System nemoze najst cestu k zadanemu suboru...

[barri96]

Dobry vecer/noc/rano
Minuly vikend mi zacal blbnut pocitac, s tym, ze pri snahe o otvorenie akehokolvek suboru alebo programu mi vypisalo ze "system nemoze najst zadanu cestu k suboru alebo priecinku.." a ze nemam opravnenie.
Tak posielam log z RSIT z nudzoveho rezimu.
Moc dakujem

Logfile of random's system information tool 1.09 (written by random/random)
Run by Riggs at 2013-06-05 00:06:29
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 55 GB (14%) free of 380 GB
Total RAM: 3838 MB (80% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3107235000-3631101114-241847992-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3107235000-3631101114-241847992-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Riggs\AppData\Roaming\Mozilla\Firefox\Profiles\2x7yg0zu.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.msn.com/?pc=WLEM"
prefs.js - "extensions.enabledItems" - "wrc@avast.com:7.0.1466, {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:5.6, smartwebprinting@hp.com:4.5, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.6.0.11664"

"{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
"smartwebprinting@hp.com"=C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.202 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
npnul32.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
crawlersrch.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
yahoo.xml
zoznam-sk.xml

C:\Users\Riggs\AppData\Roaming\Mozilla\Firefox\Profiles\2x7yg0zu.default\extensions\
{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}

C:\Users\Riggs\AppData\Roaming\Mozilla\Firefox\Profiles\2x7yg0zu.default\searchplugins\
bing.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-08-21 1227224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-08-27 1194504]
"ZoneAlarm Client"=C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [2009-11-22 1037192]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-08-21 4282728]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-09-23 926896]
"DigidesignMMERefresh"=C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [2011-08-11 81920]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Riggs\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-04 116648]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-05-09 18678376]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2012-02-15 203776]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.iv50"=ir50_32.dll
"msacm.iac2"=C:\Windows\system32\iac25_32.ax
"VIDC.IV41"=IR41_32.AX
"msacm.vorbis"=vorbis.acm
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2013-06-05 00:06:29 ----D---- C:\rsit
2013-06-01 00:54:57 ----A---- C:\Windows\ntbtlog.txt
2013-05-31 22:46:46 ----SHD---- C:\found.006
2013-05-18 06:41:26 ----SHD---- C:\found.005
2013-05-17 12:12:46 ----D---- C:\71ae896632e5c48b4963

