VIRY.CZ

Dobrý večer,
po víkendu (30.-31. 10. 2010) mi začal hapraovat notebook. Problémy se vyskytly po instalaci a odinstalaci antiviru Kaspersky, instalaci a odinstalaci firewallu Kerio Control a instalaci a odinstalaci nástroje O&O Defrag (vše nainstalováno i odinstalováno a spouštěno přes víkend). Nyní již nemám nainstalován žádný z těchto programů. Po zapnutí notebooku a přihlášení do systému se zanedlouho zcela zahltí disk, resp. kontrolka svítí a systém je zahlcen, že nelze ani pohnout oknem. Ve správci úloh je patrné, že služba svchost.exe (NetworkRestriction ???) v té době čte/zapisuje na disk. Měl jsem zprvu dojem, že za to může Moziila Firefox, při jejímž běhu k tomuto problému vždy došlo (k onomu zahlcení disku), ale nyní, pokud po spuštění systému není žádná mnou vyvolaná činnost, objeví se problém po čase sám. Když jsem nechal disk "vycukat", vyskočila již zmíněná hláška Program Host Process for Windows přestal fungovat a byl ukončen. Dnes k tomu ještě přibyla hláška, že program Search indexer přestal fungovat a byl ukončen. Můj log níže.

Děkuji.


Logfile of random's system information tool 1.08 (written by random/random)
Run by Martin at 2010-11-01 23:26:23
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 173 GB (66%) free of 260 GB
Total RAM: 3004 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:26:55, on 1.11.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Martin\Desktop\RSIT.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.live.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: BrlAPI - Unknown owner - C:\cygwin\bin\cygrunsrv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Unknown owner - C:\Program Files\Spyware Terminator\sp_rsser.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: System Repair Windows Update Monitor (System_Repair_UpdateMonitor) - Lenovo Group Limited - C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe

--
End of file - 8625 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-09-22 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-07-29 806904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-04 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\PROGRA~1\INBOXT~1\Inbox.dll [2010-07-29 806904]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"=C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-04-24 4097864]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2008-03-26 163840]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-07-28 136216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-07-28 171032]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-07-28 170520]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-10-25 2424560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-04-02 102400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management]
C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-05-04 5064520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-09-22 4240760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\Martin\AppData\Roaming\QipGuard\QipGuard.exe [2010-03-12 184272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartAudio]
C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-03-12 306744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\Lenovo\BLUETO~1\BTTray.exe [2008-08-26 752168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-28 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDriveTypeAutoRun"=95
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-11-01 23:26:23 ----D---- C:\rsit
2010-11-01 23:26:23 ----D---- C:\Program Files\trend micro
2010-11-01 23:21:07 ----D---- C:\Users\Martin\AppData\Roaming\SUPERAntiSpyware.com
2010-11-01 23:21:07 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2010-11-01 23:21:02 ----D---- C:\Program Files\SUPERAntiSpyware
2010-11-01 23:02:40 ----R---- C:\Windows\system32\unicows.dll
2010-11-01 21:15:11 ----A---- C:\ComboFix.txt
2010-11-01 21:11:59 ----SHD---- C:\$RECYCLE.BIN
2010-11-01 21:02:44 ----D---- C:\Windows\temp
2010-11-01 20:36:48 ----D---- C:\Qoobox
2010-11-01 20:36:26 ----A---- C:\Windows\SWXCACLS.exe
2010-11-01 19:54:31 ----A---- C:\Windows\ntbtlog.txt
2010-10-31 21:10:53 ----D---- C:\Users\Martin\AppData\Roaming\Avira
2010-10-31 21:06:00 ----A---- C:\Windows\system32\drivers\ssmdrv.sys
2010-10-31 21:05:59 ----A---- C:\Windows\system32\drivers\avipbb.sys
2010-10-31 21:05:59 ----A---- C:\Windows\system32\drivers\avgntmgr.sys
2010-10-31 21:05:59 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2010-10-31 21:05:59 ----A---- C:\Windows\system32\drivers\avgntdd.sys
2010-10-31 21:05:58 ----D---- C:\ProgramData\Avira
2010-10-31 21:05:58 ----D---- C:\Program Files\Avira
2010-10-30 22:32:22 ----A---- C:\Windows\oodjobd.INI
2010-10-29 12:29:20 ----D---- C:\Users\Martin\AppData\Roaming\Kerio
2010-10-29 12:20:11 ----D---- C:\Program Files\Kerio
2010-10-29 11:47:51 ----D---- C:\Program Files\ClamWin
2010-10-28 00:03:36 ----D---- C:\Program Files\Enigma Software Group
2010-10-28 00:02:19 ----D---- C:\Windows\9EFA732347A048E28F7735DB5EED500A.TMP
2010-10-28 00:02:18 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-10-27 08:35:37 ----A---- C:\Windows\system32\gameux.dll
2010-10-27 08:35:35 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-10-27 08:35:35 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-10-23 16:59:53 ----D---- C:\Program Files\glassfish-3.0.1
2010-10-23 16:42:54 ----D---- C:\Program Files\NetBeans 6.9.1
2010-10-23 09:36:02 ----D---- C:\Users\Martin\AppData\Roaming\AVG10
2010-10-23 09:35:05 ----HD---- C:\ProgramData\Common Files
2010-10-23 09:33:38 ----D---- C:\ProgramData\AVG10
2010-10-23 09:26:01 ----D---- C:\ProgramData\MFAData
2010-10-21 23:37:53 ----D---- C:\Windows\cs
2010-10-21 23:37:24 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2010-10-21 23:33:11 ----D---- C:\Program Files\MSN Toolbar
2010-10-21 23:32:57 ----D---- C:\Program Files\Bing Bar Installer
2010-10-21 23:27:09 ----A---- C:\Windows\system32\webservices.dll
2010-10-21 22:12:28 ----D---- C:\Program Files\ArgoUML
2010-10-21 22:10:09 ----D---- C:\Users\Martin\AppData\Roaming\Sparx Systems
