BSOD+ problémy s myší

[Ashok28]

Dobré odpoledne přeji
Včera večer na mě po dlouhé době opět "vybafla" modrá obrazovka. Skontroloval sem samozřejmě soubor Minidump, no je prázdný. Jinak systém běží víceméně bez problémů. Jediné co mi mimo té BSOD dělá starosti je myška. V posledním čase se stává že mi zničeho nic přestane reagovat. Nejsem si jist jestli je to opravdu softvérový problém protože touchpad (používám notebook) počas výpadku externí myši normálně funguje. Myš je takřka nová mám jí pouze 2 měsíce.
Předem děkuji za jakoukoliv pomoc
Zde je log z RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Dushan at 2011-06-19 17:18:42
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 160 GB (40%) free of 461 GB
Total RAM: 4087 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:18:48, on 19. 6. 2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8080.16413)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Users\Dushan\Desktop\Moje dokumenty-Ashok\Programy\Merac\WinOMeter.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\BitTorrent\bittorrent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Dushan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Dushan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [A5262AD5F2F153145320D185DF0139BE145FEC2C._service_run] "C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
O4 - HKCU\..\Run: [WinOMeter] "C:\Users\Dushan\Desktop\Moje dokumenty-Ashok\Programy\Merac\WinOMeter.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2094344383-1364548060-3467643000-1009\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2094344383-1364548060-3467643000-1009\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: NmfJRtA.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Free YouTube Download - C:\Users\Dushan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Dushan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 17787 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
C:\Windows\SysWOW64\svchost.exe -k Akamai
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files\Intel\TurboBoost\TurboBoost.exe"
"c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe"
"C:\Program Files\RealVNC\VNC4\WinVNC4.exe" -service
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"winvnc4.exe" -noconsole -slave Global\RealVNC.Enterprise.WinVNC4_Shutdown_Session_Instance -cadevent Global\RealVNC.Enterprise.WinVNC4_CAD
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
WLIDSvcM.exe 2688
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" /background
"C:\Program Files\Java\jre6\bin\jusched.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Windows\WindowsMobile\wmdc.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\Dushan\Desktop\Moje dokumenty-Ashok\Programy\Merac\WinOMeter.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe" /Start
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files\DigitalPersona\Bin\DPAgent.exe"
taskeng.exe {149B98E8-3CD4-4F80-B195-F5474080CFA2}
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>6638</ID><Title>HP Wireless Assistant</Title><Text>WLAN: Deaktivované
Bluetooth: Deaktivované</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_off.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>"
"c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
"c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe"
"c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
C:\Windows\system32\svchost.exe -k HPService
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\ehome\ehmsas.exe -Embedding
C:\Windows\ehome\ehRecvr.exe
C:\Windows\ehome\mcGlidHost.exe -Embedding
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe" /SILENT
"C:\Users\Dushan\Desktop\IE9-Windows7-x64-enu.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\Internet Explorer\IELowutil.exe" -embedding
"C:\Program Files (x86)\Steam\steam.exe" steam://rungameid/12210
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"taskhost.exe"
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" "magnet:?xt=urn:btih:3b12a96bc168ad030dd816282139b00bc2bf3091&dn=L.A%2BNoire%2B%5BUSA%5D%5BMulti%5D%5BSpanish%5D%5BPS3%5D%5Bwww.consolasatope.com%5D&tr=udp%3A%2F%2Ftracker.openbittorrent.com%3A80&tr=udp%3A%2F%2Ftracker.publicbt.com%3A80&tr=udp%3A%2F%2Ftracker.ccc.de%3A80"
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" view=DOCKVIEW,SYSTRAY
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=extension --disable-client-side-phishing-detection --lang=sk --force-fieldtest="ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_6 concurrent_prefetch/DnsParallelism/parallel_20/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/" --channel=7312.047238C8.1726597120 /prefetch:3 --ignored=" --type=renderer "
C:\Windows\system32\rundll32.exe "C:\Users\Dushan\AppData\Local\Google\Chrome\Application\12.0.742.100\gcswf32.dll",BrokerMain browser=chrome
"C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\Dushan\AppData\Local\Google\Chrome\Application\12.0.742.100\gcswf32.dll" --lang=sk --channel=7312.08B4A020.846736814 /prefetch:4 --flash-broker=5040
"C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service --lang=sk
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-bdffc2a1-1ef6-4f1d-8af2-c711eea2cc65 -SystemEventPortName:HostProcess-666c6e98-c6bf-49e7-bf29-2e4837f68bcb -IoCancelEventPortName:HostProcess-2f720951-e8af-474f-882d-27d5765bc8f5 -NonStateChangingEventPortName:HostProcess-815188c9-0af5-4e2b-9f75-b9e738ba0b22 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:8b1906c1-63ec-491f-a5c3-07336f164777
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{FE9CFF26-9A85-4FA5-9B61-FE6565590E40}
{3089DDD9-B7A0-450F-B5CE-DEC7D751570D}
{614DF81B-EBD5-46AB-AD7C-A30338E1A963}
"C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=sk --force-fieldtest="CacheSize/CacheSizeGroup_3/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_6 concurrent_prefetch/DnsParallelism/parallel_20/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/" --channel=7312.09C7B228.331688115 /prefetch:3
"C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe72_ Global\UsGthrCtrlFltPipeMssGthrPipe72 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --disable-client-side-phishing-detection --lang=sk --force-fieldtest="CacheSize/CacheSizeGroup_3/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/max_6 concurrent_prefetch/DnsParallelism/parallel_20/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_60/Prefetch/ContentPrefetchDisabled/ProxyConnectionImpact/proxy_connections_32/SSLFalseStart/FalseStart_enabled/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/" --channel=7312.09F911C0.1902193095 /prefetch:3
"C:\Windows\system32\SearchFilterHost.exe" 0 544 548 556 65536 552
"C:\Users\Dushan\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2094344383-1364548060-3467643000-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2094344383-1364548060-3467643000-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-07-01 1888832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-20 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
DigitalPersona Personal Extension - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll [2009-07-01 1256512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-05-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-06-13 1438520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2010-06-13 1438520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-05-27 2096424]
"SmartMenu"=C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-07-21 610872]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-20 171520]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-05-14 2692520]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 660360]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-05-26 2314120]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-10-13 186904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Google Update"=C:\Users\Dushan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-01 136176]
"A5262AD5F2F153145320D185DF0139BE145FEC2C._service_run"=C:\Users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe [2011-06-14 1011768]
"WinOMeter"=C:\Users\Dushan\Desktop\Moje dokumenty-Ashok\Programy\Merac\WinOMeter.exe [2010-06-07 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe [2007-06-29 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel File Shell Monitor]
C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [2009-06-22 16712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2010-09-16 1164584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files (x86)\ICQ7.5\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-06-07 421160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2011-05-25 1951112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ManyCam]
C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe [2011-03-21 1752136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTBatteryMeter]
C:\Program Files (x86)\VibrateGameDeviceDriver\RFPIcon.exe [2003-01-16 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2011-05-26 15147400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]
C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-02-28 427008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\Steam.exe [2010-11-23 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [2010-03-11 202256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2010-12-02 74752]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPCam_Menu"=c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]
"DpAgent"=C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe [2009-07-01 842816]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-06-24 320056]
"UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-03-23 500792]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2011-05-25 1951112]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-06-07 421160]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Dushan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
NmfJRtA.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
DPPWDFLT

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"WallpaperStyle"=2
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLUA"=2

