pomalý net + nejde udělat záloha systému v žádném programu

Zpráva

hudger · #1 Příspěvek od **hudger** » 26 zář 2011 13:57

Dobrý den,
chtěl bych poprosit o pomoc. Mám nejakou havět v PC jelikož mi nejde dobře net a nejde mi udělat záloha systému.
posílám log z RSIT.
předem děkuji

Logfile of random's system information tool 1.09 (written by random/random)
Run by Roman at 2011-09-26 14:55:18
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 22 GB (22%) free of 100 GB
Total RAM: 3068 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:55:35, on 26.9.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe
C:\Program Files\Acronis\DriveMonitor\adm_tray.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\System32\oodtray.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\Roman\AppData\Roaming\QipGuard\QipGuard.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\Users\Roman\Desktop\auv-p22487.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Roman\Desktop\RSIT.exe
C:\Program Files\trend micro\Roman.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Roman\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Roman\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKLM\..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [adm_tray.exe] C:\Program Files\Acronis\DriveMonitor\adm_tray.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [OODefragTray] C:\Windows\system32\oodtray.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NI Background Service] C:\Program Files\National Instruments\Shared\Update Service\BackgroundService.exe
O4 - HKLM\..\RunOnce: [aswAhAScr.dll] "C:\Program Files\AVAST Software\Avast\aswRegSvr.exe" "C:\Program Files\AVAST Software\Avast\AhAScr.dll"
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\Roman\AppData\Roaming\QipGuard\QipGuard.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP Infium\infium.exe" /autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.6\ICQ.exe" silent loginmode=4
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10w_Plugin.exe -update plugin
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AMD Reservation Manager - Advanced Micro Devices - C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - National Instruments, Inc. - C:\Windows\system32\lkcitdl.exe
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - National Instruments Corporation - C:\Windows\system32\lkads.exe
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - National Instruments Corporation - C:\Windows\system32\lktsrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: National Instruments Domain Service (NIDomainService) - National Instruments Corporation - C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments Corporation - C:\Windows\system32\nisvcloc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Windows\system32\oodag.exe

--
End of file - 10003 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\3rtba7fi.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.9]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
nplv86win32.dll
nplv90win32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\3rtba7fi.default\extensions\
{32a1fd71-835e-4b11-8e54-886fda0b4c89}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

C:\Users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\3rtba7fi.default\searchplugins\
qip-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Roman\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-10-25 140752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-07-04 820864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-12-17 4114368]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-12-17 6223808]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2010-06-06 307768]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe [2010-06-06 487992]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-01-26 336384]
"adm_tray.exe"=C:\Program Files\Acronis\DriveMonitor\adm_tray.exe [2010-06-04 530768]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2009-10-27 365560]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-07-04 3493720]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224]
"OODefragTray"=C:\Windows\system32\oodtray.exe [2007-05-11 2512392]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"NI Background Service"=C:\Program Files\National Instruments\Shared\Update Service\BackgroundService.exe [2009-08-25 77824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"aswAhAScr.dll"=C:\Program Files\AVAST Software\Avast\aswRegSvr.exe [2011-02-23 22016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"=C:\Users\Roman\AppData\Roaming\QipGuard\QipGuard.exe [2011-05-11 191360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"Infium"=C:\Program Files\QIP Infium\infium.exe [2011-05-11 6848384]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"ICQ"=C:\Program Files\ICQ7.6\ICQ.exe [2011-08-29 127040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil10w_Plugin.exe [2011-09-16 243360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Roman^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeRapid 0.85u1.lnk]
H:\Soft\Soft\FREERA~1.85~\frd.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2010-11-20 229376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-09-17 23:07:41 ----D---- C:\Users\Roman\AppData\Roaming\HPAppData
2011-09-17 22:14:42 ----D---- C:\Program Files\Memostation
2011-09-15 20:43:13 ----D---- C:\Program Files\All Ten Fingers
2011-09-01 12:46:53 ----D---- C:\winnt
2011-09-01 12:46:53 ----D---- C:\phptriad
2011-09-01 12:46:45 ----D---- C:\apache
2011-09-01 12:39:03 ----D---- C:\goldenrod

