Screensaver

[dandar]

Ahoj všichni,
podařilo se mi na stránkách FB stáhnout pravděpodobně nějaký vir. Kliknuk jsem na odkaz v příspěvku,
které tam měl známý a nabídlo mi to stáhnout a otevřít soubor s příponou .scr. No a od té doby mi to píše v příspěvcích
nesmysly (hlavně odkaz na ten screensaver -ze stránek: on.fb.me). Ten odkaz má spousta lidí v příspěvcích
Prosím o radu, jak pokračovat, děkuji...

Logfile of random's system information tool 1.09 (written by random/random)
Run by richter at 2012-05-24 19:30:50
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 60 GB (39%) free of 153 GB
Total RAM: 2038 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:30:57, on 24.5.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Lenovo\TrackPoint\tp4serv.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Samsung\Kies\External\DeviceModules\DeviceManager.exe
C:\Program Files\Samsung\Kies\External\DeviceModules\ConnectionManager.exe
C:\Program Files\Samsung\Kies\External\DeviceModules\DeviceDataService.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\richter\P-7-78-8964-9648-3874\winpvc.exe
C:\Users\richter\AppData\Local\Temp\7128148.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\richter\Downloads\RSIT.exe
C:\Program Files\trend micro\richter.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [TrackPointSrv] C:\Program Files\Lenovo\TrackPoint\tp4serv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\Windows\TEMP\E_S48EF.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON SX218 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGDE.EXE /FU "C:\Windows\TEMP\E_S4634.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Microsoft Windows System] C:\Users\richter\P-7-78-8964-9648-3874\winpvc.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - http://support.lenovo.com/Resources/Len ... etect2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7806 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\richter\AppData\Roaming\Mozilla\Firefox\Profiles\me953lqe.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-05 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-05 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-04-21 1000768]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TrackPointSrv"=C:\Program Files\Lenovo\TrackPoint\tp4serv.exe [2009-11-24 93032]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-08-06 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-06 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-06 150552]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-03-07 4241512]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-04-12 222776]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-04-27 3521424]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus DX4400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"EPSON SX218 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGDE.EXE [2009-09-14 200704]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-04-27 955280]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup []
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-05-15 21416]
"Microsoft Windows System"=C:\Users\richter\P-7-78-8964-9648-3874\winpvc.exe [2012-05-24 65536]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-06 217600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-05-24 19:24:03 ----D---- C:\Program Files\trend micro
2012-05-24 19:24:02 ----D---- C:\rsit
2012-05-24 18:41:11 ----AH---- C:\Users\richter\AppData\Roaming\msnsvconfig.txt
2012-05-21 16:48:36 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2012-05-21 16:48:36 ----A---- C:\Windows\system32\drivers\ggsemc.sys
2012-05-21 16:48:36 ----A---- C:\Windows\system32\drivers\ggflt.sys
2012-05-21 16:47:13 ----D---- C:\Program Files\Sony Ericsson
2012-05-21 16:33:46 ----D---- C:\Users\richter\AppData\Roaming\MyPhoneExplorer
2012-05-21 16:33:30 ----D---- C:\Program Files\MyPhoneExplorer
2012-05-15 20:47:50 ----D---- C:\Users\richter\AppData\Roaming\Temp
2012-05-15 18:55:19 ----D---- C:\Temp
2012-05-15 18:43:34 ----D---- C:\Users\richter\AppData\Roaming\Samsung
2012-05-15 17:38:02 ----A---- C:\Windows\system32\drivers\ssudserd.sys
2012-05-15 17:38:02 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2012-05-15 17:38:02 ----A---- C:\Windows\system32\drivers\ssudbus.sys
2012-05-15 17:33:36 ----A---- C:\Windows\system32\Redemption.dll
2012-05-15 17:33:04 ----D---- C:\Program Files\MarkAny
2012-05-15 17:33:04 ----A---- C:\Windows\system32\dgderapi.dll
2012-05-15 17:31:44 ----D---- C:\ProgramData\Samsung
2012-05-15 17:31:44 ----D---- C:\Program Files\Samsung
2012-05-09 14:27:13 ----SHD---- C:\Config.Msi
2012-05-09 13:31:43 ----A---- C:\Windows\system32\mshtmled.dll
2012-05-09 13:31:42 ----A---- C:\Windows\system32\iertutil.dll
2012-05-09 13:31:41 ----A---- C:\Windows\system32\jscript9.dll
2012-05-09 13:31:41 ----A---- C:\Windows\system32\jscript.dll
2012-05-09 13:31:40 ----A---- C:\Windows\system32\wininet.dll
2012-05-09 13:31:40 ----A---- C:\Windows\system32\jsproxy.dll
2012-05-09 13:31:39 ----A---- C:\Windows\system32\url.dll
2012-05-09 13:31:38 ----A---- C:\Windows\system32\ieui.dll
2012-05-09 13:31:37 ----A---- C:\Windows\system32\urlmon.dll
2012-05-09 13:31:34 ----A---- C:\Windows\system32\ieframe.dll
2012-05-09 13:31:33 ----A---- C:\Windows\system32\mshtml.dll
2012-05-09 13:24:16 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-05-09 13:24:15 ----A---- C:\Windows\system32\wmi.dll
2012-05-09 13:24:14 ----A---- C:\Windows\system32\wintrust.dll
2012-05-09 13:24:14 ----A---- C:\Windows\system32\imagehlp.dll
2012-05-09 13:19:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-05-09 13:19:23 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-05-09 13:19:22 ----A---- C:\Windows\system32\win32k.sys
2012-05-09 13:19:18 ----A---- C:\Windows\system32\rdpcore.dll
2012-05-09 13:19:18 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-05-09 13:19:17 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-05-09 13:19:07 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-05-09 13:18:58 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-05-09 13:18:58 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-05-09 13:18:57 ----A---- C:\Windows\system32\rdpwsx.dll
2012-05-09 13:17:36 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-09 13:16:00 ----A---- C:\Windows\system32\DWrite.dll
2012-05-09 09:44:08 ----D---- C:\Users\richter\AppData\Roaming\LibreOffice
2012-05-09 09:40:41 ----D---- C:\Program Files\LibreOffice 3.5
2012-05-03 08:15:07 ----D---- C:\ProgramData\Mozilla
2012-05-03 08:15:06 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-05-02 20:25:48 ----D---- C:\Users\richter\AppData\Roaming\Sony
2012-05-02 20:25:48 ----D---- C:\Program Files\Sony Media Go Install

======List of files/folders modified in the last 1 month======

2012-05-24 19:30:57 ----D---- C:\Windows\Temp
2012-05-24 19:24:03 ----RD---- C:\Program Files
2012-05-24 18:41:09 ----D---- C:\Windows\Prefetch
2012-05-24 17:45:48 ----D---- C:\Windows
2012-05-24 17:39:23 ----D---- C:\Windows\System32
2012-05-24 17:39:23 ----D---- C:\Windows\inf
2012-05-24 08:32:54 ----D---- C:\Windows\system32\FxsTmp
2012-05-24 08:20:03 ----SHD---- C:\System Volume Information
2012-05-22 14:29:40 ----D---- C:\Windows\system32\config
2012-05-21 17:00:29 ----D---- C:\Windows\system32\drivers
2012-05-21 16:48:51 ----D---- C:\Windows\system32\DriverStore
2012-05-21 16:48:51 ----D---- C:\Windows\system32\catroot
2012-05-21 16:48:36 ----D---- C:\Windows\system32\catroot2
2012-05-21 16:42:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-15 20:40:31 ----SD---- C:\Users\richter\AppData\Roaming\Microsoft
2012-05-15 17:32:57 ----SHD---- C:\Windows\Installer
2012-05-15 17:32:57 ----HD---- C:\Program Files\InstallShield Installation Information
2012-05-15 17:31:44 ----HD---- C:\ProgramData
2012-05-14 00:09:03 ----D---- C:\Windows\ModemLogs
2012-05-14 00:09:00 ----D---- C:\Windows\debug
2012-05-09 19:12:07 ----D---- C:\Windows\Microsoft.NET
2012-05-09 19:12:04 ----RSD---- C:\Windows\assembly
2012-05-09 14:28:42 ----D---- C:\Program Files\Common Files
2012-05-09 14:28:41 ----D---- C:\Program Files\Nokia
2012-05-09 14:26:16 ----D---- C:\Program Files\OpenOffice.org 3
2012-05-09 14:10:28 ----SD---- C:\ProgramData\Microsoft
2012-05-09 13:43:45 ----D---- C:\Windows\winsxs
2012-05-09 13:42:46 ----D---- C:\Program Files\Microsoft Silverlight
2012-05-09 13:41:18 ----D---- C:\Windows\system32\migration
2012-05-09 13:41:18 ----D---- C:\Program Files\Windows Journal
2012-05-09 13:41:18 ----D---- C:\Program Files\Internet Explorer
2012-05-09 13:39:24 ----D---- C:\ProgramData\Microsoft Help
2012-05-09 09:42:32 ----D---- C:\Windows\ShellNew
2012-05-09 09:41:18 ----RSD---- C:\Windows\Fonts
2012-05-03 08:15:03 ----D---- C:\Program Files\Mozilla Firefox
2012-04-26 20:08:16 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-05-10 691696]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-07 44376]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 53848]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-08 45736]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-15 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 18472]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRTN32.sys [2009-06-22 486400]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2007-06-01 21424]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-08-06 4786688]
R3 NETwLv32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETwLv32.sys [2010-10-07 6639616]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 181432]
R3 Tp4Track;PS/2 TrackPoint Driver; C:\Windows\system32\DRIVERS\tp4track.sys [2009-11-24 23152]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 ab6hk8o6;ab6hk8o6; C:\Windows\system32\drivers\ab6hk8o6.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-02-24 80824]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-05-21 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-05-21 25512]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2012-02-24 181432]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-03-14 84520]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-03-07 44768]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2011-01-24 628000]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2007-06-01 36400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-11-30 718888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-04 136176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-04 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-21 1343400]

-----------------EOF-----------------

[dandar]

Tak jsem provedl, jen odkaz na C:\Users\richter\AppData\Local\Temp\7128148.exe jsem v HijackThis nenašel.

