ntb sa stale zapina v nudzovom rezime

[jozibaci]

Zdravim - znamy mi doniesol ntb /win 7-64bit-/ s tym ze ho moze zapnut len v safe mode.Ked som sa ho pytal co robil naposledy povedal ze bol na facebooku. Vidim ze je to tu momentalne casty problem tak rovno posielam log z RSIT.

Pardon ze nepisem ciarky. Nie som negramotny len mu zrejme nefunguje tlacidlo s ciarkou.

Vopred dakujem za vas cas.

Tu je spominany log -


Logfile of random's system information tool 1.09 (written by random/random)
Run by Dušan Tvrdý at 2011-08-22 19:33:34
Microsoft Windows 7 Home Premium
System drive C: has 230 GB (78%) free of 293 GB
Total RAM: 3001 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:33:40, on 22. 8. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16839)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Dušan Tvrdý.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5i5541u346
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5i5541u346
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5i5541u346
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero 8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: T-Mobile Communication Center.lnk = C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9948 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
winlogon.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Explorer.EXE
ctfmon.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=extension --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyImpact/npn_with_spdy/ --disable-client-side-phishing-detection --channel=1316.00823160.1125858636 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/DnsParallelism/parallel_default/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Prefetch/ContentPrefetchPrerender2/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyImpact/npn_with_spdy/ --disable-client-side-phishing-detection --channel=1316.05A61C60.1836367508 /prefetch:3
C:\Windows\system32\rundll32.exe "C:\PROGRA~2\Google\Chrome\APPLIC~1\130782~1.112\gcswf32.dll",BrokerMain browser=chrome
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Google\Chrome\Application\13.0.782.112\gcswf32.dll" --lang=sk --channel=1316.053A8540.1737980093 --flash-broker=1596 /prefetch:4
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Users\Dušan Tvrdý\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Dušan Tvrdý\AppData\Roaming\Mozilla\Firefox\Profiles\r0punc3g.default

prefs.js - "browser.startup.homepage" - "www.google.sk"
prefs.js - "extensions.enabledItems" - "{23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0]
"Description"=DivX OVS Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852]
"Description"=RealMedia Plugin
"Path"=C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662]
"Description"=RealPlayer Version Plugin
"Path"=C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46]
"Description"=6.0.12.46
"Path"=C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2009-07-20 503864]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-09-30 823840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-17 1842472]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-12-14 206072]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-29 2840352]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 159232]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 380928]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 358912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
"NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-09-24 825864]
"NBKeyScan"=C:\Program Files (x86)\Nero 8\Nero BackItUp\NBKeyScan.exe []
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608]
"DivX Download Manager"=C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
T-Mobile Communication Center.lnk - C:\Program Files (x86)\T-Mobile Communication Center\TMCC.exe

