odstranění falešného antiviru Total security :-(

[Bierkhoff]

prosím o pomoc, přikládám log z RSIT

Logfile of random's system information tool 1.08 (written by random/random)
Run by Pavel at 2011-04-20 21:47:23
Microsoft Windows 7 Ultimate
System drive C: has 39 GB (43%) free of 92 GB
Total RAM: 2046 MB (65% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\DriverCure.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-11-20 382720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2009-06-17 55824]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-01-20 6711840]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"TkBellExe"=C:\Program Files\real\realplayer\update\realsched.exe [2010-11-20 274608]
"HTC Sync Loader"=C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2010-10-28 294912]
"AntivirusCommunicatorAgent"=C:\Program Files\TrustPort\Antivirus\bin\avcom.exe [2011-04-11 774416]
"TrustPortTray"=C:\Program Files\Common Files\TrustPort\Bin\tptray.exe [2011-04-11 721168]
"TrustPortDiskProtectionWatchDog"=C:\Program Files\Common Files\TrustPort\bin\TDWatch.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe [2007-10-23 202024]
"{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1}"=C:\Users\Pavel\AppData\Roaming\App64\App64.exe []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2009-07-14 8704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avas_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avss_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpavdrw_service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tpmgma_service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"HideSCAHealth"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.exe - open - "C:\Users\Pavel\AppData\Local\xkh.exe" -a "%1" %*
.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2011-04-20 21:40:10 ----D---- C:\Program Files\trend micro
2011-04-20 21:40:09 ----D---- C:\rsit
2011-04-20 21:36:47 ----A---- C:\Windows\ntbtlog.txt
2011-04-14 20:25:18 ----A---- C:\Windows\system32\drivers\tdifw.sys
2011-04-14 20:25:18 ----A---- C:\Windows\system32\drivers\avasdmft.sys
2011-04-14 20:25:09 ----A---- C:\Windows\system32\drivers\tpsec.sys
2011-04-13 19:47:13 ----A---- C:\Windows\system32\atmlib.dll
2011-04-13 19:47:13 ----A---- C:\Windows\system32\atmfd.dll
2011-04-13 19:47:12 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-04-13 19:47:10 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-13 19:47:09 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-13 19:47:09 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-13 19:47:09 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-13 19:47:07 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-13 19:47:07 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-13 19:47:07 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-13 19:47:04 ----A---- C:\Windows\system32\win32k.sys
2011-04-13 19:46:12 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-13 19:46:12 ----A---- C:\Windows\system32\mfc42.dll
2011-04-13 19:46:10 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-13 19:46:10 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-13 19:46:10 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-13 19:46:10 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-11 19:07:43 ----A---- C:\Windows\system32\wininet.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\wextract.exe
2011-04-11 19:07:43 ----A---- C:\Windows\system32\webcheck.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\vbscript.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\urlmon.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\url.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-04-11 19:07:43 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-04-11 19:07:43 ----A---- C:\Windows\system32\pngfilt.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\occache.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\msrating.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\msls31.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\mshtmler.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\mshtml.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\mshta.exe
2011-04-11 19:07:43 ----A---- C:\Windows\system32\msfeedssync.exe
2011-04-11 19:07:43 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\licmgr10.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\jsproxy.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\jscript9.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\jscript.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\inseng.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\imgutil.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\iexpress.exe
2011-04-11 19:07:43 ----A---- C:\Windows\system32\ieUnatt.exe
2011-04-11 19:07:43 ----A---- C:\Windows\system32\ieui.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\iesysprep.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\iesetup.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\iertutil.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\iernonce.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\iepeers.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\ieframe.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\ieapfltr.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\ieakui.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\ieaksie.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\ieakeng.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\ie4uinit.exe
2011-04-11 19:07:43 ----A---- C:\Windows\system32\icardie.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\dxtrans.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\dxtmsft.dll
2011-04-11 19:07:43 ----A---- C:\Windows\system32\admparse.dll
2011-04-11 18:53:35 ----D---- C:\ac2c80593b7533f9f1ff32b3fe
2011-04-11 18:15:26 ----D---- C:\6215e80c0e881b3343c81f
2011-04-11 17:46:20 ----D---- C:\Windows\system32\EventProviders
2011-04-11 17:34:06 ----A---- C:\Windows\system32\sbe.dll
2011-04-11 17:34:06 ----A---- C:\Windows\system32\EncDec.dll
2011-04-11 17:34:06 ----A---- C:\Windows\system32\CPFilters.dll
2011-04-11 17:34:04 ----A---- C:\Windows\system32\mstscax.dll
2011-04-11 17:34:04 ----A---- C:\Windows\system32\mstsc.exe
2011-04-08 20:00:25 ----D---- C:\Garmin
2011-04-07 20:09:08 ----D---- C:\Users\Pavel\AppData\Roaming\Thunderbird
2011-04-07 20:08:30 ----D---- C:\Program Files\Mozilla Thunderbird
2011-04-07 19:56:20 ----D---- C:\Program Files\TrustPort
2011-04-07 19:56:20 ----D---- C:\Program Files\Common Files\TrustPort
2011-03-22 21:52:11 ----D---- C:\Program Files\DsNET Corp
2011-03-22 21:44:45 ----D---- C:\Program Files\Auto YouTube Downloader

