VIRY.CZ

během práce se mi vypíná notebook, převážně když jsem připojen na internet, někdy se vypne i během najíždění, tzn. muzu vyloucit prehrati procesoru...prosim tedy o pomoc...

vkladam log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Roman at 2011-08-29 22:18:06
Microsoft® Windows Vista™ Home Premium
System drive C: has 5 GB (11%) free of 50 GB
Total RAM: 2046 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:18:12, on 29.8.2011
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16982)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
E:\Programy\čistění\RSIT.exe
C:\Program Files\trend micro\Roman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Roman\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Windows\WebIE.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Roman\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Windows\WebIE.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe /title="CorelDRAW Graphics Suite 12" /date=091311 serial=DR12WRL-0002596-EUE lang=CZ
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UIExec] "C:\Program Files\Mobile Partner Manager\UIExec.exe"
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Roman\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [OEXPRESS] C:\Windows\OETRN.EXE
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [LinkMagic for magicolor 1680MF] C:\Program Files\KONICA MINOLTA\magicolor 1680MF\LinkMagic for magicolor 1680MF\lmmc1680.exe -startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: Capture Selection - C:\Program Files\SmarThru Office\WebCapture.dll2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Save as HTML - C:\Program Files\SmarThru Office\WebCapture.dll1.htm
O8 - Extra context menu item: Save Selected Text - C:\Program Files\SmarThru Office\WebCapture.dll.htm
O8 - Extra context menu item: Web Capture - C:\Program Files\SmarThru Office\WebCapture.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Windows\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch/cgi-bin/toshiba/tracker_url.pl?CZ (file missing)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Windows\WebIE.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O9 - Extra button: Web Capture - {7BDBFB9E-FD6E-43c2-937A-5C9F33FEBE5F} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Web Capture - {7BDBFB9E-FD6E-43c2-937A-5C9F33FEBE5F} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra button: Capture Selection - {A36A58CC-70D5-4462-9C90-C0E9D244B230} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Capture Selection - {A36A58CC-70D5-4462-9C90-C0E9D244B230} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra button: Save Selected Text - {A5183750-A927-4ec3-B027-C633A2D5418C} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Save Selected Text - {A5183750-A927-4ec3-B027-C633A2D5418C} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra button: Save as HTML - {BDC4DF0E-D605-48d6-B4AF-CA5927A463EE} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O9 - Extra 'Tools' menuitem: Save as HTML - {BDC4DF0E-D605-48d6-B4AF-CA5927A463EE} - C:\Program Files\SmarThru Office\WebCapture.dll (HKCU)
O16 - DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} (RtspVaPgCtrlNew Class) - http://10.1.1.1/RtspVaPgDec.cab
O16 - DPF: {6BE2ABE1-B432-491A-81AE-6B6EE7628570} (mBoxX Class) - http://goolst.mvix.net:8080/mBox.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D350C8B-8F54-4CA5-89DD-02F34EF57496}: NameServer = 193.189.244.225 193.189.244.206
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TGCM_ImportWiFiSvc - Telefónica I+D - C:\Program Files\O2\Connection Manager\ImpWiFiSvc.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files\Mobile Partner Manager\AssistantServices.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 12288 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GlaryInitialize.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-894410864-2386718534-1815256527-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-894410864-2386718534-1815256527-1000UA.job
C:\Windows\tasks\hpwebreg_CN15JCK1VG.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Windows\WebIE.dll [2010-02-04 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-11-05 138624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\Roman\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar BHO - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16 506720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-07-21 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Windows\WebIE.dll [2010-02-04 491520]
{8dcb7100-df86-4384-8842-8fa844297b3f} - MSN Toolbar - C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16 506720]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-07-22 1006264]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-06-13 4489216]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2007-03-29 411192]