C:\Users\Dušan Tvrdý\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Stardock ObjectDock.lnk - C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-02 259584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-08-22 19:33:34 ----D---- C:\rsit
2011-08-22 19:33:34 ----D---- C:\Program Files\trend micro
2011-08-22 19:23:05 ----A---- C:\Windows\ntbtlog.txt
2011-08-11 06:20:31 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2011-08-11 06:20:31 ----A---- C:\Windows\system32\xmllite.dll
2011-08-11 06:20:27 ----A---- C:\Windows\system32\odbccu32.dll
2011-08-11 06:20:26 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2011-08-11 06:20:26 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2011-08-11 06:20:26 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2011-08-11 06:20:26 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2011-08-11 06:20:26 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2011-08-11 06:20:26 ----A---- C:\Windows\system32\odbctrac.dll
2011-08-11 06:20:26 ----A---- C:\Windows\system32\odbccr32.dll
2011-08-11 06:20:26 ----A---- C:\Windows\system32\odbccp32.dll
2011-08-11 06:20:25 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-08-11 06:20:17 ----A---- C:\Windows\system32\wow64.dll
2011-08-11 06:20:17 ----A---- C:\Windows\system32\winsrv.dll
2011-08-11 06:20:17 ----A---- C:\Windows\system32\KernelBase.dll
2011-08-11 06:20:17 ----A---- C:\Windows\system32\kernel32.dll
2011-08-11 06:20:17 ----A---- C:\Windows\system32\conhost.exe
2011-08-11 06:20:16 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-08-11 06:20:16 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-08-11 06:20:16 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-08-11 06:20:16 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-08-11 06:20:16 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-08-11 06:20:16 ----A---- C:\Windows\system32\wow64win.dll
2011-08-11 06:20:16 ----A---- C:\Windows\system32\wow64cpu.dll
2011-08-11 06:20:16 ----A---- C:\Windows\system32\ntvdm64.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-08-11 06:20:15 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-08-11 06:20:14 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-08-11 06:20:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-08-11 06:20:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-08-11 06:20:13 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-08-11 06:20:13 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-08-11 06:20:13 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-08-11 06:20:13 ----A---- C:\Windows\SYSWOW64\user.exe
2011-08-11 06:20:13 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-08-11 06:20:11 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-08-11 06:19:59 ----A---- C:\Windows\system32\mshtml.dll
2011-08-11 06:19:55 ----A---- C:\Windows\system32\ieframe.dll
2011-08-11 06:19:54 ----A---- C:\Windows\system32\iertutil.dll
2011-08-11 06:19:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-08-11 06:19:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-08-11 06:19:48 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-08-11 06:19:46 ----A---- C:\Windows\system32\urlmon.dll
2011-08-11 06:19:45 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-08-11 06:19:45 ----A---- C:\Windows\system32\wininet.dll
2011-08-11 06:19:44 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-08-11 06:19:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-08-11 06:19:43 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-08-11 06:19:43 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-08-11 06:19:43 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-08-11 06:19:43 ----A---- C:\Windows\system32\url.dll
2011-08-11 06:19:43 ----A---- C:\Windows\system32\mstime.dll
2011-08-11 06:19:43 ----A---- C:\Windows\system32\msfeeds.dll
2011-08-11 06:19:43 ----A---- C:\Windows\system32\iedkcs32.dll
2011-08-11 06:19:42 ----A---- C:\Windows\SYSWOW64\url.dll
2011-08-11 06:19:42 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-08-11 06:19:42 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-08-11 06:19:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-08-11 06:19:42 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-08-11 06:19:42 ----A---- C:\Windows\system32\mshtmled.dll
2011-08-11 06:19:42 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-08-11 06:19:42 ----A---- C:\Windows\system32\licmgr10.dll
2011-08-11 06:19:42 ----A---- C:\Windows\system32\jsproxy.dll
2011-08-11 06:19:42 ----A---- C:\Windows\system32\ieui.dll
2011-08-11 06:19:42 ----A---- C:\Windows\system32\iepeers.dll
2011-08-11 06:19:41 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-08-11 06:19:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-08-11 06:19:41 ----A---- C:\Windows\system32\msfeedssync.exe
2011-08-11 06:19:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-08-11 06:19:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-08-11 06:19:33 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-08-06 07:35:12 ----D---- C:\Windows\system32\EventProviders

======List of files/folders modified in the last 1 month======

2011-08-23 05:17:58 ----D---- C:\Windows\system32\config
2011-08-23 05:17:55 ----D---- C:\Windows\Tasks
2011-08-23 05:17:54 ----D---- C:\Windows\system32\wfp
2011-08-23 05:17:54 ----D---- C:\Windows\system32\wbem
2011-08-23 05:17:54 ----D---- C:\Windows\system32\DriverStore
2011-08-23 05:17:54 ----D---- C:\Windows\system32\drivers
2011-08-23 05:17:54 ----D---- C:\Windows\system32\catroot2
2011-08-23 05:17:53 ----HD---- C:\ProgramData
2011-08-23 05:17:53 ----D---- C:\ProgramData\Symantec
2011-08-23 05:17:53 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-08-23 05:17:51 ----D---- C:\Windows\registration
2011-08-23 05:17:46 ----D---- C:\Windows\Microsoft.NET
2011-08-23 05:17:45 ----RSD---- C:\Windows\assembly
2011-08-22 19:33:36 ----D---- C:\Windows\Temp
2011-08-22 19:33:34 ----RD---- C:\Program Files
2011-08-22 19:27:37 ----D---- C:\Windows\System32
2011-08-22 19:27:37 ----D---- C:\Windows\inf
2011-08-22 19:27:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-22 19:23:05 ----D---- C:\Windows
2011-08-22 18:46:05 ----SHD---- C:\System Volume Information
2011-08-16 06:21:14 ----D---- C:\Windows\winsxs
2011-08-16 06:20:14 ----D---- C:\Windows\SysWOW64
2011-08-15 16:49:31 ----D---- C:\Windows\system32\catroot
2011-08-15 16:15:55 ----D---- C:\Windows\SYSWOW64\migration
2011-08-15 16:15:55 ----D---- C:\Windows\AppPatch
2011-08-15 16:15:55 ----D---- C:\Program Files\Internet Explorer
2011-08-15 16:15:55 ----D---- C:\Program Files (x86)\Internet Explorer
2011-08-15 16:15:54 ----D---- C:\Windows\system32\migration
2011-08-15 15:57:34 ----A---- C:\Windows\system32\MRT.exe
2011-08-15 15:56:38 ----SHD---- C:\Windows\Installer
2011-08-06 07:43:48 ----D---- C:\Windows\Logs
2011-08-05 22:15:08 ----D---- C:\Windows\Prefetch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-05 408600]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-05 1542656]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-11-13 67072]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-05 18432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-17 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-05 16896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-05-29 834544]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-03-29 139704]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-03-29 164912]
S2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-03-29 124760]
S2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2009-07-14 145920]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-01 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2009-08-11 686080]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-09-02 7369728]
S3 Leadtek;Leadtek USB Network Interface; C:\Windows\system32\DRIVERS\Leadtek.sys [2010-06-10 77360]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-06-13 11776]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-06-24 216576]
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2010-06-13 119680]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2010-06-13 119680]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2010-06-13 119680]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 BcmSqlStartupSvc;Spúšacia služba produktu Business Contact Manager SQL Server; C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-18 864032]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-03-29 810120]
S2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-09-30 844320]
S2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-22 135664]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
S2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
S2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
S2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2009-07-10 253952]
S2 SQLBrowser;SQL Server Browser; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-12-10 238944]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-12-10 153440]
S2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-29 42336]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-22 135664]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-30 1255736]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2010-12-10 44384]