======List of files/folders modified in the last 1 months======

2011-04-20 21:44:25 ----D---- C:\Windows\Temp
2011-04-20 21:41:49 ----D---- C:\Windows\System32
2011-04-20 21:41:49 ----D---- C:\Windows\inf
2011-04-20 21:41:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-20 21:40:10 ----RD---- C:\Program Files
2011-04-20 21:36:47 ----D---- C:\Windows
2011-04-20 21:33:24 ----D---- C:\Windows\system32\config
2011-04-20 21:30:28 ----RSD---- C:\Windows\assembly
2011-04-20 21:30:28 ----D---- C:\Windows\Microsoft.NET
2011-04-20 21:15:24 ----D---- C:\Windows\system32\Tasks
2011-04-20 21:02:31 ----HD---- C:\ProgramData
2011-04-20 21:02:31 ----D---- C:\Program Files\Mozilla Firefox
2011-04-19 21:37:51 ----SHD---- C:\System Volume Information
2011-04-19 13:58:26 ----D---- C:\Windows\system32\catroot2
2011-04-14 20:26:29 ----D---- C:\Windows\system32\drivers
2011-04-13 21:22:18 ----D---- C:\Windows\winsxs
2011-04-13 19:53:44 ----D---- C:\Windows\system32\catroot
2011-04-13 19:53:23 ----SHD---- C:\Windows\Installer
2011-04-13 19:53:23 ----HD---- C:\Config.Msi
2011-04-13 19:48:39 ----A---- C:\Windows\system32\MRT.exe
2011-04-12 20:46:55 ----D---- C:\Windows\rescache
2011-04-12 11:18:26 ----D---- C:\Program Files\Internet Explorer
2011-04-11 19:12:58 ----D---- C:\Windows\Logs
2011-04-11 19:12:52 ----D---- C:\Windows\servicing
2011-04-11 19:11:45 ----D---- C:\Windows\system32\cs-CZ
2011-04-11 19:11:44 ----D---- C:\Windows\system32\migration
2011-04-11 19:11:44 ----D---- C:\Windows\system32\en-US
2011-04-11 19:11:44 ----D---- C:\Windows\PolicyDefinitions
2011-04-11 19:09:01 ----D---- C:\Windows\debug
2011-04-11 18:39:02 ----D---- C:\Windows\Tasks
2011-04-11 18:39:02 ----D---- C:\Windows\system32\wfp
2011-04-11 18:39:01 ----D---- C:\Windows\system32\wbem
2011-04-11 18:38:14 ----D---- C:\Windows\system32\DriverStore
2011-04-11 18:38:10 ----D---- C:\Windows\registration
2011-04-11 18:38:08 ----D---- C:\Windows\system32\oobe
2011-04-11 18:38:06 ----RD---- C:\Program Files\Skype
2011-04-11 18:38:06 ----D---- C:\ProgramData\Real
2011-04-11 18:38:06 ----D---- C:\Program Files\HP
2011-04-11 18:38:06 ----D---- C:\Program Files\Common Files\xing shared
2011-04-11 18:38:06 ----D---- C:\Program Files\Common Files\microsoft shared
2011-04-11 18:38:06 ----D---- C:\Program Files\Common Files
2011-04-11 17:58:39 ----D---- C:\Users\Pavel\AppData\Roaming\App64
2011-04-08 20:12:58 ----D---- C:\Program Files\Nokia
2011-04-08 20:08:26 ----D---- C:\Users\Pavel\AppData\Roaming\Nokia
2011-04-08 20:05:15 ----D---- C:\HLIDAMSI
2011-04-07 20:00:56 ----D---- C:\Windows\Prefetch
2011-03-27 09:09:35 ----D---- C:\Users\Pavel\AppData\Roaming\v4
2011-03-22 21:50:42 ----A---- C:\Windows\NeroDigital.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\Windows\system32\DRIVERS\L8042Kbd.sys [2009-06-17 20240]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2009-06-17 28560]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520]
S1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
