VIRY.CZ

Dobrý den,

potřebuji poradit. Mám notebook a když ho chci zapnout tak jak začnou najíždět Windows 7 tak úvodní obrazovka je zde tak 2 minuty, pak monitor ztmavne a tak po 5 minutách teprv Windows najedou. Mám nainstal program Advanced system Care a když skenuje soubory tak zahlédnu - TrojanDownloader - . Poradíte co mám dělat??? Nerad bych celý pc přeinstalovával. Díky

Tady je log z RSIT:


Logfile of random's system information tool 1.08 (written by random/random)
Run by BV-Technika at 2011-02-13 00:13:57
Microsoft Windows 7 Professional
System drive C: has 124 GB (54%) free of 227 GB
Total RAM: 1944 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:14:28, on 13.2.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
C:\Program Files\Lenovo\HOTKEY\tpfnf6r.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
C:\Program Files\Lenovo\Zoom\TpScrex.exe
C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
C:\Windows\system32\conhost.exe
C:\Users\BV-Technika\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHOQ8W2K\RSIT[1].exe
C:\Program Files\trend micro\BV-Technika.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe
O4 - HKLM\..\Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor
O4 - HKLM\..\Run: [FingerPrintSoftware] "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
O4 - HKLM\..\Run: [Message Center Plus] C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe /start
O4 - HKLM\..\Run: [AcWin7Hlpr] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [4-Day Forecast] "C:\Program Files\Meteo\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe" /Startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O16 - DPF: {FB298ECE-4D17-414A-A5E8-FABC938796B2} (ActiveWebParts Illustration Viewer) - https://spp.jdsportal.jcb.com/WebResour ... 4139531250
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
O23 - Service: AcSvc - Lenovo - C:\Program Files\Lenovo\Access Connections\AcSvc.exe
O23 - Service: AD Monitor (ADMonitor) - Unknown owner - C:\Windows\system32\ADMonitor.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Windows\system32\AtService.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Data Transfer Service (dtsvc) - Unknown owner - C:\Windows\system32\DTS.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\Windows\System32\TPHDEXLG.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

--
End of file - 9257 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2008-11-25 1623392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-05 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TPHOTKEY"=C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe [2009-03-13 68976]
"LENOVO.TPFNF6R"=C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe [2009-08-20 62752]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-03 174104]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-03 151064]
"PWMTRV"=rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL,PwrMgrBkGndMonitor []
"FingerPrintSoftware"=C:\Program Files\Lenovo Fingerprint Software\fpapp.exe [2009-09-01 1582328]
"Message Center Plus"=C:\Program Files\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28 49976]
"AcWin7Hlpr"=C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe [2009-10-14 36864]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2008-11-25 2069344]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-12-06 1910152]
"4-Day Forecast"=C:\Program Files\Meteo\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe [2008-07-02 1064960]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-07-28 216576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ACGina

