VIRY.CZ

Dobrý den, včera jsem těsně po půlnoci vynuceně restartoval počítač kvůli aktualizacím, avšak tento proces jsem omylem přerušil přívodem napájení z elektrické sítě (notebook byl bez baterky v síti). Poté jsem se snažil spustit Windows a během spouštění (u zobrazení textu Vítejte nebo Welcom) se mi seknul, s tím, že se nechtěl načíst ani po půlhodině a vydával u toho pravidelné zvuky (cca. frekvence 2-3s), velmi málo slyšitelné, ale to asi vydávala nějaká součást HW, když se nedařilo načíst systém. Ráno jsem se pokusil přes F8 po startu a opravu systému dostat na data a posléze sem. Obnovil jsem systém z poslední aktualizace (6.3.2012). Následně jsem provedl hloubkový test AVASTem a spustil si RSIT a následně posílám LOG file. Momentálně by měl být aktivní proces zálohování dat na server pomocí programu FullDataBackup, neb mi jde zejména o soubory na disku a o funkčnost počítače. Prosím o pomoc při řešení mého problému a jakou má cca diagnostiku. Děkuji mnohokrát a přikládám LOG z RSITu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by HP at 2012-03-10 09:56:47
Microsoft Windows 7 Professional
System drive C: has 77 GB (32%) free of 236 GB
Total RAM: 2991 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:57:23, on 10.3.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16930)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files\FullDataBackup\Backup.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\TEMP\Downloads\RSIT.exe
C:\Program Files\trend micro\HP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101216073034.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe /hidden
O4 - HKLM\..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
O4 - HKLM\..\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [McAfee Managed Services Tray] C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.Exe
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [FullDataBackup] C:\Program Files\FullDataBackup\Backup.exe -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.siteadvisor.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.siteadvisor.com (HKLM)
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard - C:\Windows\system32\Hpservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Enterprise Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Virus and Spyware Protection Service (myAgtSvc) - McAfee, Inc. - C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe

--
End of file - 13414 bytes

======Scheduled tasks folder======

C:\Windows\tasks\HPCeeScheduleForHP.job

=========Mozilla firefox=========

ProfilePath - C:\Users\TEMP\AppData\Roaming\Mozilla\Firefox\Profiles\cpfr1nmd.default