======List of files/folders modified in the last 1 month======

2013-06-05 00:06:27 ----D---- C:\Windows\temp
2013-06-04 21:13:05 ----SHD---- C:\System Volume Information
2013-06-04 21:12:29 ----D---- C:\Windows\winsxs
2013-06-04 21:10:56 ----D---- C:\Windows\Internet Logs
2013-06-01 19:44:49 ----D---- C:\Users\Riggs\AppData\Roaming\foobar2000
2013-06-01 11:27:24 ----D---- C:\Windows\rescache
2013-06-01 10:30:47 ----D---- C:\Windows\Microsoft.NET
2013-06-01 10:30:15 ----RSD---- C:\Windows\assembly
2013-06-01 00:54:57 ----D---- C:\Windows
2013-05-31 23:26:24 ----SHD---- C:\Windows\Installer
2013-05-31 23:23:56 ----D---- C:\Users\Riggs\AppData\Roaming\Skype
2013-05-31 23:08:02 ----D---- C:\Windows\inf
2013-05-31 22:57:16 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-05-31 22:57:16 ----D---- C:\Program Files (x86)\Windows Portable Devices
2013-05-31 22:57:16 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2013-05-31 22:57:16 ----D---- C:\Program Files (x86)\Windows Media Player
2013-05-31 22:57:16 ----D---- C:\Program Files (x86)\Windows Mail
2013-05-31 22:57:14 ----D---- C:\Program Files (x86)\Common Files\System
2013-05-31 22:57:10 ----D---- C:\Windows\servicing
2013-05-31 22:57:09 ----D---- C:\Windows\ehome
2013-05-31 22:56:58 ----D---- C:\Windows\SysWOW64\da-DK
2013-05-31 22:56:57 ----D---- C:\Windows\SysWOW64\sk-SK
2013-05-31 22:56:54 ----D---- C:\Windows\SysWOW64\en-US
2013-05-31 22:56:53 ----D---- C:\Windows\SysWOW64\oobe
2013-05-31 22:56:53 ----D---- C:\Windows\SysWOW64\migration
2013-05-31 22:56:52 ----D---- C:\Windows\SysWOW64\sppui
2013-05-31 22:56:52 ----D---- C:\Windows\SysWOW64\Setup
2013-05-31 22:56:52 ----D---- C:\Windows\SysWOW64\manifeststore
2013-05-31 22:56:52 ----D---- C:\Windows\SysWOW64\es-ES
2013-05-31 22:56:52 ----D---- C:\Windows\SysWOW64\en
2013-05-31 22:56:52 ----D---- C:\Windows\SysWOW64\cs-CZ
2013-05-31 22:56:52 ----D---- C:\Windows\SysWOW64\AdvancedInstallers
2013-05-31 22:56:51 ----D---- C:\Windows\SysWOW64\wbem
2013-05-31 22:56:50 ----D---- C:\Windows\SysWOW64\migwiz
2013-05-31 22:56:50 ----D---- C:\Windows\SysWOW64\Dism
2013-05-31 22:56:50 ----D---- C:\Windows\SysWOW64
2013-05-31 22:56:02 ----D---- C:\Windows\System32
2013-05-31 22:55:15 ----RSD---- C:\Windows\Fonts
2013-05-31 22:55:12 ----D---- C:\Windows\AppPatch
2013-05-30 23:27:21 ----D---- C:\Users\Riggs\AppData\Roaming\vlc
2013-05-30 19:13:22 ----A---- C:\Windows\SysWOW64\msclmd.dll
2013-05-30 18:45:07 ----D---- C:\ProgramData\Skype
2013-05-30 18:45:06 ----SHD---- C:\Config.Msi
2013-05-30 18:44:59 ----RD---- C:\Program Files (x86)\Skype
2013-05-27 09:18:19 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-19 00:36:39 ----D---- C:\Windows\Minidump
2013-05-18 04:27:31 ----D---- C:\Users\Riggs\AppData\Roaming\BitTorrent
2013-05-17 07:07:21 ----RD---- C:\Program Files (x86)
2013-05-11 17:47:19 ----A---- C:\Users\Riggs\AppData\Roaming\msregsvv.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 07131392;07131392 Boot Guard Driver; C:\Windows\system32\DRIVERS\07131392.sys []
R0 97523482;97523482 Boot Guard Driver; C:\Windows\system32\DRIVERS\97523482.sys []
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys []
R0 phmcd;phmcd; C:\Windows\system32\DRIVERS\phmcd.sys []
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 Tpkd;Tpkd; C:\Windows\SysWOW64\drivers\Tpkd.sys []
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys []
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys []
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
S1 07131391;07131391; C:\Windows\system32\DRIVERS\07131391.sys []
S1 97523481;97523481; C:\Windows\system32\DRIVERS\97523481.sys []
S1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys []
S1 aswSnx;aswSnx; C:\Windows\SysWOW64\drivers\aswSnx.sys []
S1 aswSP;aswSP; C:\Windows\SysWOW64\drivers\aswSP.sys []
S1 aswTdi;avast! Network Shield Support; C:\Windows\SysWOW64\drivers\aswTdi.sys []