Logfile of random's system information tool 1.09 (written by random/random)
Run by richter at 2012-05-24 20:11:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 61 GB (40%) free of 153 GB
Total RAM: 2038 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:12:09, on 24.5.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\rundll32.exe
C:\Windows\Explorer.EXE
C:\Program Files\Lenovo\TrackPoint\tp4serv.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Software602\Print2PDF\Print2PDF.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Samsung\Kies\KiesHelper.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
C:\Program Files\ThinkPad\Bluetooth Software\BtStackServer.exe
C:\Program Files\Samsung\Kies\External\DeviceModules\DeviceManager.exe
C:\Program Files\Samsung\Kies\External\DeviceModules\ConnectionManager.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Users\richter\Downloads\RSIT.exe
C:\Program Files\trend micro\richter.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [TrackPointSrv] C:\Program Files\Lenovo\TrackPoint\tp4serv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\Windows\TEMP\E_S48EF.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON SX218 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGDE.EXE /FU "C:\Windows\TEMP\E_S4634.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} - http://support.lenovo.com/Resources/Len ... etect2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Lenovo - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7401 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\richter\AppData\Roaming\Mozilla\Firefox\Profiles\me953lqe.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files\Software602\602XML\Filler\npfiller.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-05 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-05 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-04-21 1000768]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TrackPointSrv"=C:\Program Files\Lenovo\TrackPoint\tp4serv.exe [2009-11-24 93032]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-08-06 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-06 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-06 150552]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2012-03-07 4241512]
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-04-12 222776]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-04-27 3521424]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON Stylus DX4400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE [2007-03-01 180736]
"EPSON SX218 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGDE.EXE [2009-09-14 200704]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2012-04-27 955280]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup []
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-05-15 21416]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-06 217600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-05-24 19:39:27 ----A---- C:\Windows\system32\FNTCACHE.DAT
2012-05-24 19:39:25 ----A---- C:\Windows\ntbtlog.txt
2012-05-24 19:24:03 ----D---- C:\Program Files\trend micro
2012-05-24 19:24:02 ----D---- C:\rsit
2012-05-24 18:41:11 ----AH---- C:\Users\richter\AppData\Roaming\msnsvconfig.txt
2012-05-21 16:48:36 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2012-05-21 16:48:36 ----A---- C:\Windows\system32\drivers\ggsemc.sys
2012-05-21 16:48:36 ----A---- C:\Windows\system32\drivers\ggflt.sys
2012-05-21 16:47:13 ----D---- C:\Program Files\Sony Ericsson
2012-05-21 16:33:46 ----D---- C:\Users\richter\AppData\Roaming\MyPhoneExplorer
2012-05-21 16:33:30 ----D---- C:\Program Files\MyPhoneExplorer
2012-05-15 20:47:50 ----D---- C:\Users\richter\AppData\Roaming\Temp
2012-05-15 18:55:19 ----D---- C:\Temp
2012-05-15 18:43:34 ----D---- C:\Users\richter\AppData\Roaming\Samsung
2012-05-15 17:38:02 ----A---- C:\Windows\system32\drivers\ssudserd.sys
2012-05-15 17:38:02 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2012-05-15 17:38:02 ----A---- C:\Windows\system32\drivers\ssudbus.sys
2012-05-15 17:33:36 ----A---- C:\Windows\system32\Redemption.dll
2012-05-15 17:33:04 ----D---- C:\Program Files\MarkAny
2012-05-15 17:33:04 ----A---- C:\Windows\system32\dgderapi.dll
2012-05-15 17:31:44 ----D---- C:\ProgramData\Samsung
2012-05-15 17:31:44 ----D---- C:\Program Files\Samsung
2012-05-09 14:27:13 ----SHD---- C:\Config.Msi
2012-05-09 13:31:43 ----A---- C:\Windows\system32\mshtmled.dll
2012-05-09 13:31:42 ----A---- C:\Windows\system32\iertutil.dll
2012-05-09 13:31:41 ----A---- C:\Windows\system32\jscript9.dll
2012-05-09 13:31:41 ----A---- C:\Windows\system32\jscript.dll
2012-05-09 13:31:40 ----A---- C:\Windows\system32\wininet.dll
2012-05-09 13:31:40 ----A---- C:\Windows\system32\jsproxy.dll
2012-05-09 13:31:39 ----A---- C:\Windows\system32\url.dll
2012-05-09 13:31:38 ----A---- C:\Windows\system32\ieui.dll
2012-05-09 13:31:37 ----A---- C:\Windows\system32\urlmon.dll
2012-05-09 13:31:34 ----A---- C:\Windows\system32\ieframe.dll
2012-05-09 13:31:33 ----A---- C:\Windows\system32\mshtml.dll
2012-05-09 13:24:16 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-05-09 13:24:15 ----A---- C:\Windows\system32\wmi.dll
2012-05-09 13:24:14 ----A---- C:\Windows\system32\wintrust.dll
2012-05-09 13:24:14 ----A---- C:\Windows\system32\imagehlp.dll
2012-05-09 13:19:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-05-09 13:19:23 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-05-09 13:19:22 ----A---- C:\Windows\system32\win32k.sys
2012-05-09 13:19:18 ----A---- C:\Windows\system32\rdpcore.dll
2012-05-09 13:19:18 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-05-09 13:19:17 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-05-09 13:19:07 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-05-09 13:18:58 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-05-09 13:18:58 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-05-09 13:18:57 ----A---- C:\Windows\system32\rdpwsx.dll
2012-05-09 13:17:36 ----A---- C:\Windows\system32\drivers\partmgr.sys
2012-05-09 13:16:00 ----A---- C:\Windows\system32\DWrite.dll
2012-05-09 09:44:08 ----D---- C:\Users\richter\AppData\Roaming\LibreOffice
2012-05-09 09:40:41 ----D---- C:\Program Files\LibreOffice 3.5
2012-05-03 08:15:07 ----D---- C:\ProgramData\Mozilla
2012-05-03 08:15:06 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-05-02 20:25:48 ----D---- C:\Users\richter\AppData\Roaming\Sony
2012-05-02 20:25:48 ----D---- C:\Program Files\Sony Media Go Install

======List of files/folders modified in the last 1 month======

2012-05-24 20:11:57 ----D---- C:\Windows\Temp
2012-05-24 20:02:44 ----D---- C:\Windows\Prefetch
2012-05-24 19:51:38 ----D---- C:\Windows\System32
2012-05-24 19:51:38 ----D---- C:\Windows\inf
2012-05-24 19:51:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-05-24 19:39:25 ----D---- C:\Windows
2012-05-24 19:38:15 ----D---- C:\Windows\system32\catroot
2012-05-24 19:24:03 ----RD---- C:\Program Files
2012-05-24 08:32:54 ----D---- C:\Windows\system32\FxsTmp
2012-05-24 08:20:03 ----SHD---- C:\System Volume Information
2012-05-22 14:29:40 ----D---- C:\Windows\system32\config
2012-05-21 17:00:29 ----D---- C:\Windows\system32\drivers
2012-05-21 16:48:51 ----D---- C:\Windows\system32\DriverStore
2012-05-21 16:48:36 ----D---- C:\Windows\system32\catroot2
2012-05-15 20:40:31 ----SD---- C:\Users\richter\AppData\Roaming\Microsoft
2012-05-15 17:32:57 ----SHD---- C:\Windows\Installer
2012-05-15 17:32:57 ----HD---- C:\Program Files\InstallShield Installation Information
2012-05-15 17:31:44 ----HD---- C:\ProgramData
2012-05-14 00:09:03 ----D---- C:\Windows\ModemLogs
2012-05-14 00:09:00 ----D---- C:\Windows\debug
2012-05-09 19:12:07 ----D---- C:\Windows\Microsoft.NET
2012-05-09 19:12:04 ----RSD---- C:\Windows\assembly
2012-05-09 14:28:42 ----D---- C:\Program Files\Common Files
2012-05-09 14:28:41 ----D---- C:\Program Files\Nokia
2012-05-09 14:26:16 ----D---- C:\Program Files\OpenOffice.org 3
2012-05-09 14:10:28 ----SD---- C:\ProgramData\Microsoft
2012-05-09 13:43:45 ----D---- C:\Windows\winsxs
2012-05-09 13:42:46 ----D---- C:\Program Files\Microsoft Silverlight
2012-05-09 13:41:18 ----D---- C:\Windows\system32\migration
2012-05-09 13:41:18 ----D---- C:\Program Files\Windows Journal
2012-05-09 13:41:18 ----D---- C:\Program Files\Internet Explorer
2012-05-09 13:39:24 ----D---- C:\ProgramData\Microsoft Help
2012-05-09 09:42:32 ----D---- C:\Windows\ShellNew
2012-05-09 09:41:18 ----RSD---- C:\Windows\Fonts
2012-05-03 08:15:03 ----D---- C:\Program Files\Mozilla Firefox
2012-04-26 20:08:16 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-05-10 691696]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-07 44376]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 53848]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 57688]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-08 45736]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-01-15 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 18472]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRTN32.sys [2009-06-22 486400]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2007-06-01 21424]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-08-06 4786688]
R3 NETwLv32; Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETwLv32.sys [2010-10-07 6639616]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
R3 Tp4Track;PS/2 TrackPoint Driver; C:\Windows\system32\DRIVERS\tp4track.sys [2009-11-24 23152]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 ae0whkhg;ae0whkhg; C:\Windows\system32\drivers\ae0whkhg.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 393728]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2012-02-24 80824]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-05-21 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-05-21 25512]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 181432]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2012-02-24 181432]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-03-14 84520]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-03-07 44768]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2011-01-24 628000]
R2 IBMPMSVC;ThinkPad PM Service; C:\Windows\system32\ibmpmsvc.exe [2007-06-01 36400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-11-30 718888]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-04 136176]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-11-04 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-03 129976]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-21 1343400]

-----------------EOF-----------------

[dandar]

Paráda. Podívám se a případně kdyby byl problém, tak napíšu. Děkuji velice

[dandar]