S1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys [2005-02-09 14165]
S1 tdimapper;TrustPort TDI port to process mapper; \??\C:\Program Files\TrustPort\PersonalFirewall\bin\tdimapper.sys [2011-04-11 18704]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S2 tdifw;TrustPort PGTW driver; C:\Windows\system32\drivers\tdifw.sys [2011-04-11 40208]
S2 tpsec;TrustPort Security Filter; C:\Windows\system32\drivers\tpsec.sys [2011-04-11 35920]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2009-07-14 46976]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 avasdmft;TrustPort Antivirus On-Access Scanner (W2K/XP) MF; C:\Windows\System32\DRIVERS\avasdmft.sys [2011-04-11 37648]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 40320]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 dsio;TrustPort Raw IO Driver; \??\C:\Program Files\Common Files\TrustPort\bin\dsio.sys [2011-04-11 16656]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2011-04-20 17488]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-01-20 2317536]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 52608]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys []
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys []
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsu.sys []
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsuc.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TPPFHOOK;TPPFHOOK; \??\C:\Program Files\TrustPort\PersonalFirewall\bin\TPPFHOOK.sys [2011-04-11 28944]
S3 TridVid;TM6010 TV Service; C:\Windows\system32\DRIVERS\TridVidII.sys [2009-05-08 195072]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys []
S3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-30 135664]
S2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 129640]
S2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2009-12-08 185640]
S2 tpmgma_service;TrustPort Core Service; C:\Program Files\Common Files\TrustPort\bin\tpmgma.exe [2011-04-11 404040]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 avas_service;TrustPort Antivirus On-Access Scanner Agent; C:\Program Files\TrustPort\Antivirus\bin\avas.exe [2011-04-11 495888]
S3 avss_service;TrustPort Antivirus Service Scanner Provider; C:\Program Files\TrustPort\Antivirus\bin\avss.exe [2011-04-11 291088]
S3 gozer;TrustPort Personal GTW; C:\Program Files\TrustPort\Antivirus\bin\gozer.exe [2011-04-11 487696]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

[Rudy]

Restartujte do nouz. režimu a dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

[Bierkhoff]

tak to šlo pěkně do kytek ... nešla mi vypnout residentni ochrana Trust internet security, tak jsem to odinstaloval, ale neodnistalovalo se to celé, dal jsem novou instalaci pak byl restart a už mi to ani nenabootuje ((((

[Rudy]

Udělejte opravu systému z instal. media. Po ni opět zkuste ComboFix.

[Bierkhoff]

tak se mi podařil opravit systém a tady je log z combofix ... akorát se mi předtím nepodařila vypnout residentní ochrana Trustport center ... a to jsem se i snažil ten program odinstalovat ...