S1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys []
S1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys []
S1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys []
S1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys []
S1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys []
S1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys []
S1 Vsdatant;Zone Alarm Firewall Driver; C:\Windows\system32\DRIVERS\vsdatant.sys []
S1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
S2 aswFsBlk;aswFsBlk; C:\Windows\SysWOW64\drivers\aswFsBlk.sys []
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys []
S2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys []
S2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys []
S2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys []
S2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
S3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys []
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys []
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys []
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys []
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys []
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys []
S3 CAXHWAZL;CAXHWAZL; C:\Windows\system32\DRIVERS\CAXHWAZL.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys []
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys []
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\CAX_DPV.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys []
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys []
S3 MAUSBFASTTRACK;Service for M-Audio FastTrack; C:\Windows\system32\DRIVERS\MAudioFastTrack.sys []
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys []
S3 MosIrUsb;MosIrUsb.sys; C:\Windows\system32\DRIVERS\MosIrUsb.sys []
S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr7364.sys []
S3 PCDSRVC{6DD8E36B-4F09BDC3-06020101}_0;PCDSRVC{6DD8E36B-4F09BDC3-06020101}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\users\riggs\appdata\local\temp\lmvwtb3wkh93\pcdrdiag\bin\pcdsrvc_x64.pkms []
S3 PCDSRVC{EDD8E36B-B49A026A-06020101}_0;PCDSRVC{EDD8E36B-B49A026A-06020101}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\users\riggs\appdata\local\temp\y0tyximejdil\pcdrdiag\bin\pcdsrvc_x64.pkms []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys []
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-09-23 65192]
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
S2 AntiVirService;Avira AntiVir Guard; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-07-05 269480]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-05-02 136360]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-08-21 44808]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-18 864032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 DigiRefresh;Digidesign MME Refresh Service; C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [2011-08-11 81920]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-08-06 844320]
S2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-06-04 1150496]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-25 136176]
S2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-08-07 311592]
S2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-21 62720]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 pcdservice;pcdservice; C:\Program Files\Phantombility\Phantom CD\pcdservice.exe [2010-06-14 316752]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-05-14 3289208]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
S2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S2 vsmon;TrueVector Internet Monitor; C:\Windows\SysWOW64\ZoneLabs\vsmon.exe [2009-11-22 2384240]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-27 256904]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-25 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