======List of files/folders modified in the last 1 month======

2011-09-26 14:55:34 ----D---- C:\Windows\Temp
2011-09-26 14:55:33 ----D---- C:\Program Files\trend micro
2011-09-26 14:49:26 ----D---- C:\Windows\Minidump
2011-09-26 14:49:26 ----D---- C:\Windows\debug
2011-09-26 14:49:26 ----D---- C:\Windows
2011-09-26 14:49:26 ----D---- C:\Users\Roman\AppData\Roaming\TS3Client
2011-09-26 14:46:04 ----D---- C:\Windows\Prefetch
2011-09-26 14:07:11 ----D---- C:\Users\Roman\AppData\Roaming\uTorrent
2011-09-26 12:27:37 ----D---- C:\Users\Roman\AppData\Roaming\vlc
2011-09-23 21:06:18 ----SHD---- C:\System Volume Information
2011-09-19 07:19:00 ----AD---- C:\ProgramData\Temp
2011-09-18 07:39:38 ----D---- C:\Windows\System32
2011-09-17 22:15:23 ----RSD---- C:\Windows\Fonts
2011-09-17 22:14:42 ----RD---- C:\Program Files
2011-09-17 09:38:01 ----D---- C:\Windows\system32\oodag
2011-09-16 18:32:55 ----D---- C:\Windows\system32\catroot2
2011-09-15 14:05:00 ----D---- C:\Windows\inf
2011-09-15 14:05:00 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-09-15 14:01:25 ----D---- C:\Program Files\ICQ7.6
2011-09-12 14:07:53 ----D---- C:\Program Files\Mozilla Firefox
2011-09-08 19:26:10 ----D---- C:\Users\Roman\AppData\Roaming\ICQ
2011-09-06 22:45:29 ----A---- C:\Windows\system32\aswBoot.exe
2011-09-05 11:08:37 ----D---- C:\Windows\system32\wdi
2011-09-04 11:41:21 ----D---- C:\Windows\system32\config

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2010-06-06 14392]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
R2 cvintdrv;cvintdrv; C:\Windows\system32\drivers\cvintdrv.sys [2009-05-29 4096]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-27 7566848]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-01-27 238592]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-06-06 217136]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-11-05 2494968]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-06-06 86056]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-06-06 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-06 29472]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-06 18472]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2010-06-06 506880]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x86.sys [2010-06-06 58368]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-10-19 31288]
R3 usbsmi;Lenovo EasyCamera; C:\Windows\system32\DRIVERS\SMIksdrv.sys [2009-10-16 171776]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-27 7566848]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 393216]
S3 catchme;catchme; \??\C:\Users\Roman\AppData\Local\Temp\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-06-06 174592]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 wsvd;wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
S4 RsFx0150;RsFx0150 Driver; C:\Windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2009-10-27 660504]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-01-27 176128]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-26 284672]
R2 AMD Reservation Manager;AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 140224]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-07-04 42184]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-09-04 595232]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 lkClassAds;National Instruments PSP Server Locator; C:\Windows\system32\lkads.exe [2009-06-18 42544]
R2 lkTimeSync;National Instruments Time Synchronization; C:\Windows\system32\lktsrv.exe [2009-06-18 53296]
R2 MSSQL$SQL;SQL Server (SQL); C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL\MSSQL\Binn\sqlservr.exe [2011-04-24 42872672]
R2 NIDomainService;National Instruments Domain Service; C:\Program Files\National Instruments\Shared\Security\nidmsrv.exe [2009-06-18 356912]
R2 niSvcLoc;NI Service Locator; C:\Windows\system32\nisvcloc.exe [2009-06-04 13896]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 97632]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 O&O Defrag;O&O Defrag; C:\Windows\system32\oodag.exe [2007-05-11 1050120]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-05-18 655624]
S3 LkCitadelServer;Lookout Citadel Server; C:\Windows\system32\lkcitdl.exe [2008-10-31 695136]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-27 1343400]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
S4 NILM License Manager;NILM License Manager; C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe [2009-09-18 1007616]
S4 SQLAgent$SQL;SQL Server Agent (SQL); C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQL\MSSQL\Binn\SQLAGENT.EXE [2011-04-24 367456]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 26 zář 2011 17:59