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-02-13 00:13:59 ----D---- C:\Program Files\trend micro
2011-02-13 00:13:57 ----D---- C:\rsit
2011-02-12 23:46:35 ----D---- C:\Program Files\ESET
2011-02-09 06:35:59 ----A---- C:\Windows\system32\win32k.sys
2011-02-09 06:35:58 ----A---- C:\Windows\system32\kerberos.dll
2011-02-09 06:35:55 ----A---- C:\Windows\system32\vbscript.dll
2011-02-09 06:35:55 ----A---- C:\Windows\system32\jscript.dll
2011-02-09 06:35:54 ----A---- C:\Windows\system32\mshtml.dll
2011-02-09 06:35:51 ----A---- C:\Windows\system32\mstime.dll
2011-02-09 06:35:51 ----A---- C:\Windows\system32\msfeeds.dll
2011-02-09 06:35:51 ----A---- C:\Windows\system32\iedkcs32.dll
2011-02-09 06:35:50 ----A---- C:\Windows\system32\mshtmled.dll
2011-02-09 06:35:50 ----A---- C:\Windows\system32\msfeedssync.exe
2011-02-09 06:35:50 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-02-09 06:35:50 ----A---- C:\Windows\system32\licmgr10.dll
2011-02-09 06:35:50 ----A---- C:\Windows\system32\iertutil.dll
2011-02-09 06:35:50 ----A---- C:\Windows\system32\iepeers.dll
2011-02-09 06:35:38 ----A---- C:\Windows\system32\atmlib.dll
2011-02-09 06:35:38 ----A---- C:\Windows\system32\atmfd.dll
2011-02-09 06:35:36 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-02-09 06:35:36 ----A---- C:\Windows\system32\ntdll.dll
2011-02-09 06:35:35 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-02-09 06:35:33 ----A---- C:\Windows\system32\XpsPrint.dll
2011-02-09 06:35:33 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-02-09 06:35:33 ----A---- C:\Windows\system32\FntCache.dll
2011-02-09 06:35:33 ----A---- C:\Windows\system32\DWrite.dll
2011-02-09 06:35:33 ----A---- C:\Windows\system32\d3d10warp.dll
2011-02-09 06:35:33 ----A---- C:\Windows\system32\d2d1.dll
2011-02-09 06:35:32 ----A---- C:\Windows\system32\XpsRasterService.dll
2011-02-09 06:35:32 ----A---- C:\Windows\system32\ExplorerFrame.dll
2011-02-09 06:35:32 ----A---- C:\Windows\system32\d3d10_1core.dll
2011-02-09 06:35:32 ----A---- C:\Windows\system32\d3d10_1.dll
2011-02-09 06:35:29 ----A---- C:\Windows\system32\urlmon.dll
2011-02-09 06:35:29 ----A---- C:\Windows\system32\upnp.dll
2011-02-09 06:35:28 ----A---- C:\Windows\system32\wscsvc.dll
2011-02-09 06:35:28 ----A---- C:\Windows\system32\wscapi.dll
2011-02-09 06:35:28 ----A---- C:\Windows\system32\wininet.dll
2011-02-09 06:35:28 ----A---- C:\Windows\system32\winhttp.dll
2011-02-09 06:35:28 ----A---- C:\Windows\system32\WebClnt.dll
2011-02-09 06:35:28 ----A---- C:\Windows\system32\slwga.dll
2011-02-09 06:35:28 ----A---- C:\Windows\system32\msxml6.dll
2011-02-09 06:35:28 ----A---- C:\Windows\system32\msxml3.dll
2011-02-09 06:35:28 ----A---- C:\Windows\system32\ieframe.dll
2011-02-09 06:35:28 ----A---- C:\Windows\system32\davclnt.dll
2011-02-09 06:35:23 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2011-02-09 06:35:23 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2011-02-09 06:35:23 ----A---- C:\Windows\system32\cdd.dll
2011-02-01 10:04:26 ----D---- C:\Program Files\Same Deutz-Fahr
2011-01-21 22:19:58 ----D---- C:\Windows\Sun
2011-01-19 13:37:25 ----D---- C:\ProgramData\IObit
2011-01-19 08:50:08 ----D---- C:\Users\BV-Technika\AppData\Roaming\IObit
2011-01-19 08:50:07 ----D---- C:\Program Files\IObit
2011-01-18 20:03:36 ----D---- C:\Windows\cs
2011-01-18 20:03:09 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2011-01-18 19:59:29 ----A---- C:\Windows\system32\mfreadwrite.dll
2011-01-18 19:59:29 ----A---- C:\Windows\system32\mf.dll
2011-01-18 19:59:28 ----A---- C:\Windows\system32\WMVDECOD.DLL
2011-01-18 10:58:53 ----A---- C:\Windows\ODBC.INI
2011-01-18 10:42:44 ----A---- C:\Windows\system32\vfp9t.dll
2011-01-18 10:42:43 ----A---- C:\Windows\system32\vfp9renu.dll
2011-01-18 10:42:43 ----A---- C:\Windows\system32\vfp9rcsy.dll
2011-01-18 10:42:43 ----A---- C:\Windows\system32\vfp9r.dll
2011-01-18 10:42:43 ----A---- C:\Windows\system32\foxhhelpps9.dll
2011-01-18 10:42:43 ----A---- C:\Windows\system32\foxhhelp9.exe
2011-01-18 10:41:58 ----D---- C:\Windows\OleSrv
2011-01-18 10:40:50 ----A---- C:\Windows\system32\VFP6RUN.EXE
2011-01-18 10:40:50 ----A---- C:\Windows\system32\VFP6RENU.DLL
2011-01-18 10:40:50 ----A---- C:\Windows\system32\VFP6R.DLL
2011-01-18 10:37:41 ----D---- C:\klient
2011-01-18 10:33:42 ----D---- C:\Program Files\LogMeIn Hamachi
2011-01-17 03:01:58 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2011-01-17 03:01:58 ----A---- C:\Windows\system32\drivers\ks.sys
2011-01-16 20:32:21 ----D---- C:\Program Files\Common Files\Java
2011-01-16 20:28:50 ----A---- C:\Windows\system32\javaws.exe
2011-01-16 20:28:50 ----A---- C:\Windows\system32\javaw.exe
2011-01-16 20:28:50 ----A---- C:\Windows\system32\java.exe
2011-01-16 20:26:55 ----A---- C:\Windows\system32\mfc40u.dll
2011-01-16 20:26:55 ----A---- C:\Windows\system32\mfc40.dll
2011-01-16 20:16:45 ----A---- C:\Windows\system32\tzres.dll
2011-01-16 20:16:20 ----A---- C:\Windows\system32\schedsvc.dll
2011-01-16 20:16:19 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-01-16 20:16:19 ----A---- C:\Windows\system32\taskschd.dll
2011-01-16 20:16:19 ----A---- C:\Windows\system32\taskeng.exe
2011-01-16 20:16:19 ----A---- C:\Windows\system32\taskcomp.dll
2011-01-16 20:16:19 ----A---- C:\Windows\system32\schtasks.exe
2011-01-16 20:15:59 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-01-16 20:15:56 ----A---- C:\Windows\system32\ole32.dll
2011-01-16 20:15:54 ----A---- C:\Windows\system32\odbc32.dll
2011-01-16 20:15:49 ----A---- C:\Windows\system32\spoolsv.exe
2011-01-16 20:15:43 ----A---- C:\Windows\system32\jsproxy.dll
2011-01-16 20:15:43 ----A---- C:\Windows\system32\ieui.dll
2011-01-16 20:15:38 ----A---- C:\Windows\system32\comctl32.dll
2011-01-16 20:15:33 ----A---- C:\Windows\system32\msdri.dll
2011-01-16 20:15:32 ----A---- C:\Windows\system32\CPFilters.dll
2011-01-16 20:15:14 ----A---- C:\Windows\system32\wmp.dll
2011-01-16 20:15:12 ----A---- C:\Windows\system32\wmploc.DLL
2011-01-16 20:13:08 ----A---- C:\Windows\system32\ir32_32.dll
2011-01-16 20:13:08 ----A---- C:\Windows\system32\iccvid.dll
2011-01-16 20:13:07 ----A---- C:\Windows\system32\t2embed.dll
2011-01-16 20:11:52 ----A---- C:\Windows\system32\schannel.dll
2011-01-16 20:11:47 ----A---- C:\Windows\system32\rtutils.dll
2011-01-16 20:08:35 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-16 20:06:51 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2011-01-16 20:06:51 ----A---- C:\Windows\system32\drivers\sdbus.sys
2011-01-16 20:03:44 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-01-16 20:01:36 ----A---- C:\Windows\system32\webio.dll
2011-01-16 20:00:37 ----A---- C:\Windows\system32\srvsvc.dll
2011-01-16 20:00:37 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-01-16 20:00:37 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-01-16 20:00:37 ----A---- C:\Windows\system32\drivers\srv.sys
2011-01-16 19:57:49 ----A---- C:\Windows\system32\wmpmde.dll
2011-01-16 19:53:37 ----A---- C:\Windows\system32\consent.exe
2011-01-16 19:53:36 ----A---- C:\Windows\system32\oleaut32.dll
2011-01-16 19:53:35 ----A---- C:\Windows\system32\StructuredQuery.dll