[Rudy]

Zdravím!
Poprosím o log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[barri96]

ComboFix 13-06-05.01 - Riggs . 06. 2013 18:19:16.3.2 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.3838.2923 [GMT 2:00]
Running from: c:\users\Riggs\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: ZoneAlarm Firewall *Enabled* {EE2E17FA-9876-3544-62EC-0405AD5FFB20}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\users\Riggs\AppData\Roaming\msregsvv.dll
c:\windows\msvcr71.dll
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-05-05 to 2013-06-05 )))))))))))))))))))))))))))))))
.
.
2013-06-05 16:28 . 2013-06-05 16:28 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-06-05 16:28 . 2013-06-05 16:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-05 16:17 . 2013-06-05 16:17 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2F8FA86-ABF5-4B8D-8435-4E01920E64D8}\offreg.dll
2013-06-04 22:06 . 2013-06-04 22:06 -------- d-----w- C:\rsit
2013-06-04 19:14 . 2013-06-04 19:14 20480 ----a-w- c:\programdata\Microsoft\RAC\Temp\sql21B3.tmp
2013-06-04 19:14 . 2013-06-04 19:14 20480 ----a-w- c:\programdata\Microsoft\RAC\Temp\sql1F04.tmp
2013-05-31 20:46 . 2013-05-31 20:46 -------- d-----w- C:\found.006
2013-05-30 17:53 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2F8FA86-ABF5-4B8D-8435-4E01920E64D8}\mpengine.dll
2013-05-30 16:55 . 2013-05-30 16:55 -------- d-----w- c:\windows\system32\SPReview
2013-05-18 04:41 . 2013-05-18 04:41 -------- d-----w- C:\found.005
2013-05-17 10:12 . 2013-05-17 10:13 -------- d-----w- C:\71ae896632e5c48b4963
2013-05-14 11:31 . 2013-05-14 11:31 6128760 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-05-14 11:31 . 2013-05-14 11:31 6128760 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-30 17:13 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-05-30 17:13 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-05-27 07:18 . 2012-05-26 20:28 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-27 07:18 . 2012-01-03 18:23 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-17 10:13 . 2011-01-29 02:00 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-08 09:54 . 2010-06-24 10:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06 . 2010-02-25 21:33 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-12 14:45 . 2013-04-24 15:27 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-03-19 06:04 . 2013-04-10 05:01 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 05:01 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 05:01 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 05:01 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 05:01 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 05:01 112640 ----a-w- c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-07 09:18 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-05-09 18678376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-27 1194504]
"ZoneAlarm Client"="c:\program files (x86)\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"DigidesignMMERefresh"="c:\program files (x86)\Digidesign\Drivers\MMERefresh.exe" [2011-08-11 81920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-18 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R1 07131391;07131391;c:\windows\system32\DRIVERS\07131391.sys;c:\windows\SYSNATIVE\DRIVERS\07131391.sys [x]
R1 97523481;97523481;c:\windows\system32\DRIVERS\97523481.sys;c:\windows\SYSNATIVE\DRIVERS\97523481.sys [x]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
R2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
R2 pcdservice;pcdservice;c:\program files\Phantombility\Phantom CD\pcdservice.exe;c:\program files\Phantombility\Phantom CD\pcdservice.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys;c:\windows\SYSNATIVE\DRIVERS\CAXHWAZL.sys [x]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
R3 MAUSBFASTTRACK;Service for M-Audio FastTrack;c:\windows\system32\DRIVERS\MAudioFastTrack.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioFastTrack.sys [x]
R3 MosIrUsb;MosIrUsb.sys;c:\windows\system32\DRIVERS\MosIrUsb.sys;c:\windows\SYSNATIVE\DRIVERS\MosIrUsb.sys [x]
R3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 PCDSRVC{6DD8E36B-4F09BDC3-06020101}_0;PCDSRVC{6DD8E36B-4F09BDC3-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\users\riggs\appdata\local\temp\lmvwtb3wkh93\pcdrdiag\bin\pcdsrvc_x64.pkms;c:\users\riggs\appdata\local\temp\lmvwtb3wkh93\pcdrdiag\bin\pcdsrvc_x64.pkms [x]
R3 PCDSRVC{EDD8E36B-B49A026A-06020101}_0;PCDSRVC{EDD8E36B-B49A026A-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\users\riggs\appdata\local\temp\y0tyximejdil\pcdrdiag\bin\pcdsrvc_x64.pkms;c:\users\riggs\appdata\local\temp\y0tyximejdil\pcdrdiag\bin\pcdsrvc_x64.pkms [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Slu\9Eba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 07131392;07131392 Boot Guard Driver;c:\windows\system32\DRIVERS\07131392.sys;c:\windows\SYSNATIVE\DRIVERS\07131392.sys [x]
S0 97523482;97523482 Boot Guard Driver;c:\windows\system32\DRIVERS\97523482.sys;c:\windows\SYSNATIVE\DRIVERS\97523482.sys [x]
S0 phmcd;phmcd;c:\windows\system32\DRIVERS\phmcd.sys;c:\windows\SYSNATIVE\DRIVERS\phmcd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-26 07:18]
.
2013-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-25 10:41]
.
2013-06-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-25 10:41]
.
2013-05-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3107235000-3631101114-241847992-1000Core.job
- c:\users\Riggs\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-04 15:04]
.
2013-06-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3107235000-3631101114-241847992-1000UA.job
- c:\users\Riggs\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-04 15:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-07 09:19 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-08-06 828960]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2010-12-07 798728]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.zaparit.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Riggs\AppData\Roaming\Mozilla\Firefox\Profiles\2x7yg0zu.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=WLEM
FF - Ext: Easy YouTube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{6DD8E36B-4F09BDC3-06020101}_0]
"ImagePath"="\??\c:\users\riggs\appdata\local\temp\lmvwtb3wkh93\pcdrdiag\bin\pcdsrvc_x64.pkms"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{EDD8E36B-B49A026A-06020101}_0]
"ImagePath"="\??\c:\users\riggs\appdata\local\temp\y0tyximejdil\pcdrdiag\bin\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3107235000-3631101114-241847992-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3107235000-3631101114-241847992-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3107235000-3631101114-241847992-1000\Software\SecuROM\License information*]
"datasecu"=hex:b2,43,64,45,ef,11,4b,2b,2e,6b,9c,a0,c3,7f,d7,c0,90,73,b7,48,38,
3a,69,c2,db,79,c2,89,13,92,0a,9e,01,0e,39,70,fb,51,f7,9c,e9,a1,b3,52,22,54,\
"rkeysecu"=hex:99,99,f3,82,f1,81,a8,61,98,fb,2c,37,2f,31,d8,8d
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2013-06-05 18:31:57
ComboFix-quarantined-files.txt 2013-06-05 16:31
.
Pre-Run: 57\A0308\A0020\A0736 bytes free
Post-Run: 57\A0963\A0544\A0576 bytes free
.
- - End Of File - - 71DA12622B66A79AC1582A2F591B7AF1