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 months======

2011-06-19 13:55:47 ----D---- C:\Program Files (x86)\Fiddler2
2011-06-19 11:14:05 ----D---- C:\Program Files\iPod
2011-06-19 11:14:04 ----D---- C:\Program Files\iTunes
2011-06-16 16:37:48 ----D---- C:\Games (x86)
2011-06-16 16:23:11 ----A---- C:\Windows\system32\nvhdap64.dll
2011-06-16 16:23:11 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2011-06-16 16:23:07 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2011-06-16 16:23:07 ----A---- C:\Windows\system32\OpenCL.dll
2011-06-16 16:23:06 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2011-06-16 16:23:06 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2011-06-16 16:23:06 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2011-06-16 16:23:06 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll
2011-06-16 16:23:06 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2011-06-16 16:23:06 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2011-06-16 16:23:06 ----A---- C:\Windows\system32\nvoglv64.dll
2011-06-16 16:23:06 ----A---- C:\Windows\system32\nvgenco642090.dll
2011-06-16 16:23:06 ----A---- C:\Windows\system32\nvdispco6420150.dll
2011-06-16 16:23:06 ----A---- C:\Windows\system32\nvd3dumx.dll
2011-06-16 16:23:06 ----A---- C:\Windows\system32\nvcuvid.dll
2011-06-16 16:23:06 ----A---- C:\Windows\system32\nvcuvenc.dll
2011-06-16 16:23:06 ----A---- C:\Windows\system32\nvcuda.dll
2011-06-16 16:23:06 ----A---- C:\Windows\system32\nvcompiler.dll
2011-06-16 16:23:06 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2011-06-16 16:07:06 ----A---- C:\Windows\SYSWOW64\javaws.exe
2011-06-16 16:07:06 ----A---- C:\Windows\SYSWOW64\javaw.exe
2011-06-16 16:07:06 ----A---- C:\Windows\SYSWOW64\java.exe
2011-06-16 15:23:49 ----D---- C:\Program Files (x86)\AMD
2011-06-16 14:00:00 ----D---- C:\Program Files (x86)\Duke Nukem Forever
2011-06-15 00:38:39 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-06-15 00:38:38 ----A---- C:\Windows\system32\drivers\afd.sys
2011-06-15 00:38:35 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-06-15 00:38:34 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-06-15 00:38:34 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-06-15 00:38:31 ----A---- C:\Windows\system32\win32k.sys
2011-06-15 00:38:07 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-06-15 00:38:07 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-06-15 00:38:07 ----A---- C:\Windows\system32\drivers\srv.sys
2011-06-15 00:37:41 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-06-15 00:37:41 ----A---- C:\Windows\system32\oleaut32.dll
2011-06-15 00:37:40 ----A---- C:\Windows\system32\inetcomm.dll
2011-06-15 00:37:39 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-06-13 15:20:44 ----D---- C:\Users\Dushan\AppData\Roaming\wargaming.net
2011-06-12 20:41:58 ----D---- C:\Games
2011-06-12 17:41:45 ----D---- C:\ProgramData\PMB Files
2011-06-12 17:41:38 ----D---- C:\Program Files (x86)\Plus500
2011-06-12 17:41:09 ----D---- C:\Program Files (x86)\Pando Networks
2011-06-12 12:29:11 ----D---- C:\Users\Dushan\AppData\Roaming\Media Player Classic
2011-06-12 12:28:03 ----D---- C:\Program Files\Media Player Classic - Home Cinema
2011-06-08 17:29:17 ----D---- C:\ProgramData\Screentime
2011-06-06 15:33:44 ----D---- C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2011-06-01 15:39:19 ----A---- C:\Windows\system32\drivers\iaStor.sys
2011-06-01 15:38:10 ----D---- C:\Intel
2011-05-31 15:15:40 ----D---- C:\Alf
2011-05-31 13:14:14 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2011-05-30 16:00:54 ----D---- C:\Users\Dushan\AppData\Roaming\skypePM
2011-05-30 16:00:53 ----D---- C:\ProgramData\Skype Extras
2011-05-25 20:11:41 ----D---- C:\Program Files (x86)\Cheat Engine 6
2011-05-25 07:27:50 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2011-05-21 18:40:23 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2011-05-21 18:40:23 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2011-05-21 18:40:23 ----A---- C:\Windows\system32\nvhdagenco642040.dll
2011-05-21 18:40:23 ----A---- C:\Windows\system32\nvgenco642060.dll
2011-05-21 18:40:23 ----A---- C:\Windows\system32\nvdispco6420140.dll
2011-05-21 15:08:07 ----D---- C:\Program Files (x86)\The Witcher 2