======List of files/folders modified in the last 1 months======

2011-02-13 00:14:00 ----D---- C:\Windows\Temp
2011-02-13 00:13:59 ----RD---- C:\Program Files
2011-02-12 23:46:37 ----D---- C:\Windows\Downloaded Program Files
2011-02-12 23:29:35 ----SD---- C:\Users\BV-Technika\AppData\Roaming\Microsoft
2011-02-12 23:22:06 ----SHD---- C:\Windows\Installer
2011-02-12 23:22:06 ----D---- C:\Program Files\Common Files
2011-02-12 23:21:55 ----SHD---- C:\System Volume Information
2011-02-12 23:17:46 ----D---- C:\Windows\system32\config
2011-02-12 23:15:05 ----D---- C:\Windows\Prefetch
2011-02-12 23:13:58 ----D---- C:\Windows\System32
2011-02-12 23:12:17 ----D---- C:\Windows\inf
2011-02-12 23:12:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-12 21:45:28 ----D---- C:\Windows\system32\drivers\Avg
2011-02-11 03:25:04 ----D---- C:\Windows\winsxs
2011-02-11 03:19:01 ----D---- C:\Program Files\Internet Explorer
2011-02-11 03:19:00 ----D---- C:\Windows\system32\drivers
2011-02-11 03:01:37 ----A---- C:\Windows\system32\MRT.exe
2011-02-11 03:01:05 ----D---- C:\ProgramData\Microsoft Help
2011-02-09 07:33:15 ----AD---- C:\ProgramData\TEMP
2011-02-09 07:32:37 ----D---- C:\ProgramData\PC Tools
2011-02-09 07:32:31 ----D---- C:\Windows
2011-02-09 06:35:20 ----D---- C:\Windows\system32\catroot2
2011-02-09 06:35:20 ----D---- C:\Windows\system32\catroot
2011-02-08 20:26:50 ----D---- C:\Windows\system32\NDF
2011-02-01 10:04:26 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-28 23:19:42 ----D---- C:\Program Files\PC-Doctor
2011-01-23 18:25:06 ----D---- C:\Program Files\Common Files\Lenovo
2011-01-23 18:25:05 ----D---- C:\Windows\Panther
2011-01-23 18:25:05 ----D---- C:\Windows\Logs
2011-01-23 18:25:05 ----D---- C:\Windows\debug
2011-01-23 18:25:04 ----D---- C:\SWTOOLS
2011-01-23 18:25:04 ----D---- C:\swshare
2011-01-19 13:48:02 ----D---- C:\Windows\LiveKernelReports
2011-01-19 13:37:25 ----HD---- C:\ProgramData
2011-01-19 11:05:44 ----D---- C:\Windows\rescache
2011-01-19 08:50:15 ----D---- C:\Windows\Tasks
2011-01-19 08:50:15 ----D---- C:\Windows\system32\Tasks
2011-01-19 04:22:39 ----D---- C:\Windows\system32\LogFiles
2011-01-18 20:50:53 ----RSD---- C:\Windows\assembly
2011-01-18 20:50:53 ----D---- C:\Windows\Microsoft.NET
2011-01-18 20:12:33 ----D---- C:\Windows\system32\cs-CZ
2011-01-18 20:09:48 ----D---- C:\Windows\system32\en-US
2011-01-18 20:09:46 ----D---- C:\Program Files\Microsoft.NET
2011-01-18 20:03:38 ----D---- C:\Program Files\Windows Live
2011-01-18 20:02:47 ----SD---- C:\ProgramData\Microsoft
2011-01-18 20:02:26 ----D---- C:\Program Files\Common Files\microsoft shared
2011-01-18 20:01:18 ----D---- C:\Windows\SoftwareDistribution
2011-01-17 03:24:54 ----D---- C:\Windows\ehome
2011-01-17 03:24:54 ----D---- C:\Program Files\Windows Mail
2011-01-17 03:24:53 ----D---- C:\Windows\system32\migration
2011-01-17 03:24:52 ----D---- C:\Windows\AppPatch
2011-01-17 03:24:52 ----D---- C:\Program Files\Windows Media Player
2011-01-17 03:24:49 ----D---- C:\Windows\system32\DriverStore
2011-01-16 20:39:28 ----D---- C:\Program Files\Common Files\Adobe
2011-01-16 20:39:27 ----D---- C:\ProgramData\Adobe
2011-01-16 20:39:25 ----D---- C:\Program Files\Adobe
2011-01-16 20:28:45 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AvgRkx86;avgrkx86.sys; C:\Windows\System32\Drivers\avgrkx86.sys [2010-07-09 52872]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx86.sys [2009-06-29 117800]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-12-31 436792]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM86.sys [2009-06-29 20520]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-07-09 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-07-09 29584]
R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-07-09 243024]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr32v.sys [2009-08-23 11552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 regi;regi; C:\Windows\system32\drivers\regi.sys [2007-04-18 11032]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-09-07 48128]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2009-09-15 44544]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2009-09-15 38400]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-03-07 154672]
R3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver; C:\Windows\System32\Drivers\ATSwpWDF.sys [2009-09-01 485376]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-07-22 459264]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-06-23 40832]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-06-30 981504]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-06-30 207360]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2009-08-18 24872]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-07-28 5924864]
R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2010-02-12 33088]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-11 3486208]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2009-07-02 38336]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-06-30 661504]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\pc-doctor\pcdsrvc.pkms [2009-08-18 20848]
S3 PCDSRVC{C4B36920-79E24793-06000000}_0;PCDSRVC{C4B36920-79E24793-06000000}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\progra~1\pc-doc~1\pcdsrvc.pkms [2009-08-18 20848]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbio;usbio; C:\Windows\System32\Drivers\usbio.sys [2008-06-06 29184]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcPrfMgrSvc;AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [2009-10-01 124192]
R2 AcSvc;AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [2009-10-01 242976]
R2 ATService;AuthenTec Fingerprint Service; C:\Windows\system32\AtService.exe [2009-09-01 1692920]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-09 308136]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-12 30312]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2009-07-02 582944]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 dtsvc;Data Transfer Service; C:\Windows\system32\DTS.exe [2009-09-01 98304]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-09-22 858384]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2009-08-18 38176]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 MSSQL$DONE_SQLEXPRESS;SQL Server (DONE_SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-09-22 473360]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-25 239968]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 87904]
R2 SUService;System Update; c:\Program Files\Lenovo\System Update\SUService.exe [2009-09-25 15872]
R2 ThinkVantage Registry Monitor Service;ThinkVantage Registry Monitor Service; C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [2009-08-28 1019904]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
S2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-03-25 490280]
S3 ADMonitor;AD Monitor; C:\Windows\system32\ADMonitor.exe [2009-09-01 106496]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-08-23 75040]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG.exe [2009-06-29 39976]
S3 TVT Backup Service;TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [2009-09-04 1474560]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-14 1343400]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 ApRunSvc;Alps Application Launcher Service; C:\Program Files\Apoint2K\ApRunSvc.exe []
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-25 45408]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

Dobré ranko

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Dobrý den,

tak jsem skoro na 200 tis testovaných souborech a stále čistý... Tak uvidíme na konci.

Konec...

tady je vysledek...

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 5751

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

13.2.2011 11:13:32
mbam-log-2011-02-13 (11-13-32).txt

Typ kontroly: Úplný test (C:\|Q:\|)
Testované objekty: 297067
Uplynulý čas: 1 hodin, 51 minut, 37 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

při spuštění se mi to hádá s AVG...
I když ho natvrdo vypnu přez průzkumníka...
Blbý je že za hodinu odjíždím až do pátku do německa, takže nevím jak to budu mít s připojením k internetu. Tajže se prosím nezlobte když se až do soboty odmlčím... Co s tím AVG???