"{B7082FAA-CB62-4872-9106-E42DD88EDE45}"=C:\Program Files\McAfee\SiteAdvisor Enterprise\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@oberon-media.com/ONCAdapter]
"Description"=Oberon com adapter plugin
"Path"=C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
bingober64575381.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll [2010-01-19 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101216073034.dll [2010-02-04 73288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-07-11 3821568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll [2009-08-07 116032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-05 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - C:\Program Files\McAfee\SiteAdvisor Enterprise\McIEPlg.dll [2009-08-07 116032]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2010-04-05 1691192]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-04-05 8192]
"QLBController"=C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-02-26 1713448]
"PDF Complete"=C:\Program Files\PDF Complete\pdfsty.exe [2010-03-06 563736]
"File Sanitizer"=C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2010-01-19 11266048]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-04 153640]
""= []
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-04 400936]
"McAfee Managed Services Tray"=C:\Program Files\McAfee\Managed VirusScan\DesktopUI\XTray.Exe [2010-02-17 476480]
"IntelWireless"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2010-01-20 1206544]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-03-17 495708]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2010-01-08 186904]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-04-26 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-04-26 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-04-26 169496]
"IMSS"=C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2010-03-04 111640]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"FullDataBackup"=C:\Program Files\FullDataBackup\Backup.exe [2011-06-21 4347904]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-04-21 227328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-03-10 09:56:47 ----D---- C:\rsit
2012-03-10 09:56:47 ----D---- C:\Program Files\trend micro
2012-03-10 09:48:21 ----D---- C:\Program Files\FullDataBackup
2012-03-10 09:21:50 ----D---- C:\Users\TEMP\AppData\Roaming\Mozilla
2012-03-10 09:04:20 ----D---- C:\Users\TEMP\AppData\Roaming\Hewlett-Packard
2012-03-10 08:55:05 ----D---- C:\Users\TEMP\AppData\Roaming\Macromedia
2012-03-10 08:53:27 ----D---- C:\Users\TEMP\AppData\Roaming\Adobe
2012-03-10 08:53:21 ----D---- C:\Users\TEMP\AppData\Roaming\hpqlog
2012-03-10 08:52:53 ----D---- C:\Users\TEMP\AppData\Roaming\McAfee
2012-03-10 08:51:17 ----D---- C:\Users\TEMP\AppData\Roaming\Identities
2012-03-10 08:50:46 ----D---- C:\Users\TEMP\AppData\Roaming\Intel
2012-03-10 08:46:23 ----SD---- C:\Users\TEMP\AppData\Roaming\Microsoft
2012-03-10 08:46:23 ----D---- C:\Users\TEMP\AppData\Roaming\Media Center Programs
2012-03-09 10:57:54 ----SHD---- C:\Config.Msi
2012-02-16 20:16:29 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-02-16 20:16:28 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-02-16 20:16:27 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-02-16 20:16:27 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-02-16 20:16:27 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2012-02-16 20:16:27 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-02-16 20:16:15 ----A---- C:\Windows\system32\aswBoot.exe
2012-02-16 20:16:15 ----A---- C:\Windows\avastSS.scr
2012-02-16 16:08:44 ----A---- C:\Windows\system32\mshtml.dll
2012-02-16 16:08:42 ----A---- C:\Windows\system32\ieframe.dll
2012-02-16 16:08:40 ----A---- C:\Windows\system32\urlmon.dll
2012-02-16 16:08:38 ----A---- C:\Windows\system32\wininet.dll
2012-02-16 16:08:38 ----A---- C:\Windows\system32\iedkcs32.dll
2012-02-16 16:08:37 ----A---- C:\Windows\system32\mstime.dll
2012-02-16 16:08:37 ----A---- C:\Windows\system32\msfeeds.dll
2012-02-16 16:08:37 ----A---- C:\Windows\system32\ieui.dll
2012-02-16 16:08:36 ----A---- C:\Windows\system32\mshtmled.dll
2012-02-16 16:08:36 ----A---- C:\Windows\system32\msfeedsbs.dll
2012-02-16 16:08:36 ----A---- C:\Windows\system32\licmgr10.dll
2012-02-16 16:08:36 ----A---- C:\Windows\system32\iertutil.dll
2012-02-16 16:08:36 ----A---- C:\Windows\system32\iepeers.dll
2012-02-16 16:08:35 ----A---- C:\Windows\system32\url.dll
2012-02-16 16:08:35 ----A---- C:\Windows\system32\msfeedssync.exe
2012-02-16 16:08:35 ----A---- C:\Windows\system32\jsproxy.dll
2012-02-16 16:08:14 ----A---- C:\Windows\system32\msvcrt.dll
2012-02-16 16:08:09 ----A---- C:\Windows\system32\shell32.dll
2012-02-16 16:08:08 ----A---- C:\Windows\system32\ntshrui.dll
2012-02-16 16:08:02 ----A---- C:\Windows\system32\win32k.sys
2012-02-13 21:20:58 ----D---- C:\Windows\system32\appmgmt

