VIRY.CZ

Dobry den,
tak jsem pres noc nechal proskenovat pocitac pomoci AVPtool, test trval skoro 8 hodin,ale nic nenasel. Bohuzel se tedka nejak zasekl, kdyz jsem se chtel podivat na vsechny zpravy, kazdopadne v tech dulezitych zpravach byl jenom zacatek a konec testu.
Takze problem snad bude jenom v tom wtimes.dll.
Diky, Tomas

Ten Vám večer vyměním, už mám slíbený náhradní

.
Ty miniaplikace už fungují?

Miniaplikace se zda ze jiz funguji.
Budu rad, kdyz mi poradite jak odstranit to dllko, respektive jak nahrat nove. Vecer tady dnes nebudu,ale hned zitra rano se na to vrhnu.
Predem dekuji, Tomas

Budete tu ted tak ještě 15minut? že bych Vám hned hodila náhradní soubor

Z přílohy si stahněte soubor v raru, rozbalte a uložte na pc tak, aby cesta k souboru byla
C:\w32times.dll

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

FCOPY::
C:\w32times.dll | C:\windows\system32\w32times.dll

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Tak jsem spustil ten combofix, prikladam log. Pocitac se sam nerestartoval,ale po rucnim restartu se Centrum zabezpeceni spustilo. Jenom je divne, ze u toho souboru w32times.dll mi to porad ukazuje posledni zmenu 23.1. ,kdy byl pocitac zavirovan.
Udelal jsem pote jeste kontrolu pomoci spyware doctor a nasel nasledujici malware (viz priloha), ktere jsem odstranil.
Myslite si tedy, ze uz je pocitac cisty? A jeste jsem se chtel zeptat, jaka je sance, ze nejaky z tech viru zjistil nejaka moje hesla?
Diky, Tomas

ComboFix 11-01-23.06 - Tomas 28.01.2011 19:36:59.2.4 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3055.1960 [GMT 0:00]
Spuštěný z: c:\users\Tomas\Desktop\123.com
Použité ovládací přepínače :: c:\users\Tomas\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-12-28 do 2011-01-28 )))))))))))))))))))))))))))))))
.

2011-01-28 19:56 . 2011-01-28 19:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-28 19:33 . 2009-07-14 02:41 381952 ----a-w- C:\w32time.dll
2011-01-27 21:12 . 2011-01-28 18:31 -------- d-----w- c:\programdata\Kaspersky Lab
2011-01-27 20:37 . 2011-01-27 20:37 -------- d-----w- C:\_OTL
2011-01-24 09:57 . 2011-01-28 19:56 -------- d-----w- c:\users\Tomas\AppData\Local\temp
2011-01-24 08:59 . 2011-01-24 08:59 -------- d-----w- c:\users\Tomas\AppData\Roaming\Malwarebytes
2011-01-24 08:59 . 2011-01-24 08:59 -------- d-----w- c:\programdata\Malwarebytes
2011-01-24 08:59 . 2010-12-20 18:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-24 08:58 . 2011-01-24 08:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-24 08:58 . 2010-12-20 18:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-24 08:48 . 2011-01-24 08:48 -------- d-----w- c:\program files\CCleaner
2011-01-24 00:40 . 2011-01-24 10:06 -------- d-----w- c:\program files\trend micro
2011-01-24 00:40 . 2011-01-24 00:40 -------- d-----w- C:\rsit
2011-01-23 23:11 . 2011-01-23 23:11 301568 ----a-w- c:\windows\system32\cmd.execf
2011-01-23 22:28 . 2011-01-23 22:28 79360 --sha-r- c:\windows\system32\w32times.dll
2011-01-23 22:10 . 2011-01-23 22:11 -------- d-----w- c:\programdata\Rosetta Stone
2011-01-23 21:45 . 2011-01-23 22:10 -------- d-----w- c:\program files\Rosetta Stone
2011-01-22 22:21 . 2011-01-22 22:21 -------- d-----w- c:\program files\PDF Password Remover v3.1
2011-01-22 12:06 . 2011-01-22 12:06 -------- d-----w- c:\programdata\QuickTime
2011-01-22 12:05 . 2011-01-23 22:50 -------- d-----w- c:\program files\The Rosetta Stone
2011-01-11 21:03 . 2011-01-16 22:37 -------- d-----w- c:\users\Tomas\AppData\Roaming\VisualAssist
2011-01-10 22:39 . 2011-01-15 18:34 -------- d-----w- c:\users\Tomas\AppData\Roaming\BSplayer PRO
2011-01-10 22:39 . 2011-01-10 22:39 -------- d-----w- c:\program files\Webteh
2011-01-02 07:59 . 2011-01-02 07:59 -------- d-----w- c:\programdata\TamoSoft
2010-12-29 23:13 . 2010-10-28 12:23 2217088 ----a-w- c:\windows\system32\BootMan.exe
2010-12-29 23:13 . 2010-07-15 08:44 86408 ----a-w- c:\windows\system32\setupempdrv03.exe
2010-12-29 23:13 . 2010-07-15 08:44 8456 ----a-w- c:\windows\system32\EuGdiDrv.sys
2010-12-29 23:13 . 2010-07-15 08:44 14216 ----a-w- c:\windows\system32\epmntdrv.sys
2010-12-29 23:13 . 2010-07-15 08:44 14848 ----a-w- c:\windows\system32\EuEpmGdi.dll
2010-12-29 23:13 . 2010-12-29 23:13 -------- d-----w- c:\program files\EASEUS

