Dlhe prihlasovanie

[usr1000]

Zdravim!
Asi tyzden mam problem s velmi pomalym prihlasovanim sa uzivatela. Napis "Welcome" mi svieti tak 20-25sekund, po tom je asi 20 sekund prazdna obrazovka len s ciernym pozadim, a az potom sa zacnu nacitavat ikony a taskbar.
Mohli by ste mi, prosim, pozriet ci mi tam nahodou nieco nerobi neplechu?

Tu je log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Etiainen at 2010-09-01 14:44:56
Microsoft Windows 7 Ultimate
System drive C: has 22 GB (34%) free of 66 GB
Total RAM: 4060 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:45:13, on 1. 9. 2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\VMware\VMware Player\hqtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\trend micro\Etiainen.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://ais2.upjs.sk/ais/start.do
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Skype Recorder] "C:\Program Files (x86)\Skype Recorder\Skype Recorder.exe"
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
O4 - HKLM\..\Run: [ShaPlus Bandwidth Meter] "C:\Program Files (x86)\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\WebcamMax.exe" -a
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [AccelerometerSysTrayApplet] "C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe"
O4 - HKCU\..\Run: [BatteryCare] "C:\Program Files (x86)\BatteryCare\BatteryCare.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\Etiainen\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Etiainen\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware player\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\vmware\vmware player\vsocklib.dll
O16 - DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} (FBootloaderAX) - http://static.ak.facebook.com/fbplugin/ ... loader.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.co ... .3.1.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ActivIdentity Shared Store Service (ac.sharedstore) - ActivIdentity - C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: COMODO livePCsupport Service (CLPSLS) - COMODO - C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Manager for Adobe Products (FLEXnet Licensing Manager) - Unknown owner - C:\Windows\system\regsrv.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NMSAccess64 - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\Windows\system32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\Windows\system32\vmnat.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: webcamXP Service (wxpSvc) - Unknown owner - C:\Program Files (x86)\wLite\wService.exe

--
End of file - 12609 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE 0x2d8
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe"
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\AEADISRV.EXE
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
atieclxx
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files\CDBurnerXP\NMSAccessU.exe"
"C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe"
C:\Windows\SysWOW64\vmnat.exe
"C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe"
C:\Windows\SysWOW64\vmnetdhcp.exe
"C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"taskhost.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Process Lasso\ProcessLasso.exe"
"C:\Program Files\Process Lasso\ProcessGovernor.exe"
"C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
"C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe"
"C:\Program Files (x86)\BatteryCare\BatteryCare.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe"
"C:\Program Files (x86)\VMware\VMware Player\hqtray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Users\Etiainen\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-06 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ProcessLassoManagementConsole"=C:\Program Files\Process Lasso\processlasso.exe [2010-05-19 591888]
"ProcessGovernor"=C:\Program Files\Process Lasso\processgovernor.exe [2010-05-19 331792]
"acevents"=C:\Program Files\ActivIdentity\ActivClient\acevents.exe [2009-06-03 196648]
""= []
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [2009-06-03 483880]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 2096424]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-07-02 2903688]
"TNOD UP"=C:\Program Files (x86)\TNod User & Password Finder\TNODUP.exe [2010-04-02 1811968]
"SoundMAX"=C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [2009-05-18 3866624]
"BootNaMir"=C:\Program Files\Wondershare\Time Freeze\BootSP.exe [2010-06-23 461216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"WebcamMaxAutoRun"=C:\Program Files (x86)\WebcamMax\WebcamMax.exe [2010-05-18 1561232]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2010-06-11 427328]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
"AccelerometerSysTrayApplet"=C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [2010-01-29 74552]
"BatteryCare"=C:\Program Files (x86)\BatteryCare\BatteryCare.exe [2010-06-15 643584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BandwidthMeterPro]
C:\Program Files (x86)\BandwidthMeterPro\BWMeterPro.exe [2008-08-16 236032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\openvpn-gui]
C:\Program Files (x86)\OpenVPN\bin\openvpn-gui.exe [2005-08-18 99328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
D:\Games\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Skype Recorder"=C:\Program Files (x86)\Skype Recorder\Skype Recorder.exe []
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2010-03-06 563736]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 287800]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-08-04 98304]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"VMware hqtray"=C:\Program Files (x86)\VMware\VMware Player\hqtray.exe [2010-05-21 64048]
"ShaPlus Bandwidth Meter"=C:\Program Files (x86)\ShaPlus Bandwidth Meter\ShaPlus Bandwidth Meter.exe /s []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CLPSLS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoResolveTrack"=1
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-09-01 14:44:56 ----D---- C:\rsit
2010-09-01 14:44:56 ----D---- C:\Program Files\trend micro
2010-08-31 21:27:46 ----N---- C:\Windows\SYSWOW64\iyvu9_32.dll
2010-08-31 21:27:46 ----N---- C:\Windows\SYSWOW64\iacenc.dll
2010-08-31 21:27:45 ----D---- C:\Program Files (x86)\Ligos
2010-08-31 21:24:03 ----A---- C:\Windows\SYSWOW64\tsccvid.dll
2010-08-31 21:23:53 ----A---- C:\Windows\IsUninst.exe
2010-08-30 14:39:30 ----SHD---- C:\Config.Msi
2010-08-29 13:59:28 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-08-25 18:37:30 ----A---- C:\Windows\system32\NaBootMir.exe
2010-08-25 18:37:24 ----A---- C:\Windows\system32\drivers\MirDisk.sys
2010-08-25 18:37:24 ----A---- C:\Windows\system32\drivers\HKDirFlt.sys
2010-08-25 18:37:23 ----D---- C:\Program Files\Wondershare
2010-08-25 15:31:20 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-08-25 15:31:20 ----A---- C:\Windows\system32\oleaut32.dll
2010-08-24 10:18:18 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-08-24 10:18:18 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-08-24 10:18:18 ----A---- C:\Windows\SYSWOW64\java.exe
2010-08-17 08:35:21 ----D---- C:\Users\Etiainen\AppData\Roaming\BWMeterPro
2010-08-17 08:34:50 ----D---- C:\Program Files (x86)\BandwidthMeterPro
2010-08-16 00:16:47 ----D---- C:\Program Files (x86)\RivaTuner
2010-08-11 15:30:05 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-11 15:30:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-08-11 15:30:04 ----A---- C:\Windows\system32\schannel.dll
2010-08-11 15:30:03 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-11 15:30:03 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-11 15:30:03 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-11 15:29:51 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 15:29:50 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 15:29:49 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 15:29:47 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-08-11 15:29:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-08-11 15:29:43 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 15:29:43 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 15:29:42 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-08-11 15:29:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-08-11 15:29:42 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-08-11 15:29:42 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-08-11 15:29:42 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 15:29:42 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-11 15:29:41 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-08-11 15:29:41 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-08-11 15:29:41 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-08-11 15:29:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-08-11 15:29:41 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-08-11 15:29:41 ----A---- C:\Windows\system32\mstime.dll
2010-08-11 15:29:41 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-11 15:29:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-11 15:29:41 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-11 15:29:41 ----A---- C:\Windows\system32\ieui.dll
2010-08-11 15:29:34 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-08-11 15:29:34 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 15:29:33 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-08-11 15:29:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 15:29:29 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-08-11 15:29:29 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-08-11 15:28:34 ----D---- C:\Program Files (x86)\Your monster voice 1
2010-08-11 15:28:04 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 15:28:03 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-08-08 14:37:00 ----D---- C:\ProgramData\OrbNetworks
2010-08-08 14:36:57 ----D---- C:\Program Files (x86)\Winamp Remote
2010-08-06 23:12:45 ----D---- C:\Users\Etiainen\AppData\Roaming\BatteryCare
2010-08-06 23:12:45 ----D---- C:\Program Files (x86)\BatteryCare
2010-08-06 21:35:43 ----D---- C:\Program Files (x86)\Nufsoft
2010-08-05 21:13:06 ----D---- C:\Program Files (x86)\PDF to Word 3
2010-08-05 21:13:06 ----A---- C:\Windows\cadkasdeinst01e.exe
2010-08-03 08:06:27 ----A---- C:\Windows\system32\shell32.dll
2010-08-03 08:06:23 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-08-02 15:05:34 ----D---- C:\Users\Etiainen\AppData\Roaming\VMware

======List of files/folders modified in the last 1 months======

2010-09-01 14:45:13 ----D---- C:\Windows\Prefetch
2010-09-01 14:45:09 ----D---- C:\Windows\Temp
2010-09-01 14:44:56 ----RD---- C:\Program Files
2010-09-01 14:42:56 ----D---- C:\Windows\System32
2010-09-01 14:42:56 ----D---- C:\Windows\inf
2010-09-01 14:42:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-01 14:40:01 ----D---- C:\Windows\system32\config
2010-09-01 14:37:41 ----D---- C:\ProgramData\VMware
2010-09-01 11:18:04 ----D---- C:\Users\Etiainen\AppData\Roaming\Skype
2010-09-01 10:51:16 ----D---- C:\Program Files (x86)\FL DataStorm
2010-09-01 10:45:41 ----A---- C:\Windows\wdict32.INI
2010-09-01 10:45:32 ----D---- C:\Windows
2010-09-01 10:30:48 ----D---- C:\Users\Etiainen\AppData\Roaming\skypePM
2010-09-01 00:40:27 ----D---- C:\Users\Etiainen\AppData\Roaming\uTorrent
2010-09-01 00:01:34 ----D---- C:\ProgramData\PDFC
2010-08-31 21:27:46 ----D---- C:\Windows\SysWOW64
2010-08-31 21:27:46 ----D---- C:\Windows\Help
2010-08-31 21:27:45 ----RD---- C:\Program Files (x86)
2010-08-31 21:27:45 ----D---- C:\Program Files (x86)\Internet Explorer
2010-08-31 21:24:11 ----D---- C:\Windows\system32\Tasks
2010-08-31 15:55:10 ----SHD---- C:\System Volume Information
2010-08-30 15:34:54 ----A---- C:\Windows\WINCMD.INI
2010-08-30 14:39:52 ----SHD---- C:\Windows\Installer
2010-08-30 14:39:49 ----D---- C:\Program Files (x86)\Nokia
2010-08-30 14:39:49 ----D---- C:\Program Files (x86)\Common Files
2010-08-30 14:39:45 ----D---- C:\Windows\system32\NDF
2010-08-29 02:12:54 ----A---- C:\Windows\SYSWOW64\slwga.dll
2010-08-29 02:12:54 ----A---- C:\Windows\system32\systemcpl.dll
2010-08-29 02:12:54 ----A---- C:\Windows\system32\slwga.dll
2010-08-29 02:12:53 ----A---- C:\Windows\SYSWOW64\user32.dll
2010-08-29 02:12:53 ----A---- C:\Windows\system32\user32.dll
2010-08-29 02:11:04 ----RSD---- C:\Windows\Fonts
2010-08-26 17:24:47 ----D---- C:\Windows\system32\catroot2
2010-08-26 08:22:13 ----D---- C:\Windows\winsxs
2010-08-25 18:37:28 ----D---- C:\Windows\system32\drivers
2010-08-25 15:32:11 ----D---- C:\Windows\AppPatch
2010-08-25 15:31:10 ----D---- C:\Windows\system32\catroot
2010-08-24 10:18:13 ----D---- C:\Program Files (x86)\Java
2010-08-23 08:29:41 ----RD---- C:\Program Files (x86)\Skype
2010-08-21 22:19:29 ----D---- C:\Program Files (x86)\Google
2010-08-20 15:37:36 ----D---- C:\Windows\Downloaded Program Files
2010-08-20 15:37:36 ----D---- C:\Program Files (x86)\SystemRequirementsLab
2010-08-15 23:10:50 ----D---- C:\Program Files (x86)\Opera
2010-08-12 21:22:31 ----D---- C:\Windows\Microsoft.NET
2010-08-12 21:22:03 ----RSD---- C:\Windows\assembly
2010-08-11 17:22:05 ----D---- C:\Windows\SYSWOW64\migration
2010-08-11 17:22:05 ----D---- C:\Windows\system32\migration
2010-08-11 17:22:05 ----D---- C:\Program Files\Internet Explorer
2010-08-08 23:15:20 ----D---- C:\Windows\Logs
2010-08-08 23:06:23 ----D---- C:\Windows\system32\FxsTmp
2010-08-08 16:26:48 ----D---- C:\Users\Etiainen\AppData\Roaming\Winamp
2010-08-08 14:37:00 ----HD---- C:\ProgramData
2010-08-08 00:40:21 ----D---- C:\Users\Etiainen\AppData\Roaming\dvdcss
2010-08-07 19:58:56 ----D---- C:\Windows\ModemLogs
2010-08-07 19:58:48 ----D---- C:\Windows\system32\DriverStore
2010-08-03 23:54:04 ----D---- C:\Windows\rescache
2010-08-03 20:52:33 ----A---- C:\Windows\system32\MRT.exe
2010-08-02 15:49:49 ----DC---- C:\Windows\system32\DRVSTORE

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 HKDirFlt;Wondershare HKDirFlt; C:\Windows\system32\drivers\HKDirFlt.sys [2010-06-23 37992]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2010-07-16 30008]
R0 MirDisk;Wondershare Time Freeze; C:\Windows\system32\drivers\MirDisk.sys [2010-06-23 28264]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-17 828912]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-28 139704]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2009-09-23 66304]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2009-12-31 360712]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-06-13 314016]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-06-24 166984]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-04-28 169592]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-04-28 50600]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2010-05-20 38448]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-06-13 43680]
R2 vmci;VMware vmci; \??\C:\Windows\system32\drivers\vmci.sys [2010-05-21 80944]
R2 VMnetBridge;VMware Bridge Protocol; C:\Windows\system32\DRIVERS\vmnetbridge.sys [2010-05-20 45104]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\Windows\system32\drivers\vmnetuserif.sys [2010-05-21 30256]
R2 vmx86;VMware vmx86; \??\C:\Windows\system32\drivers\vmx86.sys [2010-05-21 68656]
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files (x86)\VMware\VMware Player\vstor2-ws60.sys [2010-04-27 32816]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2010-07-16 43320]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 497152]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-04 6037504]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-08 2769400]
R3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-04-28 33608]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-25 18432]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 320560]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2009-12-12 31232]
R3 vmkbd;VMware kbd; \??\C:\Windows\system32\drivers\VMkbd.sys [2010-05-21 31792]
R3 vpcbus;Virtual PC Host Bus Service; C:\Windows\system32\DRIVERS\vpchbus.sys [2009-09-23 187904]
R3 vpcusb;USB Virtualization Connector Service; C:\Windows\system32\DRIVERS\vpcusb.sys [2009-09-23 95232]
S3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-24 119312]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 KORGUMDS;KORG USB-MIDI Driver for Windows x64 Edition; C:\Windows\System32\Drivers\KORGUM64.SYS [2010-01-08 31832]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RivaTuner64;RivaTuner64; \??\C:\Program Files (x86)\RivaTuner\RivaTuner64.sys [2010-08-16 19952]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 115240]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 19496]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 158760]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 137256]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 34344]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 136744]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 151592]
S3 s1039bus;Sony Ericsson Device 1039 driver (WDM); C:\Windows\system32\DRIVERS\s1039bus.sys [2010-03-01 127600]
S3 s1039mdfl;Sony Ericsson Device 1039 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s1039mdfl.sys [2009-11-19 19568]
S3 s1039mdm;Sony Ericsson Device 1039 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s1039mdm.sys [2009-11-19 161904]
S3 s1039mgmt;Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s1039mgmt.sys [2009-11-19 141424]
S3 s1039nd5;Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS); C:\Windows\system32\DRIVERS\s1039nd5.sys [2010-03-01 34416]
S3 s1039obex;Sony Ericsson Device 1039 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s1039obex.sys [2009-11-19 137328]
S3 s1039unic;Sony Ericsson Device 1039 USB Ethernet Emulation (WDM); C:\Windows\system32\DRIVERS\s1039unic.sys [2010-03-01 158320]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2009-11-12 5504]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 tap0801;TAP-Win32 Adapter V8; C:\Windows\system32\DRIVERS\tap0801.sys [2005-04-13 30720]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-07-14 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-06-25 144656]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [2010-05-20 20016]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ac.sharedstore;ActivIdentity Shared Store Service; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2009-06-03 277032]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 111616]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-04 203264]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-30 864032]
R2 CLPSLS;COMODO livePCsupport Service; C:\Program Files (x86)\COMODO\COMODO livePCsupport\CLPSLS.exe [2010-02-19 148744]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-07-02 810144]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-03-24 121344]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2010-07-16 30520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NMSAccess64;NMSAccess64; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-01-12 82872]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-03-06 635416]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [2010-05-21 113200]
R2 VMnetDHCP;VMware DHCP Service; C:\Windows\syswow64\vmnetdhcp.exe [2010-05-21 334384]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-05-20 539184]
R2 VMware NAT Service;VMware NAT Service; C:\Windows\syswow64\vmnat.exe [2010-05-21 399920]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 FLEXnet Licensing Manager;FLEXnet Licensing Manager for Adobe Products; C:\Windows\system\regsrv.exe []
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-06 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-07-02 42360]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2009-12-12 36352]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 ufad-ws60;VMware Agent Service; C:\Program Files (x86)\VMware\VMware Player\vmware-ufad.exe [2010-04-27 191024]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-18 1255736]

-----------------EOF-----------------

Diky moc vopred

[Rudy]

Udělejte sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[usr1000]

Dik za odpoved, tu je log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4524

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

1. 9. 2010 22:15:53
mbam-log-2010-09-01 (22-15-53).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 501029
Time elapsed: 1 hour(s), 28 minute(s), 12 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 11

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\victim (Malware.Trace) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
D:\BACKUP\DL_AGAIN napalene\WinRAR\KEYGEN.EXE (Malware.Packer.Gen) -> No action taken.
D:\BACKUP\other\Sound Forge\Keymakers\Keygen Sonic Foundry Products.exe (Trojan.Downloader) -> No action taken.
D:\BACKUP\other\Sound Forge\Keymakers\Sonic Foundry MainConcept MPEG 1&2 Plugin v1.0\damn_ConcMPEG_plugin10_kg.exe (Trojan.Agent.CK) -> No action taken.
D:\BACKUP\other\Sound Forge\Keymakers\Sonic Foundry MP3 Plugin 2.0\damn_MP3Plugin_kg.exe (Trojan.Agent.CK) -> No action taken.
D:\BACKUP\other\Sound Forge\Keymakers\Sonic Foundry Noise Reduction Plugin 2.0\damn_NoisePlugin_kg.exe (Trojan.Agent.CK) -> No action taken.
D:\Documents\Downloads\Nero 8.1.1.0 Ultra Edition + Keygen [h33t] [CaZoR]\nero8x.exe (RiskWare.Tool.CK) -> No action taken.
D:\Games\Spectaculator 6\ArmAccess.dll (Spyware.Passwords) -> No action taken.
D:\Games\Sranda\Somariny\BEER2.EXE (Application.Joke) -> No action taken.
D:\Games\Sranda\Somariny\FlyFree.exe (Joke.ScrnFly) -> No action taken.
D:\Torrents\Phoenix\Phx_data\Res\EmuCfg.exe (Trojan.Agent) -> No action taken.
D:\Torrents\Phoenix\Phx_data\Res\GCFMgr.exe (Trojan.Agent) -> No action taken.

[Rudy]

Vše, co MBAM nalezl, smažte.

[usr1000]

Diky za odpoved, vsetko som zmazal.
Avsak aj tentokrat som zistil, ze som si to spomalenie zapricinil sam

Nedavno som totiz permanentne mountol sietovy disk na druhy pocitac. Zrejme sa pocas logonu snazi pripojit/resolvnut ho (a kedze je vypnuty tak to trva dlhsie), lebo ked som ten sietovy disk odstranil, system nabehol povodnou rychlostou

Esteraz diky a ospravedlnujem sa

[Rudy]

Ano, to je možné. Nemáte zač!