-----------------EOF-----------------

[vyosek]

Zdravim a pekny vecer preji

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

• Vyskoci na Vas okenko, do ktereho zkopirujte text nize

• Kód: Vybrat vše

  msconfig

• Kliknete na OK
• Prepnete se na zalozku Spuštění počítače
• Podivejte se, ci nemate zaskrtnute Bezpecne spousteni - pokud ano, tak odskrtnete
• Nasledny restart by jiz mel vest do normalniho rezimu

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

[jozibaci]

Tak - s msconfing ste mal pravdu - bolo oznacene safe boot - zrusil som a po naslednom restarte sa pc zapol uz v normalnom rezime.

Prikladam obsah suboru info.txt z RSIT -


info.txt logfile of random's system information tool 1.09 2011-08-22 19:33:42

======Uninstall list======

-->C:\Program Files\CONEXANT\cAudioFilterAgent\SETUP64.EXE -U -IcAudioFilterAgent -SM=cAudioFilterAgent64.exe,16
-->C:\Program Files\Conexant\SmartAudio\SETUP64.EXE -U -ISmartAudio -SM=SMAUDIO.EXE,1801
Acer Crystal Eye Webcam-->C:\Program Files (x86)\InstallShield Installation Information\{7760D94E-B1B5-40A0-9AA0-ABF942108755}\setup.exe -runfromtemp -l0x0009 -removeonly
Acer ePower Management-->"C:\Program Files (x86)\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x41b -removeonly
Acer eRecovery Management-->"C:\Program Files (x86)\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x41b -removeonly
Acer GameZone Console-->"C:\Program Files (x86)\Acer GameZone\GameConsole\unins000.exe"
Acer GridVista-->C:\Windows\GVUni.exe GridV.UNI
Acer Registration-->C:\Program Files (x86)\Acer\Registration\Uninstall.exe
Acer ScreenSaver-->C:\Program Files (x86)\Acer\Screensaver\Uninstall.exe
Acer Updater-->"C:\Program Files (x86)\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\setup.exe" -runfromtemp -l0x41b -removeonly
Acer VCM-->"C:\Program Files (x86)\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -runfromtemp -l0x41b -removeonly
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001}
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
Alice Greenfingers-->"C:\Program Files (x86)\Acer GameZone\Alice Greenfingers\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Alice Greenfingers\install.log"
Amazonia-->"C:\Program Files (x86)\Acer GameZone\Amazonia\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Amazonia\install.log"
Asistent pri prihlasovaní v sieti Windows Live-->MsiExec.exe /I{A789920E-E183-4311-9DEB-972913AB2FBF}
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0009 -removeonly
Business Contact Manager for Outlook 2007 SP2-->"C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe" /remove {7fdab897-38ab-4a51-b2bf-e6374b1cc04f}
Business Contact Manager for Outlook 2007 SP2-->MsiExec.exe /X{7FDAB897-38AB-4A51-B2BF-E6374B1CC04F}
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -IWAUHERwa.INF
DAEMON Tools Toolbar-->C:\Program Files (x86)\DAEMON Tools Toolbar\uninst.exe
Dairy Dash-->"C:\Program Files (x86)\Acer GameZone\Dairy Dash\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Dairy Dash\install.log"
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
Dream Day First Home-->"C:\Program Files (x86)\Acer GameZone\Dream Day First Home\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Dream Day First Home\install.log"
DVD Shrink 3.2-->"C:\Program Files (x86)\DVD Shrink\unins000.exe"
eSobi v2-->C:\Program Files (x86)\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x0409
Farm Frenzy 2-->"C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Farm Frenzy 2\install.log"
First Class Flurry-->"C:\Program Files (x86)\Acer GameZone\First Class Flurry\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\First Class Flurry\install.log"
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\13.0.782.112\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Granny In Paradise-->"C:\Program Files (x86)\Acer GameZone\Granny In Paradise\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Granny In Paradise\install.log"