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-13 08:47 . 2010-07-29 08:21 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-07-29 08:21 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-07-29 08:22 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-07-29 08:22 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:37 . 2010-07-29 08:22 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-07-29 08:22 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-01-13 08:37 . 2010-07-29 08:22 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-11-19 20:15 . 2010-11-12 13:16 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-11-19 20:15 . 2010-11-12 13:16 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-11-12 13:16 . 2010-11-12 13:16 22328 ----a-w- c:\users\Tomas\AppData\Roaming\PnkBstrK.sys
2010-11-12 13:16 . 2010-11-12 13:16 682280 ----a-w- c:\windows\system32\pbsvc.exe
2010-11-12 13:16 . 2010-11-12 13:16 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-11-09 18:40 . 2010-11-09 18:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-04 05:52 . 2010-12-16 23:52 978944 ----a-w- c:\windows\system32\wininet.dll
2010-11-04 05:48 . 2010-12-16 23:52 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-04 04:41 . 2010-12-16 23:52 386048 ----a-w- c:\windows\system32\html.iec
2010-11-04 04:08 . 2010-12-16 23:52 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-11-02 04:41 . 2010-12-16 23:52 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-02 04:40 . 2010-12-16 23:52 496128 ----a-w- c:\windows\system32\taskschd.dll
2010-11-02 04:40 . 2010-12-16 23:52 305152 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-02 04:39 . 2010-12-16 23:52 749056 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 04:34 . 2010-12-16 23:52 192000 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 04:34 . 2010-12-16 23:52 179712 ----a-w- c:\windows\system32\schtasks.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-25 186904]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-17 495708]
"avast5"="c:\program files\Avast5\avastUI.exe" [2011-01-13 3396624]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 21:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"DTRun"=c:\program files\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
"PDF Complete"=c:\program files\PDF Complete\pdfsty.exe
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"HPPowerAssistant"=c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"File Sanitizer"=c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

R1 anf0100.sys;anf0100.sys;c:\windows\system32\drivers\anf0100.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-24 136176]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2009-12-14 1639728]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-03-18 286248]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-18 33320]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [2009-10-21 32312]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-07-15 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-07-15 8456]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2009-11-17 362040]
R3 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2009-12-10 251448]
R3 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-11-11 181792]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys [2010-04-27 98560]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys [2010-04-27 14848]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys [2010-04-27 123648]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-29 1343400]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-03-29 218592]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-01 691696]
S1 aswSP;aswSP; [x]
S1 RsvLock;RsvLock; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe [2009-03-03 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-03-18 172032]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2010-09-15 95568]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-05-28 233472]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2009-12-16 102968]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-18 36864]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [2010-05-10 90112]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-12-16 281192]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-10-23 635416]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-03-18 5320192]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-03-18 150016]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-09-15 18120]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-09-15 36640]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys [2009-12-22 21:37 73344]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2011-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-24 15:20]