ComboFix 11-04-20.01 - Pavel 21.04.2011 20:34:30.1.2 - x86 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2046.1492 [GMT 2:00]
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
AV: TrustPort Antivirus *Enabled/Updated* {7AEBA989-5B48-9A16-D793-B6BEFDD44C7C}
FW: TrustPort Personal Firewall *Enabled* {42D028AC-1127-9B4E-FCCC-1F8B03070B07}
SP: TrustPort Antivirus *Enabled/Updated* {C18A486D-7D72-9598-ED23-8DCC865306C1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\aimniasowi.tmp
c:\users\Pavel\AppData\Local\bef.exe
c:\users\Pavel\AppData\Local\xkh.exe
c:\users\Pavel\AppData\Roaming\App64\App64.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-21 do 2011-04-21 )))))))))))))))))))))))))))))))
.
.
2011-04-21 18:39 . 2011-04-21 18:42 -------- d-----w- c:\users\Pavel\AppData\Local\temp
2011-04-21 18:39 . 2011-04-21 18:39 -------- d-----w- c:\users\Pavlinka\AppData\Local\temp
2011-04-21 18:39 . 2011-04-21 18:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-21 18:07 . 2011-04-21 18:07 -------- d-----w- C:\found.000
2011-04-21 17:38 . 2011-04-21 08:08 35920 ----a-w- c:\windows\system32\drivers\tpsec.sys
2011-04-21 17:38 . 2011-04-21 08:07 37648 ----a-w- c:\windows\system32\drivers\avasdmft.sys
2011-04-20 19:40 . 2011-04-20 19:40 -------- d-----w- c:\program files\trend micro
2011-04-20 19:40 . 2011-04-20 19:40 -------- d-----w- C:\rsit
2011-04-19 18:05 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{45915539-DC45-4B5B-94DA-379F7EC16F2B}\mpengine.dll
2011-04-13 17:47 . 2011-02-19 05:32 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-04-13 17:47 . 2011-02-19 03:37 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-04-13 17:47 . 2011-02-12 05:30 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-13 17:47 . 2011-03-08 05:38 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-13 17:47 . 2011-02-23 05:06 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-13 17:47 . 2011-02-23 05:05 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-13 17:47 . 2011-02-23 05:05 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-13 17:47 . 2011-03-03 05:29 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-13 17:47 . 2011-03-03 05:27 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-04-13 17:47 . 2011-03-03 03:31 2331136 ----a-w- c:\windows\system32\win32k.sys
2011-04-13 17:46 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-13 17:46 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-04-13 17:46 . 2011-02-23 05:05 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-13 17:46 . 2011-02-23 05:05 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-13 17:46 . 2011-02-23 05:05 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-13 17:46 . 2011-02-23 05:05 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-11 16:53 . 2011-04-11 16:53 -------- d-----w- C:\ac2c80593b7533f9f1ff32b3fe
2011-04-11 16:15 . 2011-04-11 16:38 -------- d-----w- C:\6215e80c0e881b3343c81f
2011-04-11 15:46 . 2011-04-11 16:38 -------- d-----w- c:\windows\system32\EventProviders
2011-04-11 15:34 . 2010-12-23 05:28 850432 ----a-w- c:\windows\system32\sbe.dll
2011-04-11 15:34 . 2010-12-23 05:28 642048 ----a-w- c:\windows\system32\CPFilters.dll
2011-04-11 15:34 . 2010-12-23 05:28 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-04-11 15:34 . 2010-12-23 05:24 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2011-04-11 15:34 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\system32\mstscax.dll
2011-04-11 15:34 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\system32\mstsc.exe
2011-04-08 18:00 . 2011-04-08 18:14 -------- d-----w- C:\Garmin
2011-04-07 18:09 . 2011-04-07 18:09 -------- d-----w- c:\users\Pavel\AppData\Roaming\Thunderbird