Zdravím!
Poprosím o log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

hudger · #3 Příspěvek od **hudger** » 26 zář 2011 18:50

zde je log z CB

ComboFix 11-09-26.01 - Roman 26.09.2011 19:35:44.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3068.1913 [GMT 2:00]
Spuštěný z: c:\users\Roman\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-26 do 2011-09-26 )))))))))))))))))))))))))))))))
.
.
2011-09-26 17:41 . 2011-09-26 17:41 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-09-26 17:41 . 2011-09-26 17:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-26 13:17 . 2011-09-26 13:18 -------- d-----w- c:\program files\CrystalDiskInfo
2011-09-20 15:11 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9C28B25-CAD3-4F37-9388-C239DC457009}\mpengine.dll
2011-09-17 21:07 . 2011-09-17 21:07 -------- d-----w- c:\users\Roman\AppData\Roaming\HPAppData
2011-09-17 20:14 . 2011-09-19 05:20 -------- d-----w- c:\program files\Memostation
2011-09-15 18:43 . 2011-09-15 18:43 -------- d-----w- c:\program files\All Ten Fingers
2011-09-01 10:46 . 2011-09-01 10:49 -------- d-----w- C:\phptriad
2011-09-01 10:46 . 2011-09-01 10:46 -------- d-----w- C:\winnt
2011-09-01 10:46 . 2011-09-01 10:46 -------- d-----w- C:\apache
2011-09-01 10:39 . 2011-09-01 10:49 -------- d-----w- C:\goldenrod
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-26 13:03 . 2011-05-18 21:53 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 20:45 . 2011-03-27 09:34 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-03-27 09:34 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-03-27 09:35 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-03-27 09:35 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-03-27 09:35 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-03-27 09:35 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-03-27 09:35 54616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2011-03-27 09:35 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-02 20:30 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2008-12-10 12:50 . 2008-12-10 12:50 118784 ----a-w- c:\program files\internet explorer\plugins\LV86ActiveXControl.dll
2009-10-07 14:11 . 2009-10-07 14:11 158720 ----a-w- c:\program files\internet explorer\plugins\LV90ActiveXControl.dll
2011-09-12 12:07 . 2011-03-25 10:51 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"="c:\users\Roman\AppData\Roaming\QipGuard\QipGuard.exe" [2011-05-11 191360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Infium"="c:\program files\QIP Infium\infium.exe" [2011-05-11 6848384]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"ICQ"="c:\program files\ICQ7.6\ICQ.exe" [2011-08-29 127040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-12-17 4114368]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-12-17 6223808]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-06-05 307768]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2010-06-05 487992]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"adm_tray.exe"="c:\program files\Acronis\DriveMonitor\adm_tray.exe" [2010-06-04 530768]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-10-27 365560]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2007-05-11 2512392]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"NI Background Service"="c:\program files\National Instruments\Shared\Update Service\BackgroundService.exe" [2009-08-25 77824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-9-4 795936]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Users^Roman^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeRapid 0.85u1.lnk]
path=c:\users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeRapid 0.85u1.lnk