Heroes of Hellas-->"C:\Program Files (x86)\Acer GameZone\Heroes of Hellas\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Heroes of Hellas\install.log"
Chicken Invaders 2-->"C:\Program Files (x86)\Acer GameZone\Chicken Invaders 2\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Chicken Invaders 2\install.log"
Identity Card-->C:\Program Files (x86)\Acer\Identity Card\Uninstall.exe
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\SysWOW64\igxpun.exe -uninstall
Intel® Matrix Storage Manager-->C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
InterVideo WinDVD 8-->C:\Program Files (x86)\InstallShield Installation Information\{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}\setup.exe -runfromtemp -l0x0409
InterVideo WinDVD 8-->C:\Program Files (x86)\InstallShield Installation Information\{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}\setup.exe -runfromtemp -l0x0409
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
K-Lite Mega Codec Pack 4.1.4-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Launch Manager-->C:\Windows\UnInst32.exe LManager.UNI
Merriam Websters Spell Jam-->"C:\Program Files (x86)\Acer GameZone\Merriam Websters Spell Jam\Uninstall.exe" "C:\Program Files (x86)\Acer GameZone\Merriam Websters Spell Jam\install.log"
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)-->MsiExec.exe /I{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}
Microsoft SQL Server 2005-->"c:\Program Files (x86)\Microsoft SQL Server\90\Setup Bootstrap\ARPWrapper.exe" /Remove
Microsoft SQL Server Native Client-->MsiExec.exe /I{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}
Microsoft SQL Server Setup Support Files (English)-->MsiExec.exe /X{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}
Microsoft SQL Server VSS Writer-->MsiExec.exe /I{B636C9B9-A3F2-4DCE-ADCC-72E095018385}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Mozilla Firefox 5.0 (x86 sk)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 9 Lite-->C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="XM2C-50A9-HH4M-0ZM8-4X06-9P25-5A46-618P-AH19-6647"
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero Online Upgrade-->MsiExec.exe /X{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Norton Online Backup-->MsiExec.exe /X{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}
NTI Backup Now 5-->C:\Program Files (x86)\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x0409
NTI Media Maker 8-->C:\Program Files (x86)\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x0409
ObjectDock-->C:\PROGRA~2\Stardock\OBJECT~1\UNWISE.EXE C:\PROGRA~2\Stardock\OBJECT~1\INSTALL.LOG
Odovzdávací nástroj lokality Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
OpenOffice.org 3.1-->MsiExec.exe /I{B1995371-129A-4232-A0C8-E98500B4F317}
Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -l0x0009 -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
T-Mobile Communication Center 3.60.03.99-->"C:\Program Files (x86)\T-Mobile Communication Center\unins000.exe"
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Welcome Center-->C:\Program Files (x86)\Acer\Welcome Center\Uninstall.exe
WIDCOMM Bluetooth Software-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{EE092FB2-4B8D-4C02-AEDA-D8DE697F7794}
Windows Live Fotogaléria-->MsiExec.exe /X{27F5A864-A816-471D-91A4-5CD39305AA23}
Windows Live Mail-->MsiExec.exe /I{67114EC2-5C83-4FE9-A1EF-358459AB3640}
Windows Live Messenger-->MsiExec.exe /X{77E927C4-C603-4E77-8E4E-5EEAD58EBF41}
Windows Live Movie Maker-->MsiExec.exe /X{D18EA546-0279-4EF5-816D-C2333E61A7F0}
Windows Live Sync-->MsiExec.exe /X{B536CA63-8BB3-4027-A495-84DD9FED17EC}
Windows Live Writer-->MsiExec.exe /X{CFEAF8DD-4BDF-4141-BF2B-02BCA2DEB7FB}
WinRAR archivátor-->C:\Program Files (x86)\WinRAR\uninstall.exe
Zoner Photo Studio 10-->"C:\Program Files (x86)\Zoner\Photo Studio 10\unins000.exe" /SILENT