"HSON"=C:\Program Files\TOSHIBA\TBS\HSON.exe [2006-12-07 55416]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-05-23 509496]
"NDSTray.exe"=NDSTray.exe []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-06-08 894512]
"Toshiba Registration"=C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe [2007-02-19 571024]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2007-02-12 174872]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-03-20 86960]
"CorelDRAW Graphics Suite 11b"=C:\Program Files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe [2004-06-23 729088]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2011-01-13 3396624]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2009-11-18 54576]
"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-07-17 288080]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"UIExec"=C:\Program Files\Mobile Partner Manager\UIExec.exe [2010-07-16 138584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [2006-11-15 413696]
"Google Update"=C:\Users\Roman\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-24 133104]
"OEXPRESS"=C:\Windows\OETRN.EXE [2010-02-04 26624]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-03-20 213936]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"LinkMagic for magicolor 1680MF"=C:\Program Files\KONICA MINOLTA\magicolor 1680MF\LinkMagic for magicolor 1680MF\lmmc1680.exe [2008-08-26 5005312]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\00TCrdMain]
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2007-05-22 538744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop SMS]
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [2007-06-18 1507328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [2007-04-02 577536]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05a4edcc-ec92-11de-81c4-001b38a88e90}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Play.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{09a60485-b3cb-11e0-8710-001b38a88e90}]
shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{157ae9ad-a743-11e0-8447-00037ada2490}]
shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{157aeb04-a743-11e0-8447-00037ada2490}]
shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4096e898-49bd-11e0-abdb-00037ada2490}]
shell\AutoRun\command - H:\start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54897966-96b3-11e0-9430-00037ada2490}]
shell\AutoRun\command - G:\RunSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{54897972-96b3-11e0-9430-001b38a88e90}]
shell\AutoRun\command - G:\RunSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bfccc282-b6e1-11e0-aedf-00037ada2490}]
shell\AutoRun\command - G:\APPInst.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cff58cd0-a81a-11e0-9ca3-00037ada2490}]
shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e295d547-c2ff-11de-ae77-001b38a88e90}]
shell\AutoRun\command - G:\t8g.exe
shell\open\command - G:\t8g.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e9976f2a-33b9-11e0-b7f9-001b38a88e90}]
shell\AutoRun\command - G:\seamlessKeyLauncher.exe


======File associations======

.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 3 months======

2011-08-29 22:18:06 ----D---- C:\rsit
2011-08-29 22:01:00 ----A---- C:\Windows\ntbtlog.txt
2011-08-28 23:26:41 ----SHD---- C:\found.000
2011-08-28 11:45:27 ----A---- C:\Windows\system32\GPEapSim.dll
2011-08-28 11:44:27 ----D---- C:\Windows\system32\SupportAppCB
2011-08-28 11:44:17 ----D---- C:\Program Files\Mobile Partner Manager
2011-08-25 12:13:06 ----N---- C:\Windows\system32\HPDiscoPM5312.dll
2011-08-09 18:37:52 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-08-09 18:37:51 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-08-09 18:23:44 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2011-08-09 18:23:44 ----A---- C:\Windows\system32\PresentationHost.exe
2011-08-09 18:23:44 ----A---- C:\Windows\system32\netfxperf.dll
2011-08-09 18:23:44 ----A---- C:\Windows\system32\mscoree.dll
2011-08-09 18:23:44 ----A---- C:\Windows\system32\dfshim.dll
2011-08-09 18:16:36 ----D---- C:\Autodesk
2011-08-03 23:23:14 ----D---- C:\Program Files\CPUID
2011-08-03 19:25:27 ----A---- C:\Windows\system32\javaws.exe
2011-08-03 19:25:27 ----A---- C:\Windows\system32\javaw.exe
2011-08-03 19:25:27 ----A---- C:\Windows\system32\java.exe
2011-07-06 19:40:55 ----D---- C:\ProgramData\Telefónica
2011-07-06 19:40:42 ----D---- C:\Users\Roman\AppData\Roaming\Telefónica
2011-07-06 19:38:10 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll
2011-07-06 19:37:25 ----D---- C:\Program Files\HUAWEI Modem Driver
2011-07-06 19:37:16 ----D---- C:\Program Files\O2
2011-07-04 23:32:13 ----D---- C:\ProgramData\boost_interprocess
2011-06-16 12:19:40 ----D---- C:\Users\Roman\AppData\Roaming\Paradoxx
2011-06-03 18:04:23 ----A---- C:\Windows\system32\t2embed.dll
2011-06-03 18:04:23 ----A---- C:\Windows\system32\lpk.dll
2011-06-03 18:04:23 ----A---- C:\Windows\system32\fontsub.dll
2011-06-03 18:04:23 ----A---- C:\Windows\system32\dciman32.dll
2011-06-03 18:04:23 ----A---- C:\Windows\system32\atmlib.dll
2011-06-03 18:04:23 ----A---- C:\Windows\system32\atmfd.dll
2011-06-03 18:03:28 ----A---- C:\Windows\system32\iedkcs32.dll
2011-06-03 18:03:28 ----A---- C:\Windows\system32\advpack.dll
2011-06-03 18:03:27 ----A---- C:\Windows\system32\ieapfltr.dll
2011-06-03 18:03:27 ----A---- C:\Windows\system32\ieakui.dll
2011-06-03 18:03:27 ----A---- C:\Windows\system32\ieaksie.dll
2011-06-03 18:03:27 ----A---- C:\Windows\system32\admparse.dll
2011-06-03 18:03:26 ----A---- C:\Windows\system32\wininet.dll
2011-06-03 18:03:26 ----A---- C:\Windows\system32\jsproxy.dll
2011-06-03 18:03:25 ----A---- C:\Windows\system32\dxtrans.dll
2011-06-03 18:03:25 ----A---- C:\Windows\system32\dxtmsft.dll
2011-06-03 18:03:24 ----A---- C:\Windows\system32\msfeeds.dll
2011-06-03 18:03:24 ----A---- C:\Windows\system32\ieui.dll
2011-06-03 18:03:23 ----A---- C:\Windows\system32\ieframe.dll
2011-06-03 18:03:21 ----A---- C:\Windows\system32\mshtmler.dll
2011-06-03 18:03:21 ----A---- C:\Windows\system32\mshtmled.dll
2011-06-03 18:03:21 ----A---- C:\Windows\system32\ieencode.dll
2011-06-03 18:03:20 ----A---- C:\Windows\system32\mshtml.dll
2011-06-03 18:03:18 ----A---- C:\Windows\system32\mstime.dll
2011-06-03 18:03:18 ----A---- C:\Windows\system32\icardie.dll
2011-06-03 18:03:16 ----A---- C:\Windows\system32\ieUnatt.exe
2011-06-03 18:03:15 ----A---- C:\Windows\system32\urlmon.dll
2011-06-03 18:03:15 ----A---- C:\Windows\system32\occache.dll
2011-06-03 18:03:14 ----A---- C:\Windows\system32\pngfilt.dll
2011-06-03 18:03:14 ----A---- C:\Windows\system32\iesetup.dll
2011-06-03 18:03:14 ----A---- C:\Windows\system32\iertutil.dll
2011-06-03 18:03:14 ----A---- C:\Windows\system32\iernonce.dll
2011-06-03 18:03:14 ----A---- C:\Windows\system32\ie4uinit.exe
2011-06-03 18:01:23 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-06-03 18:01:23 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-06-03 18:01:08 ----A---- C:\Windows\system32\vbscript.dll
2011-06-03 17:56:53 ----A---- C:\Windows\system32\tzres.dll
2011-06-03 17:56:14 ----A---- C:\Windows\system32\wintrust.dll
2011-06-03 17:55:52 ----A---- C:\Windows\system32\tcpipcfg.dll
2011-06-03 17:55:52 ----A---- C:\Windows\system32\netiougc.exe
2011-06-03 17:55:52 ----A---- C:\Windows\system32\iphlpsvc.dll
2011-06-03 17:55:38 ----A---- C:\Windows\system32\browserchoice.exe
2011-06-03 17:55:23 ----A---- C:\Windows\system32\cabview.dll
2011-06-03 17:54:46 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2011-06-03 17:54:46 ----A---- C:\Windows\system32\secproc_ssp.dll
2011-06-03 17:54:46 ----A---- C:\Windows\system32\secproc_isv.dll
2011-06-03 17:54:46 ----A---- C:\Windows\system32\secproc.dll
2011-06-03 17:54:46 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2011-06-03 17:54:46 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2011-06-03 17:54:46 ----A---- C:\Windows\system32\RMActivate_isv.exe
2011-06-03 17:54:46 ----A---- C:\Windows\system32\RMActivate.exe
2011-06-03 17:54:46 ----A---- C:\Windows\system32\msdrm.dll
2011-06-03 17:54:02 ----A---- C:\Windows\system32\nshhttp.dll
2011-06-03 17:54:02 ----A---- C:\Windows\system32\httpapi.dll
2011-06-03 17:51:30 ----A---- C:\Windows\system32\tsbyuv.dll
2011-06-03 17:51:30 ----A---- C:\Windows\system32\quartz.dll
2011-06-03 17:51:30 ----A---- C:\Windows\system32\msyuv.dll
2011-06-03 17:51:30 ----A---- C:\Windows\system32\msvfw32.dll
2011-06-03 17:51:30 ----A---- C:\Windows\system32\iyuv_32.dll
2011-06-03 17:51:30 ----A---- C:\Windows\system32\avicap32.dll
2011-06-03 17:51:29 ----A---- C:\Windows\system32\msvidc32.dll
2011-06-03 17:51:29 ----A---- C:\Windows\system32\msrle32.dll
2011-06-03 17:51:29 ----A---- C:\Windows\system32\mciavi32.dll
2011-06-03 17:51:29 ----A---- C:\Windows\system32\avifil32.dll

======List of files/folders modified in the last 3 months======

2011-08-29 22:18:06 ----D---- C:\Program Files\trend micro
2011-08-29 22:11:02 ----D---- C:\Users\Roman\AppData\Roaming\Skype
2011-08-29 22:08:28 ----D---- C:\Windows\System32
2011-08-29 22:08:28 ----D---- C:\Windows\inf
2011-08-29 22:08:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-29 22:01:00 ----D---- C:\Windows
2011-08-29 21:45:51 ----D---- C:\Windows\temp
2011-08-29 20:48:12 ----D---- C:\Windows\Prefetch
2011-08-29 18:34:18 ----D---- C:\Users\Roman\AppData\Roaming\skypePM
2011-08-29 13:20:36 ----D---- C:\ProgramData\Skype Extras
2011-08-29 12:14:17 ----SHD---- C:\System Volume Information
2011-08-29 10:58:28 ----D---- C:\Windows\system32\catroot2
2011-08-28 12:53:20 ----D---- C:\Windows\ModemLogs
2011-08-28 11:45:13 ----D---- C:\Windows\system32\catroot
2011-08-28 11:44:58 ----D---- C:\Windows\system32\drivers
2011-08-28 11:44:17 ----RD---- C:\Program Files
2011-08-28 11:44:14 ----HD---- C:\Program Files\InstallShield Installation Information
2011-08-27 15:36:48 ----D---- C:\Windows\system32\wbem
2011-08-26 10:04:34 ----D---- C:\cygwin
2011-08-25 12:15:58 ----D---- C:\Windows\system32\Tasks
2011-08-25 12:15:57 ----D---- C:\Windows\Tasks
2011-08-25 12:13:53 ----SHD---- C:\Windows\Installer
2011-08-25 12:13:53 ----HD---- C:\Config.Msi
2011-08-25 12:09:15 ----D---- C:\Windows\twain_32
2011-08-25 12:08:40 ----D---- C:\ProgramData\HP
2011-08-25 12:08:33 ----D---- C:\Program Files\HP
2011-08-24 12:23:23 ----D---- C:\ProgramData
2011-08-21 22:44:02 ----D---- C:\Program Files\Mozilla Firefox
2011-08-21 22:37:34 ----D---- C:\Windows\system32\LogFiles
2011-08-14 22:59:25 ----D---- C:\Users\Roman\AppData\Roaming\vlc
2011-08-09 19:41:55 ----D---- C:\Windows\Microsoft.NET
2011-08-09 19:41:54 ----RSD---- C:\Windows\assembly
2011-08-09 19:04:45 ----RSD---- C:\Windows\Fonts
2011-08-09 19:04:45 ----D---- C:\Users\Roman\AppData\Roaming\Autodesk
2011-08-09 19:04:41 ----D---- C:\Program Files\Common Files\Autodesk Shared
2011-08-09 19:03:50 ----D---- C:\ProgramData\Autodesk
2011-08-09 18:58:43 ----D---- C:\Program Files\Autodesk
2011-08-09 18:37:44 ----D---- C:\Windows\Logs
2011-08-09 18:28:48 ----D---- C:\Windows\system32\cs-CZ
2011-08-09 18:24:43 ----D---- C:\Windows\system32\en-US
2011-08-09 18:24:29 ----D---- C:\Program Files\Microsoft.NET
2011-08-09 18:23:51 ----D---- C:\Windows\winsxs
2011-08-03 19:25:58 ----D---- C:\Program Files\Common Files\Java
2011-08-03 19:24:52 ----D---- C:\Program Files\Java
2011-07-31 22:50:17 ----D---- C:\Windows\Minidump
2011-07-06 23:58:44 ----D---- C:\Windows\rescache
2011-06-07 20:59:32 ----D---- C:\Windows\Debug
2011-06-03 18:28:59 ----D---- C:\Windows\system32\migration
2011-06-03 18:28:59 ----D---- C:\Program Files\Internet Explorer
2011-06-03 18:28:58 ----D---- C:\Windows\AppPatch
2011-06-03 18:28:58 ----D---- C:\Program Files\Movie Maker

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2011-01-13 23632]
R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys [2010-04-09 63616]
R3 NETw4v32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-04-26 2216448]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-06-08 187448]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2011-01-13 294608]
S1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2011-01-13 47440]
S1 Tosrfcom;Bluetooth RFCOMM; C:\Windows\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
S2 ASIXIo;ASIXIo; \??\C:\Windows\system32\Drivers\asixio.sys [2010-05-13 3078]
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
S2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [2009-02-04 38400]
S2 FP3BLOADER;Actel FlashPro3 Firmware Loader; C:\Windows\system32\DRIVERS\fp3bload.sys [2010-02-10 13952]
S2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-09-10 5120]
S2 VPUSB;Wellon usb programmer driver; C:\Windows\System32\Drivers\vpusb.sys [2006-07-10 18048]
S3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2006-11-02 467456]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-06-21 2600960]
S3 CmBatt;Ovladač baterie Microsoft ACPI Control Method Battery; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-10-20 14208]
S3 CyUsb;Cypress Generic USB Driver; C:\Windows\system32\DRIVERS\CyUsb.sys [2010-02-10 31104]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2006-11-02 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2006-11-02 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2006-11-02 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 101504]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2010-07-12 60104]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2010-07-12 73032]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys []
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-06-12 1787816]
S3 massfilter;ZTE Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-01-18 9216]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2006-11-02 8192]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-20 82432]
S3 Ser2pl;Prolific Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2009-07-17 80384]
S3 silabenm;JABLOTRON serial interface Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2007-09-04 17920]
S3 silabser;JABLOTRON serial interface Driver; C:\Windows\system32\DRIVERS\silabser.sys [2007-09-04 58368]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2006-11-02 9216]
S3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
S3 tosporte;Bluetooth COM Port; C:\Windows\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
S3 tosrfbd;Bluetooth RFBUS; C:\Windows\system32\DRIVERS\tosrfbd.sys [2007-02-22 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\Windows\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\Windows\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\Windows\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\Windows\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 Tosrfusb;Bluetooth USB Controller; C:\Windows\system32\DRIVERS\tosrfusb.sys [2007-02-28 41344]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 UMPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2006-11-02 7168]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2006-11-02 14848]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 usbvideo;Chicony USB 2.0 Camera; C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2007-04-16 11776]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2006-11-02 16896]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S3 ZTEusbmdm6k;ZTE Proprietary USB Driver; C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys [2010-01-18 105088]
S3 ZTEusbnmea;ZTE NMEA Port; C:\Windows\system32\DRIVERS\ZTEusbnmea.sys [2010-01-18 105088]
S3 ZTEusbser6k;ZTE Diagnostic Port; C:\Windows\system32\DRIVERS\ZTEusbser6k.sys [2010-01-18 105088]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2007-01-18 219392]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2007-01-18 211072]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
S2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-06-21 606208]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-01-13 40384]
S2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
S2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2006-11-14 40960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2006-11-02 22016]
S2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2006-11-02 22016]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2007-02-12 355096]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2006-11-02 22016]
S2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2006-11-02 22016]
S2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-11-05 242048]
S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc; C:\Program Files\O2\Connection Manager\ImpWiFiSvc.exe [2010-08-02 199600]
S2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [2007-05-17 114688]
S2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2006-05-25 114688]
S2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2007-03-29 427576]
S2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
S2 UI Assistant Service;UI Assistant Service; C:\Program Files\Mobile Partner Manager\AssistantServices.exe [2010-07-16 252784]
S2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
S2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2006-11-02 22016]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S3 AllShare;SAMSUNG AllShare Service; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-07-07 77944]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2006-11-02 22016]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Poprosím o log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

zde je log z combofix:

ComboFix 11-08-29.03 - Roman 29.08.2011 22:58:40.2.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1250.420.1029.18.2046.1296 [GMT 2:00]
Spuštěný z: c:\users\Roman\Downloads\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\xp
c:\programdata\xp\EBLib.dll
c:\programdata\xp\TPwSav.sys
c:\users\Roman\AppData\Roaming\Mikrotik
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\advtool.crc
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\advtool.dll
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\dhcp.crc
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\dhcp.dll
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\hotspot.crc
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\hotspot.dll
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\mpls.crc
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\mpls.dll
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\ppp.crc
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\ppp.dll
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\roteros.crc
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\roteros.dll
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\roting4.crc
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\roting4.dll
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\secure.crc
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\secure.dll
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\system.crc
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\system.dll
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\wlan4.crc
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\4.5-824657165\wlan4.dll
c:\users\Roman\AppData\Roaming\Mikrotik\Winbox\winbox.cfg
c:\windows\iun6002.exe
c:\windows\system32\zlibwapi.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-28 do 2011-08-29 )))))))))))))))))))))))))))))))
.
.
2011-08-29 21:06 . 2011-08-29 21:06 -------- d-----w- c:\users\Roman\AppData\Local\temp
2011-08-29 21:06 . 2011-08-29 21:06 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-08-29 21:06 . 2011-08-29 21:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-29 20:18 . 2011-08-29 20:18 -------- d-----w- C:\rsit
2011-08-28 21:26 . 2011-08-28 21:26 -------- d-----w- C:\found.000
2011-08-28 09:45 . 2010-07-16 07:50 136544 ----a-w- c:\windows\system32\GPEapSim.dll
2011-08-28 09:44 . 2010-01-18 09:21 105088 ----a-w- c:\windows\system32\drivers\ZTEusbnmea.sys
2011-08-28 09:44 . 2010-01-18 09:21 105088 ----a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys
2011-08-28 09:44 . 2010-01-18 09:20 105088 ----a-w- c:\windows\system32\drivers\ZTEusbser6k.sys
2011-08-28 09:44 . 2010-01-18 09:21 9216 ----a-w- c:\windows\system32\drivers\massfilter.sys
2011-08-28 09:44 . 2009-05-25 14:40 13824 ----a-w- c:\windows\system32\drivers\ZTEusbccid.sys
2011-08-28 09:44 . 2011-08-28 09:44 -------- d-----w- c:\windows\system32\SupportAppCB
2011-08-28 09:44 . 2011-08-28 09:47 -------- d-----w- c:\program files\Mobile Partner Manager
2011-08-25 10:13 . 2010-11-16 19:10 527208 ------w- c:\windows\system32\HPDiscoPM5312.dll
2011-08-19 14:22 . 2011-08-12 02:44 7152464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FE1613CA-1E12-4A94-8BB6-171F9C8D8CB7}\mpengine.dll
2011-08-17 14:22 . 2011-08-17 14:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-09 16:37 . 2009-09-04 15:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2011-08-09 16:37 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-08-09 16:23 . 2011-08-09 16:23 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-08-09 16:23 . 2011-08-09 16:23 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-08-09 16:23 . 2011-08-09 16:23 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-08-09 16:23 . 2011-08-09 16:23 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-08-09 16:23 . 2011-08-09 16:23 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-08-09 16:16 . 2011-08-09 16:16 -------- d-----w- C:\Autodesk
2011-08-03 21:23 . 2010-11-09 13:35 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
2011-08-03 21:23 . 2011-08-03 21:23 -------- d-----w- c:\program files\CPUID
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-06 17:39 . 2011-07-06 17:39 445008 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2011-07-06 17:39 . 2011-07-06 17:39 38480 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2011-07-06 17:39 . 2011-07-06 17:39 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2011-06-03 16:04 . 2011-06-03 16:04 72704 ----a-w- c:\windows\system32\fontsub.dll
2011-06-03 16:04 . 2011-06-03 16:04 34304 ----a-w- c:\windows\system32\atmlib.dll
2011-06-03 16:04 . 2011-06-03 16:04 289792 ----a-w- c:\windows\system32\atmfd.dll
2011-06-03 16:04 . 2011-06-03 16:04 24064 ----a-w- c:\windows\system32\lpk.dll
2011-06-03 16:04 . 2011-06-03 16:04 156672 ----a-w- c:\windows\system32\t2embed.dll
2011-06-03 16:04 . 2011-06-03 16:04 10240 ----a-w- c:\windows\system32\dciman32.dll
2011-06-03 16:03 . 2011-06-03 16:03 72704 ----a-w- c:\windows\system32\admparse.dll
2011-06-03 16:03 . 2011-06-03 16:03 832512 ----a-w- c:\windows\system32\wininet.dll
2011-06-03 16:03 . 2011-06-03 16:03 52736 ----a-w- c:\windows\apppatch\iebrshim.dll
2011-06-03 16:03 . 2011-06-03 16:03 78336 ----a-w- c:\windows\system32\ieencode.dll
2011-06-03 16:03 . 2011-06-03 16:03 48128 ----a-w- c:\windows\system32\mshtmler.dll
2011-06-03 16:03 . 2011-06-03 16:03 389120 ----a-w- c:\windows\system32\html.iec
2011-06-03 16:03 . 2011-06-03 16:03 1383424 ----a-w- c:\windows\system32\mshtml.tlb
2011-06-03 16:03 . 2011-06-03 16:03 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2011-06-03 16:03 . 2011-06-03 16:03 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2011-06-03 16:03 . 2011-06-03 16:03 56320 ----a-w- c:\windows\system32\iesetup.dll
2011-06-03 16:01 . 2011-06-03 16:01 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-06-03 16:01 . 2011-06-03 16:01 306688 ----a-w- c:\windows\system32\drivers\srv.sys
2011-06-03 16:01 . 2011-06-03 16:01 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-06-03 16:01 . 2011-06-03 16:01 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-06-03 16:01 . 2011-06-03 16:01 102400 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-06-03 16:01 . 2011-06-03 16:01 3502480 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-06-03 16:01 . 2011-06-03 16:01 3468168 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-06-03 16:01 . 2011-06-03 16:01 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-06-03 15:56 . 2011-06-03 15:56 2048 ----a-w- c:\windows\system32\tzres.dll
2011-06-03 15:56 . 2011-06-03 15:56 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-06-03 15:56 . 2011-06-03 15:56 62464 ----a-w- c:\windows\system32\l3codeca.acm
2011-06-03 15:56 . 2011-06-03 15:56 220672 ----a-w- c:\windows\system32\l3codecp.acm
2011-06-03 15:55 . 2011-06-03 15:55 815104 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-03 15:55 . 2011-06-03 15:55 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2011-06-03 15:55 . 2011-06-03 15:55 22016 ----a-w- c:\windows\system32\netiougc.exe
2011-06-03 15:55 . 2011-06-03 15:55 179712 ----a-w- c:\windows\system32\iphlpsvc.dll
2011-06-03 15:55 . 2011-06-03 15:55 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2011-06-03 15:55 . 2011-06-03 15:55 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2011-06-03 15:55 . 2011-06-03 15:55 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-06-03 15:55 . 2011-06-03 15:55 97792 ----a-w- c:\windows\system32\cabview.dll
2011-06-03 15:54 . 2011-06-03 15:54 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2011-06-03 15:54 . 2011-06-03 15:54 515584 ----a-w- c:\windows\system32\RMActivate.exe
2011-06-03 15:54 . 2011-06-03 15:54 473088 ----a-w- c:\windows\system32\secproc_isv.dll
2011-06-03 15:54 . 2011-06-03 15:54 472576 ----a-w- c:\windows\system32\secproc.dll
2011-06-03 15:54 . 2011-06-03 15:54 435712 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2011-06-03 15:54 . 2011-06-03 15:54 431104 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2011-06-03 15:54 . 2011-06-03 15:54 312320 ----a-w- c:\windows\system32\msdrm.dll
2011-06-03 15:54 . 2011-06-03 15:54 154624 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2011-06-03 15:54 . 2011-06-03 15:54 154112 ----a-w- c:\windows\system32\secproc_ssp.dll
2011-06-03 15:54 . 2011-06-03 15:54 396800 ----a-w- c:\windows\system32\drivers\http.sys
2011-06-03 15:54 . 2011-06-03 15:54 31232 ----a-w- c:\windows\system32\httpapi.dll
2011-06-03 15:54 . 2011-06-03 15:54 24064 ----a-w- c:\windows\system32\nshhttp.dll
2011-06-03 15:51 . 2011-06-03 15:51 65024 ----a-w- c:\windows\system32\avicap32.dll
2011-06-03 15:51 . 2011-06-03 15:51 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2011-06-03 15:51 . 2011-06-03 15:51 22528 ----a-w- c:\windows\system32\msyuv.dll
2011-06-03 15:51 . 2011-06-03 15:51 1327616 ----a-w- c:\windows\system32\quartz.dll
2011-06-03 15:51 . 2011-06-03 15:51 123904 ----a-w- c:\windows\system32\msvfw32.dll
2011-06-03 15:51 . 2011-06-03 15:51 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2011-06-03 15:51 . 2011-06-03 15:51 88576 ----a-w- c:\windows\system32\avifil32.dll
2011-06-03 15:51 . 2011-06-03 15:51 82944 ----a-w- c:\windows\system32\mciavi32.dll
2011-06-03 15:51 . 2011-06-03 15:51 31232 ----a-w- c:\windows\system32\msvidc32.dll
2011-06-03 15:51 . 2011-06-03 15:51 13312 ----a-w- c:\windows\system32\msrle32.dll
2011-08-21 20:44 . 2011-05-31 18:54 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2006-11-15 413696]
"OEXPRESS"="c:\windows\OETRN.EXE" [2010-02-03 26624]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-03-20 213936]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"LinkMagic for magicolor 1680MF"="c:\program files\KONICA MINOLTA\magicolor 1680MF\LinkMagic for magicolor 1680MF\lmmc1680.exe" [2008-08-26 5005312]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"="c:\program files\TOSHIBA\Utilities\KeNotify.exe" [2006-11-06 34352]
"RtHDVCpl"="RtHDVCpl.exe" [2007-06-13 4489216]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2006-12-07 55416]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-05-23 509496]
"NDSTray.exe"="NDSTray.exe" [BU]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-06-08 894512]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-02-19 571024]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-03-20 86960]
"CorelDRAW Graphics Suite 11b"="c:\program files\Corel\Corel Graphics 12\Languages\CZ\Programs\registration.exe" [2004-06-22 729088]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"UIExec"="c:\program files\Mobile Partner Manager\UIExec.exe" [2010-07-16 138584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-2-27 2756608]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\00TCrdMain]
2007-05-22 14:32 538744 ----a-w- c:\program files\TOSHIBA\FlashCards\TCrdMain.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop SMS]
2007-06-18 08:51 1507328 ----a-w- c:\program files\IDM\Desktop SMS\DesktopSMS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\topi]
2007-04-02 10:48 577536 ----a-w- c:\program files\TOSHIBA\Toshiba Online Product Information\TOPI.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe"
"4x24 Scan2PC"="c:\windows\Twain_32\Samsung\SCX4x24\Scan2pc.exe"
"Samsung PanelMgr"=c:\windows\Samsung\PanelMgr\ssmmgr.exe /autorun
"STO Launcher Service"=c:\program files\SmarThru Office\LegacyLauncher.exe /run
"STO Backup Service"=c:\program files\SmarThru Office\BackUpSvr.exe
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-02-09 691696]
R1 aswSP;aswSP; [x]
R2 ASIXIo;ASIXIo;c:\windows\system32\Drivers\asixio.sys [2010-05-13 3078]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 FP3BLOADER;Actel FlashPro3 Firmware Loader;c:\windows\system32\DRIVERS\fp3bload.sys [2010-02-10 13952]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-09-10 5120]
R2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files\O2\Connection Manager\ImpWiFiSvc.exe [2010-08-02 199600]
R2 UI Assistant Service;UI Assistant Service;c:\program files\Mobile Partner Manager\AssistantServices.exe [2010-07-16 252784]
R2 VPUSB;Wellon usb programmer driver;c:\windows\system32\Drivers\vpusb.sys [2006-07-10 18048]
R3 AllShare;SAMSUNG AllShare Service;c:\program files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2010-07-16 6638080]
R3 CyUsb;Cypress Generic USB Driver;c:\windows\system32\DRIVERS\CyUsb.sys [2010-02-10 31104]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-03-20 101504]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-06-10 24576]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2010-01-18 9216]
R3 silabenm;JABLOTRON serial interface Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys [2007-09-04 17920]
R3 silabser;JABLOTRON serial interface Driver;c:\windows\system32\DRIVERS\silabser.sys [2007-09-04 58368]
R3 TpChoice;Touch Pad Detection Filter driver;c:\windows\system32\DRIVERS\TpChoice.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2006-11-02 16896]
S0 CplIR;Embedded IR Driver;c:\windows\system32\DRIVERS\CplIR.SYS [2007-03-06 14848]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2010-04-09 63616]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-29 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-02-04 16:10]
.
2011-08-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-894410864-2386718534-1815256527-1000Core.job
- c:\users\Roman\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-24 18:12]
.
2011-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-894410864-2386718534-1815256527-1000UA.job
- c:\users\Roman\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-24 18:12]
.
2011-08-25 c:\windows\Tasks\hpwebreg_CN15JCK1VG.job
- c:\program files\HP\HP Officejet Pro 8500 A910\Bin\hpwebreg.exe [2010-11-16 19:16]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: Capture Selection - c:\program files\SmarThru Office\WebCapture.dll2.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Save as HTML - c:\program files\SmarThru Office\WebCapture.dll1.htm
IE: Save Selected Text - c:\program files\SmarThru Office\WebCapture.dll.htm
IE: Web Capture - c:\program files\SmarThru Office\WebCapture.dll
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 168.95.1.1
TCP: Interfaces\{2D350C8B-8F54-4CA5-89DD-02F34EF57496}: NameServer = 193.189.244.225 193.189.244.206
DPF: {45830FF9-D9E6-4F41-86ED-B266933D8E90} - hxxp://10.1.1.1/RtspVaPgDec.cab
DPF: {6BE2ABE1-B432-491A-81AE-6B6EE7628570} - hxxp://goolst.mvix.net:8080/mBox.cab
FF - ProfilePath - c:\users\Roman\AppData\Roaming\Mozilla\Firefox\Profiles\k0ev3ufh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.centrum.cz/
.
.
------- Asociace souborů -------
.
.scr=DWGTrueViewScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
AddRemove-JABLCOMM&16D6&0001 - c:\windows\system32\Silabs\DriverUninstaller.exe VCP CP210x Cardinal\JABLCOMM&16D6&0001
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-29 23:06
Windows 6.0.6000 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
TOSCDSPD = c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe?/i??????#?Y3???8???`????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:0000002e
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2011-08-29 23:10:01
ComboFix-quarantined-files.txt 2011-08-29 21:09
.
Před spuštěním: 5 514 366 976
Po spuštění: 5 584 371 712
.
- - End Of File - - 3ABAB28F06943A1E6CD504EDFCB8CFC7

Několik položek CF smazal, zbytek logu vypadá čistý. Nastala nějaká změna? Nelze zaručit, že se vypínání nebude opakovat (může jít o hw závadu). Touto operací jsem smazali pouze nelegitimní položky z PC, které mohly (ale nemusely) problém způsobovat.

děkuji za pomoc, zatím systém po restartu naběhl a nevypnul se ani jednou, tak doufejme že to tak i vydrží...

Nemáte zač!