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
c:\programdata\Microsoft\RAC\Temp\sql21B3.tmp
c:\programdata\Microsoft\RAC\Temp\sql1F04.tmp
c:\windows\system32\DRIVERS\07131391.sys
c:\windows\system32\DRIVERS\97523481

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3107235000-3631101114-241847992-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3107235000-3631101114-241847992-1000UA.job

Driver::
07131391
97523481
Skype C2C Service

RegLock::
[HKEY_USERS\S-1-5-21-3107235000-3631101114-241847992-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
[HKEY_USERS\S-1-5-21-3107235000-3631101114-241847992-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

Regnull::
[HKEY_USERS\S-1-5-21-3107235000-3631101114-241847992-1000\Software\SecuROM\License information*]

Reboot::

Uložte na plochu jako CFScript.txt. pak jej mayší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[barri96]

Tu je log z toho combfixu

ComboFix 13-06-05.01 - Riggs . 06. 2013 19:09:57.4.2 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.3838.3060 [GMT 2:00]
Running from: c:\users\Riggs\Desktop\ComboFix.exe
Command switches used :: c:\users\Riggs\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: ZoneAlarm Firewall *Enabled* {EE2E17FA-9876-3544-62EC-0405AD5FFB20}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3107235000-3631101114-241847992-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3107235000-3631101114-241847992-1000UA.job"
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\RAC\Temp\sql1F04.tmp
c:\programdata\Microsoft\RAC\Temp\sql21B3.tmp
c:\windows\system32\DRIVERS\07131391.sys
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3107235000-3631101114-241847992-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3107235000-3631101114-241847992-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_07131391
-------\Legacy_97523481
-------\Service_07131391
-------\Service_97523481
-------\Service_Skype C2C Service
.
.
((((((((((((((((((((((((( Files Created from 2013-05-05 to 2013-06-05 )))))))))))))))))))))))))))))))
.
.
2013-06-05 17:19 . 2013-06-05 17:19 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-06-05 17:19 . 2013-06-05 17:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-04 22:06 . 2013-06-04 22:06 -------- d-----w- C:\rsit
2013-05-31 20:46 . 2013-05-31 20:46 -------- d-----w- C:\found.006
2013-05-30 17:53 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2F8FA86-ABF5-4B8D-8435-4E01920E64D8}\mpengine.dll
2013-05-30 16:55 . 2013-05-30 16:55 -------- d-----w- c:\windows\system32\SPReview
2013-05-18 04:41 . 2013-05-18 04:41 -------- d-----w- C:\found.005
2013-05-17 10:12 . 2013-05-17 10:13 -------- d-----w- C:\71ae896632e5c48b4963
2013-05-14 11:31 . 2013-05-14 11:31 6128760 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-05-14 11:31 . 2013-05-14 11:31 6128760 ----a-w- c:\program files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-30 17:13 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2013-05-30 17:13 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2013-05-27 07:18 . 2012-05-26 20:28 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-27 07:18 . 2012-01-03 18:23 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-17 10:13 . 2011-01-29 02:00 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-08 09:54 . 2010-06-24 10:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06 . 2010-02-25 21:33 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-12 14:45 . 2013-04-24 15:27 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-03-19 06:04 . 2013-04-10 05:01 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 05:01 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 05:01 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 05:01 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 05:01 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 05:01 112640 ----a-w- c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-07 09:18 120104 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-05-09 18678376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-08-27 1194504]