2010-10-21 22:09:23 ----D---- C:\Program Files\Sparx Systems
2010-10-17 23:04:58 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2010-10-17 23:04:45 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2010-10-17 23:04:39 ----D---- C:\Program Files\Oracle
2010-10-14 10:10:13 ----A---- C:\Windows\system32\wmp.dll
2010-10-14 10:10:12 ----A---- C:\Windows\system32\wmploc.DLL
2010-10-14 10:09:50 ----A---- C:\Windows\system32\ole32.dll
2010-10-14 10:09:47 ----A---- C:\Windows\system32\schannel.dll
2010-10-14 10:09:34 ----A---- C:\Windows\system32\srvsvc.dll
2010-10-14 10:09:34 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-10-14 10:09:34 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-10-14 10:09:34 ----A---- C:\Windows\system32\drivers\srv.sys
2010-10-14 10:09:33 ----A---- C:\Windows\system32\netevent.dll
2010-10-14 10:09:20 ----A---- C:\Windows\system32\t2embed.dll
2010-10-14 10:09:16 ----A---- C:\Windows\system32\mfc40.dll
2010-10-14 10:09:15 ----A---- C:\Windows\system32\mfc40u.dll
2010-10-14 10:09:13 ----A---- C:\Windows\system32\win32k.sys
2010-10-14 10:09:10 ----A---- C:\Windows\system32\msshsq.dll
2010-10-14 10:09:08 ----A---- C:\Windows\system32\wmpmde.dll
2010-10-14 10:09:05 ----A---- C:\Windows\system32\comctl32.dll
2010-10-14 10:08:59 ----A---- C:\Windows\system32\ieframe.dll
2010-10-14 10:08:58 ----A---- C:\Windows\system32\mshtml.dll
2010-10-14 10:08:58 ----A---- C:\Windows\system32\msfeeds.dll
2010-10-14 10:08:57 ----A---- C:\Windows\system32\mshtmled.dll
2010-10-14 10:08:56 ----A---- C:\Windows\system32\wininet.dll
2010-10-14 10:08:56 ----A---- C:\Windows\system32\urlmon.dll
2010-10-14 10:08:55 ----A---- C:\Windows\system32\iepeers.dll
2010-10-14 10:08:55 ----A---- C:\Windows\system32\ieencode.dll
2010-10-14 10:08:55 ----A---- C:\Windows\system32\ieapfltr.dll
2010-10-09 14:46:45 ----D---- C:\Users\Martin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-10-09 11:13:12 ----D---- C:\Users\Martin\AppData\Roaming\Adobe Mini Bridge CS5
2010-10-09 11:13:11 ----D---- C:\Users\Martin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-10-08 18:24:02 ----N---- C:\Windows\system32\vxblock.dll
2010-10-08 18:24:02 ----N---- C:\Windows\system32\pxwave.dll
2010-10-08 18:24:02 ----N---- C:\Windows\system32\pxsfs.dll
2010-10-08 18:24:02 ----N---- C:\Windows\system32\pxmas.dll
2010-10-08 18:24:02 ----N---- C:\Windows\system32\pxinsi64.exe
2010-10-08 18:24:02 ----N---- C:\Windows\system32\pxinsa64.exe
2010-10-08 18:24:02 ----N---- C:\Windows\system32\pxhpinst.exe
2010-10-08 18:24:02 ----N---- C:\Windows\system32\pxdrv.dll
2010-10-08 18:24:02 ----N---- C:\Windows\system32\pxcpyi64.exe
2010-10-08 18:24:02 ----N---- C:\Windows\system32\pxcpya64.exe
2010-10-08 18:24:02 ----N---- C:\Windows\system32\pxafs.dll
2010-10-08 18:24:02 ----N---- C:\Windows\system32\px.dll
2010-10-08 18:24:02 ----N---- C:\Windows\system32\drivers\PxHelp20.sys
2010-10-08 17:28:04 ----HD---- C:\ProgramData\CanonIJScan
2010-10-08 17:28:04 ----D---- C:\Users\Martin\AppData\Roaming\Canon
2010-10-08 17:17:05 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2010-10-08 17:14:07 ----A---- C:\Windows\system32\CNMLM9Z.DLL
2010-10-08 17:07:14 ----A---- C:\Windows\system32\CNC550L.dll
2010-10-08 17:07:14 ----A---- C:\Windows\system32\CNC550I.dll
2010-10-08 17:07:13 ----A---- C:\Windows\system32\CNC550U.dll
2010-10-08 17:07:13 ----A---- C:\Windows\system32\CNC550C.dll
2010-10-08 17:07:12 ----A---- C:\Windows\system32\CNHMCA.dll
2010-10-08 14:57:54 ----A---- C:\Windows\system32\drivers\VBoxNetFlt.sys
2010-10-08 14:57:54 ----A---- C:\Windows\system32\drivers\VBoxNetAdp.sys
2010-10-08 08:18:45 ----D---- C:\ProgramData\Adobe
2010-10-07 22:17:37 ----D---- C:\Users\Martin\AppData\Roaming\Adobe
2010-10-07 13:35:10 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2010-10-07 11:18:23 ----D---- C:\Program Files\Common Files\Akamai
2010-10-06 09:50:43 ----D---- C:\Users\Martin\AppData\Roaming\SQL Developer
2010-10-06 09:48:21 ----D---- C:\Program Files\SQL Power Architect
2010-10-06 09:46:30 ----D---- C:\Program Files\sqldeveloper
2010-10-06 09:45:06 ----D---- C:\Program Files\datamodeler
2010-10-03 09:39:47 ----D---- C:\Program Files\Mobile Net Switch

