tmp /s
%windir%\system32\SET*.tmp /s
%windir%\system32\*.tmp.dll /s
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{B974D97D-0002-44B7-8CF0-447B48DFBC6C}.job
C:\Program Files\Cole2k Media Toolbar
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

:Commands
[Purity]
[ResetHosts]
[EmptyTemp]
[EmptyFlash]
[ClearAllRestorePoints]

Nyní klikni na tlačítko [MoveIt!], čímž vše spustíš.
Po restartu mi sem hoď log, který najdeš v C:\_OTM\MovedFiles\

[Milda86]

takže ten první log:


SystemLook 30.07.11 by jpshortstuff
Log created at 16:58 on 06/11/2011 by Milda
Administrator - Elevation successful

========== filefind ==========

Searching for "Inbox.dll"

[Mc_Murphy]

To asi nebude ono...

[Milda86]

dobře zkusím ho udělat znovu a tohle mi vylezlo z OTM:


All processes killed
Error: Unable to interpret <%windir%\*.tmp /s> in the current context!
Error: Unable to interpret <%windir%\system32\SET*.tmp /s> in the current context!
Error: Unable to interpret <%windir%\system32\*.tmp.dll /s> in the current context!
Error: Unable to interpret <C:\Windows\tasks\GoogleUpdateTaskMachineCore.job> in the current context!
Error: Unable to interpret <C:\Windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context!
Error: Unable to interpret <C:\Windows\tasks\User_Feed_Synchronization-{B974D97D-0002-44B7-8CF0-447B48DFBC6C}.job> in the current context!
Error: Unable to interpret <C:\Program Files\Cole2k Media Toolbar> in the current context!
Error: Unable to interpret <C:\Program Files\DAEMON Tools Toolbar> in the current context!
Error: Unable to interpret <C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll> in the current context!
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Milda
->Temp folder emptied: 1384151 bytes
->Temporary Internet Files folder emptied: 562417 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 99882284 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 6520 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 34679 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33239 bytes
RecycleBin emptied: 4096 bytes

Total Files Cleaned = 97,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Guest

User: Milda
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


Restore point Set: OTM Restore Point

OTM by OldTimer - Version 3.1.19.0 log created on 11062011_170757

Files moved on Reboot...
File C:\Windows\temp\~FSA0F1.tmp not found!
File C:\Windows\temp\~FSAA7.tmp not found!
File C:\Windows\temp\~IXA0EF.tmp not found!
File C:\Windows\temp\~IXA0F0.tmp not found!
File C:\Windows\temp\~IXAA5.tmp not found!
File C:\Windows\temp\~IXAA6.tmp not found!
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Milda86]

a z toho SystemLook mi vylezlo tohle:

SystemLook 30.07.11 by jpshortstuff
Log created at 17:28 on 06/11/2011 by Milda
Administrator - Elevation successful

========== filefind ==========

Searching for "Inbox.dll"
No files found.

-= EOF =-

[Mc_Murphy]

Za prvé, vkládej prosím logy kompletně tak, jak vyjedou, protože na poprvé u SystemLooku jsi tak neučinil a ani log z OTM není kompletní.

Jinak se to nějak nedaří... U souboru Inbox.dll počítám, že to bylo tím, že jsi odinstaloval &Inbox Toolbar, je tomu skutečně tak?
V HJT jsi vše fixnul?
Zkus spustit OTM s tím mým scriptem v Nouzovém režimu a napiš, jak jsi dopadl.

[Milda86]

mno jak jsi psal, abych odinstaloval všechny toolbary, tak jsem nejspíš odinstaloval i tento. V HJT jsem fixnul vše co jsi mi tam vypsal, ale něco tam vůbec nebylo a zy ty logy se omlouvám. Log z OTM v nouzovém režimu:

All processes killed
========== SERVICES/DRIVERS ==========
Error: No service named Adobe LM Service was found to stop!
Service\Driver key Adobe LM Service not found.
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
========== FILES ==========
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC223.tmp moved successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RAC92BD.tmp moved successfully.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\RACA6F8.tmp moved successfully.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\system32\*.tmp.dll not found.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File/Folder C:\Windows\tasks\User_Feed_Synchronization-{B974D97D-0002-44B7-8CF0-447B48DFBC6C}.job not found.
File/Folder C:\Program Files\Cole2k Media Toolbar not found.
C:\Program Files\DAEMON Tools Toolbar folder moved successfully.
File/Folder C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll not found.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Milda
->Temp folder emptied: 1463927 bytes
->Temporary Internet Files folder emptied: 1224388 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 33909957 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 456 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16632 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 221184 bytes

Total Files Cleaned = 35,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Guest

User: Milda
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


Error creating restore point.

OTM by OldTimer - Version 3.1.19.0 log created on 11072011_111814

[Mc_Murphy]

Tak to bylo stoprocentně tím. Ale to vůbec nevadí, aspoň je pryč.
Jinak OTM provedlo, co mělo již na první pokus, jen se nějak nepovedl první log.


Takže už jen dočistíme...

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stáhni a spusť.
• Klikni na CleanUp a potvrď YES.
• Program uklidí a může (nemusí) restartovat PC.

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stáhni a spusť.
• Klikni na Start a potvrď OK.
• Program uklidí a může (nemusí) restartovat PC.
• Po použití utilitu smaž.

Pokud nemáš, stáhni CCleaner z tohoto odkazu.

• Panel čistič
• Vše nech jak je, jen dej Analyzovat a poté Spustit CCleaner.

• Panel registry
• Klikni na Hledej problémy.
• Následně na Opravit problémy - zálohu registrů doporučuji udělat, oprav všechny problémy.
• Postup opakuj, dokud nebude bez problémů - většinou cca 3x.

• Panel nástroje
• Zde můžeš odinstalovat nepotřebné programy.

CCleaner doporučuji používat cca jednou za týden.

... a pokud nejsou žádné dotazy, bylo by to z mé strany vše.

[Milda86]

paráda, děkuji za pomoc

[Mc_Murphy]

Není vůbec zač a rádo se stalo. Přeji pěkný den.