"ZoneAlarm Client"="c:\program files (x86)\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"DigidesignMMERefresh"="c:\program files (x86)\Digidesign\Drivers\MMERefresh.exe" [2011-08-11 81920]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-18 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"EgisTecLiveUpdate"="c:\program files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
R1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
R2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [x]
R2 pcdservice;pcdservice;c:\program files\Phantombility\Phantom CD\pcdservice.exe;c:\program files\Phantombility\Phantom CD\pcdservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys;c:\windows\SYSNATIVE\DRIVERS\CAXHWAZL.sys [x]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
R3 MAUSBFASTTRACK;Service for M-Audio FastTrack;c:\windows\system32\DRIVERS\MAudioFastTrack.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioFastTrack.sys [x]
R3 MosIrUsb;MosIrUsb.sys;c:\windows\system32\DRIVERS\MosIrUsb.sys;c:\windows\SYSNATIVE\DRIVERS\MosIrUsb.sys [x]
R3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [x]
R3 PCDSRVC{6DD8E36B-4F09BDC3-06020101}_0;PCDSRVC{6DD8E36B-4F09BDC3-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\users\riggs\appdata\local\temp\lmvwtb3wkh93\pcdrdiag\bin\pcdsrvc_x64.pkms;c:\users\riggs\appdata\local\temp\lmvwtb3wkh93\pcdrdiag\bin\pcdsrvc_x64.pkms [x]
R3 PCDSRVC{EDD8E36B-B49A026A-06020101}_0;PCDSRVC{EDD8E36B-B49A026A-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\users\riggs\appdata\local\temp\y0tyximejdil\pcdrdiag\bin\pcdsrvc_x64.pkms;c:\users\riggs\appdata\local\temp\y0tyximejdil\pcdrdiag\bin\pcdsrvc_x64.pkms [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Slu\9Eba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 07131392;07131392 Boot Guard Driver;c:\windows\system32\DRIVERS\07131392.sys;c:\windows\SYSNATIVE\DRIVERS\07131392.sys [x]
S0 97523482;97523482 Boot Guard Driver;c:\windows\system32\DRIVERS\97523482.sys;c:\windows\SYSNATIVE\DRIVERS\97523482.sys [x]
S0 phmcd;phmcd;c:\windows\system32\DRIVERS\phmcd.sys;c:\windows\SYSNATIVE\DRIVERS\phmcd.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - PXHLPA64
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-26 07:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-07 09:19 137512 ----a-w- c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2009-08-06 828960]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2010-12-07 798728]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.zaparit.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Riggs\AppData\Roaming\Mozilla\Firefox\Profiles\2x7yg0zu.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=WLEM
FF - Ext: Easy YouTube Video Downloader: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b} - %profile%\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{6DD8E36B-4F09BDC3-06020101}_0]
"ImagePath"="\??\c:\users\riggs\appdata\local\temp\lmvwtb3wkh93\pcdrdiag\bin\pcdsrvc_x64.pkms"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{EDD8E36B-B49A026A-06020101}_0]
"ImagePath"="\??\c:\users\riggs\appdata\local\temp\y0tyximejdil\pcdrdiag\bin\pcdsrvc_x64.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
Completion time: 2013-06-05 19:29:29 - machine was rebooted
ComboFix-quarantined-files.txt 2013-06-05 17:29
ComboFix2.txt 2013-06-05 16:31
.
Pre-Run: 58\A0117\A0181\A0440 bytes free
Post-Run: 57\A0603\A0874\A0816 bytes free
.
- - End Of File - - B7CF0918DC558FA6685FE1AC2F6E95CF

Zatial vsak problem zostal a nic sa nezmenilo.

[Rudy]

Log již vypadá OK. Nastala nějaká změna?

[barri96]

Nenastala
Stale sa pri spustani aplikacie programu alebo suboru objavi ta hlaska a neotvori ho. A este pri starte jak sa vpravo dole zobrazuju programy pri spusteni (skype,antivir,hlasitost,...) tak sa mi tam objavuje len pripojenie na internet a hlasitost, zvysok sa tam nenacita.

[Rudy]

Zkuste obnovu systému k datu, kdy korektně fungoval.