Mohu ještě poprosit? Teď mi přivezla NTB neteř, která má stejný problém, možná i větší, protože NTB je celý zbržděn. Nechci zakládat nové téma, pokud to nevadí. Všiml jsem si ted, že nemá ani antivir, který ji doinstaluji. Děkuji za kontrolu.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2012-05-24 20:42:26
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 11 GB (15%) free of 76 GB
Total RAM: 1917 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:13, on 24.5.2012
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10q_ActiveX.exe
C:\Windows\system32\conime.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Uživatel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KAVBN2AD\RSIT[1].exe
C:\Program Files\trend micro\Uživatel.exe
C:\Windows\System32\mobsync.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: StartNow Toolbar Helper - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Skinner - {d6451db9-67e1-4ca3-bfba-4d77fface17f} - C:\Program Files\Skinovacek\adxloader.dll
O3 - Toolbar: StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gameforge4D\4Story\PrePatch.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Microsoft Windows System] C:\Users\Uživatel\P-7-78-8964-9648-3874\winusm.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://kamera.kr-ustecky.cz/activex/AMC.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ABAED2E3-FB23-49C7-824E-E4C54186EC61}: NameServer = 77.48.100.254,212.80.66.7
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: SkinnerUpdater (SkinnerUpdateService) - Unknown owner - C:\Program Files\Skinovacek\SkinnerService.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Updater Service for StartNow Toolbar - Unknown owner - C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

--
End of file - 9452 bytes

======Scheduled tasks folder======

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3975033282-1750675756-2405624032-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3975033282-1750675756-2405624032-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{19650448-04D2-465A-A703-14918B334D97}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}]
StartNow Toolbar Helper - C:\Program Files\StartNow Toolbar\Toolbar32.dll [2011-10-25 420576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-21 192112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll [2012-01-13 1003576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d6451db9-67e1-4ca3-bfba-4d77fface17f}]
Skinner - C:\Program Files\Skinovacek\adxloader.dll [2011-05-08 466944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5911488E-9D1E-40ec-8CBB-06B231CC153F} - StartNow Toolbar - C:\Program Files\StartNow Toolbar\Toolbar32.dll [2011-10-25 420576]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-21 192112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-06-15 448080]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-06-07 421160]
"4StoryPrePatch"=C:\Program Files\Gameforge4D\4Story\PrePatch.exe [2011-12-17 327680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2008-01-29 430080]
"Facebook Update"=C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-25 137536]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"Microsoft Windows System"=C:\Users\Uživatel\P-7-78-8964-9648-3874\winusm.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-05-24 20:42:26 ----D---- C:\rsit
2012-05-24 20:42:26 ----D---- C:\Program Files\trend micro
2012-05-24 20:39:47 ----ASH---- C:\hiberfil.sys
2012-05-24 20:33:49 ----A---- C:\Windows\ntbtlog.txt
2012-05-23 22:50:55 ----AH---- C:\Users\Uživatel\AppData\Roaming\msnsvconfig.txt

======List of files/folders modified in the last 1 month======

2012-05-24 20:43:11 ----D---- C:\Windows\Temp
2012-05-24 20:42:26 ----RD---- C:\Program Files
2012-05-24 20:33:49 ----D---- C:\Windows
2012-05-24 20:32:44 ----D---- C:\Users\Uživatel\AppData\Roaming\SoftGrid Client
2012-05-24 15:16:57 ----SHD---- C:\System Volume Information
2012-05-24 15:06:26 ----D---- C:\Windows\Prefetch
2012-05-20 18:00:03 ----D---- C:\Windows\system32\drivers
2012-05-18 13:34:53 ----D---- C:\Program Files\Gameforge4D
2012-05-16 03:02:56 ----SHD---- C:\Windows\Installer
2012-05-16 03:02:50 ----D---- C:\ProgramData\Microsoft Help
2012-05-15 18:29:24 ----A---- C:\Windows\system32\mrt.exe
2012-05-08 15:34:56 ----D---- C:\Windows\System32
2012-05-08 15:34:56 ----D---- C:\Windows\inf
2012-05-08 15:34:56 ----A---- C:\Windows\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-01 7680]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-01-21 285184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-04-01 2929664]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-03-22 262176]
R3 RTL8187B;Síťový adaptér Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0; C:\Windows\system32\DRIVERS\RTL8187B.sys [2009-06-10 347648]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-03 550760]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-03 195944]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-03 21864]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-03 19304]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2011-05-10 18432]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-04-01 610304]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-03 483688]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar; C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe [2011-10-25 244960]
R2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 110592]
R2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 820520]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-03 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-11 136176]
S2 SkinnerUpdateService;SkinnerUpdater; C:\Program Files\Skinovacek\SkinnerService.exe [2011-05-08 7168]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-11 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-09-11 182768]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

[dandar]

Jasný, díky

[dandar]