backup=c:\windows\pss\FreeRapid 0.85u1.lnk.Startup
backupExtension=.Startup
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-05 174592]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-27 1343400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]
R4 SQLAgent$SQL;SQL Server Agent (SQL);c:\program files\Microsoft SQL Server\MSSQL10_50.SQL\MSSQL\Binn\SQLAGENT.EXE [2011-04-23 367456]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-26 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-26 284672]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 140224]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
S2 MSSQL$SQL;SQL Server (SQL);c:\program files\Microsoft SQL Server\MSSQL10_50.SQL\MSSQL\Binn\sqlservr.exe [2011-04-23 42872672]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-26 7566848]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-26 238592]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-05 29472]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-06-05 58368]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-10-19 31288]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [2009-10-16 171776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\3rtba7fi.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="7F6CA928FBF831F810769AD107D202005459BD0C80D19DC315FB0FB150CBE5000597F00F640D24C62198F2E19B2723B39D553E38B88C5D6964108218E87EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5CC038D530D6EB3452A6A0AC4980AC793347D7804592064953EF1671F84BAB006FCD97F69DB390A675C12D56C76656F963D4B6F3BABD7300DC67A452F146DD911F6647A170BB84F4B51EF35C68A2127E8D09EEF6AD640E4ACC462F1FFC88BE01808B71098C6F62319B3393CA742CBBB2C0D547D4E0E1651F5DF894E39738FED51DBFA7984CDD23161D3F7190C29BAEA27E541C9AC8F55A79C18FC2EEF45D289AF12D8E80BEF792DEA3A4095EE06A1BD9BDBC5A1B10C224589ABCBFD37B6592E06F205E372812CECB8D68E8280FF6876BEA6F87EC12514ABD02D922E9C59EEE3AFB8BE57200E64E23AC35B0A8C0834B6BE36F3AE8E10B2CB003E116CBA1BFBEBF6E8186AEF192D6ACC7D81A5B1F361574FB629DAE4641F9BB1E75DDD713DF590D153D352DDD9705B498C56D03081A63257A15719EB5263C6DC7D84C334FFA6841319AFAF156DA480D4C9009A48A1D8C1E1A75886060D14AD8E6F14A44C0726C00F79974C323A6650906735F08EB92B7048995C95D26BF5214D7CED335870B37F012E0D330BF26F2025BCD773A232FE382ECADB0441ECE5739EB9DF87674EBEF409BB85E065C6C5CD3D520EA8EDE8EDF465A18CC8790C22E69E5345DBB8EA1911CA78D6DDADBEF62E0F48F6819FEAF5101DCD3C15CFAC201C37D893BF9909D6A3A39F0ED855587988CA968313296F2B167F283C63D0F5ACC7260B75DECE8339CD04A17E1A316F2E6BF59961CF77021CCB5916E266833F8E31EAC0224153A1B201C4759DC151C5109E5DF2C14CB08E2C3261E7FBFDF00716C7477C984B4DBF13F5C1234897C1B2A0EF289DF17D10DC60BFDF4C40769C3FBDFAA49988653563819D37F4925437BE5DA57198B37F265406B00E27203907EB30CF49B98C6BB69D1A04BD8DC0115D652268F44AC1A5DA82502F62E5FCFA268191211611BF37D09881B8D59D881E27F20FC16B565FA8224AFBFB08A051BB1E70D693A7E93D36B598624EA34C8216176643E6B8A7C2996D77EE9FE25032A131D59D9B549993E1CB55EABB68EDD6C85F41A9D95D6D98393789317B61C1D5262D7A782C78EE9206B2C8273C8FE6E840F659EA31C1D8C8335EDD5B53282B8007D1E09D33E0E6479F8804D127D15F09F7CE8B12B0C5AC5B27ED58F864EDFE2318529EE95E4FC8BDCA627F872B2D0840591CF79E4757C5D2E3400EE9EED2FC87B6267335F0F8108741D4EA854CCA6691558257FD2EE63CA29DDF10666755EBC043DFA8FA014B8A67C4650DE493480033E"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3404)
c:\program files\Lenovo\Bluetooth Software\btmmhook.dll
.
Celkový čas: 2011-09-26 19:44:02
ComboFix-quarantined-files.txt 2011-09-26 17:44
ComboFix2.txt 2011-05-09 21:01
.
Před spuštěním: Volných bajtů: 23 455 526 912
Po spuštění: Volných bajtů: 23 406 931 968
.
- - End Of File - - AAA62DBA2C340D1E894D7A2CD8450D3B

#4 Příspěvek od **Rudy** » 26 zář 2011 18:57

Otevřte poznámkový blok a zkopírujte do něj:

Firefox::
FF - ProfilePath - c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\3rtba7fi.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=

Reglock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

hudger · #5 Příspěvek od **hudger** » 26 zář 2011 19:22

nový scan po CB

ComboFix 11-09-26.01 - Roman 26.09.2011 20:07:59.3.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3068.1964 [GMT 2:00]
Spuštěný z: c:\users\Roman\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Roman\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-08-26 do 2011-09-26 )))))))))))))))))))))))))))))))
.
.
2011-09-26 18:14 . 2011-09-26 18:14 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-09-26 18:14 . 2011-09-26 18:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-09-26 13:17 . 2011-09-26 13:18 -------- d-----w- c:\program files\CrystalDiskInfo
2011-09-20 15:11 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D9C28B25-CAD3-4F37-9388-C239DC457009}\mpengine.dll
2011-09-17 21:07 . 2011-09-17 21:07 -------- d-----w- c:\users\Roman\AppData\Roaming\HPAppData
2011-09-17 20:14 . 2011-09-19 05:20 -------- d-----w- c:\program files\Memostation
2011-09-15 18:43 . 2011-09-15 18:43 -------- d-----w- c:\program files\All Ten Fingers
2011-09-01 10:46 . 2011-09-01 10:49 -------- d-----w- C:\phptriad
2011-09-01 10:46 . 2011-09-01 10:46 -------- d-----w- C:\winnt
2011-09-01 10:46 . 2011-09-01 10:46 -------- d-----w- C:\apache
2011-09-01 10:39 . 2011-09-01 10:49 -------- d-----w- C:\goldenrod
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-26 13:03 . 2011-05-18 21:53 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 20:45 . 2011-03-27 09:34 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-03-27 09:34 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-03-27 09:35 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-03-27 09:35 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-03-27 09:35 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-03-27 09:35 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-03-27 09:35 54616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2011-03-27 09:35 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-07-02 20:30 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2008-12-10 12:50 . 2008-12-10 12:50 118784 ----a-w- c:\program files\internet explorer\plugins\LV86ActiveXControl.dll
2009-10-07 14:11 . 2009-10-07 14:11 158720 ----a-w- c:\program files\internet explorer\plugins\LV90ActiveXControl.dll
2011-09-12 12:07 . 2011-03-25 10:51 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QIP Internet Guardian"="c:\users\Roman\AppData\Roaming\QipGuard\QipGuard.exe" [2011-05-11 191360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"Infium"="c:\program files\QIP Infium\infium.exe" [2011-05-11 6848384]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"ICQ"="c:\program files\ICQ7.6\ICQ.exe" [2011-08-29 127040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-12-17 4114368]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-12-17 6223808]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-06-05 307768]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2010-06-05 487992]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"adm_tray.exe"="c:\program files\Acronis\DriveMonitor\adm_tray.exe" [2010-06-04 530768]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-10-27 365560]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2007-05-11 2512392]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"NI Background Service"="c:\program files\National Instruments\Shared\Update Service\BackgroundService.exe" [2009-08-25 77824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2009-9-4 795936]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Users^Roman^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^FreeRapid 0.85u1.lnk]