Omlouvám se, AVG musíte odinstalovat.
Tak se ozvěte, až budete zpět

Výsledek:


ComboFix 11-02-12.02 - BV-Technika 13.02.2011 12:00:18.1.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.1944.996 [GMT 1:00]
Spuštěný z: c:\users\BV-Technika\Desktop\ComboFix.exe
AV: AVG Anti-Virus Business Edition *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Business Edition *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\MLPS\apps\CBEd\CBE\ACTIVATION_104\_desktop.ini
c:\program files\MLPS\apps\CBEd\CBE\ACTIVATION_104\BIN\_desktop.ini
Q:\Autorun.inf

c:\windows\system32\userinit.exe . . . je infikován!!

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-13 do 2011-02-13 )))))))))))))))))))))))))))))))
.

2011-02-13 11:11 . 2011-02-13 11:17 -------- d-----w- c:\users\BV-Technika\AppData\Local\temp
2011-02-13 08:19 . 2011-02-13 08:19 -------- d-----w- c:\users\BV-Technika\AppData\Roaming\Malwarebytes
2011-02-13 08:19 . 2011-02-13 08:19 -------- d-----w- c:\programdata\Malwarebytes
2011-02-13 08:19 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-13 08:19 . 2011-02-13 08:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-13 08:19 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-13 00:45 . 2011-02-13 00:45 -------- d-----w- C:\AuthLog
2011-02-12 23:13 . 2011-02-12 23:14 -------- d-----w- c:\program files\trend micro
2011-02-12 23:13 . 2011-02-12 23:14 -------- d-----w- C:\rsit
2011-02-12 22:46 . 2011-02-12 22:46 -------- d-----w- c:\program files\ESET
2011-02-09 06:27 . 2011-02-09 06:27 -------- d-----w- c:\users\BV-Technika\AppData\Local\Threat Expert
2011-02-01 09:04 . 2011-02-01 09:47 -------- d-----w- c:\program files\Same Deutz-Fahr
2011-01-30 16:39 . 2011-01-30 16:39 -------- d-----w- c:\users\BV-Technika\AppData\Local\ElevatedDiagnostics
2011-01-21 21:19 . 2011-01-21 21:19 -------- d-----w- c:\windows\Sun
2011-01-19 12:37 . 2011-01-19 12:37 -------- d-----w- c:\programdata\IObit
2011-01-19 07:50 . 2011-01-23 16:28 -------- d-----w- c:\users\BV-Technika\AppData\Roaming\IObit
2011-01-19 07:50 . 2011-01-19 07:50 -------- d-----w- c:\program files\IObit
2011-01-18 19:03 . 2011-01-18 19:03 -------- d-----w- c:\windows\cs
2011-01-18 19:03 . 2011-01-18 19:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-01-18 19:01 . 2011-01-18 19:01 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\1a7dc4da1cbb74225\InstallManager_WLE_WLE.exe
2011-01-18 19:01 . 2011-01-18 19:01 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\f8ded1b1cbb74221\MeshBetaRemover.exe
2011-01-18 19:00 . 2011-01-18 19:00 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\3034b181cbb7421a\DSETUP.dll
2011-01-18 19:00 . 2011-01-18 19:00 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\3034b181cbb7421a\DXSETUP.exe
2011-01-18 19:00 . 2011-01-18 19:00 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\3034b181cbb7421a\dsetup32.dll
2011-01-18 19:00 . 2011-01-18 19:00 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\27f4c191cbb74219\DSETUP.dll
2011-01-18 19:00 . 2011-01-18 19:00 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\27f4c191cbb74219\DXSETUP.exe
2011-01-18 19:00 . 2011-01-18 19:00 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\27f4c191cbb74219\dsetup32.dll
2011-01-18 19:00 . 2011-01-18 19:00 -------- d-----w- c:\users\BV-Technika\AppData\Local\Windows Live
2011-01-18 18:59 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-18 18:59 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll
2011-01-18 18:59 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-01-18 09:42 . 2007-02-15 12:42 3903488 ----a-w- c:\windows\system32\vfp9t.dll
2011-01-18 09:42 . 2007-02-15 12:44 1200128 ----a-w- c:\windows\system32\vfp9rcsy.dll
2011-01-18 09:42 . 2007-02-15 12:42 4726784 ----a-w- c:\windows\system32\vfp9r.dll
2011-01-18 09:42 . 2007-02-15 12:13 1187840 ----a-w- c:\windows\system32\vfp9renu.dll
2011-01-18 09:42 . 2004-12-13 20:16 16384 ----a-w- c:\windows\system32\foxhhelpps9.dll
2011-01-18 09:42 . 2004-12-13 20:16 73728 ----a-w- c:\windows\system32\foxhhelp9.exe
2011-01-18 09:41 . 2011-01-18 09:41 103744 ----a-w- c:\windows\system32\MSCOMM32.OCX
2011-01-18 09:41 . 2011-01-18 09:41 -------- d-----w- c:\windows\OleSrv
2011-01-18 09:40 . 2011-01-18 09:40 876032 ----a-w- c:\windows\system32\VFP6RENU.DLL
2011-01-18 09:40 . 2011-01-18 09:40 3373328 ----a-w- c:\windows\system32\VFP6R.DLL
2011-01-18 09:40 . 2011-01-18 09:40 24990 ----a-w- c:\windows\system32\VFP6RUN.EXE
2011-01-18 09:37 . 2007-02-15 12:44 1200128 ----a-w- c:\program files\Common Files\Microsoft Shared\VFP\vfp9rcsy.dll
2011-01-18 09:37 . 2007-02-15 12:42 3903488 ----a-w- c:\program files\Common Files\Microsoft Shared\VFP\vfp9t.dll
2011-01-18 09:37 . 2007-02-15 12:42 4726784 ----a-w- c:\program files\Common Files\Microsoft Shared\VFP\vfp9r.dll
2011-01-18 09:37 . 2007-02-15 12:13 1187840 ----a-w- c:\program files\Common Files\Microsoft Shared\VFP\vfp9renu.dll
2011-01-18 09:37 . 2004-12-13 20:16 16384 ----a-w- c:\program files\Common Files\Microsoft Shared\VFP\foxhhelpps9.dll
2011-01-18 09:37 . 2004-12-13 20:16 73728 ----a-w- c:\program files\Common Files\Microsoft Shared\VFP\foxhhelp9.exe
2011-01-18 09:37 . 2011-02-12 22:14 -------- d-----w- C:\klient
2011-01-18 09:35 . 2011-02-13 11:16 -------- d-----w- c:\users\BV-Technika\AppData\Local\LogMeIn Hamachi
2011-01-18 09:33 . 2011-01-18 09:33 -------- d-----w- c:\program files\LogMeIn Hamachi
2011-01-17 02:01 . 2010-03-04 04:04 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-01-17 02:01 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2011-01-16 19:32 . 2011-01-16 19:32 -------- d-----w- c:\program files\Common Files\Java
2011-01-16 19:26 . 2010-08-31 04:32 954752 ----a-w- c:\windows\system32\mfc40.dll
2011-01-16 19:26 . 2010-08-31 04:32 954288 ----a-w- c:\windows\system32\mfc40u.dll
2011-01-16 19:16 . 2010-10-27 04:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-01-16 19:16 . 2010-11-02 04:39 749056 ----a-w- c:\windows\system32\schedsvc.dll
2011-01-16 19:16 . 2010-11-02 04:41 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-01-16 19:16 . 2010-11-02 04:40 496128 ----a-w- c:\windows\system32\taskschd.dll
2011-01-16 19:16 . 2010-11-02 04:40 305152 ----a-w- c:\windows\system32\taskcomp.dll
2011-01-16 19:16 . 2010-11-02 04:34 192000 ----a-w- c:\windows\system32\taskeng.exe
2011-01-16 19:16 . 2010-11-02 04:34 179712 ----a-w- c:\windows\system32\schtasks.exe
2011-01-16 19:13 . 2010-07-29 06:30 197632 ----a-w- c:\windows\system32\ir32_32.dll
2011-01-16 19:13 . 2010-07-29 06:30 82944 ----a-w- c:\windows\system32\iccvid.dll
2011-01-16 19:13 . 2010-08-26 04:39 109056 ----a-w- c:\windows\system32\t2embed.dll
2011-01-16 19:11 . 2010-08-21 05:36 224256 ----a-w- c:\windows\system32\schannel.dll
2011-01-16 19:11 . 2010-06-19 06:23 37376 ----a-w- c:\windows\system32\rtutils.dll
2011-01-16 19:08 . 2011-01-19 07:12 -------- d-----w- c:\program files\Microsoft Silverlight
2011-01-16 19:06 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-01-16 19:06 . 2009-10-10 02:31 84992 ----a-w- c:\windows\system32\drivers\sdbus.sys
2011-01-16 19:03 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-01-16 19:01 . 2010-10-16 04:36 314368 ----a-w- c:\windows\system32\webio.dll
2011-01-16 19:00 . 2010-08-27 05:46 168448 ----a-w- c:\windows\system32\srvsvc.dll
2011-01-16 19:00 . 2010-08-27 03:31 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2011-01-16 19:00 . 2010-08-27 03:30 308736 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-01-16 19:00 . 2010-08-27 03:30 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-01-16 18:57 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll
2011-01-16 18:53 . 2010-10-19 08:10 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-01-16 18:53 . 2010-10-16 04:41 101760 ----a-w- c:\windows\system32\consent.exe
2011-01-16 18:53 . 2010-04-07 07:10 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-01-16 18:53 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-03-13 68976]
"LENOVO.TPFNF6R"="c:\program files\Lenovo\HOTKEY\TPFNF6R.exe" [2009-08-20 62752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-03 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-03 151064]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2009-08-23 709920]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-28 49976]
"AcWin7Hlpr"="c:\program files\Lenovo\Access Connections\AcTBenabler.exe" [2009-10-14 36864]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-12-06 1910152]
"4-Day Forecast"="c:\program files\Meteo\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe" [2008-07-02 1064960]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2009-7-2 795936]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2010-2-12 50688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
R2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2009-09-01 106496]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2009-08-18 20848]
R3 PCDSRVC{C4B36920-79E24793-06000000}_0;PCDSRVC{C4B36920-79E24793-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\pcdsrvc.pkms [2009-08-18 20848]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-08-23 75040]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-14 1343400]
R4 ApRunSvc;Alps Application Launcher Service;c:\program files\Apoint2K\ApRunSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-12-31 436792]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2009-06-29 20520]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [2009-09-01 1692920]
S2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2009-09-01 98304]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
S2 MSSQL$DONE_SQLEXPRESS;SQL Server (DONE_SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-09-01 485376]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2009-07-02 38336]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HsfXAudioService REG_MULTI_SZ HsfXAudioService
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'