2011-04-07 18:09 . 2011-04-07 18:09 -------- d-----w- c:\users\Pavel\AppData\Local\Thunderbird
2011-04-07 18:08 . 2011-04-07 18:08 -------- d-----w- c:\program files\Mozilla Thunderbird
2011-04-07 17:56 . 2011-04-21 18:24 -------- d-----w- c:\program files\Common Files\TrustPort
2011-04-07 17:56 . 2011-04-21 18:24 -------- d-----w- c:\program files\TrustPort
2011-03-24 19:47 . 2011-03-24 19:47 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-03-24 19:47 . 2011-03-24 19:47 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-03-24 19:47 . 2011-03-24 19:47 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-03-24 19:47 . 2011-03-24 19:47 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-03-24 19:47 . 2011-03-24 19:47 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-03-24 19:47 . 2011-03-24 19:47 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-03-24 19:47 . 2011-03-24 19:47 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-03-24 19:47 . 2011-03-24 19:47 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-03-22 19:52 . 2011-03-22 19:52 -------- d-----w- c:\program files\DsNET Corp
2011-03-22 19:44 . 2011-03-22 19:51 -------- d-----w- c:\program files\Auto YouTube Downloader
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-21 18:24 . 2010-01-26 15:33 17488 ----a-w- c:\windows\gdrv.sys
2011-02-17 18:55 . 2011-02-17 18:55 181608 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10137.bin
2011-02-03 05:45 . 2011-02-09 18:09 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-02-02 16:11 . 2010-01-13 17:38 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-03-24 19:47 . 2011-03-24 19:47 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 202024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-20 6711840]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2010-11-20 274608]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2010-10-28 294912]
"TrustPortTray"="c:\program files\Common Files\TrustPort\Bin\tptray.exe" [2011-04-21 721168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-1-13 813584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2007-09-20 07:51 1836328 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-30 135664]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2009-12-08 185640]
R2 tpsec;TrustPort Security Filter;c:\windows\system32\drivers\tpsec.sys [2011-04-21 35920]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
R3 TridVid;TM6010 TV Service;c:\windows\system32\DRIVERS\TridVidII.sys [2009-05-08 195072]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2010-01-25 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-08-07 19:36]
.
2011-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-30 07:41]
.
2011-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-30 07:41]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab
DPF: {EC71A2BE-E211-41F9-BCAF-4EFF13426DFE} - hxxps://shop.rossmanncz.orwonet.de/shop/activex/rossmanncz_express_upload.cab
FF - ProfilePath - c:\users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\rmway0r8.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz
FF - user.js: browser.cache.disk.capacity - 1024000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-{B6A807N6-42DF-4W02-93E5-B156B3FA8AL1} - c:\users\Pavel\AppData\Roaming\App64\App64.exe
HKLM-Run-TrustPortDiskProtectionWatchDog - c:\program files\Common Files\TrustPort\bin\TDWatch.exe
HKLM-RunOnce-<NO NAME> - (no file)
MSConfigStartUp-NokiaOviSuite2 - c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-04-21 20:43:52
ComboFix-quarantined-files.txt 2011-04-21 18:43
.
Před spuštěním: Volných bajtů: 41 360 580 608
Po spuštění: Volných bajtů: 42 354 462 720
.
- - End Of File - - 6D5F3A305D82DD22AA0F0AE6E382A719