path=c:\users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FreeRapid 0.85u1.lnk
backup=c:\windows\pss\FreeRapid 0.85u1.lnk.Startup
backupExtension=.Startup
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-06-05 174592]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-27 1343400]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]
R4 SQLAgent$SQL;SQL Server Agent (SQL);c:\program files\Microsoft SQL Server\MSSQL10_50.SQL\MSSQL\Binn\SQLAGENT.EXE [2011-04-23 367456]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-26 176128]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-01-26 284672]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-06-17 140224]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
S2 MSSQL$SQL;SQL Server (SQL);c:\program files\Microsoft SQL Server\MSSQL10_50.SQL\MSSQL\Binn\sqlservr.exe [2011-04-23 42872672]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
S3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [2010-02-18 37944]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-26 7566848]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-26 238592]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-05 29472]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-06-05 58368]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-10-19 31288]
S3 usbsmi;Lenovo EasyCamera;c:\windows\system32\DRIVERS\SMIksdrv.sys [2009-10-16 171776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\3rtba7fi.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="7F6CA928FBF831F810769AD107D202005459BD0C80D19DC315FB0FB150CBE5000597F00F640D24C62198F2E19B2723B39D553E38B88C5D6964108218E87EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5CC038D530D6EB3452A6A0AC4980AC793347D7804592064953EF1671F84BAB006FCD97F69DB390A675C12D56C76656F963D4B6F3BABD7300DC67A452F146DD911F6647A170BB84F4B51EF35C68A2127E8D09EEF6AD640E4ACC462F1FFC88BE01808B71098C6F62319B3393CA742CBBB2C0D547D4E0E1651F5DF894E39738FED51DBFA7984CDD23161D3F7190C29BAEA27E541C9AC8F55A79C18FC2EEF45D289AF12D8E80BEF792DEA3A4095EE06A1BD9BDBC5A1B10C224589ABCBFD37B6592E06F205E372812CECB8D68E8280FF6876BEA6F87EC12514ABD02D922E9C59EEE3AFB8BE57200E64E23AC35B0A8C0834B6BE36F3AE8E10B2CB003E116CBA1BFBEBF6E8186AEF192D6ACC7D81A5B1F361574FB629DAE4641F9BB1E75DDD713DF590D153D352DDD9705B498C56D03081A63257A15719EB5263C6DC7D84C334FFA6841319AFAF156DA480D4C9009A48A1D8C1E1A75886060D14AD8E6F14A44C0726C00F79974C323A6650906735F08EB92B7048995C95D26BF5214D7CED335870B37F012E0D330BF26F2025BCD773A232FE382ECADB0441ECE5739EB9DF87674EBEF409BB85E065C6C5CD3D520EA8EDE8EDF465A18CC8790C22E69E5345DBB8EA1911CA78D6DDADBEF62E0F48F6819FEAF5101DCD3C15CFAC201C37D893BF9909D6A3A39F0ED855587988CA968313296F2B167F283C63D0F5ACC7260B75DECE8339CD04A17E1A316F2E6BF59961CF77021CCB5916E266833F8E31EAC0224153A1B201C4759DC151C5109E5DF2C14CB08E2C3261E7FBFDF00716C7477C984B4DBF13F5C1234897C1B2A0EF289DF17D10DC60BFDF4C40769C3FBDFAA49988653563819D37F4925437BE5DA57198B37F265406B00E27203907EB30CF49B98C6BB69D1A04BD8DC0115D652268F44AC1A5DA82502F62E5FCFA268191211611BF37D09881B8D59D881E27F20FC16B565FA8224AFBFB08A051BB1E70D693A7E93D36B598624EA34C8216176643E6B8A7C2996D77EE9FE25032A131D59D9B549993E1CB55EABB68EDD6C85F41A9D95D6D98393789317B61C1D5262D7A782C78EE9206B2C8273C8FE6E840F659EA31C1D8C8335EDD5B53282B8007D1E09D33E0E6479F8804D127D15F09F7CE8B12B0C5AC5B27ED58F864EDFE2318529EE95E4FC8BDCA627F872B2D0840591CF79E4757C5D2E3400EE9EED2FC87B6267335F0F8108741D4EA854CCA6691558257FD2EE63CA29DDF10666755EBC043DFA8FA014B8A67C4650DE493480033E"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4824)
c:\program files\Lenovo\Bluetooth Software\btmmhook.dll
c:\program files\Lenovo\Bluetooth Software\btkeyind.dll
.
Celkový čas: 2011-09-26 20:16:24
ComboFix-quarantined-files.txt 2011-09-26 18:16
ComboFix2.txt 2011-09-26 17:44
ComboFix3.txt 2011-05-09 21:01
.
Před spuštěním: Volných bajtů: 23 405 129 728
Po spuštění: Volných bajtů: 23 350 239 232
.
- - End Of File - - D68E046FFAC4AC6CABEAF1FAEE62F9F0

#6 Příspěvek od **Rudy** » 26 zář 2011 19:50

Log již vypadá čistý. Nastala nějaká změna?

hudger · #7 Příspěvek od **hudger** » 26 zář 2011 19:57

net jede jak má ale s tou zálohou to stále nejde. Tam to vidím na špatný HDD. Každej program mi hází chybu 0x80EF0C02

asi půjdu reklamovat NB

#8 Příspěvek od **Rudy** » 26 zář 2011 20:00

Udělejte kontrolu CrystalDiskInfo: http://www.stahuj.centrum.cz/utility_a_ ... ldiskinfo/ . Vložte log (Úpravy>kopírovat).

hudger · #9 Příspěvek od **hudger** » 26 zář 2011 20:04

tady je:

----------------------------------------------------------------------------
CrystalDiskInfo 4.0.3 (C) 2008-2011 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 SP1 [6.1 Build 7601] (x86)
Date : 2011/09/26 21:01:02

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- HITACHI HTS545032B9A300 ATA Device
+ ATA Channel 1 (1) [ATA]
- Slimtype DVD A DS8A4S ATA Device
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) HITACHI HTS545032B9A300 : 320.0 GB [0-0-0, pd1]

----------------------------------------------------------------------------
(1) HITACHI HTS545032B9A300
----------------------------------------------------------------------------
Model : HITACHI HTS545032B9A300
Firmware : PB3ZC61H
Serial Number : 100103PB43041TGGBK6A
Disk Size : 320.0 GB (8.4/137.4/320.0)
Buffer Size : 7208 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/150
Power On Hours : 5238 hod.
Power On Count : 2040 krát
Temparature : 44 C (111 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 135 135 _33 001600000002 Čas na roztočení ploten
04 _99 _99 __0 000000000813 Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _89 _89 __0 000000001476 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 __0 0000000007F8 Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 _99 _99 __0 0000000000E9 Počet vypnutí disku
C1 _95 _95 __0 00000000C77B Počet cyklů načítání/vymazání
C2 125 125 __0 00420008002C Teplota
C4 100 100 __0 00000000001F Počet udalostí s číslem realokování sektorů
C5 100 100 __0 00000000000A Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 5A 3F FF C8 37 00 10 00 00 00 00 00 3F 00 00
010: 00 00 00 00 31 30 30 31 30 33 50 42 34 33 30 34
020: 31 54 47 47 42 4B 36 41 00 03 38 50 00 04 50 42
030: 33 5A 43 36 31 48 48 49 54 41 43 48 49 20 48 54
040: 53 35 34 35 30 33 32 42 39 41 33 30 30 20 20 20
050: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 80 10
060: 40 00 0F 00 40 00 02 00 02 00 00 07 3F FF 00 10
070: 00 3F FC 10 00 FB 01 10 FF FF 0F FF 00 00 00 07
080: 00 03 00 78 00 78 00 78 00 78 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 1F 1F 02 00 02 00 4C 00 40
0A0: 01 FC 00 28 34 6B 7D 09 61 23 34 69 BC 09 61 23
0B0: 20 3F 00 34 00 35 40 80 FF FE 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 EA B0 25 42 00 00 00 00
0D0: 00 00 00 00 40 00 88 48 50 00 CC A5 ED C6 88 92
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 1C
0F0: 40 1C 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 29 00 0B 00 81 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 40 05 40 00 80 00 00 00
130: 33 5A 00 00 00 00 93 93 75 84 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 3D 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 15 18 00 00 00 00 00 00 00 00 10 1F 00 21
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 01 02 C7 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7D A5

jo a taky mi nejde zotavit z hibernace. To jako prej načítá a pak hodí chybovou hlášku, že systém nemůže být obnoven z hibernace, že bude spuštěn klasicky, tak ho dávám do úsporného režimu a to je bez problémů

#10 Příspěvek od **Rudy** » 26 zář 2011 20:48

Ten disk skutečně není v pořádku. Několik podezřelých sektorů a pár realokovaných. Pokud je to možné, reklamujte. Jesliže ne, pak bych zkusil format. V každém případě bych na něj moc nespoléhal.

VIRY.CZ

pomalý net + nejde udělat záloha systému v žádném programu

pomalý net + nejde udělat záloha systému v žádném programu

Re: pomalý net + nejde udělat záloha systému v žádném progra

Re: pomalý net + nejde udělat záloha systému v žádném progra

Re: pomalý net + nejde udělat záloha systému v žádném progra

Re: pomalý net + nejde udělat záloha systému v žádném progra

Re: pomalý net + nejde udělat záloha systému v žádném progra

Re: pomalý net + nejde udělat záloha systému v žádném progra

Re: pomalý net + nejde udělat záloha systému v žádném progra

Re: pomalý net + nejde udělat záloha systému v žádném progra

Re: pomalý net + nejde udělat záloha systému v žádném progra