======List of files/folders modified in the last 1 months======

2010-11-01 23:26:23 ----RD---- C:\Program Files
2010-11-01 23:21:07 ----D---- C:\ProgramData
2010-11-01 23:17:06 ----D---- C:\Windows\System32
2010-11-01 23:17:06 ----D---- C:\Windows\inf
2010-11-01 23:17:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-11-01 23:07:26 ----A---- C:\sysiclog.txt
2010-11-01 23:02:37 ----HD---- C:\Program Files\InstallShield Installation Information
2010-11-01 21:20:26 ----SHD---- C:\System Volume Information
2010-11-01 21:15:49 ----D---- C:\Stavová hlášení
2010-11-01 21:15:15 ----D---- C:\Windows\system32\drivers
2010-11-01 21:05:12 ----D---- C:\Windows
2010-11-01 21:05:12 ----A---- C:\Windows\system.ini
2010-11-01 21:05:03 ----D---- C:\Windows\system32\drivers\etc
2010-11-01 21:03:07 ----D---- C:\Windows\system32\config
2010-11-01 21:02:50 ----D---- C:\Windows\ERDNT
2010-11-01 20:57:44 ----D---- C:\Windows\AppPatch
2010-11-01 20:57:43 ----D---- C:\Program Files\Common Files
2010-11-01 11:13:45 ----D---- C:\Windows\Prefetch
2010-10-31 21:00:52 ----D---- C:\Config.Msi
2010-10-31 21:00:05 ----SHD---- C:\Windows\Installer
2010-10-31 20:58:03 ----D---- C:\Windows\system32\catroot
2010-10-31 10:34:25 ----A---- C:\Windows\MBR.exe
2010-10-29 13:17:36 ----D---- C:\Program Files\Common Files\Adobe
2010-10-29 13:17:24 ----D---- C:\Windows\winsxs
2010-10-29 13:15:54 ----D---- C:\Program Files\Adobe
2010-10-28 22:25:38 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2010-10-28 21:43:31 ----D---- C:\Program Files\uTorrent
2010-10-28 13:20:08 ----D---- C:\Program Files\Mozilla Thunderbird
2010-10-28 13:17:12 ----D---- C:\Windows\system32\catroot2
2010-10-28 12:57:59 ----D---- C:\ProgramData\ESET
2010-10-28 12:08:48 ----AD---- C:\ProgramData\Temp
2010-10-28 11:27:19 ----D---- C:\Windows\system32\Tasks
2010-10-27 19:48:26 ----D---- C:\Users\Martin\AppData\Roaming\Thunderbird
2010-10-27 16:33:46 ----RSD---- C:\Windows\Fonts
2010-10-27 15:20:00 ----A---- C:\Windows\system32\ICAutoUpdate.log.bak
2010-10-24 12:48:05 ----D---- C:\Program Files\QIP Infium
2010-10-22 12:32:30 ----D---- C:\Windows\Microsoft.NET
2010-10-22 12:29:43 ----RSD---- C:\Windows\assembly
2010-10-22 12:03:58 ----D---- C:\Windows\rescache
2010-10-21 23:38:00 ----D---- C:\Program Files\Windows Live
2010-10-21 23:37:25 ----DC---- C:\Windows\system32\DRVSTORE
2010-10-21 23:36:02 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-10-21 23:34:28 ----SD---- C:\ProgramData\Microsoft
2010-10-21 23:33:54 ----D---- C:\Program Files\Common Files\microsoft shared
2010-10-21 23:27:31 ----D---- C:\Windows\system32\cs-CZ
2010-10-21 16:40:57 ----D---- C:\Users\Martin\AppData\Roaming\gtk-2.0
2010-10-21 14:07:59 ----D---- C:\Users\Martin\AppData\Roaming\codeblocks
2010-10-19 10:41:44 ----N---- C:\Windows\system32\MpSigStub.exe
2010-10-19 07:46:58 ----D---- C:\Windows\Debug
2010-10-16 15:59:38 ----D---- C:\Windows\system32\LogFiles
2010-10-15 20:42:55 ----D---- C:\Program Files\JDownloader
2010-10-14 19:33:22 ----D---- C:\Users\Martin\AppData\Roaming\PSpad
2010-10-14 19:30:24 ----D---- C:\Program Files\PSPad editor
2010-10-14 12:47:05 ----D---- C:\Program Files\Windows Media Player
2010-10-14 11:52:11 ----D---- C:\ProgramData\Microsoft Help
2010-10-14 11:44:59 ----A---- C:\Windows\system32\mrt.exe
2010-10-08 22:15:26 ----A---- C:\Windows\ODBCINST.INI
2010-10-08 17:11:14 ----RSD---- C:\Windows\Media
2010-10-08 17:10:49 ----D---- C:\Windows\twain_32
2010-10-08 14:57:52 ----A---- C:\Windows\system32\VBoxNetFltNotify.dll
2010-10-02 13:22:24 ----D---- C:\Users\Martin\AppData\Roaming\uTorrent