======System event log======

Computer Name: dusa-pc
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 92266
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20110226131510.604372-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: dusa-pc
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 92122
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20110226104145.348970-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: dusa-pc
Event Code: 1014
Message: Name resolution for the name dns.msftncsi.com timed out after none of the configured DNS servers responded.
Record Number: 92074
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20110226103951.889958-000
Event Type: Warning
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: dusa-pc
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 91973
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20110225182951.343757-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: dusa-pc
Event Code: 4001
Message: Služba automatickej konfigurácie siete WLAN sa úspešne zastavila.

Record Number: 91801
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20110224204048.893268-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: dusa-pc
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 916
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20100527195813.323142-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: dusa-pc
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 914
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20100527195812.667941-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: dusa-pc
Event Code: 3086
Message: The system locale has changed. Existing data will be deleted and the index must be recreated.

Context: Application, SystemIndex Catalog

Record Number: 889
Source Name: Microsoft-Windows-Search
Time Written: 20100527195349.000000-000
Event Type: Warning
User:

Computer Name: dusa-pc
Event Code: 1008
Message: Služba Windows Search sa spúšťa a pokúša sa odstrániť starý index hľadania. {Dôvod: Full Index Reset}.

Record Number: 867
Source Name: Microsoft-Windows-Search
Time Written: 20100528104536.000000-000
Event Type: Warning
User:

Computer Name: dusa-pc
Event Code: 3006
Message: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.
Record Number: 858
Source Name: Microsoft-Windows-LoadPerf
Time Written: 20100528104508.229542-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: dusa-pc
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 2978
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100621163248.571191-000
Event Type: Audit Success
User:

Computer Name: dusa-pc
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: DUSA-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x220
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2977
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100621163248.571191-000
Event Type: Audit Success
User:

Computer Name: dusa-pc
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 2976
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100621163248.259190-000
Event Type: Audit Success
User:

Computer Name: dusa-pc
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: DUSA-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x220
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 2975
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100621163248.259190-000
Event Type: Audit Success
User:

Computer Name: dusa-pc
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 2974
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100621163213.705129-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\;
"SAFEBOOT_OPTION"=NETWORK

-----------------EOF-----------------

[vyosek]

Doporucuji odinstalovat (pokud nepouzivate) toolbary (listy prohlizecu) v Přidat nebo odebrat programy

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)

• Provedte aktualizaci - treti zalozka
• Provedte uplny sken - nic nemazte
• MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

[jozibaci]

....ok - toolbary odinstalovane - prikladam log z MBAM -


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Verzia databázy: 7537

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

22. 8. 2011 21:06:03
mbam-log-2011-08-22 (21-06-03).txt

Typ kontroly: Úplná kontrola (C:\|D:\|)
Objektov kontrolovaných: 326906
Uplynutý čas: 39 min, 25 sek

Infikované služby pamäte: 0
Infikované moduly pamäte: 0
Infikované registračné kľúče: 0
Infikované registračné hodnoty: 0
Infikované položky registračných dát: 0
Infikované priečinky: 0
Infikované súbory: 0

Infikované služby pamäte:
(Škodlivé položky neboli zistené)

Infikované moduly pamäte:
(Škodlivé položky neboli zistené)

Infikované registračné kľúče:
(Škodlivé položky neboli zistené)

Infikované registračné hodnoty:
(Škodlivé položky neboli zistené)

Infikované položky registračných dát:
(Škodlivé položky neboli zistené)

Infikované priečinky:
(Škodlivé položky neboli zistené)

Infikované súbory:
(Škodlivé položky neboli zistené)

[vyosek]

Jak se chova PC

[jozibaci]

Je to v poriadku-dakujem za pomoc.Ak je to vsetko-prajem dobru noc!

[vyosek]

Nemate zac, rad jsem pomohl Zase nekdy