======List of files/folders modified in the last 1 months======

2011-06-19 17:18:50 ----D---- C:\Windows\Temp
2011-06-19 17:18:45 ----D---- C:\Program Files\trend micro
2011-06-19 17:18:38 ----D---- C:\Users\Dushan\AppData\Roaming\BitTorrent
2011-06-19 17:06:28 ----D---- C:\Windows\tracing
2011-06-19 16:57:05 ----D---- C:\Users\Dushan\AppData\Roaming\Skype
2011-06-19 15:36:13 ----D---- C:\Users\Dushan\AppData\Roaming\FileZilla
2011-06-19 14:46:02 ----D---- C:\Windows\system32\config
2011-06-19 14:10:31 ----D---- C:\Users\Dushan\AppData\Roaming\.minecraft
2011-06-19 13:55:47 ----D---- C:\Program Files (x86)
2011-06-19 12:12:28 ----D---- C:\Program Files (x86)\Steam
2011-06-19 11:15:10 ----SHD---- C:\Windows\Installer
2011-06-19 11:15:10 ----HD---- C:\Config.Msi
2011-06-19 11:14:43 ----D---- C:\Program Files (x86)\iTunes
2011-06-19 11:14:05 ----D---- C:\Program Files
2011-06-19 11:11:57 ----D---- C:\Windows\System32
2011-06-19 11:11:56 ----D---- C:\Windows\inf
2011-06-19 11:11:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-06-19 11:11:06 ----D---- C:\Windows\system32\DriverStore
2011-06-19 11:10:11 ----D---- C:\Windows\system32\catroot
2011-06-19 11:10:07 ----D---- C:\Windows\system32\catroot2
2011-06-18 17:07:28 ----SHD---- C:\System Volume Information
2011-06-18 14:12:42 ----D---- C:\Windows\Prefetch
2011-06-17 21:58:32 ----D---- C:\Program Files (x86)\Aurora
2011-06-17 18:59:04 ----D---- C:\Windows
2011-06-17 13:58:09 ----HD---- C:\ProgramData
2011-06-17 13:58:09 ----A---- C:\ProgramData\HPWALog.txt
2011-06-17 07:49:32 ----D---- C:\Fraps
2011-06-17 07:49:15 ----D---- C:\Windows\system32\Tasks
2011-06-17 07:47:36 ----D---- C:\Windows\SysWOW64
2011-06-17 01:44:12 ----D---- C:\ProgramData\Recovery
2011-06-17 01:39:40 ----D---- C:\Program Files\Internet Explorer
2011-06-16 16:30:47 ----D---- C:\Windows\system32\drivers
2011-06-16 16:27:09 ----D---- C:\Program Files\NVIDIA Corporation
2011-06-16 16:26:51 ----D---- C:\ProgramData\NVIDIA
2011-06-16 16:07:24 ----D---- C:\Program Files (x86)\Common Files
2011-06-16 16:06:52 ----D---- C:\Program Files (x86)\Java
2011-06-16 15:27:53 ----D---- C:\Windows\winsxs
2011-06-16 15:15:14 ----RSD---- C:\Windows\assembly
2011-06-15 11:35:47 ----D---- C:\Windows\system32\NDF
2011-06-15 03:54:35 ----D---- C:\Windows\Microsoft.NET
2011-06-15 03:39:27 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-06-15 03:17:12 ----D---- C:\Windows\debug
2011-06-15 03:17:11 ----A---- C:\Windows\system32\MRT.exe
2011-06-15 03:17:01 ----D---- C:\ProgramData\Microsoft Help
2011-06-12 18:41:41 ----D---- C:\Users\Dushan\AppData\Roaming\Winamp
2011-06-12 18:41:36 ----D---- C:\Windows\Minidump
2011-06-12 09:09:18 ----D---- C:\Program Files (x86)\JDownloader
2011-06-08 17:53:50 ----D---- C:\Windows\Tasks
2011-06-04 13:23:23 ----D---- C:\Windows\system32\FxsTmp
2011-06-01 20:31:45 ----AD---- C:\ProgramData\Temp
2011-06-01 15:43:49 ----D---- C:\Windows\Hewlett-Packard
2011-06-01 15:42:59 ----D---- C:\Users\Dushan\AppData\Roaming\Hewlett-Packard
2011-06-01 15:42:59 ----D---- C:\SwSetup
2011-06-01 15:38:41 ----D---- C:\Program Files (x86)\Intel
2011-05-30 16:00:35 ----RD---- C:\Program Files (x86)\Skype
2011-05-30 16:00:34 ----D---- C:\ProgramData\Skype
2011-05-21 18:44:33 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-05-21 18:42:43 ----RD---- C:\Users
2011-05-21 18:42:42 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2011-05-21 08:01:00 ----A---- C:\Windows\system32\nvwgf2umx.dll
2011-05-21 08:01:00 ----A---- C:\Windows\system32\nvvsvc.exe
2011-05-21 08:01:00 ----A---- C:\Windows\system32\nvsvcr.dll
2011-05-21 08:01:00 ----A---- C:\Windows\system32\nvsvc64.dll
2011-05-21 08:01:00 ----A---- C:\Windows\system32\nvshext.dll
2011-05-21 08:01:00 ----A---- C:\Windows\system32\nvmctray.dll
2011-05-21 08:01:00 ----A---- C:\Windows\system32\nvhotkey.dll
2011-05-21 08:01:00 ----A---- C:\Windows\system32\nvcpl.dll
2011-05-21 08:01:00 ----A---- C:\Windows\system32\nvapi64.dll
2011-05-21 08:01:00 ----A---- C:\Windows\system32\easyupdatusapiu64.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2009-07-08 30008]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-13 409624]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-11-29 834544]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-05-14 134024]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2010-07-23 314016]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-05-14 142776]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-05-14 165960]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-05-14 44944]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2010-07-23 43680]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-05-21 13832]
R3 Accelerometer;HP Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [2009-07-08 41272]
R3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2009-05-22 311424]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-05-14 33608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-02-03 33856]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-01-13 7675392]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-05-10 174184]
R3 pnetmdm;PdaNet Modem; C:\Windows\system32\DRIVERS\pnetmdm64.sys [2007-03-07 17920]
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys [2009-05-09 33160]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-14 233472]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-05-27 320560]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 vncmirror;vncmirror; C:\Windows\system32\DRIVERS\vncmirror.sys [2010-12-01 4608]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 552448]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 80384]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-17 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2009-07-17 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-07-17 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-17 21160]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 DynCal;Dynamic Calibration Service; C:\Windows\system32\drivers\Dyncal.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2011-04-15 13352]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2011-04-15 27176]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-12 151040]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\Windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 27136]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2010-03-16 21504]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-07-23 5435904]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2010-02-26 25088]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\Windows\system32\drivers\nmwcdnsucx64.sys [2010-02-26 12288]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\Windows\system32\drivers\nmwcdnsux64.sys [2010-02-26 173056]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 NPF;Netgroup Packet Filter; C:\Windows\SysWOW64\drivers\aztech_npf64.sys [2008-01-31 40208]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys [2010-10-15 35112]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-07-14 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-02-18 51712]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2010-11-20 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S4 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032]
R2 DpHost;@C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [2009-07-01 322624]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-05-14 731840]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 2275720]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-11-15 126520]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2009-07-08 30520]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-10-13 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-21 1016936]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2011-04-17 75136]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-05-21 134928]
R2 TVCapSvc;TV Background Capture Service (TVBCS); c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [2009-07-24 275840]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2009-07-12 1924400]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2010-10-14 751672]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-06-07 934176]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2011-06-03 403240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 544768]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-05-14 23296]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-11-01 654848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 136176]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-12-22 136120]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion; C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

[Rudy]

Zdravím!

1. Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

2. Co se týká myši, je dost pravděpodobné, že pokud touchpad funguje, může mít problém myš samotná, příp. port, k němuž je připojena. Je-li myška USB, připojte ji do jiného portu, nebo ji vyzkoušejte s jiným PC.

[Ashok28]

Dobrý večer
Combofix jsem aplikoval. Dost mě udivilo že po jeho aplikaci mi přestaly fungovat úplně všechny programy a windows vypisoval hlášku ve smyslu že program se dopustil nepovoleného přístupu ke klíči registrů který byl určen k vymazání. Po restartu je naštěstí vše v "all rightu" Co se týče myšky vyskoušel sem všechny porty co tady na notebooku mám + sem vyskoušel i porty na dokovací stanici co mám k notebooku no bohužel neustále myš vypadává. Vyskoušel sem i na jiných počítačech no je zajímavé že tam se nic podobného neděje. Mám ji jít i tak reklamovat?
Zde je log z ComboFixu:

ComboFix 11-06-19.0r1 - Dushan . 06. 2011 18:59:28.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.4087.2039 [GMT 2:00]
Running from: c:\users\Dushan\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Dushan\AppData\Roaming\svchost.exe
c:\windows\TEMP\IE99C72.tmp\SQMAPI.DLL
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2011-05-20 to 2011-06-20 )))))))))))))))))))))))))))))))
.
.
2011-06-20 17:08 . 2011-06-20 17:08 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-06-20 17:08 . 2011-06-20 17:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-20 16:55 . 2011-06-20 16:55 -------- d-----w- C:\32788R22FWJFW
2011-06-19 21:38 . 2011-06-19 21:39 -------- d-----w- c:\users\Dushan\AppData\Local\{D65C76D0-ACD9-4806-B9AF-FBFC96B4BF2F}
2011-06-19 17:08 . 2011-06-19 17:09 -------- d-----w- c:\users\Dushan\.borland
2011-06-19 17:07 . 2011-06-19 17:07 -------- d-----w- c:\program files (x86)\Common Files\Borland Shared
2011-06-19 17:07 . 2011-06-19 17:07 -------- d-----w- c:\program files (x86)\Borland
2011-06-19 17:02 . 2011-06-19 17:02 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio .NET 2003
2011-06-19 11:55 . 2011-06-19 11:55 -------- d-----w- c:\program files (x86)\Fiddler2
2011-06-19 09:14 . 2011-06-19 09:14 -------- d-----w- c:\program files\iPod
2011-06-19 09:14 . 2011-06-19 09:14 -------- d-----w- c:\program files\iTunes
2011-06-19 06:28 . 2011-06-19 06:28 -------- d-----w- c:\users\Dushan\AppData\Local\{365B3AF8-AE1B-476B-87FE-3D0DDCC050A2}
2011-06-18 12:41 . 2011-06-18 12:41 -------- d-----w- c:\users\Dushan\AppData\Local\{190A5554-9DC4-47D1-8F62-EFB7672176A8}
2011-06-17 12:00 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{21F6DA68-1247-408A-AC0E-3E2466FF3413}\mpengine.dll
2011-06-16 14:37 . 2011-06-16 14:37 -------- d-----w- C:\Games (x86)
2011-06-16 14:07 . 2011-06-16 14:07 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-06-16 13:23 . 2011-06-16 13:23 -------- d-----w- c:\program files (x86)\AMD
2011-06-16 12:00 . 2011-06-16 13:50 -------- d-----w- c:\program files (x86)\Duke Nukem Forever
2011-06-15 08:33 . 2011-06-15 08:33 -------- d-----w- c:\users\Dushan\AppData\Local\{7747DC97-9E75-423B-A22B-B200267295F4}
2011-06-14 22:38 . 2011-04-25 05:33 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-14 22:38 . 2011-04-25 02:34 499200 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-14 22:38 . 2011-04-27 02:39 289280 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-14 22:38 . 2011-04-27 02:40 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-14 22:38 . 2011-04-27 02:39 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-14 22:38 . 2011-05-28 03:06 3135488 ----a-w- c:\windows\system32\win32k.sys
2011-06-14 22:38 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-14 22:38 . 2011-04-29 03:05 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-14 22:38 . 2011-04-29 03:05 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-14 22:37 . 2011-02-25 06:22 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-14 22:37 . 2011-02-25 05:34 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-06-14 22:37 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-14 22:37 . 2011-05-03 04:30 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-06-14 19:28 . 2011-06-14 19:29 -------- d-----w- c:\users\Dushan\AppData\Local\{D6049EB4-5C44-430F-9CC2-B85AA394392C}
2011-06-14 06:53 . 2011-06-14 06:53 -------- d-----w- c:\users\Dushan\AppData\Local\{71319828-60C8-4DEB-AF9D-E0E1763E325F}
2011-06-13 15:43 . 2011-06-13 15:43 -------- d-----w- c:\users\Dushan\AppData\Local\{B153D842-752D-4EEB-BBD2-52865B0E8407}
2011-06-13 13:20 . 2011-06-13 13:22 -------- d-----w- c:\users\Dushan\AppData\Roaming\wargaming.net
2011-06-13 09:18 . 2011-06-13 09:18 -------- d-----w- c:\users\Dushan\AppData\Local\{F20915AC-317E-4D4B-95BF-57F46D0CF84F}
2011-06-12 18:41 . 2011-06-12 18:41 -------- d-----w- C:\Games
2011-06-12 15:41 . 2011-06-14 11:10 -------- d-----w- c:\users\Dushan\AppData\Local\PMB Files
2011-06-12 15:41 . 2011-06-12 15:44 -------- d-----w- c:\programdata\PMB Files
2011-06-12 15:41 . 2011-06-12 15:41 -------- d-----w- c:\users\Dushan\AppData\Local\Plus500
2011-06-12 15:41 . 2011-06-12 15:41 -------- d-----w- c:\program files (x86)\Plus500
2011-06-12 15:41 . 2011-06-12 15:41 -------- d-----w- c:\program files (x86)\Pando Networks
2011-06-12 10:29 . 2011-06-12 16:45 -------- d-----w- c:\users\Dushan\AppData\Roaming\Media Player Classic
2011-06-12 10:28 . 2011-06-12 10:28 -------- d-----w- c:\program files\Media Player Classic - Home Cinema
2011-06-12 04:04 . 2011-06-12 04:04 -------- d-----w- c:\users\Dushan\AppData\Local\{69F8EEE3-7305-405D-A319-996F92A34BB0}
2011-06-11 05:33 . 2011-06-11 05:33 -------- d-----w- c:\users\Dushan\AppData\Local\{2CB98466-F4F0-4D70-B87A-E6AF151FB06B}
2011-06-10 04:11 . 2011-06-10 04:12 -------- d-----w- c:\users\Dushan\AppData\Local\{34E38534-2BE0-4487-8AC2-F6C9D174DD2A}
2011-06-08 15:29 . 2011-06-08 15:29 679936 ----a-w- c:\windows\system32\LA Noire.scr
2011-06-08 15:29 . 2011-06-08 15:29 679936 ------w- c:\windows\SysWow64\LA Noire.scr
2011-06-08 15:29 . 2011-06-08 15:29 -------- d-----w- c:\programdata\Screentime
2011-06-08 15:29 . 2011-06-08 15:29 -------- d-----w- c:\users\Dushan\AppData\Local\Screentime
2011-06-06 13:33 . 2011-06-06 13:33 -------- d-----w- c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2011-06-04 18:33 . 2011-06-04 18:33 -------- d-----w- c:\users\Dushan\AppData\Local\{23F5C03A-86F4-4627-85A5-2AD4735D4B33}
2011-06-04 03:52 . 2011-06-04 03:52 -------- d-----w- c:\users\Dushan\AppData\Local\{7B08EB18-EB57-4892-ABEB-32370D20134A}
2011-06-03 05:19 . 2011-06-03 05:19 -------- d-----w- c:\users\Dushan\AppData\Local\{0A6703EB-7CE6-46D3-AB4B-B5E9200575DA}
2011-06-03 05:18 . 2011-06-03 05:18 -------- d-----w- c:\users\Dushan\AppData\Local\{63731855-B4B4-4696-A90A-A47197518704}
2011-06-02 10:38 . 2011-06-02 10:38 -------- d-----w- c:\users\Dushan\AppData\Local\{5E25C1A0-347D-435D-A11D-819A28E2D681}
2011-06-02 09:19 . 2011-06-02 09:19 -------- d-----w- c:\users\Dushan\AppData\Local\{94344919-7F54-4735-8C4F-DBEDCDC8A9B2}
2011-06-01 22:08 . 2011-06-01 22:08 -------- d-----w- c:\users\Dushan\AppData\Local\{D86565F2-6A6B-4694-B818-5973EB4E9B27}
2011-06-01 13:39 . 2009-10-13 09:16 409624 ----a-w- c:\windows\system32\drivers\iaStor.sys
2011-06-01 13:38 . 2011-06-01 13:38 -------- d-----w- C:\Intel
2011-06-01 07:02 . 2011-06-01 07:02 -------- d-----w- c:\users\Dushan\AppData\Local\{B80A8448-78B5-44F7-990E-B3F6CFE15BBF}
2011-05-31 21:58 . 2011-05-31 21:58 -------- d-----w- c:\users\Dushan\AppData\Local\{347D9F46-BCCF-45BF-B914-755D913230BC}
2011-05-31 13:15 . 2011-05-31 13:22 -------- d-----w- C:\Alf
2011-05-31 11:35 . 2011-05-31 11:35 -------- d-----w- c:\users\Dushan\AppData\Local\{A7145B90-F32C-4C5E-AC49-065974FEAB28}
2011-05-31 11:14 . 2011-05-31 11:14 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2011-05-30 21:30 . 2011-05-30 21:30 -------- d-----w- c:\users\Dushan\AppData\Local\{355E6A7C-CD13-4380-A2A1-739D9926405D}
2011-05-30 14:00 . 2011-06-20 14:02 -------- d-----w- c:\users\Dushan\AppData\Roaming\skypePM
2011-05-30 14:00 . 2011-06-19 22:07 -------- d-----w- c:\programdata\Skype Extras
2011-05-30 14:00 . 2011-05-30 14:00 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-05-30 06:42 . 2011-05-30 06:42 -------- d-----w- c:\users\Dushan\AppData\Local\{87D6C6D2-6718-4A6D-A6B4-FAB7B2B3884C}
2011-05-28 04:28 . 2011-05-28 04:28 -------- d-----w- c:\users\Dushan\AppData\Local\{CBA7843D-A38C-4E9D-91C6-46AEDE88682D}
2011-05-27 07:59 . 2011-05-27 07:59 -------- d-----w- c:\users\Dushan\AppData\Local\{63B2EE41-45E9-4B51-A01A-F46F7C569AD7}
2011-05-26 20:58 . 2011-05-26 20:58 -------- d-----w- c:\users\Dushan\AppData\Local\{23D9A0F4-28B1-44BC-A33F-19E8949BB061}
2011-05-26 16:07 . 2011-05-26 16:07 -------- d-----w- c:\users\Dushan\AppData\Local\{0E75715F-688E-4630-AA55-E65BBBAF5A9E}
2011-05-26 10:39 . 2011-05-26 10:39 -------- d-----w- c:\users\Dushan\AppData\Local\{6488D05F-7F37-43E9-9028-38332632FF15}
2011-05-26 09:22 . 2011-05-26 09:22 -------- d-----w- c:\users\Dushan\AppData\Local\{E3AA3035-3193-40AA-8498-2610E00E519A}
2011-05-25 18:11 . 2011-05-25 18:11 -------- d-----w- c:\program files (x86)\Cheat Engine 6