2011-02-13 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2011-01-19 15:19]

2011-02-08 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\pcdr5cuiw32.exe [2009-10-08 21:43]

2011-02-13 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdr5cuiw32.exe [2009-10-08 21:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
Trusted Zone: kramp.cz\www
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-Locked - (no file)



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{3037D694-FD904ACA-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc.pkms"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{C4B36920-79E24793-06000000}_0]
"ImagePath"="\??\c:\progra~1\pc-doc~1\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(1344)
c:\program files\ThinkPad\Bluetooth Software\btmmhook.dll
c:\program files\Lenovo\Access Connections\ACDeskBand.dll
c:\program files\Lenovo\Access Connections\AcLocSettings.dll
c:\program files\Lenovo\Access Connections\AcSvcStub.dll
c:\program files\Lenovo\Access Connections\ACHelper.dll
c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\US\PWMRT32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\PWMIF32V.DLL
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\System32\rundll32.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Lenovo\Access Connections\AcSvc.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Lenovo\Access Connections\SvcGuiHlpr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\ThinkPad\Bluetooth Software\BtStackServer.exe
c:\windows\system32\DllHost.exe
c:\program files\ThinkPad\Bluetooth Software\btwdins.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\windows\system32\sppsvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
.
**************************************************************************
.
Celkový čas: 2011-02-13 12:21:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-13 11:21

Před spuštěním: Volných bajtů: 129 934 606 336
Po spuštění: Volných bajtů: 129 556 504 576

- - End Of File - - 1731CE8E1CEB6C6CF5BD54225A22516A

Zazálohujte si důležitá data, pro jistotu

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka
-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

Tady to je ale stejne to slo dloho ten start...

ComboFix 11-02-12.02 - BV-Technika 13.02.2011 13:02:57.2.2 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1250.420.1029.18.1944.933 [GMT 1:00]
Spuštěný z: c:\users\BV-Technika\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\BV-Technika\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

Nakažená kopie c:\windows\system32\userinit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\userinit.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2011-01-13 do 2011-02-13 )))))))))))))))))))))))))))))))
.

2011-02-13 12:09 . 2011-02-13 12:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-13 11:21 . 2011-02-13 12:15 -------- d-----w- c:\users\BV-Technika\AppData\Local\temp
2011-02-13 08:19 . 2011-02-13 08:19 -------- d-----w- c:\users\BV-Technika\AppData\Roaming\Malwarebytes
2011-02-13 08:19 . 2011-02-13 08:19 -------- d-----w- c:\programdata\Malwarebytes
2011-02-13 08:19 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-02-13 08:19 . 2011-02-13 08:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-02-13 08:19 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-13 00:45 . 2011-02-13 00:45 -------- d-----w- C:\AuthLog
2011-02-12 23:13 . 2011-02-12 23:14 -------- d-----w- c:\program files\trend micro
2011-02-12 23:13 . 2011-02-12 23:14 -------- d-----w- C:\rsit
2011-02-12 22:46 . 2011-02-12 22:46 -------- d-----w- c:\program files\ESET
2011-02-09 06:27 . 2011-02-09 06:27 -------- d-----w- c:\users\BV-Technika\AppData\Local\Threat Expert
2011-02-01 09:04 . 2011-02-01 09:47 -------- d-----w- c:\program files\Same Deutz-Fahr
2011-01-30 16:39 . 2011-01-30 16:39 -------- d-----w- c:\users\BV-Technika\AppData\Local\ElevatedDiagnostics
2011-01-21 21:19 . 2011-01-21 21:19 -------- d-----w- c:\windows\Sun
2011-01-19 12:37 . 2011-01-19 12:37 -------- d-----w- c:\programdata\IObit
2011-01-19 07:50 . 2011-01-23 16:28 -------- d-----w- c:\users\BV-Technika\AppData\Roaming\IObit
2011-01-19 07:50 . 2011-01-19 07:50 -------- d-----w- c:\program files\IObit
2011-01-18 19:03 . 2011-01-18 19:03 -------- d-----w- c:\windows\cs
2011-01-18 19:03 . 2011-01-18 19:03 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-01-18 19:01 . 2011-01-18 19:01 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\1a7dc4da1cbb74225\InstallManager_WLE_WLE.exe
2011-01-18 19:01 . 2011-01-18 19:01 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\f8ded1b1cbb74221\MeshBetaRemover.exe
2011-01-18 19:00 . 2011-01-18 19:00 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\3034b181cbb7421a\DSETUP.dll
2011-01-18 19:00 . 2011-01-18 19:00 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\3034b181cbb7421a\DXSETUP.exe
2011-01-18 19:00 . 2011-01-18 19:00 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\3034b181cbb7421a\dsetup32.dll
2011-01-18 19:00 . 2011-01-18 19:00 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\27f4c191cbb74219\DSETUP.dll
2011-01-18 19:00 . 2011-01-18 19:00 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\27f4c191cbb74219\DXSETUP.exe
2011-01-18 19:00 . 2011-01-18 19:00 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\27f4c191cbb74219\dsetup32.dll
2011-01-18 19:00 . 2011-01-18 19:00 -------- d-----w- c:\users\BV-Technika\AppData\Local\Windows Live
2011-01-18 18:59 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-18 18:59 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll
2011-01-18 18:59 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2011-01-18 09:42 . 2007-02-15 12:42 3903488 ----a-w- c:\windows\system32\vfp9t.dll
2011-01-18 09:42 . 2007-02-15 12:44 1200128 ----a-w- c:\windows\system32\vfp9rcsy.dll
2011-01-18 09:42 . 2007-02-15 12:42 4726784 ----a-w- c:\windows\system32\vfp9r.dll
2011-01-18 09:42 . 2007-02-15 12:13 1187840 ----a-w- c:\windows\system32\vfp9renu.dll
2011-01-18 09:42 . 2004-12-13 20:16 16384 ----a-w- c:\windows\system32\foxhhelpps9.dll
2011-01-18 09:42 . 2004-12-13 20:16 73728 ----a-w- c:\windows\system32\foxhhelp9.exe
2011-01-18 09:41 . 2011-01-18 09:41 103744 ----a-w- c:\windows\system32\MSCOMM32.OCX
2011-01-18 09:41 . 2011-01-18 09:41 -------- d-----w- c:\windows\OleSrv
2011-01-18 09:40 . 2011-01-18 09:40 876032 ----a-w- c:\windows\system32\VFP6RENU.DLL
2011-01-18 09:40 . 2011-01-18 09:40 3373328 ----a-w- c:\windows\system32\VFP6R.DLL
2011-01-18 09:40 . 2011-01-18 09:40 24990 ----a-w- c:\windows\system32\VFP6RUN.EXE
2011-01-18 09:37 . 2007-02-15 12:44 1200128 ----a-w- c:\program files\Common Files\Microsoft Shared\VFP\vfp9rcsy.dll
2011-01-18 09:37 . 2007-02-15 12:42 3903488 ----a-w- c:\program files\Common Files\Microsoft Shared\VFP\vfp9t.dll
2011-01-18 09:37 . 2007-02-15 12:42 4726784 ----a-w- c:\program files\Common Files\Microsoft Shared\VFP\vfp9r.dll
2011-01-18 09:37 . 2007-02-15 12:13 1187840 ----a-w- c:\program files\Common Files\Microsoft Shared\VFP\vfp9renu.dll
2011-01-18 09:37 . 2004-12-13 20:16 16384 ----a-w- c:\program files\Common Files\Microsoft Shared\VFP\foxhhelpps9.dll
2011-01-18 09:37 . 2004-12-13 20:16 73728 ----a-w- c:\program files\Common Files\Microsoft Shared\VFP\foxhhelp9.exe
2011-01-18 09:37 . 2011-02-12 22:14 -------- d-----w- C:\klient
2011-01-18 09:35 . 2011-02-13 12:15 -------- d-----w- c:\users\BV-Technika\AppData\Local\LogMeIn Hamachi
2011-01-18 09:33 . 2011-01-18 09:33 -------- d-----w- c:\program files\LogMeIn Hamachi
2011-01-17 02:01 . 2010-03-04 04:04 146304 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-01-17 02:01 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2011-01-16 19:32 . 2011-01-16 19:32 -------- d-----w- c:\program files\Common Files\Java
2011-01-16 19:26 . 2010-08-31 04:32 954752 ----a-w- c:\windows\system32\mfc40.dll
2011-01-16 19:26 . 2010-08-31 04:32 954288 ----a-w- c:\windows\system32\mfc40u.dll
2011-01-16 19:16 . 2010-10-27 04:32 2048 ----a-w- c:\windows\system32\tzres.dll
2011-01-16 19:16 . 2010-11-02 04:39 749056 ----a-w- c:\windows\system32\schedsvc.dll
2011-01-16 19:16 . 2010-11-02 04:41 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-01-16 19:16 . 2010-11-02 04:40 496128 ----a-w- c:\windows\system32\taskschd.dll
2011-01-16 19:16 . 2010-11-02 04:40 305152 ----a-w- c:\windows\system32\taskcomp.dll
2011-01-16 19:16 . 2010-11-02 04:34 192000 ----a-w- c:\windows\system32\taskeng.exe
2011-01-16 19:16 . 2010-11-02 04:34 179712 ----a-w- c:\windows\system32\schtasks.exe
2011-01-16 19:13 . 2010-07-29 06:30 197632 ----a-w- c:\windows\system32\ir32_32.dll
2011-01-16 19:13 . 2010-07-29 06:30 82944 ----a-w- c:\windows\system32\iccvid.dll
2011-01-16 19:13 . 2010-08-26 04:39 109056 ----a-w- c:\windows\system32\t2embed.dll
2011-01-16 19:11 . 2010-08-21 05:36 224256 ----a-w- c:\windows\system32\schannel.dll
2011-01-16 19:11 . 2010-06-19 06:23 37376 ----a-w- c:\windows\system32\rtutils.dll
2011-01-16 19:08 . 2011-01-19 07:12 -------- d-----w- c:\program files\Microsoft Silverlight
2011-01-16 19:06 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-01-16 19:06 . 2009-10-10 02:31 84992 ----a-w- c:\windows\system32\drivers\sdbus.sys
2011-01-16 19:03 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-01-16 19:01 . 2010-10-16 04:36 314368 ----a-w- c:\windows\system32\webio.dll
2011-01-16 19:00 . 2010-08-27 05:46 168448 ----a-w- c:\windows\system32\srvsvc.dll
2011-01-16 19:00 . 2010-08-27 03:31 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2011-01-16 19:00 . 2010-08-27 03:30 308736 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-01-16 19:00 . 2010-08-27 03:30 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-01-16 18:57 . 2010-08-21 05:36 738816 ----a-w- c:\windows\system32\wmpmde.dll
2011-01-16 18:53 . 2010-10-19 08:10 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-01-16 18:53 . 2010-10-16 04:41 101760 ----a-w- c:\windows\system32\consent.exe
2011-01-16 18:53 . 2010-04-07 07:10 571904 ----a-w- c:\windows\system32\oleaut32.dll
2011-01-16 18:53 . 2010-05-05 06:46 363520 ----a-w- c:\windows\system32\StructuredQuery.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