[Rudy]

Otevřte pozjnámkový blok a zkopírujte do něj:

Folder::
c:\program files\Common Files\TrustPort

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrustPortTray"=-

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikou ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Bierkhoff]

nový log z ComboFixu ...

ComboFix 11-04-20.01 - Pavel 21.04.2011 21:31:18.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2046.1405 [GMT 2:00]
Spuštěný z: c:\users\Pavel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Pavel\Desktop\CFScript.txt
AV: TrustPort Antivirus *Enabled/Updated* {7AEBA989-5B48-9A16-D793-B6BEFDD44C7C}
FW: TrustPort Personal Firewall *Enabled* {42D028AC-1127-9B4E-FCCC-1F8B03070B07}
SP: TrustPort Antivirus *Enabled/Updated* {C18A486D-7D72-9598-ED23-8DCC865306C1}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\TrustPort . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\applgwk.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\cmnimages.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\cmnlang-csy.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\cmnlang-dan.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\cmnlang-deu.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\cmnlang-enu.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\cmnlang-esp.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\cmnlang-fra.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\cmnlang-ita.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\cmnlang-nld.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\cmnlang-rus.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\cmntray.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\dbghelp.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\dsio.sys . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\migtool.exe . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\tpcfg.exe . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\tpeasy.exe . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\tpmgma.exe . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\tpmips.dll . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\tpreg.exe . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\tpsctrl.exe . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\tptray.exe . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\tpupdate.exe . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\bin\wsctool.exe . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\conf\policy.data . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\conf\products.data . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\conf\proxy.conf . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\conf\tpupdate.conf . . . . nemohl být smazán
c:\program files\Common Files\TrustPort\conf\tpupkgs.conf . . . . nemohl být smazán
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-21 do 2011-04-21 )))))))))))))))))))))))))))))))
.
.
2011-04-21 19:36 . 2011-04-21 19:38 -------- d-----w- c:\users\Pavel\AppData\Local\temp
2011-04-21 19:36 . 2011-04-21 19:36 -------- d-----w- c:\users\Pavlinka\AppData\Local\temp
2011-04-21 19:36 . 2011-04-21 19:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-21 18:07 . 2011-04-21 18:07 -------- d-----w- C:\found.000
2011-04-21 17:38 . 2011-04-21 08:08 35920 ----a-w- c:\windows\system32\drivers\tpsec.sys
2011-04-21 17:38 . 2011-04-21 08:07 37648 ----a-w- c:\windows\system32\drivers\avasdmft.sys
2011-04-20 19:40 . 2011-04-20 19:40 -------- d-----w- c:\program files\trend micro
2011-04-20 19:40 . 2011-04-20 19:40 -------- d-----w- C:\rsit
2011-04-19 18:05 . 2011-04-11 07:04 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{45915539-DC45-4B5B-94DA-379F7EC16F2B}\mpengine.dll
2011-04-13 17:47 . 2011-02-19 05:32 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-04-13 17:47 . 2011-02-19 03:37 294912 ----a-w- c:\windows\system32\atmfd.dll
2011-04-13 17:47 . 2011-02-12 05:30 191488 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-04-13 17:47 . 2011-03-08 05:38 740864 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-13 17:47 . 2011-02-23 05:06 311296 ----a-w- c:\windows\system32\drivers\srv.sys
2011-04-13 17:47 . 2011-02-23 05:05 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-04-13 17:47 . 2011-02-23 05:05 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-04-13 17:47 . 2011-03-03 05:29 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-04-13 17:47 . 2011-03-03 05:27 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-04-13 17:47 . 2011-03-03 03:31 2331136 ----a-w- c:\windows\system32\win32k.sys
2011-04-13 17:46 . 2011-03-11 05:40 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-04-13 17:46 . 2011-03-11 05:40 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-04-13 17:46 . 2011-02-23 05:05 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-04-13 17:46 . 2011-02-23 05:05 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-04-13 17:46 . 2011-02-23 05:05 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-13 17:46 . 2011-02-23 05:05 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-04-11 16:53 . 2011-04-11 16:53 -------- d-----w- C:\ac2c80593b7533f9f1ff32b3fe
2011-04-11 16:15 . 2011-04-11 16:38 -------- d-----w- C:\6215e80c0e881b3343c81f
2011-04-11 15:46 . 2011-04-11 16:38 -------- d-----w- c:\windows\system32\EventProviders