2011-05-25 08:57 . 2011-05-25 08:58 -------- d-----w- c:\users\Dushan\AppData\Local\{157FAC97-0736-42C7-B804-E2B03ECD0934}
2011-05-25 05:27 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-24 18:34 . 2011-05-24 18:34 -------- d-----w- c:\users\Dushan\AppData\Local\{20B08DF4-4DEA-4483-A143-1F04D09AA816}
2011-05-24 09:07 . 2011-05-24 09:07 -------- d-----w- c:\users\Dushan\AppData\Local\{472936B3-ECF6-4CE0-A707-6BAEF41CBC10}
2011-05-23 20:35 . 2011-05-23 20:36 -------- d-----w- c:\users\Dushan\AppData\Local\{60B538EB-579D-4824-8034-FD197B40B261}
2011-05-22 23:33 . 2011-05-22 23:34 -------- d-----w- c:\users\Dushan\AppData\Local\{6F45506A-534F-4422-9A36-B7D521F9575B}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-11 21:01 . 2011-05-18 16:21 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-21 06:01 . 2011-05-21 16:40 6555240 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-05-21 06:01 . 2011-05-21 16:40 2335848 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-05-21 06:01 . 2011-04-07 21:19 326760 ----a-w- c:\windows\system32\nvhotkey.dll
2011-05-21 06:01 . 2011-04-07 21:19 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-21 06:01 . 2011-04-07 21:19 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-21 06:01 . 2011-04-07 21:19 1016936 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-21 06:01 . 2011-04-07 21:19 739432 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-05-21 06:01 . 2011-04-07 21:19 6300776 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-21 06:01 . 2011-04-07 21:18 3040872 ----a-w- c:\windows\system32\nvsvc64.dll
2011-05-21 06:01 . 2009-07-23 22:01 8863336 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-05-21 06:01 . 2009-07-23 22:01 2644584 ----a-w- c:\windows\system32\nvapi64.dll
2011-05-21 06:01 . 2009-07-23 13:40 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-05-10 19:28 . 2009-11-27 19:44 952 --sha-w- c:\programdata\KGyGaAvL.sys
2011-05-10 09:41 . 2011-05-21 16:40 1426536 ----a-w- c:\windows\system32\nvhdagenco642040.dll
2011-05-04 02:52 . 2010-06-26 14:45 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-04-17 21:36 . 2011-05-16 15:09 1376256 ---ha-w- c:\users\Dushan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NmfJRtA.exe
2011-04-17 21:36 . 2011-04-19 08:05 1376256 ----a-w- c:\users\Dushan\AppData\Roaming\NmfJRtA.exe
2011-04-17 21:36 . 2011-04-18 13:14 1376256 ----a-w- c:\users\Dushan\AppData\Roaming\ACBSP.exe
2011-04-17 17:39 . 2010-01-10 17:59 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-04-17 17:39 . 2010-01-10 17:59 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-04-17 08:01 . 2011-04-17 08:01 151756 ----a-w- c:\windows\Čestina do SimCity 4 Rush Hour a Delux BETA Uninstaller.exe
2011-04-15 15:43 . 2011-04-15 15:43 27176 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2011-04-15 15:43 . 2011-04-15 15:43 13352 ----a-w- c:\windows\system32\drivers\ggflt.sys
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-04-09 07:02 . 2011-05-11 19:21 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:58 . 2011-05-17 12:06 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-04-09 06:36 . 2011-04-09 06:36 619008 ----a-w- c:\windows\SysWow64\dx7vb.dll
2011-04-09 06:02 . 2011-05-11 19:21 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-11 19:21 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-17 12:06 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-04-08 05:14 . 2011-05-21 16:40 1619048 ----a-w- c:\windows\system32\nvdispco6420140.dll
2011-04-08 05:14 . 2011-05-21 16:40 1404008 ----a-w- c:\windows\system32\nvgenco642060.dll
2011-04-06 14:26 . 2011-04-06 14:26 96544 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 14:26 . 2011-04-06 14:26 119584 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-03-25 03:29 . 2011-05-11 19:21 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-03-25 03:29 . 2011-05-11 19:21 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-03-25 03:29 . 2011-05-11 19:21 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-03-25 03:29 . 2011-05-11 19:21 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-03-25 03:29 . 2011-05-11 19:21 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-03-25 03:29 . 2011-05-11 19:21 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-03-25 03:28 . 2011-05-11 19:21 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2010-06-13 138552]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2010-06-13 15:25 1438520 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 1438520]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"A5262AD5F2F153145320D185DF0139BE145FEC2C._service_run"="c:\users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe" [2011-06-13 1011768]
"WinOMeter"="c:\users\Dushan\Desktop\Moje dokumenty-Ashok\Programy\Merac\WinOMeter.exe" [2010-06-07 114688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"DpAgent"="c:\program files (x86)\DigitalPersona\Bin\dpagent.exe" [2009-07-01 842816]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-06-24 320056]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-05-25 1951112]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160]
.
c:\users\Dushan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
NmfJRtA.exe [2011-4-17 1376256]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLUA"= 2 (0x2)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 136176]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 544768]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2009-05-14 731840]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 2275720]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-05-21 134928]
S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [2009-07-24 275840]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2009-07-12 1924400]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 16:30]
.
2011-06-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 16:30]
.
2011-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2094344383-1364548060-3467643000-1001Core.job
- c:\users\Dushan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-31 03:36]
.
2011-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2094344383-1364548060-3467643000-1001UA.job
- c:\users\Dushan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-31 03:36]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF25987.cfxxe" [X]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 2096424]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-20 171520]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2692520]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 2314120]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\Dushan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Dushan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
FF - ProfilePath - c:\users\Dushan\AppData\Roaming\Mozilla\Firefox\Profiles\p160jcqs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
.
.
------- File Associations -------
.
txtfile="c:\program files (x86)\PSPad editor\PSPad.exe" "%1"
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-MTA:SA - c:\program files (x86)\MTA San Andreas\Uninstall.exe
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2094344383-1364548060-3467643000-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:96,b8,e4,dc,55,75,22,60,8b,19,98,47,ba,df,9a,c1,4b,6a,26,49,92,4d,c4,
46,08,aa,57,16,bb,6c,c8,df,4a,9d,5b,36,b6,25,0a,aa,e0,09,74,ac,c2,34,f9,43,\
"??"=hex:9b,9b,60,31,0f,74,76,4a,f3,7d,7b,22,fe,e4,f1,fc
.
[HKEY_USERS\S-1-5-21-2094344383-1364548060-3467643000-1001\Software\SecuROM\License information*]
"datasecu"=hex:e6,35,c2,0b,54,c4,0a,f1,7e,32,e0,4e,b8,a9,1e,ad,23,3f,66,7e,2f,
92,6b,f3,46,1b,fd,cc,3e,a8,47,ad,00,06,76,16,07,33,7f,79,fa,bb,c1,f2,94,fc,\
"rkeysecu"=hex:2f,8e,4a,b7,01,25,a0,ab,85,bc,b4,24,42,4c,f0,ef
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
.
**************************************************************************
.
Completion time: 2011-06-20 19:19:54 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-20 17:19
.
Pre-Run: 5 916 241 920 bytes free
Post-Run: 5 533 437 952 bytes free
.
- - End Of File - - 1C1DAE65DF7B1772AAEA618CF25A1DD5

[Rudy]

Po skenu (pokud to neprovede sám systém) je vždy dobré PC restartovat. Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Driver::
Akamai

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Ashok28]

Zde je log:

ComboFix 11-06-19.0r1 - Dushan . 06. 2011 21:05:19.2.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1051.18.4087.2229 [GMT 2:00]
Running from: c:\users\Dushan\Desktop\ComboFix.exe
Command switches used :: c:\users\Dushan\Desktop\CFScript.TXT
AV: ESET Smart Security 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
FW: ESET personal firewall *Enabled* {F3340042-195E-BB41-42D1-CDB495BB46DE}
SP: ESET Smart Security 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Akamai
.
.
((((((((((((((((((((((((( Files Created from 2011-05-20 to 2011-06-20 )))))))))))))))))))))))))))))))
.
.
2011-06-20 19:21 . 2011-06-20 19:21 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2011-06-19 21:38 . 2011-06-19 21:39 -------- d-----w- c:\users\Dushan\AppData\Local\{D65C76D0-ACD9-4806-B9AF-FBFC96B4BF2F}
2011-06-19 17:08 . 2011-06-19 17:09 -------- d-----w- c:\users\Dushan\.borland
2011-06-19 17:07 . 2011-06-19 17:07 -------- d-----w- c:\program files (x86)\Common Files\Borland Shared
2011-06-19 17:07 . 2011-06-19 17:07 -------- d-----w- c:\program files (x86)\Borland
2011-06-19 17:02 . 2011-06-19 17:02 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio .NET 2003
2011-06-19 11:55 . 2011-06-19 11:55 -------- d-----w- c:\program files (x86)\Fiddler2
2011-06-19 09:14 . 2011-06-19 09:14 -------- d-----w- c:\program files\iPod
2011-06-19 09:14 . 2011-06-19 09:14 -------- d-----w- c:\program files\iTunes
2011-06-19 06:28 . 2011-06-19 06:28 -------- d-----w- c:\users\Dushan\AppData\Local\{365B3AF8-AE1B-476B-87FE-3D0DDCC050A2}
2011-06-18 12:41 . 2011-06-18 12:41 -------- d-----w- c:\users\Dushan\AppData\Local\{190A5554-9DC4-47D1-8F62-EFB7672176A8}
2011-06-17 12:00 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{21F6DA68-1247-408A-AC0E-3E2466FF3413}\mpengine.dll
2011-06-16 14:37 . 2011-06-16 14:37 -------- d-----w- C:\Games (x86)
2011-06-16 14:07 . 2011-06-16 14:07 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-06-16 13:23 . 2011-06-16 13:23 -------- d-----w- c:\program files (x86)\AMD
2011-06-16 12:00 . 2011-06-16 13:50 -------- d-----w- c:\program files (x86)\Duke Nukem Forever
2011-06-15 08:33 . 2011-06-15 08:33 -------- d-----w- c:\users\Dushan\AppData\Local\{7747DC97-9E75-423B-A22B-B200267295F4}
2011-06-14 22:38 . 2011-04-25 05:33 1923968 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-14 22:38 . 2011-04-25 02:34 499200 ----a-w- c:\windows\system32\drivers\afd.sys
2011-06-14 22:38 . 2011-04-27 02:39 289280 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-14 22:38 . 2011-04-27 02:40 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-14 22:38 . 2011-04-27 02:39 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-14 22:38 . 2011-05-28 03:06 3135488 ----a-w- c:\windows\system32\win32k.sys
2011-06-14 22:38 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-14 22:38 . 2011-04-29 03:05 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-06-14 22:38 . 2011-04-29 03:05 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-14 22:37 . 2011-02-25 06:22 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-06-14 22:37 . 2011-02-25 05:34 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-06-14 22:37 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-06-14 22:37 . 2011-05-03 04:30 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-06-14 19:28 . 2011-06-14 19:29 -------- d-----w- c:\users\Dushan\AppData\Local\{D6049EB4-5C44-430F-9CC2-B85AA394392C}
2011-06-14 06:53 . 2011-06-14 06:53 -------- d-----w- c:\users\Dushan\AppData\Local\{71319828-60C8-4DEB-AF9D-E0E1763E325F}
2011-06-13 15:43 . 2011-06-13 15:43 -------- d-----w- c:\users\Dushan\AppData\Local\{B153D842-752D-4EEB-BBD2-52865B0E8407}
2011-06-13 13:20 . 2011-06-13 13:22 -------- d-----w- c:\users\Dushan\AppData\Roaming\wargaming.net
2011-06-13 09:18 . 2011-06-13 09:18 -------- d-----w- c:\users\Dushan\AppData\Local\{F20915AC-317E-4D4B-95BF-57F46D0CF84F}
2011-06-12 18:41 . 2011-06-12 18:41 -------- d-----w- C:\Games
2011-06-12 15:41 . 2011-06-14 11:10 -------- d-----w- c:\users\Dushan\AppData\Local\PMB Files
2011-06-12 15:41 . 2011-06-12 15:44 -------- d-----w- c:\programdata\PMB Files
2011-06-12 15:41 . 2011-06-12 15:41 -------- d-----w- c:\users\Dushan\AppData\Local\Plus500
2011-06-12 15:41 . 2011-06-12 15:41 -------- d-----w- c:\program files (x86)\Plus500
2011-06-12 15:41 . 2011-06-12 15:41 -------- d-----w- c:\program files (x86)\Pando Networks
2011-06-12 10:29 . 2011-06-12 16:45 -------- d-----w- c:\users\Dushan\AppData\Roaming\Media Player Classic
2011-06-12 10:28 . 2011-06-12 10:28 -------- d-----w- c:\program files\Media Player Classic - Home Cinema
2011-06-12 04:04 . 2011-06-12 04:04 -------- d-----w- c:\users\Dushan\AppData\Local\{69F8EEE3-7305-405D-A319-996F92A34BB0}
2011-06-11 05:33 . 2011-06-11 05:33 -------- d-----w- c:\users\Dushan\AppData\Local\{2CB98466-F4F0-4D70-B87A-E6AF151FB06B}
2011-06-10 04:11 . 2011-06-10 04:12 -------- d-----w- c:\users\Dushan\AppData\Local\{34E38534-2BE0-4487-8AC2-F6C9D174DD2A}
2011-06-08 15:29 . 2011-06-08 15:29 679936 ----a-w- c:\windows\system32\LA Noire.scr
2011-06-08 15:29 . 2011-06-08 15:29 679936 ------w- c:\windows\SysWow64\LA Noire.scr
2011-06-08 15:29 . 2011-06-08 15:29 -------- d-----w- c:\programdata\Screentime
2011-06-08 15:29 . 2011-06-08 15:29 -------- d-----w- c:\users\Dushan\AppData\Local\Screentime
2011-06-06 13:33 . 2011-06-06 13:33 -------- d-----w- c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2011-06-04 18:33 . 2011-06-04 18:33 -------- d-----w- c:\users\Dushan\AppData\Local\{23F5C03A-86F4-4627-85A5-2AD4735D4B33}
2011-06-04 03:52 . 2011-06-04 03:52 -------- d-----w- c:\users\Dushan\AppData\Local\{7B08EB18-EB57-4892-ABEB-32370D20134A}
2011-06-03 05:19 . 2011-06-03 05:19 -------- d-----w- c:\users\Dushan\AppData\Local\{0A6703EB-7CE6-46D3-AB4B-B5E9200575DA}
2011-06-03 05:18 . 2011-06-03 05:18 -------- d-----w- c:\users\Dushan\AppData\Local\{63731855-B4B4-4696-A90A-A47197518704}
2011-06-02 10:38 . 2011-06-02 10:38 -------- d-----w- c:\users\Dushan\AppData\Local\{5E25C1A0-347D-435D-A11D-819A28E2D681}
2011-06-02 09:19 . 2011-06-02 09:19 -------- d-----w- c:\users\Dushan\AppData\Local\{94344919-7F54-4735-8C4F-DBEDCDC8A9B2}
2011-06-01 22:08 . 2011-06-01 22:08 -------- d-----w- c:\users\Dushan\AppData\Local\{D86565F2-6A6B-4694-B818-5973EB4E9B27}