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-10-08 43528]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-01-17 691696]
R0 Wdkbdmou;Lenovo RMCT KbdMou Service; C:\Windows\system32\DRIVERS\Wdkbdmou.sys [2009-03-03 8832]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 funfrm;funfrm; C:\Windows\system32\drivers\funfrm.sys [2009-07-27 48192]
R1 LenovoVCD;LenovoVCD; \??\C:\Windows\system32\drivers\LenovoVCD.sys [2009-02-14 16200]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2010-10-08 143184]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2010-10-08 41936]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 tvtumon;tvtumon; C:\Windows\system32\DRIVERS\tvtumon.sys [2008-08-29 48192]
R2 XilinxPC4Driver;XilinxPC4Driver; C:\Windows\System32\drivers\XPC4DRVR.SYS [2010-02-09 16000]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-03-14 169008]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-10-23 223232]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-09-11 1326584]
R3 Cam5607;Lenovo EasyCamera ; C:\Windows\System32\Drivers\BisonC07.sys [2009-04-10 1225128]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2009-04-01 460800]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-07-28 9023488]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-10-08 100560]
R3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2010-10-08 111568]
R3 wdmirror;wdmirror; C:\Windows\system32\DRIVERS\WDMirror.sys [2009-03-03 8832]
R3 WinDriver6;WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [2009-09-02 195424]
S2 Aspi32;Aspi32; C:\Windows\System32\drivers\aspi32.sys []
S3 a4m1quh2;a4m1quh2; C:\Windows\system32\drivers\a4m1quh2.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-04-17 23040]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2008-04-17 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-17 30208]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-07-31 81960]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2008-07-31 100392]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2008-07-31 29736]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2008-07-31 17320]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 39272]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 kvnet;Kerio Virtual Network Adapter; C:\Windows\system32\DRIVERS\kvnet.sys [2010-07-15 26624]
S3 kwflower;Kerio Control - Lower Layer Driver; C:\Windows\system32\DRIVERS\kwflower.sys []
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 netfilter;Netfilter; C:\Windows\system32\DRIVERS\netfilter.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-04-17 149504]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2007-05-23 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WSVD;WSVD; \??\C:\Windows\system32\drivers\WSVD.sys [2008-01-10 81192]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2008-02-14 32768]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-03-19 335872]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 System_Repair_UpdateMonitor;System Repair Windows Update Monitor; C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [2008-09-27 430080]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN v4.0.21006_X86; C:\Windows\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe [2009-10-07 129856]
S2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe []
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.21006\aspnet_state.exe [2009-10-07 35144]
S3 BrlAPI;BrlAPI; C:\cygwin\bin\cygrunsrv.exe [2008-03-18 68096]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-02-20 654848]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-05-06 379968]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-05-06 412736]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\Windows\System32\IgrsSvcs.exe [2008-01-21 21504]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe [2009-10-07 752984]
S4 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
S4 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe [2008-08-26 522792]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-14 133104]
S4 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.21006\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.21006\SMSvcHost.exe [2009-10-07 124224]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.21006\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.21006\SMSvcHost.exe [2009-10-07 124224]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.21006\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.21006\SMSvcHost.exe [2009-10-07 124224]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