[barri96]

Tak som skusil, ale po par sekundach mi vypisalo nieco v zmysle "obnovenie systemu sa nedokoncilo uspesne, neboli zaznamenane ziadne zmeny v programoch alebo suboroch".
Na druhykrat to iste

[Rudy]

No, vypadá to na poškozený systém. Zkontrolujeme disk a bude-li v pořádku, zkusíme jeho opravu. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ a přes Úpravy>kopírovat sem dejte log.

[barri96]

----------------------------------------------------------------------------
CrystalDiskInfo 5.6.1 Shizuku Edition (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2013/06/05 22:52:54

-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller [ATA]
- WDC WD50 00BEVT-22ZAT0 SATA Disk Device
- Optiarc DVD RW AD-7580S SATA CdRom Device
+ Phantom CD SCSI Controller [SCSI]
- PHNTMBLT PHANTOM CD SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000BEVT-22ZAT0 : 500,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5000BEVT-22ZAT0
----------------------------------------------------------------------------
Model : WDC WD5000BEVT-22ZAT0
Firmware : 01.01A01
Serial Number : WD-WX80A89V3929
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 12062 hours
Power On Count : 5006 count
Temparature : 53 C (127 F)
Health Status : Caution
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 00FEh [ON]
AAM Level : 80FEh [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000055 Read Error Rate
03 188 179 _21 00000000061E Spin-Up Time
04 _93 _93 __0 000000001DEE Start/Stop Count
05 198 198 140 000000000010 Reallocated Sectors Count
07 100 253 __0 000000000000 Seek Error Rate
09 _84 _84 __0 000000002F1E Power-On Hours
0A 100 100 _51 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C _95 _95 __0 00000000138E Power Cycle Count
C0 200 200 __0 000000000190 Power-off Retract Count
C1 193 193 __0 000000005CF4 Load/Unload Cycle Count
C2 _94 _77 __0 000000000035 Temperature
C4 199 199 __0 000000000001 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 100 253 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 253 _51 000000000000 Write Error Rate

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 3830 4138 3956 3339 3239
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3530 3030 4245 5654 2D32 325A 4154 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 004C
080: 01FE 0000 746B 7F09 6163 7469 BC09 6163 407F 0043
090: 0043 00FE FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: 589E FED6 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16B7 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 74A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 55 00 00 00 00 00 00 03 27
010: 00 BC B3 1E 06 00 00 00 00 00 04 32 00 5D 5D EE
020: 1D 00 00 00 00 00 05 33 00 C6 C6 10 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 54 54 1E 2F 00 00 00 00 00 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 5F 5F 8E 13 00 00 00 00 00 C0 32
070: 00 C8 C8 90 01 00 00 00 00 00 C1 32 00 C1 C1 F4
080: 5C 00 00 00 00 00 C2 22 00 5E 4D 35 00 00 00 00
090: 00 00 C4 32 00 C7 C7 01 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 09 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 90 33 01 7B
170: 03 00 01 00 02 9A 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3F

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 33 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A7

[barri96]

Este dodam,neviem ci ste to vyzistili z logov, ani ci to ma nejaky diagnosticky vyznam,ale pre istotu mam windows aj linux ubuntu na jednom ntb, na linuxe ziadne problemy nie su.

[Rudy]

OK. Diskem to nebude, i když má pár realokovaných sektorů. Zkuste opravit systém: http://forum.viry.cz/viewtopic.php?f=46&t=106339 .

[barri96]

Pomocou tej F8 som nenasiel ziaden nastroj na opravu (zrejme nie je predinstalovany) a CD som k ntb nedostal, uz som ho kupil s nainstalovanym W7. Narazil som ale na nainstalovanu utilitu Acer Recovery Environment, kde mi ponuka moznosti opravy s tym ze vsetky udaje z C: budu odstranene alebo presunute, coho sa trocha bojim, a tuto moznost by som nechal asi ako uplne poslednu.
Som dost problemovy obcan ale zatial dakujem za trpezlivost

[Rudy]

Každý legální win by měl mít kopii pro účely oprav a reinstalu. Pokud je nahazen jiným nástrojem, není to úplně korektní, ale asi vám nic jiného nezbude. Druhá možnost je vypůjčit si od někoho instal. DVD se stejnou verzí OS a provést opravu z něj s použitím vašeho CDKey.