2011-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-24 15:20]
.
.
------- Doplňkový sken -------
.
uStart Page =
mStart Page =
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
FF - ProfilePath - c:\users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\nf2gfrqa.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: DigitalPersona Extension: otis@digitalpersona.com - c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(1268)
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
.
Celkový čas: 2011-01-28 20:03:58
ComboFix-quarantined-files.txt 2011-01-28 20:03

Před spuštěním: Volných bajtů: 239 990 984 704
Po spuštění: Volných bajtů: 239 935 197 184

- - End Of File - - 297D46FBB4A62EA918131E37FC6D1007

Máte správně uložený ten soubor na disku C? Nemáte ho třeba v podsložce? Soubor se nevyměnil.

Jinak spyware doktor nám smazal části combofixu

Tak se omlouvám, chyba je na mé straně. Ten Váš soubor bude totiž šmejd, vydávající se za systémový soubor, stačilo přidat písmenko

. A já mu na to naletěla

.

Pro jistotu bych si ještě něco ověřila, než ho smažu

Stáhněte SystemLook
http://jpshortstuff.247fixes.com/SystemLook.exe

- uložte ho na plochu a spustte.
- do okénka zkopírujte

Kód: Vybrat vše

:filefind
w32time.dll
w32times.dll

- klikněte na Look, proběhne sken, na konci se zobrazí log, jehož obsah zkopírujete sem

Tady posilam log z toho programu. V pocitaci jsou oba soubory jak w32time.dll tak w32times.dll

SystemLook 04.09.10 by jpshortstuff
Log created at 11:12 on 29/01/2011 by Tomas
Administrator - Elevation successful

========== filefind ==========

Searching for "w32time.dll"
C:\w32time.dll --a---- 381952 bytes [19:33 28/01/2011] [02:41 14/07/2009] 1C9D80CC3849B3788048078C26486E1A
C:\Windows\ERDNT\cache\w32time.dll --a---- 288768 bytes [09:54 24/01/2011] [01:16 14/07/2009] 55187FD710E27D5095D10A472C8BAF1C
C:\Windows\System32\w32time.dll --a---- 288768 bytes [23:33 13/07/2009] [01:16 14/07/2009] 55187FD710E27D5095D10A472C8BAF1C
C:\Windows\winsxs\x86_microsoft-windows-time-service_31bf3856ad364e35_6.1.7600.16385_none_887db9d2ce9e3aa0\w32time.dll --a---- 288768 bytes [23:33 13/07/2009] [01:16 14/07/2009] 55187FD710E27D5095D10A472C8BAF1C

Searching for "w32times.dll"
C:\Windows\System32\w32times.dll -rahs-- 79360 bytes [22:28 23/01/2011] [22:28 23/01/2011] (Unable to calculate MD5)

-= EOF =-

w3times je prostě šmejd, a já mu na to skočila

. Jdeme na n ěj

.

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše


KillAll::
Collect::
C:\Windows\System32\w32times.dll

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:

Obrázek

-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Tak soubor se uspesne smazal. Myslite si teda, ze uz je pocitac cisty?
Diky, T.

ComboFix 11-01-23.06 - Tomas 29.01.2011 14:25:39.3.4 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3055.1500 [GMT 0:00]
Spuštěný z: c:\users\Tomas\Desktop\123.com
Použité ovládací přepínače :: c:\users\Tomas\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení

file zipped: c:\windows\System32\w32times.dll
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\System32\w32times.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-28 do 2011-01-29 )))))))))))))))))))))))))))))))
.

2011-01-29 14:45 . 2011-01-29 14:47 -------- d-----w- c:\users\Tomas\AppData\Local\temp
2011-01-29 14:45 . 2011-01-29 14:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-01-28 19:33 . 2009-07-14 02:41 381952 ----a-w- C:\w32time.dll
2011-01-27 21:12 . 2011-01-28 18:31 -------- d-----w- c:\programdata\Kaspersky Lab
2011-01-27 20:37 . 2011-01-27 20:37 -------- d-----w- C:\_OTL
2011-01-24 08:59 . 2011-01-24 08:59 -------- d-----w- c:\users\Tomas\AppData\Roaming\Malwarebytes
2011-01-24 08:59 . 2011-01-24 08:59 -------- d-----w- c:\programdata\Malwarebytes
2011-01-24 08:59 . 2010-12-20 18:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-01-24 08:58 . 2011-01-24 08:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-01-24 08:58 . 2010-12-20 18:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-01-24 08:48 . 2011-01-24 08:48 -------- d-----w- c:\program files\CCleaner
2011-01-24 00:40 . 2011-01-24 10:06 -------- d-----w- c:\program files\trend micro
2011-01-24 00:40 . 2011-01-24 00:40 -------- d-----w- C:\rsit
2011-01-23 23:11 . 2011-01-23 23:11 301568 ----a-w- c:\windows\system32\cmd.execf
2011-01-23 22:10 . 2011-01-23 22:11 -------- d-----w- c:\programdata\Rosetta Stone
2011-01-23 21:45 . 2011-01-23 22:10 -------- d-----w- c:\program files\Rosetta Stone
2011-01-22 22:21 . 2011-01-22 22:21 -------- d-----w- c:\program files\PDF Password Remover v3.1
2011-01-22 12:06 . 2011-01-22 12:06 -------- d-----w- c:\programdata\QuickTime
2011-01-22 12:05 . 2011-01-23 22:50 -------- d-----w- c:\program files\The Rosetta Stone
2011-01-11 21:03 . 2011-01-16 22:37 -------- d-----w- c:\users\Tomas\AppData\Roaming\VisualAssist
2011-01-10 22:39 . 2011-01-15 18:34 -------- d-----w- c:\users\Tomas\AppData\Roaming\BSplayer PRO
2011-01-10 22:39 . 2011-01-10 22:39 -------- d-----w- c:\program files\Webteh
2011-01-02 07:59 . 2011-01-02 07:59 -------- d-----w- c:\programdata\TamoSoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-13 08:47 . 2010-07-29 08:21 38848 ----a-w- c:\windows\avastSS.scr
2011-01-13 08:47 . 2010-07-29 08:21 188216 ----a-w- c:\windows\system32\aswBoot.exe
2011-01-13 08:41 . 2010-07-29 08:22 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-01-13 08:40 . 2010-07-29 08:22 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-01-13 08:37 . 2010-07-29 08:22 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-01-13 08:37 . 2010-07-29 08:22 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-01-13 08:37 . 2010-07-29 08:22 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-11-19 20:15 . 2010-11-12 13:16 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-11-19 20:15 . 2010-11-12 13:16 111928 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-11-12 13:16 . 2010-11-12 13:16 22328 ----a-w- c:\users\Tomas\AppData\Roaming\PnkBstrK.sys
2010-11-12 13:16 . 2010-11-12 13:16 682280 ----a-w- c:\windows\system32\pbsvc.exe
2010-11-12 13:16 . 2010-11-12 13:16 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-11-09 18:40 . 2010-11-09 18:40 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-04 05:52 . 2010-12-16 23:52 978944 ----a-w- c:\windows\system32\wininet.dll
2010-11-04 05:48 . 2010-12-16 23:52 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-04 04:41 . 2010-12-16 23:52 386048 ----a-w- c:\windows\system32\html.iec
2010-11-04 04:08 . 2010-12-16 23:52 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-11-02 04:41 . 2010-12-16 23:52 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2010-11-02 04:40 . 2010-12-16 23:52 496128 ----a-w- c:\windows\system32\taskschd.dll
2010-11-02 04:40 . 2010-12-16 23:52 305152 ----a-w- c:\windows\system32\taskcomp.dll
2010-11-02 04:39 . 2010-12-16 23:52 749056 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 04:34 . 2010-12-16 23:52 192000 ----a-w- c:\windows\system32\taskeng.exe
2010-11-02 04:34 . 2010-12-16 23:52 179712 ----a-w- c:\windows\system32\schtasks.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-25 186904]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-17 495708]
"avast5"="c:\program files\Avast5\avastUI.exe" [2011-01-13 3396624]
"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 21:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"DTRun"=c:\program files\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
"PDF Complete"=c:\program files\PDF Complete\pdfsty.exe
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"HPPowerAssistant"=c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"NeroFilterCheck"=c:\windows\system32\NeroCheck.exe
"File Sanitizer"=c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"