Zde je log Kaspersky

16:38:45.0014 5740 TDSS rootkit removing tool 2.7.37.0 May 23 2012 08:15:30
16:38:45.0295 5740 ============================================================
16:38:45.0295 5740 Current date / time: 2012/05/25 16:38:45.0295
16:38:45.0295 5740 SystemInfo:
16:38:45.0295 5740
16:38:45.0295 5740 OS Version: 6.0.6001 ServicePack: 1.0
16:38:45.0295 5740 Product type: Workstation
16:38:45.0295 5740 ComputerName: UŽIVATEL-PC
16:38:45.0295 5740 UserName: Uživatel
16:38:45.0295 5740 Windows directory: C:\Windows
16:38:45.0295 5740 System windows directory: C:\Windows
16:38:45.0295 5740 Processor architecture: Intel x86
16:38:45.0295 5740 Number of processors: 2
16:38:45.0295 5740 Page size: 0x1000
16:38:45.0295 5740 Boot type: Normal boot
16:38:45.0295 5740 ============================================================
16:38:46.0387 5740 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:38:46.0387 5740 ============================================================
16:38:46.0387 5740 \Device\Harddisk0\DR0:
16:38:46.0387 5740 MBR partitions:
16:38:46.0387 5740 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x94BD000
16:38:46.0387 5740 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x97AB800, BlocksNum 0x926DEB0
16:38:46.0387 5740 ============================================================
16:38:46.0434 5740 C: <-> \Device\Harddisk0\DR0\Partition0
16:38:46.0496 5740 D: <-> \Device\Harddisk0\DR0\Partition1
16:38:46.0496 5740 ============================================================
16:38:46.0496 5740 Initialize success
16:38:46.0496 5740 ============================================================
16:39:36.0135 4484 ============================================================
16:39:36.0135 4484 Scan started
16:39:36.0135 4484 Mode: Manual; SigCheck; TDLFS;
16:39:36.0135 4484 ============================================================
16:39:37.0617 4484 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
16:39:37.0742 4484 ACPI - ok
16:39:37.0804 4484 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
16:39:37.0820 4484 adp94xx - ok
16:39:37.0867 4484 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
16:39:37.0882 4484 adpahci - ok
16:39:37.0914 4484 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
16:39:37.0929 4484 adpu160m - ok
16:39:37.0976 4484 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
16:39:37.0992 4484 adpu320 - ok
16:39:38.0038 4484 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
16:39:38.0132 4484 AeLookupSvc - ok
16:39:38.0226 4484 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
16:39:38.0288 4484 AFD - ok
16:39:38.0397 4484 AgereSoftModem (5d97943c128ed756d1b0a08302c1b1f8) C:\Windows\system32\DRIVERS\AGRSM.sys
16:39:38.0647 4484 AgereSoftModem - ok
16:39:38.0709 4484 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
16:39:38.0725 4484 agp440 - ok
16:39:38.0772 4484 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
16:39:38.0787 4484 aic78xx - ok
16:39:38.0818 4484 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
16:39:38.0881 4484 ALG - ok
16:39:38.0896 4484 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
16:39:38.0912 4484 aliide - ok
16:39:38.0928 4484 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
16:39:38.0943 4484 amdagp - ok
16:39:38.0959 4484 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
16:39:38.0974 4484 amdide - ok
16:39:39.0037 4484 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
16:39:39.0099 4484 AmdK7 - ok
16:39:39.0130 4484 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
16:39:39.0162 4484 AmdK8 - ok
16:39:39.0224 4484 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
16:39:39.0286 4484 Appinfo - ok
16:39:39.0364 4484 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:39:39.0380 4484 Apple Mobile Device - ok
16:39:39.0442 4484 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
16:39:39.0442 4484 arc - ok
16:39:39.0489 4484 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
16:39:39.0505 4484 arcsas - ok
16:39:39.0536 4484 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
16:39:39.0583 4484 AsyncMac - ok
16:39:39.0614 4484 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
16:39:39.0630 4484 atapi - ok
16:39:39.0910 4484 Ati External Event Utility (581b9be9e92a0f3856cc85ec011edc6f) C:\Windows\system32\Ati2evxx.exe
16:39:40.0066 4484 Ati External Event Utility - ok
16:39:40.0846 4484 atikmdag (22d300f835600c9c634860cf2912f9cf) C:\Windows\system32\DRIVERS\atikmdag.sys
16:39:41.0049 4484 atikmdag - ok
16:39:41.0236 4484 AtiPcie (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys
16:39:41.0283 4484 AtiPcie - ok
16:39:41.0361 4484 AudioEndpointBuilder (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
16:39:41.0392 4484 AudioEndpointBuilder - ok
16:39:41.0408 4484 Audiosrv (42076e29aafa0830a2c5d4e310f58dd1) C:\Windows\System32\Audiosrv.dll
16:39:41.0439 4484 Audiosrv - ok
16:39:41.0502 4484 Axtmvflt (59629edd214c35a01e2527ac3b8a7fb3) C:\Windows\system32\DRIVERS\Axtmvflt.sys
16:39:41.0564 4484 Axtmvflt - ok
16:39:41.0595 4484 Axtmvmdm (37e23b1756eca768656097f72c0b458d) C:\Windows\system32\DRIVERS\Axtmvmdm.sys
16:39:41.0642 4484 Axtmvmdm - ok
16:39:41.0673 4484 Axtmvprt (2c7170be24eacc0b432eb1832fee0ddc) C:\Windows\system32\Drivers\Axtmvprt.sys
16:39:41.0704 4484 Axtmvprt - ok
16:39:41.0767 4484 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
16:39:41.0845 4484 Beep - ok
16:39:41.0907 4484 BFE (8582e233c346aefe759833e8a30dd697) C:\Windows\System32\bfe.dll
16:39:41.0985 4484 BFE - ok
16:39:42.0344 4484 BITS (02ed7b4dbc2a3232a389106da7515c3d) C:\Windows\System32\qmgr.dll
16:39:42.0500 4484 BITS - ok
16:39:42.0547 4484 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
16:39:42.0594 4484 blbdrive - ok
16:39:42.0703 4484 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files\Bonjour\mDNSResponder.exe
16:39:42.0734 4484 Bonjour Service - ok
16:39:42.0765 4484 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
16:39:42.0828 4484 bowser - ok
16:39:42.0874 4484 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
16:39:42.0921 4484 BrFiltLo - ok
16:39:42.0937 4484 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
16:39:42.0984 4484 BrFiltUp - ok
16:39:43.0015 4484 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
16:39:43.0077 4484 Browser - ok
16:39:43.0124 4484 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
16:39:43.0186 4484 Brserid - ok
16:39:43.0218 4484 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
16:39:43.0296 4484 BrSerWdm - ok
16:39:43.0327 4484 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
16:39:43.0389 4484 BrUsbMdm - ok
16:39:43.0405 4484 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
16:39:43.0483 4484 BrUsbSer - ok
16:39:43.0514 4484 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
16:39:43.0576 4484 BTHMODEM - ok
16:39:43.0623 4484 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
16:39:43.0670 4484 cdfs - ok
16:39:43.0717 4484 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
16:39:43.0764 4484 cdrom - ok
16:39:43.0810 4484 CertPropSvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
16:39:43.0857 4484 CertPropSvc - ok
16:39:43.0873 4484 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
16:39:43.0920 4484 circlass - ok
16:39:43.0966 4484 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
16:39:43.0982 4484 CLFS - ok
16:39:44.0044 4484 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:39:44.0076 4484 clr_optimization_v2.0.50727_32 - ok
16:39:44.0356 4484 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:39:44.0388 4484 clr_optimization_v4.0.30319_32 - ok
16:39:44.0450 4484 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
16:39:44.0512 4484 CmBatt - ok
16:39:44.0575 4484 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
16:39:44.0637 4484 cmdide - ok
16:39:44.0684 4484 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
16:39:44.0684 4484 Compbatt - ok
16:39:44.0700 4484 COMSysApp - ok
16:39:44.0715 4484 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
16:39:44.0715 4484 crcdisk - ok
16:39:44.0746 4484 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
16:39:44.0793 4484 Crusoe - ok
16:39:44.0887 4484 CryptSvc (6de363f9f99334514c46aec02d3e3678) C:\Windows\system32\cryptsvc.dll
16:39:44.0949 4484 CryptSvc - ok
16:39:45.0183 4484 cvhsvc (61a86809b62769643892bc0812b204aa) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:39:45.0261 4484 cvhsvc - ok
16:39:45.0355 4484 DcomLaunch (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
16:39:45.0433 4484 DcomLaunch - ok
16:39:45.0526 4484 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
16:39:45.0558 4484 DfsC - ok
16:39:45.0745 4484 DFSR (fa3463f25f9cc9c3bcf1e7912feff099) C:\Windows\system32\DFSR.exe
16:39:45.0885 4484 DFSR - ok
16:39:46.0104 4484 Dhcp (43a988a9c10333476cb5fb667cbd629d) C:\Windows\System32\dhcpcsvc.dll
16:39:46.0197 4484 Dhcp - ok
16:39:46.0260 4484 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
16:39:46.0275 4484 disk - ok
16:39:46.0306 4484 Dnscache (4805d9a6d281c7a7defd9094dec6af7d) C:\Windows\System32\dnsrslvr.dll
16:39:46.0400 4484 Dnscache - ok
16:39:46.0447 4484 dot3svc (5af620a08c614e24206b79e8153cf1a8) C:\Windows\System32\dot3svc.dll
16:39:46.0509 4484 dot3svc - ok
16:39:46.0556 4484 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
16:39:46.0618 4484 DPS - ok
16:39:46.0665 4484 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
16:39:46.0696 4484 drmkaud - ok
16:39:46.0759 4484 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
16:39:46.0837 4484 DXGKrnl - ok
16:39:46.0884 4484 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
16:39:46.0930 4484 E1G60 - ok
16:39:46.0946 4484 EagleXNt - ok
16:39:46.0993 4484 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
16:39:47.0040 4484 EapHost - ok
16:39:47.0086 4484 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
16:39:47.0102 4484 Ecache - ok
16:39:47.0164 4484 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
16:39:47.0211 4484 ehRecvr - ok
16:39:47.0242 4484 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
16:39:47.0289 4484 ehSched - ok
16:39:47.0305 4484 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
16:39:47.0336 4484 ehstart - ok
16:39:47.0414 4484 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
16:39:47.0430 4484 elxstor - ok
16:39:47.0508 4484 EMDMgmt (70b1a86df0c8ead17d2bc332edae2c7c) C:\Windows\system32\emdmgmt.dll
16:39:47.0570 4484 EMDMgmt - ok
16:39:47.0617 4484 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
16:39:47.0664 4484 ErrDev - ok
16:39:47.0710 4484 EventSystem (3cb3343d720168b575133a0a20dc2465) C:\Windows\system32\es.dll
16:39:47.0757 4484 EventSystem - ok
16:39:47.0804 4484 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
16:39:47.0851 4484 exfat - ok
16:39:47.0882 4484 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
16:39:47.0929 4484 fastfat - ok
16:39:47.0976 4484 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
16:39:48.0022 4484 fdc - ok
16:39:48.0054 4484 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
16:39:48.0116 4484 fdPHost - ok
16:39:48.0147 4484 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
16:39:48.0210 4484 FDResPub - ok
16:39:48.0241 4484 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
16:39:48.0241 4484 FileInfo - ok
16:39:48.0288 4484 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
16:39:48.0334 4484 Filetrace - ok
16:39:48.0350 4484 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