(((((((((((((((((((((((((((((((((((((((((( SR_Search ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FingerPrintSoftware"="c:\program files\Lenovo Fingerprint Software\fpapp.exe \s" [X]
"TPHOTKEY"="c:\program files\Lenovo\HOTKEY\TPOSDSVC.exe" [2009-03-13 68976]
"LENOVO.TPFNF6R"="c:\program files\Lenovo\HOTKEY\TPFNF6R.exe" [2009-08-20 62752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-03 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-03 151064]
"PWMTRV"="c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL" [2009-08-23 709920]
"Message Center Plus"="c:\program files\LENOVO\Message Center Plus\MCPLaunch.exe" [2009-05-28 49976]
"AcWin7Hlpr"="c:\program files\Lenovo\Access Connections\AcTBenabler.exe" [2009-10-14 36864]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-12-06 1910152]
"4-Day Forecast"="c:\program files\Meteo\4-Day Forecast\4-Day Forecast\4-Day Forecast.exe" [2008-07-02 1064960]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2009-7-2 795936]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2010-2-12 50688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2009-07-03 45424]
R2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
R3 ADMonitor;AD Monitor;c:\windows\system32\ADMonitor.exe [2009-09-01 106496]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 PCDSRVC{3037D694-FD904ACA-06000000}_0;PCDSRVC{3037D694-FD904ACA-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor\pcdsrvc.pkms [2009-08-18 20848]
R3 PCDSRVC{C4B36920-79E24793-06000000}_0;PCDSRVC{C4B36920-79E24793-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\pcdsrvc.pkms [2009-08-18 20848]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.EXE [2009-08-23 75040]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-07-14 1343400]
R4 ApRunSvc;Alps Application Launcher Service;c:\program files\Apoint2K\ApRunSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-12-31 436792]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM86.sys [2009-06-29 20520]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiif32.sys [2008-05-12 13480]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 ATService;AuthenTec Fingerprint Service;c:\windows\system32\AtService.exe [2009-09-01 1692920]
S2 dtsvc;Data Transfer Service;c:\windows\system32\DTS.exe [2009-09-01 98304]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 1238408]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 MSSQL$DONE_SQLEXPRESS;SQL Server (DONE_SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2009-07-15 62320]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-09-01 485376]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2009-07-02 38336]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HsfXAudioService REG_MULTI_SZ HsfXAudioService
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'

2011-02-13 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2011-01-19 15:19]

2011-02-08 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\PC-Doctor\pcdr5cuiw32.exe [2009-10-08 21:43]

2011-02-13 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\PC-Doctor\pcdr5cuiw32.exe [2009-10-08 21:43]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
Trusted Zone: kramp.cz\www
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{3037D694-FD904ACA-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor\pcdsrvc.pkms"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{C4B36920-79E24793-06000000}_0]
"ImagePath"="\??\c:\progra~1\pc-doc~1\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(4848)
c:\program files\ThinkPad\Bluetooth Software\btmmhook.dll
c:\program files\Lenovo\Access Connections\ACDeskBand.dll
c:\program files\Lenovo\Access Connections\AcLocSettings.dll
c:\program files\Lenovo\Access Connections\AcSvcStub.dll
c:\program files\Lenovo\Access Connections\ACHelper.dll
c:\progra~1\ThinkPad\UTILIT~1\PWMTR32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\US\PWMRT32V.DLL
c:\progra~1\ThinkPad\UTILIT~1\PWMIF32V.DLL
c:\program files\ThinkPad\Bluetooth Software\btncopy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\ibmpmsvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Lenovo\Access Connections\AcSvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\System32\rundll32.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Lenovo\HOTKEY\TPONSCR.exe
c:\program files\Lenovo\Zoom\TpScrex.exe
c:\program files\ThinkPad\Bluetooth Software\BtStackServer.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\program files\ThinkPad\Bluetooth Software\btwdins.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\windows\system32\sppsvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Lenovo\System Update\SUService.exe
c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
.
**************************************************************************
.
Celkový čas: 2011-02-13 13:19:16 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-13 12:19
ComboFix2.txt 2011-02-13 11:21

Před spuštěním: Volných bajtů: 129 740 144 640
Po spuštění: Volných bajtů: 130 256 556 032

- - End Of File - - 5B24303FDAE4D47330F25F5EF1BBCDF9

Musím letět.... jakmile se dostanu na net, budu pokračovat podle vašich instrukcí... Zatím díky...

Otestujte na www.virustotal.com
c:\windows\system32\drivers\ApsHM86.sys

Virustotal is a service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...