R1 anf0100.sys;anf0100.sys;c:\windows\system32\drivers\anf0100.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-11-24 136176]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2009-12-14 1639728]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-03-18 286248]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-18 33320]
R3 CFcatchme;CFcatchme;c:\users\Tomas\AppData\Local\Temp\CFcatchme.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [2009-10-21 32312]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-07-15 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-07-15 8456]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\system32\flcdlock.exe [2009-11-17 362040]
R3 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2009-12-10 251448]
R3 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-11-11 181792]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys [2010-04-27 98560]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys [2010-04-27 14848]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys [2010-04-27 123648]
R3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-29 1343400]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-03-29 218592]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-01 691696]
S1 aswSP;aswSP; [x]
S1 RsvLock;RsvLock; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe [2009-03-03 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-03-18 172032]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [2010-09-15 95568]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-05-28 233472]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2009-12-16 102968]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-18 36864]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [2010-05-10 90112]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-12-16 281192]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
S2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2009-10-23 635416]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-03-18 5320192]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-03-18 150016]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-09-15 18120]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-09-15 36640]
S3 rtsuvc;HP Webcam [2 MP Fixed];c:\windows\system32\DRIVERS\rtsuvc.sys [2009-12-22 21:37 73344]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - FSUSBEXDISK

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2011-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-24 15:20]

2011-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-24 15:20]
.
.
------- Doplňkový sken -------
.
uStart Page =
mStart Page =
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
FF - ProfilePath - c:\users\Tomas\AppData\Roaming\Mozilla\Firefox\Profiles\nf2gfrqa.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: DigitalPersona Extension: otis@digitalpersona.com - c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(2580)
c:\program files\Hewlett-Packard\File Sanitizer\HPPMDesktopIcon.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe
c:\windows\system32\atieclxx.exe
c:\program files\Avast5\AvastSvc.exe
c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\taskhost.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\conhost.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2011-01-29 14:54:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-29 14:54
ComboFix2.txt 2011-01-28 20:04

Před spuštěním: Volných bajtů: 239 486 537 728
Po spuštění: Volných bajtů: 239 529 263 104

- - End Of File - - 6D2FC63B726FBE1737542F9812FD05A7

ještě smažte
C:\w32time.dll

Měl by už být čistý, něco se Vám nezdá?

jak to vypadá s počítačem?

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?
Pak ještě něco domažeme přes OTl

Tak jsem projel vsechny popsane testy a posilam log z RSIT. Jinak pocitac se zda, ze funguje bez problemu. Jenom jsem se chtel zeptat, jak je to s tema heslama? Je nejaka sance, ze by je nejaky ten vir "odposlechl" a mam si je tudiz zmenit?
Diky moc

Logfile of random's system information tool 1.08 (written by random/random)
Run by Tomas at 2011-01-29 15:46:49
Microsoft Windows 7 Home Premium
System drive C: has 229 GB (50%) free of 459 GB
Total RAM: 3055 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:47:05, on 29.1.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\windows\system32\taskhost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Avast5\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\SearchFilterHost.exe
C:\Users\Tomas\Downloads\RSIT.exe
C:\Program Files\trend micro\Tomas.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\System32\acaptuser32.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Device Error Recovery Service (dgdersvc) - Devguru Co., Ltd. - C:\windows\system32\dgdersvc.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\system32\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\windows\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SeaPort - Unknown owner - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe

--
End of file - 13318 bytes

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2010-01-22 567248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2009-12-12 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2009-12-02 1471752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA57003-0068-4ed2-9D32-4D1EC707D94D}]
Microsoft Web Test Recorder 10.0 Helper - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19 61360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0BF43445-2F28-4351-9252-17FE6E806AA0}
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2010-01-22 567248]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11 345480]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-25 186904]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-17 495708]
"avast5"=C:\Program Files\Avast5\avastUI.exe [2011-01-13 3396624]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript []
"ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2010-03-09 1286608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\acaptuser32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\DeviceNP]
C:\windows\system32\DeviceNP.dll [2009-11-17 75320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\windows\system32\webcheck.dll [2009-07-14 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2011-01-29 15:46:49 ----D---- C:\rsit
2011-01-29 14:47:20 ----D---- C:\$RECYCLE.BIN
2011-01-29 14:45:12 ----D---- C:\windows\temp
2011-01-27 21:12:03 ----D---- C:\ProgramData\Kaspersky Lab
2011-01-24 08:59:06 ----D---- C:\Users\Tomas\AppData\Roaming\Malwarebytes
2011-01-24 08:59:00 ----D---- C:\ProgramData\Malwarebytes
2011-01-24 08:48:52 ----D---- C:\Program Files\CCleaner
2011-01-24 00:40:38 ----D---- C:\Program Files\trend micro
2011-01-23 23:11:16 ----A---- C:\windows\system32\cmd.execf
2011-01-23 22:10:27 ----D---- C:\ProgramData\Rosetta Stone
2011-01-23 21:45:57 ----D---- C:\Program Files\Rosetta Stone
2011-01-22 22:23:04 ----A---- C:\windows\winDecrypt.INI
2011-01-22 22:21:41 ----D---- C:\Program Files\PDF Password Remover v3.1
2011-01-22 12:06:13 ----D---- C:\ProgramData\QuickTime
2011-01-22 12:05:45 ----D---- C:\Program Files\The Rosetta Stone
2011-01-12 19:05:35 ----A---- C:\windows\system32\odbc32.dll
2011-01-12 19:05:34 ----A---- C:\windows\system32\XpsPrint.dll
2011-01-12 19:05:34 ----A---- C:\windows\system32\FntCache.dll
2011-01-12 19:05:34 ----A---- C:\windows\system32\DWrite.dll
2011-01-12 19:05:34 ----A---- C:\windows\system32\d3d10warp.dll
2011-01-12 19:05:34 ----A---- C:\windows\system32\d2d1.dll
2011-01-12 19:05:33 ----A---- C:\windows\system32\XpsRasterService.dll
2011-01-12 19:05:33 ----A---- C:\windows\system32\XpsGdiConverter.dll
2011-01-12 19:05:33 ----A---- C:\windows\system32\ExplorerFrame.dll
2011-01-12 19:05:33 ----A---- C:\windows\system32\drivers\dxgmms1.sys
2011-01-12 19:05:33 ----A---- C:\windows\system32\drivers\dxgkrnl.sys
2011-01-12 19:05:33 ----A---- C:\windows\system32\d3d10_1core.dll
2011-01-12 19:05:33 ----A---- C:\windows\system32\d3d10_1.dll
2011-01-12 19:05:33 ----A---- C:\windows\system32\cdd.dll
2011-01-11 21:03:56 ----D---- C:\Users\Tomas\AppData\Roaming\VisualAssist
2011-01-10 22:39:59 ----D---- C:\Users\Tomas\AppData\Roaming\BSplayer PRO
2011-01-10 22:39:58 ----D---- C:\Program Files\Webteh
2011-01-02 07:59:17 ----D---- C:\ProgramData\TamoSoft