2011-06-01 13:39 . 2009-10-13 09:16 409624 ----a-w- c:\windows\system32\drivers\iaStor.sys
2011-06-01 13:38 . 2011-06-01 13:38 -------- d-----w- C:\Intel
2011-06-01 07:02 . 2011-06-01 07:02 -------- d-----w- c:\users\Dushan\AppData\Local\{B80A8448-78B5-44F7-990E-B3F6CFE15BBF}
2011-05-31 21:58 . 2011-05-31 21:58 -------- d-----w- c:\users\Dushan\AppData\Local\{347D9F46-BCCF-45BF-B914-755D913230BC}
2011-05-31 13:15 . 2011-05-31 13:22 -------- d-----w- C:\Alf
2011-05-31 11:35 . 2011-05-31 11:35 -------- d-----w- c:\users\Dushan\AppData\Local\{A7145B90-F32C-4C5E-AC49-065974FEAB28}
2011-05-31 11:14 . 2011-05-31 11:14 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2011-05-30 21:30 . 2011-05-30 21:30 -------- d-----w- c:\users\Dushan\AppData\Local\{355E6A7C-CD13-4380-A2A1-739D9926405D}
2011-05-30 14:00 . 2011-06-20 18:00 -------- d-----w- c:\users\Dushan\AppData\Roaming\skypePM
2011-05-30 14:00 . 2011-06-19 22:07 -------- d-----w- c:\programdata\Skype Extras
2011-05-30 14:00 . 2011-05-30 14:00 -------- d-----w- c:\program files (x86)\Common Files\Skype
2011-05-30 06:42 . 2011-05-30 06:42 -------- d-----w- c:\users\Dushan\AppData\Local\{87D6C6D2-6718-4A6D-A6B4-FAB7B2B3884C}
2011-05-28 04:28 . 2011-05-28 04:28 -------- d-----w- c:\users\Dushan\AppData\Local\{CBA7843D-A38C-4E9D-91C6-46AEDE88682D}
2011-05-27 07:59 . 2011-05-27 07:59 -------- d-----w- c:\users\Dushan\AppData\Local\{63B2EE41-45E9-4B51-A01A-F46F7C569AD7}
2011-05-26 20:58 . 2011-05-26 20:58 -------- d-----w- c:\users\Dushan\AppData\Local\{23D9A0F4-28B1-44BC-A33F-19E8949BB061}
2011-05-26 16:07 . 2011-05-26 16:07 -------- d-----w- c:\users\Dushan\AppData\Local\{0E75715F-688E-4630-AA55-E65BBBAF5A9E}
2011-05-26 10:39 . 2011-05-26 10:39 -------- d-----w- c:\users\Dushan\AppData\Local\{6488D05F-7F37-43E9-9028-38332632FF15}
2011-05-26 09:22 . 2011-05-26 09:22 -------- d-----w- c:\users\Dushan\AppData\Local\{E3AA3035-3193-40AA-8498-2610E00E519A}
2011-05-25 18:11 . 2011-05-25 18:11 -------- d-----w- c:\program files (x86)\Cheat Engine 6
2011-05-25 08:57 . 2011-05-25 08:58 -------- d-----w- c:\users\Dushan\AppData\Local\{157FAC97-0736-42C7-B804-E2B03ECD0934}
2011-05-25 05:27 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-05-24 18:34 . 2011-05-24 18:34 -------- d-----w- c:\users\Dushan\AppData\Local\{20B08DF4-4DEA-4483-A143-1F04D09AA816}
2011-05-24 09:07 . 2011-05-24 09:07 -------- d-----w- c:\users\Dushan\AppData\Local\{472936B3-ECF6-4CE0-A707-6BAEF41CBC10}
2011-05-23 20:35 . 2011-05-23 20:36 -------- d-----w- c:\users\Dushan\AppData\Local\{60B538EB-579D-4824-8034-FD197B40B261}
2011-05-22 23:33 . 2011-05-22 23:34 -------- d-----w- c:\users\Dushan\AppData\Local\{6F45506A-534F-4422-9A36-B7D521F9575B}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-11 21:01 . 2011-05-18 16:21 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-21 06:01 . 2011-05-21 16:40 6555240 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2011-05-21 06:01 . 2011-05-21 16:40 2335848 ----a-w- c:\windows\SysWow64\nvapi.dll
2011-05-21 06:01 . 2011-04-07 21:19 326760 ----a-w- c:\windows\system32\nvhotkey.dll
2011-05-21 06:01 . 2011-04-07 21:19 2560616 ----a-w- c:\windows\system32\nvsvcr.dll
2011-05-21 06:01 . 2011-04-07 21:19 117864 ----a-w- c:\windows\system32\nvmctray.dll
2011-05-21 06:01 . 2011-04-07 21:19 1016936 ----a-w- c:\windows\system32\nvvsvc.exe
2011-05-21 06:01 . 2011-04-07 21:19 739432 ----a-w- c:\windows\system32\easyupdatusapiu64.dll
2011-05-21 06:01 . 2011-04-07 21:19 6300776 ----a-w- c:\windows\system32\nvcpl.dll
2011-05-21 06:01 . 2011-04-07 21:18 3040872 ----a-w- c:\windows\system32\nvsvc64.dll
2011-05-21 06:01 . 2009-07-23 22:01 8863336 ----a-w- c:\windows\system32\nvwgf2umx.dll
2011-05-21 06:01 . 2009-07-23 22:01 2644584 ----a-w- c:\windows\system32\nvapi64.dll
2011-05-21 06:01 . 2009-07-23 13:40 61544 ----a-w- c:\windows\system32\nvshext.dll
2011-05-10 19:28 . 2009-11-27 19:44 952 --sha-w- c:\programdata\KGyGaAvL.sys
2011-05-10 09:41 . 2011-05-21 16:40 1426536 ----a-w- c:\windows\system32\nvhdagenco642040.dll
2011-05-04 02:52 . 2010-06-26 14:45 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-04-17 21:36 . 2011-05-16 15:09 1376256 ---ha-w- c:\users\Dushan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NmfJRtA.exe
2011-04-17 21:36 . 2011-04-19 08:05 1376256 ----a-w- c:\users\Dushan\AppData\Roaming\NmfJRtA.exe
2011-04-17 21:36 . 2011-04-18 13:14 1376256 ----a-w- c:\users\Dushan\AppData\Roaming\ACBSP.exe
2011-04-17 17:39 . 2010-01-10 17:59 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2011-04-17 17:39 . 2010-01-10 17:59 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2011-04-17 08:01 . 2011-04-17 08:01 151756 ----a-w- c:\windows\Čestina do SimCity 4 Rush Hour a Delux BETA Uninstaller.exe
2011-04-15 15:43 . 2011-04-15 15:43 27176 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2011-04-15 15:43 . 2011-04-15 15:43 13352 ----a-w- c:\windows\system32\drivers\ggflt.sys
2011-04-13 22:40 . 2011-04-13 22:40 4284416 ----a-w- c:\windows\SysWow64\GPhotos.scr
2011-04-09 16:55 . 2011-04-09 16:55 15453336 ----a-w- c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55 13642904 ----a-w- c:\windows\SysWow64\xlivefnt.dll
2011-04-09 07:02 . 2011-05-11 19:21 5562240 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 06:58 . 2011-05-17 12:06 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-04-09 06:36 . 2011-04-09 06:36 619008 ----a-w- c:\windows\SysWow64\dx7vb.dll
2011-04-09 06:02 . 2011-05-11 19:21 3967872 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-11 19:21 3912576 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-17 12:06 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-04-08 05:14 . 2011-05-21 16:40 1619048 ----a-w- c:\windows\system32\nvdispco6420140.dll
2011-04-08 05:14 . 2011-05-21 16:40 1404008 ----a-w- c:\windows\system32\nvgenco642060.dll
2011-04-06 14:26 . 2011-04-06 14:26 96544 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 14:26 . 2011-04-06 14:26 119584 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\SysWow64\dnssd.dll
2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\SysWow64\dns-sd.exe
2011-03-25 03:29 . 2011-05-11 19:21 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-03-25 03:29 . 2011-05-11 19:21 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-03-25 03:29 . 2011-05-11 19:21 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-03-25 03:29 . 2011-05-11 19:21 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-03-25 03:29 . 2011-05-11 19:21 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-03-25 03:29 . 2011-05-11 19:21 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-03-25 03:28 . 2011-05-11 19:21 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2011-06-20_17.12.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-09-20 04:22 . 2011-06-20 17:47 77344 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