16:39:48.0412 4484 flpydisk - ok
16:39:48.0428 4484 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
16:39:48.0444 4484 FltMgr - ok
16:39:48.0568 4484 FontCache3.0.0.0 (c9be08664611ddaf98e2331e9288b00b) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:39:48.0584 4484 FontCache3.0.0.0 - ok
16:39:48.0615 4484 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
16:39:48.0678 4484 Fs_Rec - ok
16:39:48.0709 4484 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
16:39:48.0740 4484 gagp30kx - ok
16:39:48.0771 4484 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:39:48.0787 4484 GEARAspiWDM - ok
16:39:48.0865 4484 gpsvc (d9f1113d9401185245573350712f92fc) C:\Windows\System32\gpsvc.dll
16:39:48.0927 4484 gpsvc - ok
16:39:49.0036 4484 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
16:39:49.0052 4484 gupdate - ok
16:39:49.0068 4484 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
16:39:49.0083 4484 gupdatem - ok
16:39:49.0099 4484 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:39:49.0114 4484 gusvc - ok
16:39:49.0177 4484 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
16:39:49.0255 4484 HdAudAddService - ok
16:39:49.0286 4484 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:39:49.0333 4484 HDAudBus - ok
16:39:49.0364 4484 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
16:39:49.0442 4484 HidBth - ok
16:39:49.0458 4484 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
16:39:49.0520 4484 HidIr - ok
16:39:49.0567 4484 hidserv (8fa640195279ace21bea91396a0054fc) C:\Windows\system32\hidserv.dll
16:39:49.0629 4484 hidserv - ok
16:39:49.0660 4484 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
16:39:49.0707 4484 HidUsb - ok
16:39:49.0738 4484 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
16:39:49.0785 4484 hkmsvc - ok
16:39:49.0832 4484 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
16:39:49.0848 4484 HpCISSs - ok
16:39:49.0894 4484 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
16:39:49.0972 4484 HTTP - ok
16:39:50.0004 4484 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
16:39:50.0019 4484 i2omp - ok
16:39:50.0066 4484 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
16:39:50.0128 4484 i8042prt - ok
16:39:50.0160 4484 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
16:39:50.0175 4484 iaStorV - ok
16:39:50.0316 4484 idsvc (7b630acaed64fef0c3e1cf255cb56686) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:39:50.0394 4484 idsvc - ok
16:39:50.0409 4484 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
16:39:50.0425 4484 iirsp - ok
16:39:50.0487 4484 IKEEXT (a3bc480a2bf8aa8e4dabd2d5dce0afac) C:\Windows\System32\ikeext.dll
16:39:50.0534 4484 IKEEXT - ok
16:39:50.0581 4484 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
16:39:50.0581 4484 intelide - ok
16:39:50.0628 4484 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
16:39:50.0674 4484 intelppm - ok
16:39:50.0706 4484 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
16:39:50.0752 4484 IPBusEnum - ok
16:39:50.0768 4484 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:39:50.0815 4484 IpFilterDriver - ok
16:39:50.0877 4484 iphlpsvc (6a35d233693edc29a12742049bc5e37f) C:\Windows\System32\iphlpsvc.dll
16:39:50.0924 4484 iphlpsvc - ok
16:39:50.0924 4484 IpInIp - ok
16:39:50.0955 4484 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
16:39:51.0002 4484 IPMIDRV - ok
16:39:51.0033 4484 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
16:39:51.0080 4484 IPNAT - ok
16:39:51.0220 4484 iPod Service (b84a28b3984185eda8867541af14cddb) C:\Program Files\iPod\bin\iPodService.exe
16:39:51.0267 4484 iPod Service - ok
16:39:51.0298 4484 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
16:39:51.0345 4484 IRENUM - ok
16:39:51.0376 4484 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
16:39:51.0392 4484 isapnp - ok
16:39:51.0439 4484 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
16:39:51.0454 4484 iScsiPrt - ok
16:39:51.0470 4484 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
16:39:51.0486 4484 iteatapi - ok
16:39:51.0517 4484 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
16:39:51.0532 4484 iteraid - ok
16:39:51.0548 4484 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
16:39:51.0564 4484 kbdclass - ok
16:39:51.0579 4484 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
16:39:51.0642 4484 kbdhid - ok
16:39:51.0673 4484 KeyIso (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
16:39:51.0720 4484 KeyIso - ok
16:39:51.0766 4484 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
16:39:51.0782 4484 KSecDD - ok
16:39:51.0860 4484 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
16:39:51.0907 4484 KtmRm - ok
16:39:51.0938 4484 LanmanServer (1925e63c91cf1610ae41bfd539062079) C:\Windows\system32\srvsvc.dll
16:39:51.0969 4484 LanmanServer - ok
16:39:52.0032 4484 LanmanWorkstation (2ae2e1628c5d3f1c0a46a67c9fa1df15) C:\Windows\System32\wkssvc.dll
16:39:52.0094 4484 LanmanWorkstation - ok
16:39:52.0125 4484 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
16:39:52.0172 4484 lltdio - ok
16:39:52.0234 4484 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
16:39:52.0281 4484 lltdsvc - ok
16:39:52.0312 4484 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
16:39:52.0375 4484 lmhosts - ok
16:39:52.0390 4484 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
16:39:52.0406 4484 LSI_FC - ok
16:39:52.0437 4484 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
16:39:52.0453 4484 LSI_SAS - ok
16:39:52.0515 4484 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
16:39:52.0515 4484 LSI_SCSI - ok
16:39:52.0546 4484 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
16:39:52.0578 4484 luafv - ok
16:39:52.0702 4484 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
16:39:52.0780 4484 McComponentHostService - ok
16:39:52.0827 4484 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
16:39:52.0843 4484 Mcx2Svc - ok
16:39:52.0890 4484 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
16:39:52.0905 4484 megasas - ok
16:39:52.0968 4484 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
16:39:53.0014 4484 MegaSR - ok
16:39:53.0046 4484 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:39:53.0108 4484 MMCSS - ok
16:39:53.0124 4484 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
16:39:53.0186 4484 Modem - ok
16:39:53.0233 4484 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
16:39:53.0264 4484 monitor - ok
16:39:53.0280 4484 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
16:39:53.0280 4484 mouclass - ok
16:39:53.0295 4484 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
16:39:53.0342 4484 mouhid - ok
16:39:53.0373 4484 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
16:39:53.0389 4484 MountMgr - ok
16:39:53.0420 4484 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
16:39:53.0436 4484 mpio - ok
16:39:53.0467 4484 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
16:39:53.0482 4484 mpsdrv - ok
16:39:53.0545 4484 MpsSvc (d1639ba315b0d79dec49a4b0e1fb929b) C:\Windows\system32\mpssvc.dll
16:39:53.0592 4484 MpsSvc - ok
16:39:53.0638 4484 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
16:39:53.0638 4484 Mraid35x - ok
16:39:53.0670 4484 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
16:39:53.0716 4484 MRxDAV - ok
16:39:53.0763 4484 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:39:53.0810 4484 mrxsmb - ok
16:39:53.0857 4484 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:39:53.0904 4484 mrxsmb10 - ok
16:39:53.0935 4484 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:39:53.0966 4484 mrxsmb20 - ok
16:39:53.0997 4484 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
16:39:54.0013 4484 msahci - ok
16:39:54.0044 4484 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
16:39:54.0060 4484 msdsm - ok
16:39:54.0091 4484 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
16:39:54.0138 4484 MSDTC - ok
16:39:54.0169 4484 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
16:39:54.0216 4484 Msfs - ok
16:39:54.0247 4484 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
16:39:54.0262 4484 msisadrv - ok
16:39:54.0325 4484 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
16:39:54.0356 4484 MSiSCSI - ok
16:39:54.0356 4484 msiserver - ok
16:39:54.0403 4484 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
16:39:54.0450 4484 MSKSSRV - ok
16:39:54.0496 4484 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
16:39:54.0559 4484 MSPCLOCK - ok
16:39:54.0559 4484 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
16:39:54.0606 4484 MSPQM - ok
16:39:54.0637 4484 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
16:39:54.0652 4484 MsRPC - ok
16:39:54.0668 4484 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
16:39:54.0684 4484 mssmbios - ok
16:39:54.0715 4484 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
16:39:54.0746 4484 MSTEE - ok
16:39:54.0793 4484 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
16:39:54.0808 4484 Mup - ok
16:39:54.0855 4484 napagent (c43b25863fbd65b6d2a142af3ae320ca) C:\Windows\system32\qagentRT.dll
16:39:54.0902 4484 napagent - ok
16:39:54.0964 4484 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
16:39:54.0996 4484 NativeWifiP - ok
16:39:55.0058 4484 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
16:39:55.0089 4484 NDIS - ok
16:39:55.0105 4484 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
16:39:55.0167 4484 NdisTapi - ok
16:39:55.0198 4484 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
16:39:55.0230 4484 Ndisuio - ok
16:39:55.0261 4484 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
16:39:55.0308 4484 NdisWan - ok
16:39:55.0323 4484 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
16:39:55.0339 4484 NDProxy - ok
16:39:55.0401 4484 Netaapl (1352e1648213551923a0a822e441553c) C:\Windows\system32\DRIVERS\netaapl.sys
16:39:55.0448 4484 Netaapl - ok
16:39:55.0464 4484 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
16:39:55.0495 4484 NetBIOS - ok
16:39:55.0526 4484 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
16:39:55.0573 4484 netbt - ok
16:39:55.0604 4484 Netlogon (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
16:39:55.0620 4484 Netlogon - ok
16:39:55.0682 4484 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
16:39:55.0729 4484 Netman - ok
16:39:55.0776 4484 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
16:39:55.0838 4484 netprofm - ok
16:39:55.0932 4484 NetTcpPortSharing (0ad5876ef4e9eb77c8f93eb5b2fff386) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:39:55.0947 4484 NetTcpPortSharing - ok
16:39:55.0994 4484 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
16:39:55.0994 4484 nfrd960 - ok
16:39:56.0025 4484 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
16:39:56.0088 4484 NlaSvc - ok
16:39:56.0103 4484 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
16:39:56.0150 4484 Npfs - ok
16:39:56.0181 4484 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
16:39:56.0244 4484 nsi - ok
16:39:56.0259 4484 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
16:39:56.0306 4484 nsiproxy - ok
16:39:56.0400 4484 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
16:39:56.0462 4484 Ntfs - ok
16:39:56.0509 4484 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
16:39:56.0587 4484 ntrigdigi - ok
16:39:56.0618 4484 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
16:39:56.0649 4484 Null - ok
16:39:56.0680 4484 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
16:39:56.0680 4484 nvraid - ok