======List of files/folders modified in the last 1 months======

2011-01-29 15:44:26 ----D---- C:\Program Files\Spyware Doctor
2011-01-29 15:44:16 ----AD---- C:\ProgramData\TEMP
2011-01-29 15:43:59 ----RD---- C:\Program Files
2011-01-29 15:43:58 ----D---- C:\windows\system32\drivers
2011-01-29 15:41:36 ----D---- C:\windows\System32
2011-01-29 15:41:36 ----D---- C:\windows\inf
2011-01-29 15:41:36 ----A---- C:\windows\system32\PerfStringBackup.INI
2011-01-29 15:37:32 ----D---- C:\Windows
2011-01-29 15:35:43 ----D---- C:\windows\system32\config
2011-01-29 15:35:42 ----D---- C:\ProgramData\HPQLOG
2011-01-29 15:35:26 ----A---- C:\windows\system32\log.txt
2011-01-29 15:32:34 ----D---- C:\windows\Minidump
2011-01-29 15:29:29 ----D---- C:\Users\Tomas\AppData\Roaming\Skype
2011-01-29 15:22:29 ----SHD---- C:\System Volume Information
2011-01-29 14:47:32 ----A---- C:\windows\system.ini
2011-01-29 14:47:16 ----D---- C:\windows\system32\drivers\etc
2011-01-29 14:34:32 ----D---- C:\windows\AppPatch
2011-01-29 14:34:31 ----D---- C:\Program Files\Common Files
2011-01-29 09:02:59 ----D---- C:\windows\Prefetch
2011-01-27 21:12:03 ----D---- C:\ProgramData
2011-01-27 20:38:00 ----SHD---- C:\windows\Installer
2011-01-26 00:21:35 ----D---- C:\ProgramData\PDFC
2011-01-25 19:27:48 ----SD---- C:\Users\Tomas\AppData\Roaming\Microsoft
2011-01-24 09:56:22 ----D---- C:\windows\system32\Tasks
2011-01-24 09:56:21 ----D---- C:\windows\Tasks
2011-01-24 08:50:03 ----D---- C:\windows\debug
2011-01-23 22:51:54 ----D---- C:\Users\Tomas\AppData\Roaming\uTorrent
2011-01-23 22:36:20 ----D---- C:\ProgramData\FLEXnet
2011-01-23 22:10:36 ----D---- C:\Config.Msi
2011-01-22 15:28:38 ----D---- C:\windows\system32\catroot2
2011-01-22 15:28:38 ----D---- C:\windows\system32\catroot
2011-01-22 15:28:37 ----D---- C:\windows\winsxs
2011-01-20 14:45:27 ----D---- C:\Program Files\Avast5
2011-01-14 21:07:51 ----D---- C:\windows\system32\wdi
2011-01-13 17:46:48 ----D---- C:\ProgramData\Microsoft Help
2011-01-13 08:47:32 ----A---- C:\windows\system32\aswBoot.exe
2011-01-12 19:06:27 ----A---- C:\windows\system32\MRT.exe
2011-01-10 22:20:45 ----D---- C:\Program Files\Arcsoft
2011-01-10 22:20:39 ----D---- C:\windows\system32\DriverStore
2011-01-10 20:47:45 ----D---- C:\Program Files\Common Files\microsoft shared
2011-01-10 20:47:40 ----D---- C:\Program Files\Common Files\DESIGNER
2011-01-10 20:47:24 ----RSD---- C:\windows\Fonts
2011-01-10 20:46:22 ----D---- C:\windows\ShellNew
2011-01-03 21:37:59 ----D---- C:\windows\system32\NDF
2011-01-02 13:37:48 ----D---- C:\windows\Logs
2011-01-02 08:04:31 ----D---- C:\Users\Tomas\AppData\Roaming\DPlot
2010-12-30 10:15:36 ----HD---- C:\Program Files\InstallShield Installation Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 iaStor;Intel RAID Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 PCTCore;PCTools KDS; C:\windows\system32\drivers\PCTCore.sys [2010-03-29 218592]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2009-12-16 110520]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2009-12-16 51800]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2009-12-16 13256]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-08-01 691696]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 mfehidk;McAfee Inc. mfehidk; C:\windows\system32\drivers\mfehidk.sys [2009-05-16 214024]
R1 mfetdik;McAfee Inc. mfetdik; C:\windows\system32\drivers\mfetdik.sys [2009-05-16 55336]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2009-12-16 40088]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 Afc;PPdus ASPI Shell; C:\windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atipmdag.sys [2010-03-18 5320192]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-03-18 150016]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-03-09 107024]
R3 dgderdrv;dgderdrv; C:\windows\System32\drivers\dgderdrv.sys [2010-09-15 18120]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\windows\system32\FsUsbExDisk.SYS [2010-09-15 36640]
R3 HECI;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 21560]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2009-12-22 73344]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt.sys [2010-03-17 423424]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S1 anf0100.sys;anf0100.sys; \??\C:\windows\system32\drivers\anf0100.sys []
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-13 8704]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys []
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\DRIVERS\BthEnum.sys [2009-07-13 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-13 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2009-07-13 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2009-07-13 58880]
S3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-03-18 286248]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-03-18 88104]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-03-18 111144]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-18 33320]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-03-18 18728]
S3 CFcatchme;CFcatchme; \??\C:\Users\Tomas\AppData\Local\Temp\CFcatchme.sys []
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv.sys [2009-10-21 32312]
S3 epmntdrv;epmntdrv; \??\C:\windows\system32\epmntdrv.sys [2010-07-15 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\windows\system32\EuGdiDrv.sys [2010-07-15 8456]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 MfeAVFK;McAfee Inc. MfeAVFK; C:\windows\system32\drivers\MfeAVFK.sys [2009-05-16 79816]
S3 MfeBOPK;McAfee Inc. MfeBOPK; C:\windows\system32\drivers\MfeBOPK.sys [2009-05-16 35272]
S3 MfeRKDK;McAfee Inc. MfeRKDK; C:\windows\system32\drivers\MfeRKDK.sys [2009-05-16 34248]
S3 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 Revoflt;Revoflt; C:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-13 129536]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-11-11 181792]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2010-01-12 257568]
S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM); C:\windows\system32\DRIVERS\sscebus.sys [2010-04-27 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter; C:\windows\system32\DRIVERS\sscemdfl.sys [2010-04-27 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers; C:\windows\system32\DRIVERS\sscemdm.sys [2010-04-27 123648]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-13 30720]
S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-13 52736]
S3 VSPerfDrv100;Performance Tools Driver 10.0; \??\C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [2009-12-08 48128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe [2009-03-03 81920]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-03-18 172032]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-03-09 628000]
R2 dgdersvc;Device Error Recovery Service; C:\windows\system32\dgdersvc.exe [2010-09-15 95568]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2009-11-25 300808]
R2 FsUsbExService;FsUsbExService; C:\windows\system32\FsUsbExService.Exe [2010-05-28 233472]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-03-24 121344]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2009-12-16 102968]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-18 36864]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [2010-05-10 90112]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-12-16 281192]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2009-07-08 26168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-25 354840]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-11-04 268824]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2009-10-23 635416]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2010-11-12 66872]
R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
R2 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2010-03-15 1142224]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe [2010-03-17 229458]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-05-07 1051976]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\windows\System32\svchost.exe [2009-07-14 20992]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2010-02-08 230968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-24 136176]
S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe []
S2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2009-12-14 1639728]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-09-28 109056]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-08-10 85096]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\system32\flcdlock.exe [2009-11-17 362040]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-01-23 655624]
S3 HPDrvMntSvc.exe;HP Quick Synchronization Service; c:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2009-12-10 251448]
S3 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
S3 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-07-29 435016]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-07-29 1343400]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Já bych je změnila

Spustte OTL
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\ProgramData\Kaspersky Lab
C:\windows\system32\cmd.execf

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[Reboot]

-klikněte na tlačítko opravit.
-Následně se pc restartuje.
- Log vložte zde

VIRY.CZ

Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace

Re: Nelze spustit centrum zabezpeceni a miniaplikace