- 2009-07-14 05:10 . 2011-06-20 17:13 39342 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-06-20 19:25 39342 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-11-26 01:27 . 2011-06-20 17:11 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-26 01:27 . 2011-06-20 17:45 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-26 01:27 . 2011-06-20 17:11 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-26 01:27 . 2011-06-20 17:45 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-06-20 17:45 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-06-20 17:11 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-27 19:41 . 2011-06-20 19:25 9968 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2094344383-1364548060-3467643000-1001_UserData.bin
+ 2011-06-20 19:23 . 2011-06-20 19:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-06-20 17:11 . 2011-06-20 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-06-20 19:23 . 2011-06-20 19:23 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-06-20 17:11 . 2011-06-20 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-06-20 17:10 552668 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-06-20 19:22 552668 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-11-27 19:37 . 2011-06-20 19:22 26241476 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2094344383-1364548060-3467643000-1001-8192.dat
- 2009-11-27 19:37 . 2011-06-20 17:10 26241476 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2094344383-1364548060-3467643000-1001-8192.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2010-06-13 138552]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2010-06-13 15:25 1438520 ----a-r- c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-06-13 1438520]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"A5262AD5F2F153145320D185DF0139BE145FEC2C._service_run"="c:\users\Dushan\AppData\Local\Google\Chrome\Application\chrome.exe" [2011-06-13 1011768]
"WinOMeter"="c:\users\Dushan\Desktop\Moje dokumenty-Ashok\Programy\Merac\WinOMeter.exe" [2010-06-07 114688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"DpAgent"="c:\program files (x86)\DigitalPersona\Bin\dpagent.exe" [2009-07-01 842816]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-06-24 320056]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2010-03-23 500792]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2011-05-25 1951112]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160]
.
c:\users\Dushan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
NmfJRtA.exe [2011-4-17 1376256]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLUA"= 2 (0x2)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 136176]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;c:\program files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [2009-08-24 544768]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [x]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [x]
R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-02-10 150528]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2009-05-14 731840]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-05-25 2275720]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 TurboBoost;Intel(R) Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-05-21 134928]
S2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [2009-07-24 275840]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2009-07-12 1924400]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 16:30]
.
2011-06-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20 16:30]
.
2011-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2094344383-1364548060-3467643000-1001Core.job
- c:\users\Dushan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-31 03:36]
.
2011-06-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2094344383-1364548060-3467643000-1001UA.job
- c:\users\Dushan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-31 03:36]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF18187.cfxxe" [X]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-27 2096424]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-09-20 171520]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2692520]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 2314120]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://home.sweetim.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\Dushan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Dushan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
FF - ProfilePath - c:\users\Dushan\AppData\Roaming\Mozilla\Firefox\Profiles\p160jcqs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.sk/
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-MTA:SA - c:\program files (x86)\MTA San Andreas\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2094344383-1364548060-3467643000-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:96,b8,e4,dc,55,75,22,60,8b,19,98,47,ba,df,9a,c1,4b,6a,26,49,92,4d,c4,
46,08,aa,57,16,bb,6c,c8,df,4a,9d,5b,36,b6,25,0a,aa,e0,09,74,ac,c2,34,f9,43,\
"??"=hex:9b,9b,60,31,0f,74,76,4a,f3,7d,7b,22,fe,e4,f1,fc
.
[HKEY_USERS\S-1-5-21-2094344383-1364548060-3467643000-1001\Software\SecuROM\License information*]
"datasecu"=hex:e6,35,c2,0b,54,c4,0a,f1,7e,32,e0,4e,b8,a9,1e,ad,23,3f,66,7e,2f,
92,6b,f3,46,1b,fd,cc,3e,a8,47,ad,00,06,76,16,07,33,7f,79,fa,bb,c1,f2,94,fc,\
"rkeysecu"=hex:2f,8e,4a,b7,01,25,a0,ab,85,bc,b4,24,42,4c,f0,ef
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
.
**************************************************************************
.
Completion time: 2011-06-20 21:40:17 - machine was rebooted
ComboFix-quarantined-files.txt 2011-06-20 19:40
ComboFix2.txt 2011-06-20 17:19
.
Pre-Run: 4 291 878 912 bytes free
Post-Run: 6 395 174 912 bytes free
.
- - End Of File - - 3B7FCDEAC98C21EB0CC5BA897DC1AF02

[Rudy]

Log již vypadá čistý. Nastala nějaká změna?

[Ashok28]

Modrá obrazovka zatím žádná nevyskočila a zatím se mi ani myška nezasekla takže to vypadá že je vše v pořádku Kdyby něco ještě sem napíšu. Děkuji moc za pomoc Posílám menší příspěvek pro fórum

[Rudy]

Klidně se ozvěte. Nemáte zač a za příspěvek děkujeme!