16:39:56.0712 4484 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
16:39:56.0727 4484 nvstor - ok
16:39:56.0743 4484 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
16:39:56.0758 4484 nv_agp - ok
16:39:56.0758 4484 NwlnkFlt - ok
16:39:56.0774 4484 NwlnkFwd - ok
16:39:56.0821 4484 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
16:39:56.0883 4484 ohci1394 - ok
16:39:56.0977 4484 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:39:56.0977 4484 ose - ok
16:39:57.0398 4484 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:39:57.0632 4484 osppsvc - ok
16:39:57.0788 4484 p2pimsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
16:39:57.0850 4484 p2pimsvc - ok
16:39:57.0882 4484 p2psvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
16:39:57.0928 4484 p2psvc - ok
16:39:57.0975 4484 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
16:39:58.0053 4484 Parport - ok
16:39:58.0069 4484 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
16:39:58.0084 4484 partmgr - ok
16:39:58.0100 4484 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
16:39:58.0162 4484 Parvdm - ok
16:39:58.0194 4484 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
16:39:58.0240 4484 PcaSvc - ok
16:39:58.0272 4484 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
16:39:58.0287 4484 pci - ok
16:39:58.0318 4484 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
16:39:58.0334 4484 pciide - ok
16:39:58.0350 4484 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
16:39:58.0365 4484 pcmcia - ok
16:39:58.0443 4484 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
16:39:58.0537 4484 PEAUTH - ok
16:39:58.0677 4484 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
16:39:58.0802 4484 pla - ok
16:39:58.0989 4484 PlugPlay (78f975cb6d18265be6f492edb2d7bc7b) C:\Windows\system32\umpnpmgr.dll
16:39:59.0036 4484 PlugPlay - ok
16:39:59.0098 4484 PNRPAutoReg (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
16:39:59.0130 4484 PNRPAutoReg - ok
16:39:59.0145 4484 PNRPsvc (5de1a3972fd3112c75eb17bdcf454169) C:\Windows\system32\p2psvc.dll
16:39:59.0176 4484 PNRPsvc - ok
16:39:59.0270 4484 PolicyAgent (47b8f37aa18b74d8c2e1bc1a7a2c8f8a) C:\Windows\System32\ipsecsvc.dll
16:39:59.0332 4484 PolicyAgent - ok
16:39:59.0410 4484 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
16:39:59.0457 4484 PptpMiniport - ok
16:39:59.0473 4484 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
16:39:59.0504 4484 Processor - ok
16:39:59.0551 4484 ProfSvc (b627e4fc8585e8843c5905d4d3587a90) C:\Windows\system32\profsvc.dll
16:39:59.0613 4484 ProfSvc - ok
16:39:59.0644 4484 ProtectedStorage (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
16:39:59.0660 4484 ProtectedStorage - ok
16:39:59.0691 4484 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
16:39:59.0754 4484 PSched - ok
16:39:59.0863 4484 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
16:39:59.0941 4484 ql2300 - ok
16:39:59.0972 4484 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
16:39:59.0988 4484 ql40xx - ok
16:40:00.0034 4484 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
16:40:00.0066 4484 QWAVE - ok
16:40:00.0112 4484 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
16:40:00.0128 4484 QWAVEdrv - ok
16:40:00.0144 4484 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
16:40:00.0175 4484 RasAcd - ok
16:40:00.0206 4484 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
16:40:00.0253 4484 RasAuto - ok
16:40:00.0300 4484 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:40:00.0331 4484 Rasl2tp - ok
16:40:00.0362 4484 RasMan (6e7c284fc5c4ec07ad164d93810385a6) C:\Windows\System32\rasmans.dll
16:40:00.0409 4484 RasMan - ok
16:40:00.0424 4484 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
16:40:00.0471 4484 RasPppoe - ok
16:40:00.0487 4484 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
16:40:00.0518 4484 RasSstp - ok
16:40:00.0549 4484 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
16:40:00.0596 4484 rdbss - ok
16:40:00.0612 4484 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:40:00.0643 4484 RDPCDD - ok
16:40:00.0674 4484 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
16:40:00.0721 4484 rdpdr - ok
16:40:00.0721 4484 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
16:40:00.0783 4484 RDPENCDD - ok
16:40:00.0814 4484 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
16:40:00.0846 4484 RDPWD - ok
16:40:00.0892 4484 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
16:40:00.0939 4484 RemoteAccess - ok
16:40:00.0970 4484 RemoteRegistry (cc4e32400f3c7253400cf8f3f3a0b676) C:\Windows\system32\regsvc.dll
16:40:01.0017 4484 RemoteRegistry - ok
16:40:01.0048 4484 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
16:40:01.0080 4484 RpcLocator - ok
16:40:01.0158 4484 RpcSs (301ae00e12408650baddc04dbc832830) C:\Windows\system32\rpcss.dll
16:40:01.0173 4484 RpcSs - ok
16:40:01.0204 4484 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
16:40:01.0236 4484 rspndr - ok
16:40:01.0314 4484 RTL8169 (034088aacdea485f9758964fb8ba571a) C:\Windows\system32\DRIVERS\Rtlh86.sys
16:40:01.0329 4484 RTL8169 - ok
16:40:01.0407 4484 RTL8187B (7fe5089eb5f624899de08c30db4377fc) C:\Windows\system32\DRIVERS\RTL8187B.sys
16:40:01.0470 4484 RTL8187B - ok
16:40:01.0516 4484 SamSs (a911ecac81f94adeafbe8e3f7873edb0) C:\Windows\system32\lsass.exe
16:40:01.0532 4484 SamSs - ok
16:40:01.0563 4484 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
16:40:01.0579 4484 sbp2port - ok
16:40:01.0610 4484 SCardSvr (11387e32642269c7e62e8b52c060b3c6) C:\Windows\System32\SCardSvr.dll
16:40:01.0657 4484 SCardSvr - ok
16:40:01.0719 4484 Schedule (7b587b8a6d4a99f79d2902d0385f29bd) C:\Windows\system32\schedsvc.dll
16:40:01.0766 4484 Schedule - ok
16:40:01.0797 4484 SCPolicySvc (87c2d0377b23e2d8a41093c2f5fb1a5b) C:\Windows\System32\certprop.dll
16:40:01.0828 4484 SCPolicySvc - ok
16:40:01.0844 4484 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
16:40:01.0906 4484 SDRSVC - ok
16:40:01.0938 4484 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
16:40:02.0016 4484 secdrv - ok
16:40:02.0047 4484 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
16:40:02.0109 4484 seclogon - ok
16:40:02.0125 4484 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
16:40:02.0172 4484 SENS - ok
16:40:02.0187 4484 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
16:40:02.0265 4484 Serenum - ok
16:40:02.0281 4484 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
16:40:02.0374 4484 Serial - ok
16:40:02.0406 4484 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
16:40:02.0437 4484 sermouse - ok
16:40:02.0484 4484 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
16:40:02.0530 4484 SessionEnv - ok
16:40:02.0546 4484 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
16:40:02.0562 4484 sffdisk - ok
16:40:02.0593 4484 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
16:40:02.0640 4484 sffp_mmc - ok
16:40:02.0655 4484 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
16:40:02.0702 4484 sffp_sd - ok
16:40:02.0733 4484 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
16:40:02.0796 4484 sfloppy - ok
16:40:02.0874 4484 Sftfs (74744f4d9eb18ddd0eb45e03cfdd648e) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:40:02.0889 4484 Sftfs - ok
16:40:02.0998 4484 sftlist (baf282373e79d08ce9510ac8b5a1f41d) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
16:40:03.0030 4484 sftlist - ok
16:40:03.0061 4484 Sftplay (cbc5be6f81e86cc73656e61767002da9) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:40:03.0076 4484 Sftplay - ok
16:40:03.0076 4484 Sftredir (961e50666e6d6949328b1ffbc33adf43) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:40:03.0092 4484 Sftredir - ok
16:40:03.0108 4484 Sftvol (c8c02c8fe267751ec62b7e7d8d214c63) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:40:03.0108 4484 Sftvol - ok
16:40:03.0139 4484 sftvsa (ee28aeb3889a9cca894626ecd1fb1c8b) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
16:40:03.0154 4484 sftvsa - ok
16:40:03.0201 4484 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
16:40:03.0248 4484 SharedAccess - ok
16:40:03.0310 4484 ShellHWDetection (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\System32\shsvcs.dll
16:40:03.0342 4484 ShellHWDetection - ok
16:40:03.0388 4484 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
16:40:03.0435 4484 sisagp - ok
16:40:03.0466 4484 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
16:40:03.0466 4484 SiSRaid2 - ok
16:40:03.0498 4484 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
16:40:03.0513 4484 SiSRaid4 - ok
16:40:03.0591 4484 SkinnerUpdateService (0e8ba4d053966d8a51b44a565b9d32c9) C:\Program Files\Skinovacek\SkinnerService.exe
16:40:03.0607 4484 SkinnerUpdateService ( UnsignedFile.Multi.Generic ) - warning
16:40:03.0607 4484 SkinnerUpdateService - detected UnsignedFile.Multi.Generic (1)
16:40:03.0825 4484 slsvc (0ba91e1358ad25236863039bb2609a2e) C:\Windows\system32\SLsvc.exe
16:40:04.0012 4484 slsvc - ok
16:40:04.0153 4484 SLUINotify (7c6dc44ca0bfa6291629ab764200d1d4) C:\Windows\system32\SLUINotify.dll
16:40:04.0231 4484 SLUINotify - ok
16:40:04.0278 4484 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
16:40:04.0340 4484 Smb - ok
16:40:04.0371 4484 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
16:40:04.0387 4484 SNMPTRAP - ok
16:40:04.0387 4484 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
16:40:04.0402 4484 spldr - ok
16:40:04.0449 4484 Spooler (3665f79026a3f91fbca63f2c65a09b19) C:\Windows\System32\spoolsv.exe
16:40:04.0496 4484 Spooler - ok
16:40:04.0543 4484 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
16:40:04.0590 4484 srv - ok
16:40:04.0621 4484 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
16:40:04.0668 4484 srv2 - ok
16:40:04.0699 4484 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
16:40:04.0730 4484 srvnet - ok
16:40:04.0777 4484 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
16:40:04.0824 4484 SSDPSRV - ok
16:40:04.0855 4484 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
16:40:04.0902 4484 SstpSvc - ok
16:40:04.0964 4484 stisvc (7dd08a597bc56051f320da0baf69e389) C:\Windows\System32\wiaservc.dll
16:40:05.0042 4484 stisvc - ok
16:40:05.0089 4484 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
16:40:05.0104 4484 swenum - ok
16:40:05.0198 4484 swprv (b36c7cdb86f7f7a8e884479219766950) C:\Windows\System32\swprv.dll
16:40:05.0229 4484 swprv - ok
16:40:05.0260 4484 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
16:40:05.0276 4484 Symc8xx - ok
16:40:05.0292 4484 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
16:40:05.0307 4484 Sym_hi - ok
16:40:05.0307 4484 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
16:40:05.0323 4484 Sym_u3 - ok
16:40:05.0370 4484 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys
16:40:05.0385 4484 SynTP - ok
16:40:05.0448 4484 SysMain (8710a92d0024b03b5fb9540df1f71f1d) C:\Windows\system32\sysmain.dll
16:40:05.0494 4484 SysMain - ok
16:40:05.0510 4484 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
16:40:05.0557 4484 TabletInputService - ok
16:40:05.0588 4484 TapiSrv (680916bb09ee0f3a6aca7c274b0d633f) C:\Windows\System32\tapisrv.dll
16:40:05.0650 4484 TapiSrv - ok
16:40:05.0666 4484 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
16:40:05.0713 4484 TBS - ok
16:40:05.0853 4484 Tcpip (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\drivers\tcpip.sys
16:40:05.0962 4484 Tcpip - ok
16:40:05.0994 4484 Tcpip6 (782568ab6a43160a159b6215b70bcce9) C:\Windows\system32\DRIVERS\tcpip.sys
16:40:06.0025 4484 Tcpip6 - ok
16:40:06.0056 4484 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
16:40:06.0118 4484 tcpipreg - ok
16:40:06.0134 4484 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
16:40:06.0165 4484 TDPIPE - ok
16:40:06.0181 4484 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
16:40:06.0212 4484 TDTCP - ok
16:40:06.0243 4484 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
16:40:06.0306 4484 tdx - ok
16:40:06.0321 4484 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
16:40:06.0337 4484 TermDD - ok
16:40:06.0399 4484 TermService (d605031e225aaccbceb5b76a4f1603a6) C:\Windows\System32\termsrv.dll
16:40:06.0446 4484 TermService - ok
16:40:06.0493 4484 Themes (1e3fdb80e40a3ce645f229dfbdfb7694) C:\Windows\system32\shsvcs.dll
16:40:06.0508 4484 Themes - ok
16:40:06.0540 4484 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
16:40:06.0571 4484 THREADORDER - ok
16:40:06.0711 4484 TNaviSrv (e47f35a87ff0da38def37a0eb0c2d2df) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
16:40:06.0711 4484 TNaviSrv - ok
16:40:06.0789 4484 TosCoSrv (da6903958cbdc091ffcbbca70ccff34c) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
16:40:06.0805 4484 TosCoSrv - ok
16:40:06.0836 4484 TOSHIBA SMART Log Service (22690dffc7f2a18279a7a0489aa02bac) C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
16:40:06.0852 4484 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - warning
16:40:06.0852 4484 TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic (1)
16:40:06.0930 4484 tos_sps32 (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
16:40:06.0976 4484 tos_sps32 - ok
16:40:07.0008 4484 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
16:40:07.0039 4484 TrkWks - ok
16:40:07.0086 4484 TrustedInstaller (16613a1bad034d4ecf957af18b7c2ff5) C:\Windows\servicing\TrustedInstaller.exe
16:40:07.0132 4484 TrustedInstaller - ok
16:40:07.0164 4484 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:40:07.0226 4484 tssecsrv - ok
16:40:07.0242 4484 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
16:40:07.0273 4484 tunmp - ok
16:40:07.0304 4484 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
16:40:07.0320 4484 tunnel - ok
16:40:07.0351 4484 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
16:40:07.0366 4484 TVALZ - ok
16:40:07.0398 4484 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
16:40:07.0413 4484 uagp35 - ok
16:40:07.0460 4484 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
16:40:07.0491 4484 udfs - ok
16:40:07.0569 4484 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
16:40:07.0710 4484 UI0Detect - ok
16:40:07.0772 4484 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
16:40:07.0850 4484 uliagpkx - ok
16:40:07.0944 4484 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
16:40:07.0959 4484 uliahci - ok
16:40:07.0990 4484 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
16:40:07.0990 4484 UlSata - ok
16:40:08.0006 4484 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
16:40:08.0022 4484 ulsata2 - ok
16:40:08.0053 4484 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
16:40:08.0100 4484 umbus - ok
16:40:08.0224 4484 Updater Service for StartNow Toolbar (70eb41a4417ba0aa36ae12bf2b4d98f6) C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
16:40:08.0240 4484 Updater Service for StartNow Toolbar - ok
16:40:08.0287 4484 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
16:40:08.0334 4484 upnphost - ok
16:40:08.0380 4484 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
16:40:08.0396 4484 USBAAPL - ok
16:40:08.0458 4484 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
16:40:08.0474 4484 usbccgp - ok
16:40:08.0521 4484 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
16:40:08.0583 4484 usbcir - ok
16:40:08.0599 4484 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
16:40:08.0646 4484 usbehci - ok
16:40:08.0677 4484 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
16:40:08.0739 4484 usbhub - ok
16:40:08.0770 4484 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
16:40:08.0817 4484 usbohci - ok
16:40:08.0864 4484 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
16:40:08.0895 4484 usbprint - ok
16:40:08.0942 4484 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
16:40:08.0989 4484 usbscan - ok
16:40:09.0004 4484 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:40:09.0051 4484 USBSTOR - ok
16:40:09.0082 4484 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
16:40:09.0114 4484 usbuhci - ok
16:40:09.0176 4484 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys
16:40:09.0223 4484 usbvideo - ok
16:40:09.0254 4484 UxSms (032a0acc3909ae7215d524e29d536797) C:\Windows\System32\uxsms.dll
16:40:09.0332 4484 UxSms - ok
16:40:09.0379 4484 vds (b13bc395b9d6116628f5af47e0802ac4) C:\Windows\System32\vds.exe
16:40:09.0426 4484 vds - ok
16:40:09.0472 4484 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
16:40:09.0519 4484 vga - ok
16:40:09.0550 4484 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
16:40:09.0582 4484 VgaSave - ok
16:40:09.0597 4484 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
16:40:09.0613 4484 viaagp - ok
16:40:09.0628 4484 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
16:40:09.0660 4484 ViaC7 - ok
16:40:09.0691 4484 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
16:40:09.0706 4484 viaide - ok
16:40:09.0722 4484 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
16:40:09.0738 4484 volmgr - ok
16:40:09.0769 4484 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
16:40:09.0800 4484 volmgrx - ok
16:40:09.0831 4484 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
16:40:09.0847 4484 volsnap - ok
16:40:09.0878 4484 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
16:40:09.0894 4484 vsmraid - ok
16:40:09.0987 4484 VSS (d5fb73d19c46ade183f968e13f186b23) C:\Windows\system32\vssvc.exe
16:40:10.0128 4484 VSS - ok
16:40:10.0190 4484 W32Time (1cf9206966a8458cda9a8b20df8ab7d3) C:\Windows\system32\w32time.dll
16:40:10.0237 4484 W32Time - ok
16:40:10.0315 4484 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
16:40:10.0377 4484 WacomPen - ok
16:40:10.0393 4484 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:40:10.0440 4484 Wanarp - ok
16:40:10.0440 4484 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
16:40:10.0455 4484 Wanarpv6 - ok
16:40:10.0533 4484 wcncsvc (f3a5c2e1a6533192b070d06ecf6be796) C:\Windows\System32\wcncsvc.dll
16:40:10.0596 4484 wcncsvc - ok
16:40:10.0627 4484 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
16:40:10.0674 4484 WcsPlugInService - ok
16:40:10.0720 4484 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
16:40:10.0720 4484 Wd - ok
16:40:10.0798 4484 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
16:40:10.0876 4484 WDC_SAM - ok
16:40:11.0110 4484 WDDMService (0220362deb2a21551b418d61f3153347) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
16:40:11.0126 4484 WDDMService ( UnsignedFile.Multi.Generic ) - warning
16:40:11.0126 4484 WDDMService - detected UnsignedFile.Multi.Generic (1)
16:40:11.0454 4484 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
16:40:11.0563 4484 Wdf01000 - ok
16:40:11.0610 4484 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:40:11.0672 4484 WdiServiceHost - ok
16:40:11.0688 4484 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
16:40:11.0719 4484 WdiSystemHost - ok
16:40:11.0734 4484 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
16:40:11.0766 4484 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - warning
16:40:11.0766 4484 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic (1)
16:40:11.0797 4484 WebClient (cf9a5f41789b642db967021de06a2713) C:\Windows\System32\webclnt.dll
16:40:11.0828 4484 WebClient - ok
16:40:11.0875 4484 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
16:40:11.0906 4484 Wecsvc - ok
16:40:11.0953 4484 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
16:40:12.0000 4484 wercplsupport - ok
16:40:12.0031 4484 WerSvc (fd1965aaa112c6818a30ab02742d0461) C:\Windows\System32\WerSvc.dll
16:40:12.0046 4484 WerSvc - ok
16:40:12.0124 4484 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
16:40:12.0140 4484 WinDefend - ok
16:40:12.0156 4484 WinHttpAutoProxySvc - ok
16:40:12.0234 4484 Winmgmt (00b79a7c984678f24cf052e5beb3a2f5) C:\Windows\system32\wbem\WMIsvc.dll
16:40:12.0280 4484 Winmgmt - ok
16:40:12.0390 4484 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
16:40:12.0530 4484 WinRM - ok
16:40:12.0624 4484 Wlansvc (275f4346e569df56cfb95243bd6f6ff0) C:\Windows\System32\wlansvc.dll
16:40:12.0670 4484 Wlansvc - ok
16:40:12.0748 4484 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys
16:40:12.0780 4484 WmiAcpi - ok
16:40:12.0873 4484 wmiApSrv (aba4cf9f856d9a3a25f4ddd7690a6e9d) C:\Windows\system32\wbem\WmiApSrv.exe
16:40:12.0951 4484 wmiApSrv - ok
16:40:13.0092 4484 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
16:40:13.0170 4484 WMPNetworkSvc - ok
16:40:13.0248 4484 WPCSvc (5d94cd167751294962ba238d82dd1bb8) C:\Windows\System32\wpcsvc.dll
16:40:13.0326 4484 WPCSvc - ok
16:40:13.0357 4484 WPDBusEnum (396d406292b0cd26e3504ffe82784702) C:\Windows\system32\wpdbusenum.dll
16:40:13.0388 4484 WPDBusEnum - ok
16:40:13.0466 4484 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
16:40:13.0513 4484 WpdUsb - ok
16:40:13.0716 4484 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:40:13.0762 4484 WPFFontCache_v0400 - ok
16:40:13.0809 4484 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
16:40:13.0856 4484 ws2ifsl - ok
16:40:13.0887 4484 wscsvc (683dd16b590372f2c9661d277f35e49c) C:\Windows\System32\wscsvc.dll
16:40:13.0934 4484 wscsvc - ok
16:40:13.0996 4484 WSDPrintDevice (4422ac5ed8d4c2f0db63e71d4c069dd7) C:\Windows\system32\DRIVERS\WSDPrint.sys
16:40:14.0012 4484 WSDPrintDevice - ok
16:40:14.0012 4484 WSearch - ok
16:40:14.0184 4484 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
16:40:14.0293 4484 wuauserv - ok
16:40:14.0511 4484 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:40:14.0542 4484 WUDFRd - ok
16:40:14.0589 4484 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
16:40:14.0636 4484 wudfsvc - ok
16:40:14.0683 4484 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
16:40:15.0322 4484 \Device\Harddisk0\DR0 - ok
16:40:15.0322 4484 Boot (0x1200) (140e2abddac4d4d0fc333741d1855301) \Device\Harddisk0\DR0\Partition0
16:40:15.0322 4484 \Device\Harddisk0\DR0\Partition0 - ok
16:40:15.0354 4484 Boot (0x1200) (90458ff637169560dcceda650603d6a4) \Device\Harddisk0\DR0\Partition1
16:40:15.0354 4484 \Device\Harddisk0\DR0\Partition1 - ok
16:40:15.0354 4484 ============================================================
16:40:15.0354 4484 Scan finished
16:40:15.0354 4484 ============================================================
16:40:15.0369 1364 Detected object count: 4
16:40:15.0369 1364 Actual detected object count: 4
16:40:44.0338 1364 SkinnerUpdateService ( UnsignedFile.Multi.Generic ) - skipped by user
16:40:44.0338 1364 SkinnerUpdateService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:40:44.0354 1364 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:40:44.0354 1364 TOSHIBA SMART Log Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:40:44.0354 1364 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user
16:40:44.0354 1364 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:40:44.0354 1364 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - skipped by user
16:40:44.0354 1364 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:41:22.0567 5444 Deinitialize success

[dandar]

Zde log z ComboFixu

ComboFix 12-05-25.02 - Uživatel 25.05.2012 16:50:19.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.420.1029.18.1917.830 [GMT 2:00]
Spuštěný z: c:\users\U×ivatel\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\StartNow Toolbar
c:\program files\StartNow Toolbar\ReactivateIE.exe
c:\program files\StartNow Toolbar\Resources\images\engine_images.png
c:\program files\StartNow Toolbar\Resources\images\engine_maps.png
c:\program files\StartNow Toolbar\Resources\images\engine_news.png
c:\program files\StartNow Toolbar\Resources\images\engine_videos.png
c:\program files\StartNow Toolbar\Resources\images\engine_web.png
c:\program files\StartNow Toolbar\Resources\images\icon_amazon.png
c:\program files\StartNow Toolbar\Resources\images\icon_ebay.png
c:\program files\StartNow Toolbar\Resources\images\icon_facebook.png
c:\program files\StartNow Toolbar\Resources\images\icon_games.png
c:\program files\StartNow Toolbar\Resources\images\icon_msn.png
c:\program files\StartNow Toolbar\Resources\images\icon_shopping.png
c:\program files\StartNow Toolbar\Resources\images\icon_travel.png
c:\program files\StartNow Toolbar\Resources\images\icon_twitter.png
c:\program files\StartNow Toolbar\Resources\images\startnow_logo.png
c:\program files\StartNow Toolbar\Resources\installer.xml
c:\program files\StartNow Toolbar\Resources\skin\chevron_button.png
c:\program files\StartNow Toolbar\Resources\skin\searchbox_button_hover.png
c:\program files\StartNow Toolbar\Resources\skin\searchbox_button_normal.png
c:\program files\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png
c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_background.png
c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_left.png
c:\program files\StartNow Toolbar\Resources\skin\searchbox_input_middle.png
c:\program files\StartNow Toolbar\Resources\skin\separator.png
c:\program files\StartNow Toolbar\Resources\skin\splitter.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png
c:\program files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png
c:\program files\StartNow Toolbar\Resources\toolbar.xml
c:\program files\StartNow Toolbar\Resources\update.xml
c:\program files\StartNow Toolbar\StartNowToolbarUninstall.exe
c:\program files\StartNow Toolbar\Toolbar32.dll
c:\program files\StartNow Toolbar\ToolbarBroker.exe
c:\program files\StartNow Toolbar\ToolbarUpdaterService.exe
c:\program files\StartNow Toolbar\uninstall.dat
D:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Updater Service for StartNow Toolbar
-------\Service_Updater Service for StartNow Toolbar
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-04-25 do 2012-05-25 )))))))))))))))))))))))))))))))
.
.
2012-05-25 14:45 . 2012-05-08 16:40 6737808 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{18B14C61-8384-4B29-9104-6A18019A80E0}\mpengine.dll
2012-05-24 18:42 . 2012-05-24 18:43 -------- d-----w- C:\rsit
2012-05-24 18:42 . 2012-05-24 18:43 -------- d-----w- c:\program files\trend micro
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d6451db9-67e1-4ca3-bfba-4d77fface17f}]
2011-05-08 18:56 466944 ----a-w- c:\program files\Skinovacek\adxloader.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2008-01-29 430080]
"Facebook Update"="c:\users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2011-10-25 137536]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-15 448080]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-08-14 1348904]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
"4StoryPrePatch"="c:\program files\Gameforge4D\4Story\PrePatch.exe" [2011-12-17 327680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2057536]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-11 17:44]
.
2012-05-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-11 17:44]
.
2012-05-25 c:\windows\Tasks\User_Feed_Synchronization-{19650448-04D2-465A-A703-14918B334D97}.job
- c:\windows\system32\msfeedssync.exe [2011-06-16 04:32]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{ABAED2E3-FB23-49C7-824E-E4C54186EC61}: NameServer = 77.48.100.254,212.80.66.7
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://kamera.kr-ustecky.cz/activex/AMC.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Microsoft Windows System - c:\users\Uživatel\P-7-78-8964-9648-3874\winusm.exe
AddRemove-StartNow Toolbar - c:\program files\StartNow Toolbar\StartNowToolbarUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-25 17:05
Windows 6.0.6001 Service Pack 1 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Microsoft Windows System = c:\users\U?ivatel\P-7-78-8964-9648-3874\winusm.exe?????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(2236)
c:\program files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Microsoft Application Virtualization Client\sftvsa.exe
c:\program files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
c:\program files\TOSHIBA\Power Saver\TosCoSrv.exe
c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
c:\program files\Microsoft Application Virtualization Client\sftlist.exe
c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\windows\system32\conime.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Celkový čas: 2012-05-25 17:11:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-05-25 15:11
.
Před spuštěním: Volných bajtů: 17 086 517 248
Po spuštění: Volných bajtů: 16 930 177 024
.
- - End Of File - - 7EACCDEB9C39C77679FA9F54CE498A84

[dandar]

RSIT nejde spustit

[dandar]

Jsem chtěl nainstalovat Firefox a ten taky nejde

[dandar]

Zdařilo se

Logfile of random's system information tool 1.09 (written by random/random)
Run by Uživatel at 2012-05-25 17:41:13
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 18 GB (24%) free of 76 GB
Total RAM: 1917 MB (84% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:42:03, on 25.5.2012
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.19088)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Users\Uživatel\Desktop\Strejda\RSIT.exe
C:\Program Files\trend micro\Uživatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Skinner - {d6451db9-67e1-4ca3-bfba-4d77fface17f} - C:\Program Files\Skinovacek\adxloader.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files\Gameforge4D\4Story\PrePatch.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
O4 - Global Startup: WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://kamera.kr-ustecky.cz/activex/AMC.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{ABAED2E3-FB23-49C7-824E-E4C54186EC61}: NameServer = 77.48.100.254,212.80.66.7
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: SkinnerUpdater (SkinnerUpdateService) - Unknown owner - C:\Program Files\Skinovacek\SkinnerService.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: WD SmartWare Drive Manager (WDDMService) - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
O23 - Service: WD SmartWare Background Service (WDSmartWareBackgroundService) - Memeo - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

--
End of file - 6902 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{19650448-04D2-465A-A703-14918B334D97}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-21 192112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll [2012-01-13 1003576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d6451db9-67e1-4ca3-bfba-4d77fface17f}]
Skinner - C:\Program Files\Skinovacek\adxloader.dll [2011-05-08 466944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2012-03-21 192112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-06-15 448080]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-06-07 421160]
"4StoryPrePatch"=C:\Program Files\Gameforge4D\4Story\PrePatch.exe [2011-12-17 327680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2008-01-29 430080]
"Facebook Update"=C:\Users\Uživatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-25 137536]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-05-25 17:39:54 ----D---- C:\Windows\temp
2012-05-25 17:11:38 ----A---- C:\ComboFix.txt
2012-05-25 17:02:27 ----D---- C:\$RECYCLE.BIN
2012-05-25 16:47:18 ----A---- C:\Windows\zip.exe
2012-05-25 16:47:18 ----A---- C:\Windows\SWSC.exe
2012-05-25 16:47:18 ----A---- C:\Windows\SWREG.exe
2012-05-25 16:47:18 ----A---- C:\Windows\sed.exe
2012-05-25 16:47:18 ----A---- C:\Windows\PEV.exe
2012-05-25 16:47:18 ----A---- C:\Windows\NIRCMD.exe
2012-05-25 16:47:18 ----A---- C:\Windows\MBR.exe
2012-05-25 16:47:18 ----A---- C:\Windows\grep.exe
2012-05-25 16:47:10 ----D---- C:\Windows\ERDNT
2012-05-25 16:47:09 ----D---- C:\ComboFix
2012-05-25 16:46:58 ----AD---- C:\Qoobox
2012-05-25 16:38:45 ----A---- C:\TDSSKiller.2.7.37.0_25.05.2012_16.38.44_log.txt
2012-05-24 20:42:26 ----D---- C:\rsit
2012-05-24 20:42:26 ----D---- C:\Program Files\trend micro
2012-05-24 20:33:49 ----A---- C:\Windows\ntbtlog.txt
2012-05-23 22:50:55 ----AH---- C:\Users\Uživatel\AppData\Roaming\msnsvconfig.txt

======List of files/folders modified in the last 1 month======

2012-05-25 17:39:54 ----D---- C:\Windows
2012-05-25 17:11:43 ----D---- C:\Windows\system32\drivers
2012-05-25 17:10:18 ----D---- C:\Windows\Tasks
2012-05-25 17:02:33 ----A---- C:\Windows\system.ini
2012-05-25 17:02:23 ----D---- C:\Windows\system32\drivers\etc
2012-05-25 16:59:59 ----D---- C:\Windows\system32\config
2012-05-25 16:58:32 ----RD---- C:\Program Files
2012-05-25 16:55:03 ----D---- C:\Windows\System32
2012-05-25 16:55:03 ----D---- C:\Windows\AppPatch
2012-05-25 16:55:02 ----D---- C:\Program Files\Common Files
2012-05-25 16:44:17 ----SHD---- C:\System Volume Information
2012-05-24 20:32:44 ----D---- C:\Users\Uživatel\AppData\Roaming\SoftGrid Client
2012-05-24 15:06:26 ----D---- C:\Windows\Prefetch
2012-05-18 13:34:53 ----D---- C:\Program Files\Gameforge4D
2012-05-16 03:02:56 ----SHD---- C:\Windows\Installer
2012-05-16 03:02:50 ----D---- C:\ProgramData\Microsoft Help
2012-05-15 18:29:24 ----A---- C:\Windows\system32\mrt.exe
2012-05-08 15:34:56 ----D---- C:\Windows\inf
2012-05-08 15:34:56 ----A---- C:\Windows\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-01 7680]
R0 tos_sps32;TOSHIBA tos_sps32 Service; C:\Windows\system32\DRIVERS\tos_sps32.sys [2008-01-21 285184]
R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-04-01 2929664]
S3 Axtmvflt;Axesstel USB Filter Service; C:\Windows\system32\DRIVERS\Axtmvflt.sys [2007-03-22 3456]
S3 Axtmvmdm;Axesstel USB Modem; C:\Windows\system32\DRIVERS\Axtmvmdm.sys [2007-03-26 40064]
S3 Axtmvprt;Axesstel Diagnostic Port; C:\Windows\System32\Drivers\Axtmvprt.sys [2007-03-26 38784]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 EagleXNt;EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys []
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2011-05-10 18432]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2010-03-22 262176]
S3 RTL8187B;Síťový adaptér Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0; C:\Windows\system32\DRIVERS\RTL8187B.sys [2009-06-10 347648]
S3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-03 550760]
S3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-03 195944]
S3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-03 21864]
S3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-03 19304]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-05-10 42496]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2008-01-21 16896]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
S2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-04-01 610304]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-04-06 349472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 cvhsvc;Client Virtualization Handler; C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-11 136176]
S2 sftlist;Application Virtualization Client; C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe [2009-12-03 483688]
S2 SkinnerUpdateService;SkinnerUpdater; C:\Program Files\Skinovacek\SkinnerService.exe [2011-05-08 7168]
S2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
S2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2008-01-17 431456]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
S2 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-21 110592]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-11 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-09-11 182768]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 820520]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 sftvsa;Application Virtualization Service Agent; C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-03 209768]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

[dandar]

Ani ve File ani v Process jsem winusm.exe nenašel, je to tak správně? Firefox nainstalovat již jde

[dandar]

Píše, že nemůže najít položku ComboFix

[dandar]

Super, je pryč. Díky MOC za poMOC
Já jen prostě za těch pár let, co sleduji Vaše fórum nechápu, jak v té spleti různých
písmen a čísel dokážete poznat, co se má odstranit a co ne
Klobouk dolů