======List of files/folders modified in the last 1 month======

2012-03-10 17:43:43 ----D---- C:\Windows\system32\wfp
2012-03-10 17:43:43 ----D---- C:\Windows\system32\DriverStore
2012-03-10 17:43:43 ----D---- C:\Windows\system32\catroot2
2012-03-10 17:43:43 ----D---- C:\Program Files\Internet Explorer
2012-03-10 17:43:42 ----SHD---- C:\Windows\Installer
2012-03-10 17:43:40 ----RSD---- C:\Windows\assembly
2012-03-10 17:43:39 ----D---- C:\ProgramData\Microsoft Help
2012-03-10 17:43:39 ----D---- C:\ProgramData\McAfee Security Scan
2012-03-10 17:43:39 ----D---- C:\Program Files\Microsoft Works
2012-03-10 17:43:39 ----D---- C:\Program Files\Common Files\microsoft shared
2012-03-10 17:43:34 ----D---- C:\Windows\system32\wbem
2012-03-10 17:43:34 ----D---- C:\Windows\registration
2012-03-10 17:33:32 ----D---- C:\Windows\system32\LogFiles
2012-03-10 09:56:50 ----D---- C:\Windows\Temp
2012-03-10 09:56:47 ----RD---- C:\Program Files
2012-03-10 09:55:20 ----D---- C:\Windows\inf
2012-03-10 09:55:19 ----D---- C:\Windows\debug
2012-03-10 09:55:19 ----D---- C:\Windows
2012-03-10 09:40:16 ----D---- C:\Windows\Tasks
2012-03-10 09:40:16 ----D---- C:\Windows\system32\Tasks
2012-03-10 09:07:17 ----D---- C:\Windows\system32\config
2012-03-10 08:57:57 ----D---- C:\Windows\System32
2012-03-10 08:57:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-10 08:55:50 ----SHD---- C:\System Volume Information
2012-03-10 08:50:46 ----A---- C:\Windows\system32\log.txt
2012-03-10 08:46:22 ----RD---- C:\Users
2012-03-05 08:08:38 ----D---- C:\ProgramData\PDFC
2012-03-04 13:18:14 ----D---- C:\Windows\Prefetch
2012-02-21 11:12:39 ----D---- C:\Program Files\Mozilla Firefox
2012-02-21 03:37:33 ----D---- C:\Windows\Microsoft.NET
2012-02-21 03:25:44 ----D---- C:\Windows\winsxs
2012-02-21 03:24:25 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-21 03:23:26 ----D---- C:\Windows\system32\migration
2012-02-21 03:06:45 ----A---- C:\Windows\system32\MRT.exe
2012-02-16 20:16:29 ----D---- C:\Windows\system32\drivers
2012-02-16 20:16:09 ----D---- C:\ProgramData\AVAST Software
2012-02-16 16:07:34 ----D---- C:\Windows\system32\catroot
2012-02-13 21:20:43 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 25656]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-01-08 331288]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2010-02-08 385184]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2010-02-08 160912]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 SafeBoot;SafeBoot; C:\Windows\system32\drivers\SafeBoot.sys [2010-02-02 110520]
R0 SbAlg;SbAlg; C:\Windows\system32\drivers\SbAlg.sys [2010-02-02 51800]
R0 SbFsLock;SbFsLock; C:\Windows\system32\drivers\SbFsLock.sys [2010-02-02 13256]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-11 239168]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-04-09 130424]
R1 RsvLock;RsvLock; C:\Windows\system32\drivers\RsvLock.sys [2010-02-02 40088]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 rimspci;rimspci; C:\Windows\system32\DRIVERS\rimspe86.sys [2009-10-26 48640]
R2 risdpcie;risdpcie; C:\Windows\system32\DRIVERS\risdpe86.sys [2009-10-29 47616]
R2 rixdpcie;rixdpcie; C:\Windows\system32\DRIVERS\rixdpe86.sys [2009-12-12 38912]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 33848]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2010-01-21 1163328]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-07 86056]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-07 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-07 18472]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k6232.sys [2010-01-07 215208]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-09-17 41088]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 21560]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-04-21 8746496]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 132480]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 232960]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2010-02-08 95728]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2010-02-08 152736]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2010-02-08 51720]
R3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2010-01-19 1763968]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2010-03-17 423424]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-02-26 242992]
R3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 34944]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393216]
S3 DAMDrv;DAMDrv; C:\Windows\system32\DRIVERS\DAMDrv.sys [2009-10-21 32312]
S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2010-02-08 83912]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 tswNT;toolstar*testWIN support driver; \??\C:\Users\ADMINI~1\AppData\Local\Temp\00736826\tswnt.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-04 207400]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe [2009-03-03 81920]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2010-01-21 14336]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-12-29 595232]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-01-20 858384]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-03-24 121344]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-04-05 103992]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDayStarterService;HP DayStarter Service; C:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [2010-03-26 90112]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2009-12-11 251448]
R2 HpFkCryptService;Drive Encryption Service; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-02 281192]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2010-01-19 297984]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 26168]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2010-01-08 354840]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-04 268824]
R2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service; C:\Program Files\McAfee\SiteAdvisor Enterprise\McSACore.exe [2009-08-07 222528]
R2 McShield;McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2010-02-04 170144]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-02-08 141792]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-05-09 893112]
R2 myAgtSvc;McAfee Virus and Spyware Protection Service; C:\Program Files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [2010-02-17 282824]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2010-03-06 635416]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-01-20 473360]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\STacSV.exe [2010-03-17 229458]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-04 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2010-02-18 1664304]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2010-03-13 230968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-30 658432]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-01-20 211216]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 RoxMediaDB10;RoxMediaDB10; C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-08-09 1343400]

-----------------EOF-----------------

Vcera mi jeste pocitac fungoval, ale nacital se dlouho a s jinym uzivatelskym profilem. Dneska rano jsem se jej pokusil nastartovat a nechce se mi prihlasit k uzivateli (kliknu na ikonku prihlaseni, oznami mi to prihlasovani a ihned vzapeti me to odhlasi ze systemu, tudiz se nemohu dostat na uzivatelsky ucet). Spustil jsem si nouzovy rezim se siti a nejak nevim, jak si svepomoci pomoci. Rada by nebyla? Dekuji mnohokrat za odpoved... Luk

ve spravci uloh jsem nalezl dvakrat csrss.exe (jeden ma velikost 932, druhy 1268kB)

dale jsem zjistil, ze nemam soubor, ktery mi system ohlasil behem prihlasovani a odhalsovani, ... Runtime... pomoci CCleaneru

bohuzel ale nevim, jak mam postupovat...