Přikládám ještě log z ComboFixu:


ComboFix 10-10-31.04 - Martin 01.11.2010 20:42:17.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3004.1856 [GMT 1:00]
Spuštěný z: c:\users\Martin\Downloads\ComboFix.exe
SP: BitDefender Antispyware *disabled* (Updated) {8B2012EC-32D4-494F-BC03-832DB3BDF911}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\winhelp.ini

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_NPF


((((((((((((((((((((((((( Soubory vytvořené od 2010-10-01 do 2010-11-01 )))))))))))))))))))))))))))))))
.

2010-11-01 20:02 . 2010-11-01 20:05 -------- d-----w- c:\users\Martin\AppData\Local\temp
2010-11-01 20:02 . 2010-11-01 20:02 -------- d-----w- c:\users\Guest\AppData\Local\temp
2010-11-01 20:02 . 2010-11-01 20:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-31 20:10 . 2010-10-31 20:10 -------- d-----w- c:\users\Martin\AppData\Roaming\Avira
2010-10-31 20:05 . 2010-03-01 09:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-10-31 20:05 . 2010-02-16 13:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-10-31 20:05 . 2009-05-11 11:49 51992 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-10-31 20:05 . 2009-05-11 11:49 17016 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-10-31 20:05 . 2010-10-31 20:05 -------- d-----w- c:\programdata\Avira
2010-10-31 20:05 . 2010-10-31 20:05 -------- d-----w- c:\program files\Avira
2010-10-30 21:25 . 2010-10-30 21:25 -------- d-----w- c:\users\Martin\AppData\Local\O&O
2010-10-30 14:11 . 2010-10-07 23:21 6146896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0F00895E-1598-481A-ABDD-5E0E1D1D5022}\mpengine.dll
2010-10-29 11:29 . 2010-10-29 11:29 -------- d-----w- c:\users\Martin\AppData\Roaming\Kerio
2010-10-29 11:20 . 2010-10-29 11:49 -------- d-----w- c:\program files\Kerio
2010-10-29 10:47 . 2010-10-31 19:22 -------- d-----w- c:\program files\ClamWin
2010-10-27 23:03 . 2010-10-27 23:03 -------- d-----w- c:\program files\Enigma Software Group
2010-10-27 23:02 . 2010-10-28 10:21 -------- d-----w- c:\windows\9EFA732347A048E28F7735DB5EED500A.TMP
2010-10-27 23:02 . 2010-10-27 23:02 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-10-27 07:35 . 2010-08-26 16:34 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-10-27 07:35 . 2010-08-26 16:33 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-10-27 07:35 . 2010-08-26 14:23 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-10-23 15:59 . 2010-10-23 16:01 -------- d-----w- c:\program files\glassfish-3.0.1
2010-10-23 15:42 . 2010-10-23 15:59 -------- d-----w- c:\program files\NetBeans 6.9.1
2010-10-23 08:36 . 2010-10-23 08:36 -------- d-----w- c:\users\Martin\AppData\Roaming\AVG10
2010-10-23 08:35 . 2010-10-23 08:35 -------- d--h--w- c:\programdata\Common Files
2010-10-23 08:33 . 2010-10-28 11:00 -------- d-----w- c:\programdata\AVG10
2010-10-23 08:26 . 2010-10-23 08:32 -------- d-----w- c:\programdata\MFAData
2010-10-21 22:37 . 2010-10-21 22:37 -------- d-----w- c:\windows\cs
2010-10-21 22:37 . 2010-09-22 22:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2010-10-21 22:33 . 2010-10-21 22:33 -------- d-----w- c:\program files\MSN Toolbar
2010-10-21 22:32 . 2010-10-21 22:33 -------- d-----w- c:\program files\Bing Bar Installer
2010-10-21 22:30 . 2010-10-21 22:30 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\802579241cb716f2b\InstallManager_WLE_WLE.exe
2010-10-21 22:29 . 2010-10-21 22:29 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\6fe958641cb716f1f\MeshBetaRemover.exe
2010-10-21 22:29 . 2010-10-21 22:29 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\639297c41cb716f19\DSETUP.dll
2010-10-21 22:29 . 2010-10-21 22:29 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\639297c41cb716f19\DXSETUP.exe
2010-10-21 22:29 . 2010-10-21 22:29 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\639297c41cb716f19\dsetup32.dll
2010-10-21 22:29 . 2010-10-21 22:29 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\61574dc41cb716f18\DSETUP.dll
2010-10-21 22:29 . 2010-10-21 22:29 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\61574dc41cb716f18\DXSETUP.exe
2010-10-21 22:29 . 2010-10-21 22:29 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\61574dc41cb716f18\dsetup32.dll
2010-10-21 22:28 . 2010-10-28 10:20 -------- d-----w- c:\users\Martin\AppData\Local\Windows Live
2010-10-21 22:27 . 2009-08-04 08:02 754688 ----a-w- c:\windows\system32\webservices.dll
2010-10-21 21:12 . 2010-10-21 21:12 -------- d-----w- c:\users\Martin\.argouml
2010-10-21 21:12 . 2010-10-21 21:12 -------- d-----w- c:\program files\ArgoUML
2010-10-21 21:10 . 2010-10-21 21:10 -------- d-----w- c:\users\Martin\AppData\Roaming\Sparx Systems
2010-10-21 21:09 . 2010-10-21 21:09 -------- d-----w- c:\program files\Sparx Systems
2010-10-21 14:48 . 2010-10-21 14:48 -------- d-----w- c:\users\Public\Roaming
2010-10-17 22:04 . 2010-10-08 13:57 143184 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2010-10-17 22:04 . 2010-10-08 13:57 41936 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2010-10-17 22:04 . 2010-10-17 22:04 -------- d-----w- c:\program files\Oracle
2010-10-16 15:00 . 2010-10-16 15:00 -------- d-----w- c:\users\Martin\AppData\Local\DOSBox
2010-10-14 09:10 . 2010-09-13 13:56 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2010-10-14 09:10 . 2010-09-13 13:56 168960 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-10-14 09:08 . 2010-09-08 17:07 834048 ----a-w- c:\windows\system32\wininet.dll
2010-10-14 09:08 . 2010-09-08 17:23 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-10-14 09:08 . 2010-09-08 15:23 389632 ----a-w- c:\windows\system32\html.iec
2010-10-12 14:58 . 2010-10-12 14:58 -------- d-----w- c:\users\Martin\Oracle
2010-10-09 13:46 . 2010-10-09 13:46 -------- d-----w- c:\users\Martin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-10-09 10:13 . 2010-10-09 10:13 -------- d-----w- c:\users\Martin\AppData\Roaming\Adobe Mini Bridge CS5
2010-10-09 10:13 . 2010-10-09 10:13 -------- d-----w- c:\users\Martin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-10-08 16:28 . 2010-10-08 16:28 -------- d--h--w- c:\programdata\CanonIJScan
2010-10-08 16:28 . 2010-10-08 16:28 -------- d-----w- c:\users\Martin\AppData\Roaming\Canon
2010-10-08 16:17 . 2010-10-08 16:17 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2010-10-08 16:16 . 2010-04-24 03:00 70656 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP9Z.DLL
2010-10-08 16:16 . 2010-04-24 03:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD9Z.DLL
2010-10-08 16:14 . 2010-04-24 03:00 272384 ----a-w- c:\windows\system32\CNMLM9Z.DLL
2010-10-08 16:07 . 2009-04-03 13:59 110592 ----a-w- c:\windows\system32\CNC550I.dll
2010-10-08 16:07 . 2009-03-19 12:38 303104 ----a-w- c:\windows\system32\CNC550L.dll
2010-10-08 16:07 . 2009-04-03 14:00 1310720 ----a-w- c:\windows\system32\CNC550C.dll
2010-10-08 16:07 . 2009-04-03 13:57 106496 ----a-w- c:\windows\system32\CNC550U.dll
2010-10-08 16:07 . 2008-08-25 16:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2010-10-08 13:57 . 2010-10-08 13:57 111568 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys
2010-10-08 13:57 . 2010-10-08 13:57 100560 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys
2010-10-07 21:40 . 2010-10-21 14:59 -------- d-----w- c:\users\Martin\AppData\Local\Adobe
2010-10-07 12:35 . 2010-10-11 19:04 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2010-10-07 10:18 . 2010-11-01 20:05 -------- d-----w- c:\program files\Common Files\Akamai
2010-10-06 08:50 . 2010-10-31 12:22 -------- d-----w- c:\users\Martin\AppData\Roaming\SQL Developer
2010-10-06 08:48 . 2010-10-06 08:48 -------- d-----w- c:\program files\SQL Power Architect
2010-10-06 08:46 . 2010-10-06 08:46 -------- d-----w- c:\program files\sqldeveloper
2010-10-06 08:45 . 2010-10-06 08:47 -------- d-----w- c:\program files\datamodeler
2010-10-03 08:39 . 2010-10-03 08:43 -------- d-----w- c:\program files\Mobile Net Switch

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-19 09:41 . 2009-12-09 10:37 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-08 13:57 . 2010-08-05 12:08 133648 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll
2010-10-01 13:45 . 2010-01-13 21:30 2055776 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2010-09-22 22:47 . 2010-09-22 22:47 49016 ----a-w- c:\windows\system32\sirenacm.dll
2010-09-22 22:32 . 2010-09-22 22:32 301936 ----a-w- c:\windows\WLXPGSS.SCR
2010-09-04 11:11 . 2010-09-04 11:09 60416 ----a-w- c:\windows\system32\rbap350.dll
2010-08-26 16:33 . 2010-10-27 07:35 173056 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2010-08-26 16:33 . 2010-10-27 07:35 2159616 ----a-w- c:\windows\apppatch\AcGenral.dll
2010-08-26 16:33 . 2010-10-27 07:35 542720 ----a-w- c:\windows\apppatch\AcLayers.dll
2010-08-26 16:33 . 2010-10-27 07:35 458752 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2010-08-17 14:11 . 2010-09-15 15:24 128000 ----a-w- c:\windows\system32\spoolsv.exe
2009-10-19 17:59 . 2009-12-10 13:55 47104 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"="c:\program files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-04-23 4097864]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-07-28 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-07-28 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-07-28 170520]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 02:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 01:44 500208 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-07-22 20:10 402432 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoStartNPSAgent]
2009-04-02 17:05 102400 ----a-w- c:\program files\Samsung\Samsung New PC Studio\NPSAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Energy Management]
2009-05-04 21:17 5064520 ----a-w- c:\program files\Lenovo\Energy Management\Energy Management.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-09-22 22:47 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
2010-03-12 13:20 184272 ----a-w- c:\users\Martin\AppData\Roaming\QipGuard\QipGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 06:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartAudio]
2009-03-12 07:35 306744 ------w- c:\program files\CONEXANT\SAII\SAIICpl.exe

R2 clr_optimization_v4.0.21006_32;Microsoft .NET Framework NGEN v4.0.21006_X86;c:\windows\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe [2009-10-07 129856]
R3 BrlAPI;BrlAPI;c:\cygwin\bin\cygrunsrv.exe [2008-03-18 68096]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2008-07-31 29736]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 kvnet;Kerio Virtual Network Adapter;c:\windows\system32\DRIVERS\kvnet.sys [2010-07-15 26624]
R3 kwflower;Kerio Control - Lower Layer Driver;c:\windows\system32\DRIVERS\kwflower.sys [x]
R3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc;c:\program files\Lenovo\ReadyComm\AppSvc.exe [2009-05-06 379968]
R3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc;c:\program files\Lenovo\ReadyComm\ConnSvc.exe [2009-05-06 412736]
R3 netfilter;netfilter;c:\windows\system32\DRIVERS\netfilter.sys [x]
R3 PS_MDP;ReadyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe [2008-01-21 21504]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe [2009-10-07 752984]
R3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2008-01-10 81192]
R4 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-10-14 133104]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-03-31 47128]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-17 691696]
S0 Wdkbdmou;Lenovo RMCT KbdMou Service;c:\windows\system32\DRIVERS\Wdkbdmou.sys [2009-03-02 8832]
S1 funfrm;funfrm; [x]
S1 LenovoVCD;LenovoVCD;c:\windows\system32\drivers\LenovoVCD.sys [2009-02-14 16200]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2010-10-08 143184]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2010-10-08 41936]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2008-01-21 21504]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2009-03-31 233472]
S2 IGRS;IGRS;c:\program files\Lenovo\ReadyComm\common\IGRS.exe [2008-02-14 32768]
S2 ReadyComm.DirectRouter;ReadyComm.DirectRouter;c:\windows\System32\IgrsSvcs.exe [2008-01-21 21504]
S2 System_Repair_UpdateMonitor;System Repair Windows Update Monitor;c:\program files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [2008-09-27 430080]
S2 tvtumon;tvtumon;c:\windows\system32\DRIVERS\tvtumon.sys [2008-08-29 48192]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-10-23 223232]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2010-10-08 100560]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2010-10-08 111568]
S3 wdmirror;wdmirror;c:\windows\system32\DRIVERS\WDMirror.sys [2009-03-02 8832]


--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - FSUSBEXDISK

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
IgrsSvcs REG_MULTI_SZ ReadyComm.DirectRouter PS_MDP
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
Obsah adresáře 'Naplánované úlohy'

2010-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-14 15:28]

2010-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-14 15:28]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://lenovo.live.com/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\kvqaayk8.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - component: c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\kvqaayk8.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}\components\nstidy.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdrmv2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdsplay.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwmsdrm.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\program files\Windows Media Player\Kodeky\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\Windows Media Player\Kodeky\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-Adobe Photo Downloader - c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe
MSConfigStartUp-DAEMON Tools Pro Agent - c:\program files\DAEMON Tools Pro\DTProAgent.exe
MSConfigStartUp-PWRISOVM - c:\program files\PowerISO\PWRISOVM.EXE
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
MSConfigStartUp-VeriFaceManager - c:\program files\Lenovo\VeriFace\PManage.exe
MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe
AddRemove-Indeo® software - d:\pojď tančit!\Uninst.isu



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-01 21:05
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Akamai]
"ServiceDll"="C:/Program Files/Common Files/Akamai/netsession_win_062a651.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Akamai]
"ServiceDll"="C:/Program Files/Common Files/Akamai/netsession_win_062a651.dll"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-387168609-3911301720-2258755658-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b4,da,95,db,f6,d9,5f,ec,5a,9e,fd,4e,e3,79,ec,21,42,24,1c,73,e6,29,8b,
50,40,89,35,3d,db,43,40,87,1a,cb,42,ea,de,ca,70,c7,18,84,df,bc,22,b5,0b,36,\
"??"=hex:75,75,a9,a0,73,86,9a,a9,07,fa,f0,ce,62,cd,0b,02

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="27FD4F914232DBBCD68BF3453470B01E683943600004B1070EBD1FB9B3FD75D5C6421966BDA28B4F7A8698C5310D07EE690BD1A7E469E45DF0CD047F5838AA62179F97246BA7ECF06FFBF8A5E6F31843497AD2ABD6E70F86AF4E90EA335A9311B952B429D4C908B02F277A4BC300F583F3674CFAC7CA71E2C95D87D5D9BFBEDC635991B65597D5C0C28ABB81070E2639E772F887FC5F3EF4555EDEFBB6472CE1DE7900F29C1F44F7C7EA8C76450026153882C3AB0FF71F657978417C0AFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A2D97226D213B555A2D97226D213B5555D575E7D6A3B980839187644C839DF6AD7939AB8DE624524C36F5EE597184235683FEF6C004F8B33DAB08B59B9DA95078FE3E462342BC8529E169E7A80E340A61D22592EAA419E1105CB4C56AACC72EFA4DAEF1BE2DFA51BAD89393CAF7C7FE1C53E5FBB04E93B4BB09B3FC998B3A6B483D93E0129E254B7EC76C7FEC59FE3620EACD5BFAF05CB42DBC610CF4768C33C98B4F14A8ACB312F5CFE862D2641AF77267D317811059DAC87E80E9C3B78C140D8B3D3BDCDE3FDE3FE37564379880F45C3320CB7D00D6490BA912A78BF27FC4D3A92CEB9FEA9DC085DA8BC53AA528EC31EBEA363DDF436CCFEC27C3E6268B4483601732CEBCF5720814FE102EBAE9EBE73105AF5E84B0D9160F3BFDB75E50B63CC23751C293D5A0A7C9D14882FDD16D58402B57F664EC762F01154D5107E88AA7F912D9E0E8C3572E0F84234AEDA2D7C14E6601F10F4A89A4777BA430B4219FA56D79661340B1D5BC7B78366E4CE027B6B86288D6265D564FCFA9BCF85760B07DAF650A57A3DA99E4CA90E15131B956D58197D151FFD59422F6340BA609691D21C601F3E0758D8650D8F41C83D514DC2AACD7712CB4EA288006A99D6434E45BA2CFEEB95BD470A2D2E1C1D9E2B3AF23E374551F7B01B84DF15BF390B177FA0E923AEC025CBA7014A587AC5C7695234F9D696E54DDADCB344970756530B4104631BBCCEFE9ECD666336C6858A4746A1DEE64CB9AC1DC0CA88B4D54BBE11D930FCB16FE8C5EBBFC773F713483FD9FBB1AFC5E2F14389A54ACF1F3897705ECA50DF8A7E8834A83694C7D0E39F54788BBBFD594DD6D3FCA212130D2C5EA06E426D8BCB9648941022A1047931BF4A403D00310B71D83491FD6A9E36266698FDA7784F2156E748A324A7A02CE8023591141D0747A988CFAAB47B15D98C1A399014435238D14C43A293C166286CE2400F429A0E7DC31C24EB785669B83B88756B54858EC3927D0E97FBF073B39004A7212E612BA3816D44BEAC6CE51900E5D4196BDAD0F99326434C1A1A3D939EAABD76F43E94B198F95450E91326C49D0772688DC3BC96C41716D062060815D2BD"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(3144)
c:\windows\system32\btncopy.dll
c:\program files\WinSCP\DragExt.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WLANExt.exe
c:\windows\System32\lpksetup.exe
c:\windows\system32\conime.exe
c:\program files\Apoint2K\ApMsgFwd.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Apoint2K\Apntex.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\servicing\TrustedInstaller.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Avira\AntiVir Desktop\guardhlp.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
.
**************************************************************************
.
Celkový čas: 2010-11-01 21:15:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-11-01 20:15
ComboFix2.txt 2009-12-20 11:51

Před spuštěním: Volných bajtů: 179 320 258 560
Po spuštění: Volných bajtů: 181 371 314 176

- - End Of File - - 0A9090F29FCD68DF3A252F1818181EF8

Dobrý večer

Obnovu systému jste nezkoušel?