2011-04-11 15:34 . 2010-12-23 05:28 850432 ----a-w- c:\windows\system32\sbe.dll
2011-04-11 15:34 . 2010-12-23 05:28 642048 ----a-w- c:\windows\system32\CPFilters.dll
2011-04-11 15:34 . 2010-12-23 05:28 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-04-11 15:34 . 2010-12-23 05:24 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2011-04-11 15:34 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\system32\mstscax.dll
2011-04-11 15:34 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\system32\mstsc.exe
2011-04-08 18:00 . 2011-04-08 18:14 -------- d-----w- C:\Garmin
2011-04-07 18:09 . 2011-04-07 18:09 -------- d-----w- c:\users\Pavel\AppData\Roaming\Thunderbird
2011-04-07 18:09 . 2011-04-07 18:09 -------- d-----w- c:\users\Pavel\AppData\Local\Thunderbird
2011-04-07 18:08 . 2011-04-07 18:08 -------- d-----w- c:\program files\Mozilla Thunderbird
2011-04-07 17:56 . 2011-04-21 18:24 -------- d-----w- c:\program files\Common Files\TrustPort
2011-04-07 17:56 . 2011-04-21 18:24 -------- d-----w- c:\program files\TrustPort
2011-03-24 19:47 . 2011-03-24 19:47 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-03-24 19:47 . 2011-03-24 19:47 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-03-24 19:47 . 2011-03-24 19:47 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-03-24 19:47 . 2011-03-24 19:47 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-03-24 19:47 . 2011-03-24 19:47 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-03-24 19:47 . 2011-03-24 19:47 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-03-24 19:47 . 2011-03-24 19:47 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-03-24 19:47 . 2011-03-24 19:47 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-03-22 19:52 . 2011-03-22 19:52 -------- d-----w- c:\program files\DsNET Corp
2011-03-22 19:44 . 2011-03-22 19:51 -------- d-----w- c:\program files\Auto YouTube Downloader
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-21 19:37 . 2010-01-26 15:33 17488 ----a-w- c:\windows\gdrv.sys
2011-02-17 18:55 . 2011-02-17 18:55 181608 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10137.bin
2011-02-03 05:45 . 2011-02-09 18:09 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2011-02-02 16:11 . 2010-01-13 17:38 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-03-24 19:47 . 2011-03-24 19:47 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-10-23 202024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-01-20 6711840]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2010-11-20 274608]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2010-10-28 294912]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2010-1-13 813584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
2007-09-20 07:51 1836328 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
.
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-30 135664]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [x]
R3 TridVid;TM6010 TV Service;c:\windows\system32\DRIVERS\TridVidII.sys [2009-05-08 195072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2009-12-08 185640]
S2 tpsec;TrustPort Security Filter;c:\windows\system32\drivers\tpsec.sys [2011-04-21 35920]
S3 CFcatchme;CFcatchme;c:\users\Pavel\AppData\Local\Temp\CFcatchme.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2010-01-25 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-08-07 19:36]
.
2011-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-30 07:41]
.
2011-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-30 07:41]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} - hxxp://imikimi.com/download/imikimi_plugin_0.5.1.cab
DPF: {EC71A2BE-E211-41F9-BCAF-4EFF13426DFE} - hxxps://shop.rossmanncz.orwonet.de/shop/activex/rossmanncz_express_upload.cab
FF - ProfilePath - c:\users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\rmway0r8.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz
FF - user.js: browser.cache.disk.capacity - 1024000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1200)
c:\program files\Logitech\SetPoint\lgscroll.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Celkový čas: 2011-04-21 21:42:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-04-21 19:42
ComboFix2.txt 2011-04-21 18:43
.
Před spuštěním: Volných bajtů: 43 663 695 872
Po spuštění: Volných bajtů: 43 789 791 232
.
- - End Of File - - 2B96AEE3C3E7A3F896AF2250346F7DDE

[Rudy]

CF alespoň odstřelil klíč, ale příslušný adresář nemohl smazat. Co se změnilo?

[Bierkhoff]

no, neotravuje mě to .. ale to už neotravovalo po včerejšku, když jsem musel opravit sytém. Myslel jse, že tam ta potvora ještě někde je. S tí klíčem, dnes jsem ten Internet trustport znovu nainstaloval, abych jej celý odinstaloval .. nepomohlo to. Doufám že už tam ta "breberka" není

[Bierkhoff]

jo, a po té opravě sytému jde zase net

[Rudy]

Odstřelením toho klíče jsme znefunkčnili TrustPort. Můžete ještě zkusit Avengerem: http://www.viry.cz/forum/viewtopic.php?f=11&t=19832 pomocí skriptu:

Folders to delete:
c:\program files\Common Files\TrustPort

Odstřelit zbytek.

[Bierkhoff]

hotovo ...

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows Vista

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Folder "c:\program files\Common Files\TrustPort" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

[Rudy]

Smazáno, PC již by měl být čistý.