Zdravim

csrss.exe je legitimni proces. To ze bezi vickrat s ruznou velikosti neni nic zvlastniho. Pokud mel tedy spravne umisteni.

Pomoci obnovy systemu se znova vratte do doby, kdy to jeste fungovalo.
Odinstalujte jeden antivir. Mate tam Avast a McAfee.
Nainstalujte Service Pack 1. Jestli doslo tim prerusenim aktualizace k poskozeni systemu, terba to napravi. Pokud ne, mate instalacni CD s windows?

Pak mi sem dejte aktualni log z RSIT

1. mam tam jen dva mozne body obnovy, oba jsou ze vcerejsiho dne, kdy to uz bylo poskozene... ... takze s timhle bodem napravy nevim co delat

2. pred chvili jsem si vytvoril instalacni disk se systemem

WIN 7 32 bit, puvodne preinstalovan primo na notebooku s cislem produktu, stale by tam mel byt, nebot jsem s nim nic neprovadel.

3. antivir McAfee je pryc, jsem ale v nouzovem rezimu

add... jsem ochoten obetovat data, nejdulezitejsi mam ulozeny..

Poskozene to bylo, ale treba se aspon dostanete na ucet. Zkuste to.

Ten antivir muzete zkusit odinstalovat i v nouzaku a pokud mate nouzak s praci v siti, mohl by jit nainstalovat i SP1


Ja jdu zatim prohlednout ten stary log, coz bude chvili trvat

jdu obnovit tedy starsi bod obnovy a nasledne se pokusim naisntalovat SP1, jsem v rezimu nouze se siti. za chvili snad tu

OK, drzim palce

tak obnova nepomohla, stale kdyz kliknu na jmeno uzivatele a mam se prihlasit, tak se ihned odhlasuji, jdu na ten SP1

za cca 4 minuty bude .exe soubor service pack 1 na pocitaci, nejde mi spustit program windows update, patrne diky nouzovemu rezimu...

Tak pisu z htc a sp1 mi pise, ze se mozna bude instalovat hodinuj... takze asi Mam cekat, dokud se tu neobjevi nekdo dalsi... dekuji Vam ale moc za pomoc a at se prace dari

Needitujte prispevky. Vidim tam pak stejny cas a nevsimnu si, ze jste neco dopsal

Ja se tu budu tak prubezne objevovat. Snad to zabere. Jinak v logu zadna havet videt neni. Kazdopadne, pokud jste to jeste neudelal, odinstalujte pak jeden z tech antiviru. Muzou se mezi sebou prat a delat potize.

Tak az to bude, ozvete se

Sp1 nainstalovan a opet problem prihpaseni a odhlaseni zqchovano beze zmeny. AntiVirus mcafee take pryc

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni. (v nouzovem rezimu netreba)
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