0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware.
File name: ApsHM86.sys
Submission date: 2011-02-18 19:08:22 (UTC)
Current status: queued (#43) queued (#43) analysing finished


Result: 0/ 42 (0.0%)
VT Community

not reviewed
Safety score: -
Compact Print results Antivirus Version Last Update Result
AhnLab-V3 2011.02.14.02 2011.02.14 -
AntiVir 7.11.3.144 2011.02.18 -
Antiy-AVL 2.0.3.7 2011.02.18 -
Avast 4.8.1351.0 2011.02.18 -
Avast5 5.0.677.0 2011.02.18 -
AVG 10.0.0.1190 2011.02.18 -
BitDefender 7.2 2011.02.18 -
CAT-QuickHeal 11.00 2011.02.18 -
ClamAV 0.96.4.0 2011.02.18 -
Commtouch 5.2.11.5 2011.02.18 -
Comodo 7735 2011.02.18 -
DrWeb 5.0.2.03300 2011.02.18 -
Emsisoft 5.1.0.2 2011.02.18 -
eTrust-Vet 36.1.8168 2011.02.18 -
F-Prot 4.6.2.117 2011.02.18 -
F-Secure 9.0.16160.0 2011.02.18 -
Fortinet 4.2.254.0 2011.02.18 -
GData 21 2011.02.18 -
Ikarus T3.1.1.97.0 2011.02.18 -
Jiangmin 13.0.900 2011.02.18 -
K7AntiVirus 9.87.3898 2011.02.18 -
Kaspersky 7.0.0.125 2011.02.18 -
McAfee 5.400.0.1158 2011.02.18 -
McAfee-GW-Edition 2010.1C 2011.02.18 -
Microsoft 1.6502 2011.02.18 -
NOD32 5887 2011.02.18 -
Norman 6.07.03 2011.02.18 -
nProtect 2011-02-10.01 2011.02.15 -
Panda 10.0.3.5 2011.02.18 -
PCTools 7.0.3.5 2011.02.18 -
Prevx 3.0 2011.02.18 -
Rising 23.45.04.06 2011.02.18 -
Sophos 4.61.0 2011.02.18 -
SUPERAntiSpyware 4.40.0.1006 2011.02.18 -
Symantec 20101.3.0.103 2011.02.18 -
TheHacker 6.7.0.1.132 2011.02.17 -
TrendMicro 9.200.0.1012 2011.02.18 -
TrendMicro-HouseCall 9.200.0.1012 2011.02.15 -
VBA32 3.12.14.3 2011.02.18 -
VIPRE 8464 2011.02.18 -
ViRobot 2011.2.18.4317 2011.02.18 -
VirusBuster 13.6.208.0 2011.02.18 -
Additional informationShow all
MD5 : 521866a3ce5a1a69b4b4a87bdb52be26
SHA1 : 5db782f8139c95e379a823bead75263a80b80175
SHA256: 686b19ac5742da702bed45ad7f6aefd0a4ebad03f0060bf3aa4a67438ea77984
ssdeep: 384:NoTXvGT+s5Tay0JEDzDJYJLWd6jvQqM+tbM:NojvGCK4Ja3kLAmZbM
File size : 20520 bytes
First seen: 2009-10-12 14:57:58
Last seen : 2011-02-18 19:08:22
TrID:
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
sigcheck:
publisher....: Lenovo.
copyright....: Copyright (C) Lenovo. 2005,2009. All rights reserved.
product......: ThinkVantage Active Protection System
description..: ThinkVantage Active Protection System HID Digitizer Activity Monitor Driver
original name: ApsHM86.sys
internal name: ApsHM86.sys
file version.: 1.70.0.7 built by: WinDDK
comments.....: n/a
signers......: Lenovo(Japan)Ltd.
VeriSign Class 3 Code Signing 2004 CA
Class 3 Public Primary Certification Authority
signing date.: 8:58 AM 6/18/2009
verified.....: -

PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x61D6
timedatestamp....: 0x4A39E885 (Thu Jun 18 07:11:01 2009)
machinetype......: 0x14c (I386)

[[ 7 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
.text, 0x1000, 0x105C, 0x1200, 5.76, 5e62aa66ba28d6f8ef17c37e1054093b
.rdata, 0x3000, 0x12E, 0x200, 3.16, ef1de346139f2c116a70fefd6da769f3
.data, 0x4000, 0x11, 0x200, 0.26, 47e64f2c9d0b51a8bd487f8d524639ac
PAGE, 0x5000, 0x94C, 0xA00, 5.88, 61690c603fb5ed2273656aed9697057a
INIT, 0x6000, 0x644, 0x800, 5.00, 3493a791fb96801142f0c79450848a6e
.rsrc, 0x7000, 0x428, 0x600, 2.55, fb752aa8c593b950a9629637c7280b48
.reloc, 0x8000, 0x214, 0x400, 3.00, 91404e59d99dbe1107681426129a6a25

[[ 2 import(s) ]]
ntoskrnl.exe: ExAllocatePoolWithTag, IoAllocateDriverObjectExtension, memset, IoGetDriverObjectExtension, IofCompleteRequest, IofCallDriver, KeSetEvent, PoCallDriver, PoStartNextPowerIrp, KeWaitForSingleObject, KeInitializeEvent, IoDeleteDevice, KeInitializeMutex, IoCreateDevice, ObfDereferenceObject, PsTerminateSystemThread, RtlCopyUnicodeString, KeSetPriorityThread, IoGetDeviceObjectPointer, RtlInitUnicodeString, KeClearEvent, KeWaitForMultipleObjects, KeGetCurrentThread, ZwClose, ObReferenceObjectByHandle, PsCreateSystemThread, KeReleaseMutex, IoBuildDeviceIoControlRequest, RtlUpcaseUnicodeChar, IoGetDeviceProperty, IoAttachDeviceToDeviceStack, IoDetachDevice, KeTickCount, KeQueryPriorityThread, ExFreePoolWithTag, PsGetVersion, MmGetSystemRoutineAddress
HAL.dll: KeGetCurrentIrql



VT Community

0
This file has never been reviewed by any VT Community member. Be the first one to comment on it!
VirusTotal Team
Add your comment... Remember that when you write comments as an anonymous user they receive the lowest possible reputation. So if you have not signed in yet don't forget to do so. How to markup your comments?

You can add basic styles to your comments using the following accepted bbcode tags:

text -- bold
text -- italics
text -- underline
[s]text[/s] -- strikethrough -- preformatted text

You can also address comments to particular users using the "@" twitter-like mode. By prepending a "#" symbol to a word you can add custom tags to your comment, tags that can then be searched for.

Goodware Malware Spam attachment/link
P2P download Propagating via IM Network worm
Drive-by-download



Anonymous limit exceeded: anonymous users can only make one comment per file or URL, either sign in or register in order to continue making reviews on this item. Note that anonymous user discrimination is based on IP addresses, hence, it may be possible that another user behind your same proxy or NAT connection already made a review.

Preview commentEdit comment Post comment Posting comment...
Comment successfully posted







ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
VirusTotal © Hispasec Sistemas - Blog - Twitter - Contact: info@virustotal.com- TOS & Privacy Policy

Dobrý den, jsem zpět. A noťas stále blbne... Co radíte???