windows se nerestartovaly



ComboFix 12-03-10.02 - SYSTEM 11.03.2012 11:46:34.1.4 - x86
Spuštěný z: c:\users\HP\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\TEMP\catchme.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-11 do 2012-03-11 )))))))))))))))))))))))))))))))
.
.
2012-03-11 09:46 . 2012-03-11 09:46 -------- d-----w- c:\windows\system32\SPReview
2012-03-11 09:04 . 2010-11-20 03:21 20992 ----a-w- c:\windows\system32\shgina.dll
2012-03-11 08:53 . 2012-03-11 08:53 -------- d-----w- c:\windows\system32\EventProviders
2012-03-11 08:52 . 2012-03-11 08:53 -------- d-----w- C:\50553d7b1d353eece9
2012-03-11 07:47 . 2012-03-11 07:47 -------- d-----w- c:\windows\system32\%LocalAppData%
2012-03-10 08:56 . 2012-03-10 08:57 -------- d-----w- C:\rsit
2012-03-10 08:56 . 2012-03-10 08:57 -------- d-----w- c:\program files\trend micro
2012-03-10 08:48 . 2012-03-11 08:39 -------- d-----w- c:\program files\FullDataBackup
2012-03-10 07:56 . 2012-02-08 06:03 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DA8CC6D3-D3AE-441E-BE4C-32521886BB3F}\mpengine.dll
2012-02-16 19:16 . 2011-11-28 17:51 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-02-16 19:16 . 2011-11-28 17:53 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-02-16 19:16 . 2011-11-28 17:53 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-02-16 19:16 . 2011-11-28 17:52 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-02-16 19:16 . 2011-11-28 17:52 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-02-16 19:16 . 2011-11-28 17:52 55128 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-02-16 19:16 . 2011-11-28 18:01 41184 ----a-w- c:\windows\avastSS.scr
2012-02-16 19:16 . 2011-11-28 18:01 199816 ----a-w- c:\windows\system32\aswBoot.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-11 09:42 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2012-01-29 04:10 . 2011-08-02 15:33 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-01-21 10:42 . 2012-01-20 22:39 967 ----a-w- c:\windows\ScUnin.pif
2012-01-21 10:42 . 2012-01-20 22:39 94208 ----a-w- c:\windows\ScUnin.exe
2012-01-11 21:14 . 2012-01-11 21:14 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2012-01-11 20:15 . 2012-01-11 20:15 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-02-21 10:12 . 2011-08-01 12:33 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-04-05 1691192]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"QLBController"="c:\program files\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-02-26 1713448]
"PDF Complete"="c:\program files\PDF Complete\pdfsty.exe" [2010-03-06 563736]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2010-01-19 11266048]
"acevents"="c:\program files\ActivIdentity\ActivClient\acevents.exe" [2009-06-04 153640]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2009-06-04 400936]
"McAfee Managed Services Tray"="c:\program files\McAfee\Managed VirusScan\DesktopUI\XTray.Exe" [2010-02-17 476480]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-01-20 1206544]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-17 495708]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2010-01-08 186904]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-26 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-26 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-26 169496]
"IMSS"="c:\program files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2010-03-03 111640]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MSPCLOCK"="streamci" [X]
"MSPQM"="streamci" [X]
"MSKSSRV"="streamci" [X]
"MSTEE.CxTransform"="streamci" [X]
"MSTEE.Splitter"="streamci" [X]
"WDM_DRMKAUD"="streamci" [X]
"*Restore"="c:\windows\System32\rstrui.exe" [2010-11-20 262656]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2012-03-11 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 RsvLock;RsvLock; [x]
R2 ac.sharedstore;ActivIdentity Shared Store Service;c:\program files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-04 207400]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7b6e808b01435efc\aestsrv.exe [2009-03-03 81920]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-11-28 55128]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-04-05 103992]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
R2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe [2010-03-26 90112]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2009-12-11 251448]
R2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-02-02 281192]
R2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [2010-01-19 297984]
R2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 26168]
R2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;c:\program files\McAfee\SiteAdvisor Enterprise\McSACore.exe [2009-08-07 222528]
R2 myAgtSvc;McAfee Virus and Spyware Protection Service;c:\program files\McAfee\Managed VirusScan\Agent\myAgtSvc.Exe [2010-02-17 282824]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [2010-03-06 635416]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-03 2320920]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2010-02-18 1664304]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv.sys [2009-10-21 32312]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 132480]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 232960]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2010-02-08 83912]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-01-20 211216]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tswNT;toolstar*testWIN support driver;c:\users\ADMINI~1\AppData\Local\Temp\00736826\tswnt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-09 1343400]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2010-02-08 160912]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-11 239168]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\McAfee\SystemCore\mfevtps.exe [2010-02-08 141792]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe86.sys [2009-10-26 48640]
S2 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe86.sys [2009-10-29 47616]
S2 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe86.sys [2009-12-12 38912]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k6232.sys [2010-01-07 215208]
S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-03-11 c:\windows\Tasks\HPCeeScheduleForHP.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 12:22]
.
.
------- Doplňkový sken -------
.
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
Trusted Zone: siteadvisor.com\www
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
AddRemove-McAfee Managed Firewall - c:\program files\McAfee\Managed VirusScan\Agent\myinx
AddRemove-MVS - c:\program files\McAfee\Managed VirusScan\Agent\myinx
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}\bm_installer.exe
AddRemove-{B60DCA15-56A3-4D2D-8747-22CF7D7B588B} - c:\program files\InstallShield Installation Information\{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-03-11 11:54:33
ComboFix-quarantined-files.txt 2012-03-11 10:54
.
Před spuštěním: Volných bajtů: 74 910 400 512
Po spuštění: Volných bajtů: 75 516 223 488
.
- - End Of File - - 8D54E2E2AC1D8ABE3CD0A9D7FF9A2DEC

Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace